+ cd /tmp/tmpcx8fxgbp/tests; TEST_SSHD_USEDNS_NO=True TEST_SUBJECTS=/cache/rhel-7.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-103-b309c26-rhel-7-3xzp9nbc/artifacts ANSIBLE_COLLECTIONS_PATHS=/tmp/tmpvzmns1ns:~/.ansible/collections:/usr/share/ansible/collections ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 --skip-tags=tests::cleanup,tests::nvme /tmp/tmpcx8fxgbp/_setup.yml /tmp/tmpcx8fxgbp/tests/tests_basic_ipa.yml ansible-playbook [core 2.12.0.post0] config file = None configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.8/site-packages/ansible ansible collection location = /tmp/tmpvzmns1ns:/home/runner/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.8.8 (default, Aug 25 2021, 16:13:02) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] jinja version = 2.10.3 libyaml = True No config file found; using defaults Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 2 plays in /tmp/tmpcx8fxgbp/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpcx8fxgbp/_setup.yml:5 Monday 22 November 2021 16:41:07 +0000 (0:00:00.011) 0:00:00.011 ******* ok: [/cache/rhel-7.qcow2] => { "groups": { "all": [ "/cache/rhel-7.qcow2" ], "localhost": [ "/cache/rhel-7.qcow2" ], "subjects": [ "/cache/rhel-7.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:6 Monday 22 November 2021 16:41:07 +0000 (0:00:00.016) 0:00:00.028 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:13 Monday 22 November 2021 16:41:07 +0000 (0:00:00.022) 0:00:00.051 ******* changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 16:41:09 +0000 (0:00:01.357) 0:00:01.408 ******* =============================================================================== set up internal repositories -------------------------------------------- 1.36s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ fail -------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- statically imported: /tmp/tmpcx8fxgbp/tests/tasks/setup_ipa.yml PLAYBOOK: tests_basic_ipa.yml ************************************************** 3 plays in /tmp/tmpcx8fxgbp/tests/tests_basic_ipa.yml PLAY [Install IPA server] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_basic_ipa.yml:2 Monday 22 November 2021 16:41:09 +0000 (0:00:00.020) 0:00:01.429 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [Set __is_beaker_env] ***************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/setup_ipa.yml:2 Monday 22 November 2021 16:41:10 +0000 (0:00:00.978) 0:00:02.407 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__is_beaker_env": false }, "changed": false } TASK [Install ansible-freeipa] ************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/setup_ipa.yml:6 Monday 22 November 2021 16:41:10 +0000 (0:00:00.037) 0:00:02.445 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [Clone ansible-freeipa repo] ********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/setup_ipa.yml:12 Monday 22 November 2021 16:41:10 +0000 (0:00:00.020) 0:00:02.465 ******* ok: [/cache/rhel-7.qcow2 -> 127.0.0.1] => { "after": "6c7f433135795d3ebec2ce26d6ca398301792588", "before": "6c7f433135795d3ebec2ce26d6ca398301792588", "changed": false, "remote_url_changed": false } TASK [Create role symlinks] **************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/setup_ipa.yml:21 Monday 22 November 2021 16:41:11 +0000 (0:00:00.685) 0:00:03.151 ******* changed: [/cache/rhel-7.qcow2 -> 127.0.0.1] => (item=ipaserver) => { "ansible_loop_var": "item", "changed": true, "dest": "/tmp/tmpcx8fxgbp/tests/roles/ipaserver", "gid": 0, "group": "root", "item": "ipaserver", "mode": "0777", "owner": "root", "size": 34, "src": "/tmp/freeipa-repo/roles/ipaserver/", "state": "link", "uid": 0 } changed: [/cache/rhel-7.qcow2 -> 127.0.0.1] => (item=ipaclient) => { "ansible_loop_var": "item", "changed": true, "dest": "/tmp/tmpcx8fxgbp/tests/roles/ipaclient", "gid": 0, "group": "root", "item": "ipaclient", "mode": "0777", "owner": "root", "size": 34, "src": "/tmp/freeipa-repo/roles/ipaclient/", "state": "link", "uid": 0 } TASK [ensure hostname package is installed] ************************************ task path: /tmp/tmpcx8fxgbp/tests/tasks/setup_ipa.yml:33 Monday 22 November 2021 16:41:11 +0000 (0:00:00.559) 0:00:03.711 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0, "results": [ "hostname-3.13-3.el7_7.1.x86_64 providing hostname is already installed" ] } TASK [Set hostname] ************************************************************ task path: /tmp/tmpcx8fxgbp/tests/tasks/setup_ipa.yml:38 Monday 22 November 2021 16:41:12 +0000 (0:00:00.822) 0:00:04.534 ******* changed: [/cache/rhel-7.qcow2] => { "ansible_facts": { "ansible_domain": "test.local", "ansible_fqdn": "ipaserver.test.local", "ansible_hostname": "ipaserver", "ansible_nodename": "ipaserver.test.local" }, "changed": true, "name": "ipaserver.test.local" } TASK [Ensure nss package is up-to-date] **************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/setup_ipa.yml:42 Monday 22 November 2021 16:41:13 +0000 (0:00:00.762) 0:00:05.296 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "changes": { "installed": [], "updated": [] }, "rc": 0, "results": [ "All packages providing nss are up to date", "" ] } TASK [Include ipaserver role] ************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/setup_ipa.yml:50 Monday 22 November 2021 16:41:15 +0000 (0:00:02.773) 0:00:08.070 ******* TASK [ipaserver : Import variables specific to distribution] ******************* task path: /tmp/freeipa-repo/roles/ipaserver/tasks/main.yml:4 Monday 22 November 2021 16:41:15 +0000 (0:00:00.031) 0:00:08.101 ******* ok: [/cache/rhel-7.qcow2] => (item=/tmp/freeipa-repo/roles/ipaserver/vars/RedHat-7.yml) => { "ansible_facts": { "ipaserver_packages": [ "ipa-server", "libselinux-python" ], "ipaserver_packages_adtrust": [ "ipa-server-trust-ad" ], "ipaserver_packages_dns": [ "ipa-server-dns" ], "ipaserver_packages_firewalld": [ "firewalld" ] }, "ansible_included_var_files": [ "/tmp/freeipa-repo/roles/ipaserver/vars/RedHat-7.yml" ], "ansible_loop_var": "item", "changed": false, "item": "/tmp/freeipa-repo/roles/ipaserver/vars/RedHat-7.yml" } TASK [ipaserver : Install IPA server] ****************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/main.yml:12 Monday 22 November 2021 16:41:16 +0000 (0:00:00.030) 0:00:08.131 ******* included: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml for /cache/rhel-7.qcow2 TASK [ipaserver : Install - Ensure that IPA server packages are installed] ***** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:5 Monday 22 November 2021 16:41:16 +0000 (0:00:00.067) 0:00:08.199 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "ipa-server" ] }, "rc": 0, "results": [ "libselinux-python-2.5-15.el7.x86_64 providing libselinux-python is already installed", "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package ipa-server.x86_64 0:4.6.8-5.el7 will be installed\n--> Processing Dependency: python2-ipaserver = 4.6.8-5.el7 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: ipa-server-common = 4.6.8-5.el7 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: ipa-common = 4.6.8-5.el7 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: ipa-client = 4.6.8-5.el7 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: krb5-server < 1.15.100 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: openldap-clients > 2.4.35-4 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: system-logos >= 70.7.0 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: sssd-dbus >= 1.15.2 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: softhsm >= 2.0.0rc1-1 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: slapi-nis >= 0.56.0-4 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: python-ldap >= 2.4.15 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: python-gssapi >= 1.2.0-3 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: pki-kra >= 10.5.9-5 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: pki-ca >= 10.5.9-5 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: mod_nss >= 1.0.14-7 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: mod_lookup_identity >= 0.9.9 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: mod_auth_gssapi >= 1.5.0 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: krb5-server >= 1.15.1-36 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: krb5-server >= 1.15 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: krb5-pkinit-openssl >= 1.15.1-36 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: httpd >= 2.4.6-31 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: certmonger >= 0.78.4-10 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: 389-ds-base >= 1.3.8.4-15 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: 389-ds-base >= 1.3.8.4-15 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: systemd-python for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: open-sans-fonts for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: oddjob for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: ntp for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: mod_wsgi for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: mod_session for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: libsss_nss_idmap.so.0(SSS_NSS_IDMAP_0.4.0)(64bit) for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: libsss_nss_idmap.so.0(SSS_NSS_IDMAP_0.1.0)(64bit) for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: libsss_certmap.so.0(SSS_CERTMAP_0.0)(64bit) for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: libsamba-util.so.0(SAMBA_UTIL_0.0.1)(64bit) for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: libndr.so.0(NDR_0.0.1)(64bit) for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: libndr-nbt.so.0(NDR_NBT_0.0.1)(64bit) for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: libndr-krb5pac.so.0(NDR_KRB5PAC_0.0.1)(64bit) for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: fontawesome-fonts for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: cyrus-sasl-gssapi(x86-64) for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: libsss_nss_idmap.so.0()(64bit) for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: libsss_certmap.so.0()(64bit) for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: libsamba-util.so.0()(64bit) for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: libndr.so.0()(64bit) for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: libndr-standard.so.0()(64bit) for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: libndr-nbt.so.0()(64bit) for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: libndr-krb5pac.so.0()(64bit) for package: ipa-server-4.6.8-5.el7.x86_64\n--> Running transaction check\n---> Package 389-ds-base.x86_64 0:1.3.10.2-6.el7 will be installed\n--> Processing Dependency: 389-ds-base-libs = 1.3.10.2-6.el7 for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: svrcore >= 4.1.3 for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl-Socket for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl-NetAddr-IP for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl-Mozilla-LDAP for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(warnings) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(vars) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(strict) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(sigtrap) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(lib) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(Time::Local) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(Sys::Hostname) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(Socket) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(Scalar::Util) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(POSIX) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(NetAddr::IP::Util) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(Mozilla::LDAP::Utils) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(Mozilla::LDAP::LDIF) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(Mozilla::LDAP::Conn) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(Mozilla::LDAP::API) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(MIME::Base64) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(IO::Uncompress::AnyUncompress) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(IO::File) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(Getopt::Std) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(Getopt::Long) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(File::Temp) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(File::Spec::Functions) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(File::Spec) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(File::Path) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(File::Copy) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(File::Basename) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(Exporter) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(DynaLoader) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(DB_File) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(DB) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(Cwd) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(Config) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(Carp) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(Archive::Tar) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(:MODULE_COMPAT_5.16.3) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: gperftools-libs for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: cyrus-sasl-plain for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: cyrus-sasl-md5 for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: bind-utils for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: /usr/bin/perl for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: libtcmalloc.so.4()(64bit) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: libsvrcore.so.0()(64bit) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: libslapd.so.0()(64bit) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: libsds.so.0()(64bit) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: libnunc-stans.so.0()(64bit) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: libns-dshttpd-1.3.10.2.so()(64bit) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: libldaputil.so.0()(64bit) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: libicuuc.so.50()(64bit) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: libicui18n.so.50()(64bit) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: libicudata.so.50()(64bit) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n---> Package certmonger.x86_64 0:0.78.4-14.el7 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n---> Package cyrus-sasl-gssapi.x86_64 0:2.1.26-23.el7 will be installed\n---> Package fontawesome-fonts.noarch 0:4.1.0-2.el7 will be installed\n--> Processing Dependency: fontpackages-filesystem for package: fontawesome-fonts-4.1.0-2.el7.noarch\n---> Package httpd.x86_64 0:2.4.6-95.el7 will be installed\n--> Processing Dependency: httpd-tools = 2.4.6-95.el7 for package: httpd-2.4.6-95.el7.x86_64\n--> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-95.el7.x86_64\n--> Processing Dependency: libaprutil-1.so.0()(64bit) for package: httpd-2.4.6-95.el7.x86_64\n--> Processing Dependency: libapr-1.so.0()(64bit) for package: httpd-2.4.6-95.el7.x86_64\n---> Package ipa-client.x86_64 0:4.6.8-5.el7 will be installed\n--> Processing Dependency: python2-ipaclient = 4.6.8-5.el7 for package: ipa-client-4.6.8-5.el7.x86_64\n--> Processing Dependency: ipa-client-common = 4.6.8-5.el7 for package: ipa-client-4.6.8-5.el7.x86_64\n--> Processing Dependency: sssd >= 1.14.0 for package: ipa-client-4.6.8-5.el7.x86_64\n--> Processing Dependency: krb5-workstation >= 1.15.1-36 for package: ipa-client-4.6.8-5.el7.x86_64\n--> Processing Dependency: python-sssdconfig for package: ipa-client-4.6.8-5.el7.x86_64\n--> Processing Dependency: oddjob-mkhomedir for package: ipa-client-4.6.8-5.el7.x86_64\n--> Processing Dependency: libsss_autofs for package: ipa-client-4.6.8-5.el7.x86_64\n--> Processing Dependency: autofs for package: ipa-client-4.6.8-5.el7.x86_64\n---> Package ipa-common.noarch 0:4.6.8-5.el7 will be installed\n---> Package ipa-server-common.noarch 0:4.6.8-5.el7 will be installed\n--> Processing Dependency: custodia >= 0.3.0-4 for package: ipa-server-common-4.6.8-5.el7.noarch\n---> Package krb5-pkinit.x86_64 0:1.15.1-50.el7 will be installed\n---> Package krb5-server.x86_64 0:1.15.1-50.el7 will be installed\n--> Processing Dependency: libkadm5(x86-64) = 1.15.1-50.el7 for package: krb5-server-1.15.1-50.el7.x86_64\n--> Processing Dependency: libkadm5srv_mit.so.11(kadm5srv_mit_11_MIT)(64bit) for package: krb5-server-1.15.1-50.el7.x86_64\n--> Processing Dependency: libkadm5clnt_mit.so.11(kadm5clnt_mit_11_MIT)(64bit) for package: krb5-server-1.15.1-50.el7.x86_64\n--> Processing Dependency: /usr/share/dict/words for package: krb5-server-1.15.1-50.el7.x86_64\n--> Processing Dependency: libkadm5srv_mit.so.11()(64bit) for package: krb5-server-1.15.1-50.el7.x86_64\n--> Processing Dependency: libkadm5clnt_mit.so.11()(64bit) for package: krb5-server-1.15.1-50.el7.x86_64\n---> Package libsss_certmap.x86_64 0:1.16.5-10.el7 will be installed\n---> Package libsss_nss_idmap.x86_64 0:1.16.5-10.el7 will be installed\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package mod_auth_gssapi.x86_64 0:1.5.1-7.el7 will be installed\n---> Package mod_lookup_identity.x86_64 0:1.0.0-1.el7 will be installed\n---> Package mod_nss.x86_64 0:1.0.14-12.el7 will be installed\n---> Package mod_session.x86_64 0:2.4.6-95.el7 will be installed\n--> Processing Dependency: apr-util-openssl for package: mod_session-2.4.6-95.el7.x86_64\n---> Package mod_wsgi.x86_64 0:3.4-18.el7 will be installed\n---> Package ntp.x86_64 0:4.2.6p5-29.el7_8.2 will be installed\n--> Processing Dependency: ntpdate = 4.2.6p5-29.el7_8.2 for package: ntp-4.2.6p5-29.el7_8.2.x86_64\n--> Processing Dependency: libopts.so.25()(64bit) for package: ntp-4.2.6p5-29.el7_8.2.x86_64\n---> Package oddjob.x86_64 0:0.31.5-4.el7 will be installed\n---> Package open-sans-fonts.noarch 0:1.10-1.el7 will be installed\n---> Package openldap-clients.x86_64 0:2.4.44-22.el7 will be installed\n---> Package pki-ca.noarch 0:10.5.18-7.el7 will be installed\n--> Processing Dependency: pki-server = 10.5.18-7.el7 for package: pki-ca-10.5.18-7.el7.noarch\n--> Processing Dependency: java-1.8.0-openjdk-headless for package: pki-ca-10.5.18-7.el7.noarch\n---> Package pki-kra.noarch 0:10.5.18-7.el7 will be installed\n---> Package python-gssapi.x86_64 0:1.2.0-3.el7 will be installed\n--> Processing Dependency: python-enum34 for package: python-gssapi-1.2.0-3.el7.x86_64\n---> Package python-ldap.x86_64 0:2.4.15-2.el7 will be installed\n---> Package python2-ipaserver.noarch 0:4.6.8-5.el7 will be installed\n--> Processing Dependency: python-kdcproxy >= 0.3 for package: python2-ipaserver-4.6.8-5.el7.noarch\n--> Processing Dependency: python-dns >= 1.12.0-3 for package: python2-ipaserver-4.6.8-5.el7.noarch\n--> Processing Dependency: python-custodia >= 0.3.0-4 for package: python2-ipaserver-4.6.8-5.el7.noarch\n--> Processing Dependency: python-augeas >= 0.5 for package: python2-ipaserver-4.6.8-5.el7.noarch\n--> Processing Dependency: pki-base-python2 >= 10.5.9-5 for package: python2-ipaserver-4.6.8-5.el7.noarch\n--> Processing Dependency: python-pyasn1 for package: python2-ipaserver-4.6.8-5.el7.noarch\n---> Package redhat-logos.noarch 0:70.7.0-1.el7 will be installed\n---> Package samba-client-libs.x86_64 0:4.10.16-5.el7 will be installed\n--> Processing Dependency: samba-common-libs = 4.10.16-5.el7 for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: samba-common = 4.10.16-5.el7 for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: samba-common = 4.10.16-5.el7 for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libwbclient = 4.10.16-5.el7 for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libwbclient.so.0(WBCLIENT_0.9)(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libwbclient.so.0(WBCLIENT_0.13)(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libtdb.so.1(TDB_1.3.17)(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libtdb.so.1(TDB_1.3.11)(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libtdb.so.1(TDB_1.3.0)(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libtdb.so.1(TDB_1.2.5)(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libtdb.so.1(TDB_1.2.2)(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libtdb.so.1(TDB_1.2.1)(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libldb.so.1(LDB_1.3.0)(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libldb.so.1(LDB_1.1.30)(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libldb.so.1(LDB_1.1.19)(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libldb.so.1(LDB_1.1.1)(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libldb.so.1(LDB_0.9.23)(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libldb.so.1(LDB_0.9.15)(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libldb.so.1(LDB_0.9.10)(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libgnutls.so.28(GNUTLS_3_1_0)(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libgnutls.so.28(GNUTLS_1_4)(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libaesni-intel-samba4.so(SAMBA_4.10.16)(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libwinbind-client-samba4.so()(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libwbclient.so.0()(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libtdb.so.1()(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libldb.so.1()(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libgnutls.so.28()(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libcups.so.2()(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libcluster-samba4.so()(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libavahi-common.so.3()(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libavahi-client.so.3()(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libaesni-intel-samba4.so()(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n---> Package slapi-nis.x86_64 0:0.56.5-2.el7 will be installed\n---> Package softhsm.x86_64 0:2.1.0-3.el7 will be installed\n---> Package sssd-dbus.x86_64 0:1.16.5-10.el7 will be installed\n--> Processing Dependency: sssd-common = 1.16.5-10.el7 for package: sssd-dbus-1.16.5-10.el7.x86_64\n--> Processing Dependency: libdhash.so.1(DHASH_0.4.3)(64bit) for package: sssd-dbus-1.16.5-10.el7.x86_64\n--> Processing Dependency: libsss_util.so()(64bit) for package: sssd-dbus-1.16.5-10.el7.x86_64\n--> Processing Dependency: libsss_debug.so()(64bit) for package: sssd-dbus-1.16.5-10.el7.x86_64\n--> Processing Dependency: libsss_crypt.so()(64bit) for package: sssd-dbus-1.16.5-10.el7.x86_64\n--> Processing Dependency: libsss_child.so()(64bit) for package: sssd-dbus-1.16.5-10.el7.x86_64\n--> Processing Dependency: libsss_cert.so()(64bit) for package: sssd-dbus-1.16.5-10.el7.x86_64\n--> Processing Dependency: libdhash.so.1()(64bit) for package: sssd-dbus-1.16.5-10.el7.x86_64\n---> Package systemd-python.x86_64 0:219-78.el7 will be installed\n--> Running transaction check\n---> Package 389-ds-base-libs.x86_64 0:1.3.10.2-6.el7 will be installed\n---> Package apr.x86_64 0:1.4.8-7.el7 will be installed\n---> Package apr-util.x86_64 0:1.5.2-6.el7 will be installed\n---> Package apr-util-openssl.x86_64 0:1.5.2-6.el7 will be installed\n---> Package autofs.x86_64 1:5.0.7-113.el7 will be installed\n--> Processing Dependency: libhesiod.so.0()(64bit) for package: 1:autofs-5.0.7-113.el7.x86_64\n---> Package autogen-libopts.x86_64 0:5.18-5.el7 will be installed\n---> Package avahi-libs.x86_64 0:0.6.31-20.el7 will be installed\n---> Package bind-utils.x86_64 32:9.11.4-26.P2.el7 will be installed\n--> Processing Dependency: bind-libs-lite(x86-64) = 32:9.11.4-26.P2.el7 for package: 32:bind-utils-9.11.4-26.P2.el7.x86_64\n--> Processing Dependency: bind-libs(x86-64) = 32:9.11.4-26.P2.el7 for package: 32:bind-utils-9.11.4-26.P2.el7.x86_64\n--> Processing Dependency: liblwres.so.160()(64bit) for package: 32:bind-utils-9.11.4-26.P2.el7.x86_64\n--> Processing Dependency: libisccfg.so.160()(64bit) for package: 32:bind-utils-9.11.4-26.P2.el7.x86_64\n--> Processing Dependency: libisc.so.169()(64bit) for package: 32:bind-utils-9.11.4-26.P2.el7.x86_64\n--> Processing Dependency: libirs.so.160()(64bit) for package: 32:bind-utils-9.11.4-26.P2.el7.x86_64\n--> Processing Dependency: libdns.so.1102()(64bit) for package: 32:bind-utils-9.11.4-26.P2.el7.x86_64\n--> Processing Dependency: libbind9.so.160()(64bit) for package: 32:bind-utils-9.11.4-26.P2.el7.x86_64\n--> Processing Dependency: libGeoIP.so.1()(64bit) for package: 32:bind-utils-9.11.4-26.P2.el7.x86_64\n---> Package cups-libs.x86_64 1:1.6.3-51.el7 will be installed\n---> Package custodia.noarch 0:0.3.1-4.el7 will be installed\n---> Package cyrus-sasl-md5.x86_64 0:2.1.26-23.el7 will be installed\n---> Package cyrus-sasl-plain.x86_64 0:2.1.26-23.el7 will be installed\n---> Package fontpackages-filesystem.noarch 0:1.44-8.el7 will be installed\n---> Package gnutls.x86_64 0:3.3.29-9.el7_6 will be installed\n--> Processing Dependency: trousers >= 0.3.11.2 for package: gnutls-3.3.29-9.el7_6.x86_64\n--> Processing Dependency: libnettle.so.4()(64bit) for package: gnutls-3.3.29-9.el7_6.x86_64\n--> Processing Dependency: libhogweed.so.2()(64bit) for package: gnutls-3.3.29-9.el7_6.x86_64\n---> Package gperftools-libs.x86_64 0:2.6.1-1.el7 will be installed\n---> Package httpd-tools.x86_64 0:2.4.6-95.el7 will be installed\n---> Package ipa-client-common.noarch 0:4.6.8-5.el7 will be installed\n---> Package java-1.8.0-openjdk-headless.x86_64 1:1.8.0.262.b10-1.el7 will be installed\n--> Processing Dependency: tzdata-java >= 2020a for package: 1:java-1.8.0-openjdk-headless-1.8.0.262.b10-1.el7.x86_64\n--> Processing Dependency: copy-jdk-configs >= 3.3 for package: 1:java-1.8.0-openjdk-headless-1.8.0.262.b10-1.el7.x86_64\n--> Processing Dependency: pcsc-lite-libs(x86-64) for package: 1:java-1.8.0-openjdk-headless-1.8.0.262.b10-1.el7.x86_64\n--> Processing Dependency: lksctp-tools(x86-64) for package: 1:java-1.8.0-openjdk-headless-1.8.0.262.b10-1.el7.x86_64\n--> Processing Dependency: libjpeg.so.62(LIBJPEG_6.2)(64bit) for package: 1:java-1.8.0-openjdk-headless-1.8.0.262.b10-1.el7.x86_64\n--> Processing Dependency: jpackage-utils for package: 1:java-1.8.0-openjdk-headless-1.8.0.262.b10-1.el7.x86_64\n--> Processing Dependency: libjpeg.so.62()(64bit) for package: 1:java-1.8.0-openjdk-headless-1.8.0.262.b10-1.el7.x86_64\n---> Package krb5-workstation.x86_64 0:1.15.1-50.el7 will be installed\n---> Package libdhash.x86_64 0:0.5.0-32.el7 will be installed\n---> Package libicu.x86_64 0:50.2-4.el7_7 will be installed\n---> Package libkadm5.x86_64 0:1.15.1-50.el7 will be installed\n---> Package libldb.x86_64 0:1.5.4-1.el7 will be installed\n---> Package libsss_autofs.x86_64 0:1.16.5-10.el7 will be installed\n---> Package libtdb.x86_64 0:1.3.18-1.el7 will be installed\n---> Package libwbclient.x86_64 0:4.10.16-5.el7 will be installed\n---> Package mailcap.noarch 0:2.1.41-2.el7 will be installed\n---> Package ntpdate.x86_64 0:4.2.6p5-29.el7_8.2 will be installed\n---> Package oddjob-mkhomedir.x86_64 0:0.31.5-4.el7 will be installed\n---> Package perl.x86_64 4:5.16.3-297.el7 will be installed\n--> Processing Dependency: perl-libs = 4:5.16.3-297.el7 for package: 4:perl-5.16.3-297.el7.x86_64\n--> Processing Dependency: perl-macros for package: 4:perl-5.16.3-297.el7.x86_64\n--> Processing Dependency: perl-libs for package: 4:perl-5.16.3-297.el7.x86_64\n--> Processing Dependency: perl(threads::shared) for package: 4:perl-5.16.3-297.el7.x86_64\n--> Processing Dependency: perl(threads) for package: 4:perl-5.16.3-297.el7.x86_64\n--> Processing Dependency: perl(constant) for package: 4:perl-5.16.3-297.el7.x86_64\n--> Processing Dependency: perl(Time::HiRes) for package: 4:perl-5.16.3-297.el7.x86_64\n--> Processing Dependency: perl(Storable) for package: 4:perl-5.16.3-297.el7.x86_64\n--> Processing Dependency: perl(Pod::Simple::XHTML) for package: 4:perl-5.16.3-297.el7.x86_64\n--> Processing Dependency: perl(Pod::Simple::Search) for package: 4:perl-5.16.3-297.el7.x86_64\n--> Processing Dependency: perl(Filter::Util::Call) for package: 4:perl-5.16.3-297.el7.x86_64\n--> Processing Dependency: libperl.so()(64bit) for package: 4:perl-5.16.3-297.el7.x86_64\n---> Package perl-Archive-Tar.noarch 0:1.92-3.el7 will be installed\n--> Processing Dependency: perl(IO::Zlib) >= 1.01 for package: perl-Archive-Tar-1.92-3.el7.noarch\n--> Processing Dependency: perl(Pod::Usage) for package: perl-Archive-Tar-1.92-3.el7.noarch\n--> Processing Dependency: perl(Package::Constants) for package: perl-Archive-Tar-1.92-3.el7.noarch\n--> Processing Dependency: perl(IO::Zlib) for package: perl-Archive-Tar-1.92-3.el7.noarch\n--> Processing Dependency: perl(Data::Dumper) for package: perl-Archive-Tar-1.92-3.el7.noarch\n---> Package perl-Carp.noarch 0:1.26-244.el7 will be installed\n---> Package perl-DB_File.x86_64 0:1.830-6.el7 will be installed\n---> Package perl-Exporter.noarch 0:5.68-3.el7 will be installed\n---> Package perl-File-Path.noarch 0:2.09-2.el7 will be installed\n---> Package perl-File-Temp.noarch 0:0.23.01-3.el7 will be installed\n---> Package perl-Getopt-Long.noarch 0:2.40-3.el7 will be installed\n--> Processing Dependency: perl(Text::ParseWords) for package: perl-Getopt-Long-2.40-3.el7.noarch\n---> Package perl-IO-Compress.noarch 0:2.061-2.el7 will be installed\n--> Processing Dependency: perl(Compress::Raw::Zlib) >= 2.061 for package: perl-IO-Compress-2.061-2.el7.noarch\n--> Processing Dependency: perl(Compress::Raw::Bzip2) >= 2.061 for package: perl-IO-Compress-2.061-2.el7.noarch\n--> Processing Dependency: perl(Encode) for package: perl-IO-Compress-2.061-2.el7.noarch\n---> Package perl-Mozilla-LDAP.x86_64 0:1.5.3-12.el7 will be installed\n---> Package perl-NetAddr-IP.x86_64 0:4.069-3.el7 will be installed\n---> Package perl-PathTools.x86_64 0:3.40-5.el7 will be installed\n---> Package perl-Scalar-List-Utils.x86_64 0:1.27-248.el7 will be installed\n---> Package perl-Socket.x86_64 0:2.010-5.el7 will be installed\n---> Package perl-Time-Local.noarch 0:1.2300-2.el7 will be installed\n---> Package pki-base.noarch 0:10.5.18-7.el7 will be installed\n--> Processing Dependency: python2-cryptography for package: pki-base-10.5.18-7.el7.noarch\n--> Processing Dependency: python-nss for package: pki-base-10.5.18-7.el7.noarch\n---> Package pki-server.noarch 0:10.5.18-7.el7 will be installed\n--> Processing Dependency: pki-tools = 10.5.18-7.el7 for package: pki-server-10.5.18-7.el7.noarch\n--> Processing Dependency: pki-base-java = 10.5.18-7.el7 for package: pki-server-10.5.18-7.el7.noarch\n--> Processing Dependency: tomcatjss >= 7.2.5-1 for package: pki-server-10.5.18-7.el7.noarch\n--> Processing Dependency: tomcat >= 7.0.69 for package: pki-server-10.5.18-7.el7.noarch\n--> Processing Dependency: nuxwdog-client-java >= 1.0.5-1 for package: pki-server-10.5.18-7.el7.noarch\n--> Processing Dependency: velocity for package: pki-server-10.5.18-7.el7.noarch\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package python-augeas.noarch 0:0.5.0-2.el7 will be installed\n--> Processing Dependency: augeas-libs for package: python-augeas-0.5.0-2.el7.noarch\n---> Package python-custodia.noarch 0:0.3.1-4.el7 will be installed\n--> Processing Dependency: python-jwcrypto for package: python-custodia-0.3.1-4.el7.noarch\n---> Package python-dns.noarch 0:1.12.0-4.20150617git465785f.el7 will be installed\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-kdcproxy.noarch 0:0.3.2-3.el7 will be installed\n---> Package python-sssdconfig.noarch 0:1.16.5-10.el7 will be installed\n---> Package python2-ipaclient.noarch 0:4.6.8-5.el7 will be installed\n--> Processing Dependency: python2-ipalib = 4.6.8-5.el7 for package: python2-ipaclient-4.6.8-5.el7.noarch\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n---> Package samba-common.noarch 0:4.10.16-5.el7 will be installed\n---> Package samba-common-libs.x86_64 0:4.10.16-5.el7 will be installed\n---> Package sssd.x86_64 0:1.16.5-10.el7 will be installed\n--> Processing Dependency: sssd-proxy = 1.16.5-10.el7 for package: sssd-1.16.5-10.el7.x86_64\n--> Processing Dependency: sssd-ldap = 1.16.5-10.el7 for package: sssd-1.16.5-10.el7.x86_64\n--> Processing Dependency: sssd-krb5 = 1.16.5-10.el7 for package: sssd-1.16.5-10.el7.x86_64\n--> Processing Dependency: sssd-ipa = 1.16.5-10.el7 for package: sssd-1.16.5-10.el7.x86_64\n--> Processing Dependency: sssd-ad = 1.16.5-10.el7 for package: sssd-1.16.5-10.el7.x86_64\n---> Package sssd-common.x86_64 0:1.16.5-10.el7 will be installed\n--> Processing Dependency: sssd-client(x86-64) = 1.16.5-10.el7 for package: sssd-common-1.16.5-10.el7.x86_64\n--> Processing Dependency: libsss_sudo(x86-64) = 1.16.5-10.el7 for package: sssd-common-1.16.5-10.el7.x86_64\n--> Processing Dependency: libsss_idmap(x86-64) = 1.16.5-10.el7 for package: sssd-common-1.16.5-10.el7.x86_64\n--> Processing Dependency: libsss_idmap.so.0(SSS_IDMAP_0.5)(64bit) for package: sssd-common-1.16.5-10.el7.x86_64\n--> Processing Dependency: libsss_idmap.so.0(SSS_IDMAP_0.4)(64bit) for package: sssd-common-1.16.5-10.el7.x86_64\n--> Processing Dependency: libsss_idmap.so.0()(64bit) for package: sssd-common-1.16.5-10.el7.x86_64\n--> Processing Dependency: libhttp_parser_strict.so.2()(64bit) for package: sssd-common-1.16.5-10.el7.x86_64\n--> Processing Dependency: libcares.so.2()(64bit) for package: sssd-common-1.16.5-10.el7.x86_64\n---> Package svrcore.x86_64 0:4.1.3-2.el7 will be installed\n---> Package words.noarch 0:3.0-22.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Running transaction check\n---> Package GeoIP.x86_64 0:1.5.0-14.el7 will be installed\n--> Processing Dependency: geoipupdate for package: GeoIP-1.5.0-14.el7.x86_64\n---> Package augeas-libs.x86_64 0:1.4.0-10.el7 will be installed\n---> Package bind-libs.x86_64 32:9.11.4-26.P2.el7 will be installed\n--> Processing Dependency: bind-license = 32:9.11.4-26.P2.el7 for package: 32:bind-libs-9.11.4-26.P2.el7.x86_64\n---> Package bind-libs-lite.x86_64 32:9.11.4-26.P2.el7 will be installed\n---> Package c-ares.x86_64 0:1.10.0-3.el7 will be installed\n---> Package copy-jdk-configs.noarch 0:3.3-10.el7_5 will be installed\n---> Package hesiod.x86_64 0:3.2.1-3.el7 will be installed\n---> Package http-parser.x86_64 0:2.7.1-9.el7 will be installed\n---> Package javapackages-tools.noarch 0:3.4.1-11.el7 will be installed\n--> Processing Dependency: python-javapackages = 3.4.1-11.el7 for package: javapackages-tools-3.4.1-11.el7.noarch\n---> Package libjpeg-turbo.x86_64 0:1.2.90-8.el7 will be installed\n---> Package libsss_idmap.x86_64 0:1.16.5-10.el7 will be installed\n---> Package libsss_sudo.x86_64 0:1.16.5-10.el7 will be installed\n---> Package lksctp-tools.x86_64 0:1.0.17-2.el7 will be installed\n---> Package nettle.x86_64 0:2.7.1-8.el7 will be installed\n---> Package nuxwdog-client-java.x86_64 0:1.0.5-1.el7 will be installed\n--> Processing Dependency: nuxwdog = 1.0.5-1.el7 for package: nuxwdog-client-java-1.0.5-1.el7.x86_64\n--> Processing Dependency: libnuxwdog.so.0()(64bit) for package: nuxwdog-client-java-1.0.5-1.el7.x86_64\n---> Package pcsc-lite-libs.x86_64 0:1.8.8-8.el7 will be installed\n---> Package perl-Compress-Raw-Bzip2.x86_64 0:2.061-3.el7 will be installed\n---> Package perl-Compress-Raw-Zlib.x86_64 1:2.061-4.el7 will be installed\n---> Package perl-Data-Dumper.x86_64 0:2.145-3.el7 will be installed\n---> Package perl-Encode.x86_64 0:2.51-7.el7 will be installed\n---> Package perl-Filter.x86_64 0:1.49-3.el7 will be installed\n---> Package perl-IO-Zlib.noarch 1:1.10-297.el7 will be installed\n---> Package perl-Package-Constants.noarch 1:0.02-297.el7 will be installed\n---> Package perl-Pod-Simple.noarch 1:3.28-4.el7 will be installed\n--> Processing Dependency: perl(Pod::Escapes) >= 1.04 for package: 1:perl-Pod-Simple-3.28-4.el7.noarch\n---> Package perl-Pod-Usage.noarch 0:1.63-3.el7 will be installed\n--> Processing Dependency: perl(Pod::Text) >= 3.15 for package: perl-Pod-Usage-1.63-3.el7.noarch\n--> Processing Dependency: perl-Pod-Perldoc for package: perl-Pod-Usage-1.63-3.el7.noarch\n---> Package perl-Storable.x86_64 0:2.45-3.el7 will be installed\n---> Package perl-Text-ParseWords.noarch 0:3.29-4.el7 will be installed\n---> Package perl-Time-HiRes.x86_64 4:1.9725-3.el7 will be installed\n---> Package perl-constant.noarch 0:1.27-2.el7 will be installed\n---> Package perl-libs.x86_64 4:5.16.3-297.el7 will be installed\n---> Package perl-macros.x86_64 4:5.16.3-297.el7 will be installed\n---> Package perl-threads.x86_64 0:1.87-4.el7 will be installed\n---> Package perl-threads-shared.x86_64 0:1.43-6.el7 will be installed\n---> Package pki-base-java.noarch 0:10.5.18-7.el7 will be installed\n--> Processing Dependency: resteasy-base-jaxrs-api >= 3.0.6-1 for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: resteasy-base-jaxrs >= 3.0.6-1 for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: resteasy-base-jaxb-provider >= 3.0.6-1 for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: resteasy-base-jackson-provider >= 3.0.6-1 for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: resteasy-base-client >= 3.0.6-1 for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: resteasy-base-atom-provider >= 3.0.6-1 for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: ldapjdk >= 4.19-5 for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: jss >= 4.4.9-3 for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: xml-commons-resolver for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: xml-commons-apis for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: xerces-j2 for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: xalan-j2 for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: slf4j for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: javassist for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: jakarta-commons-httpclient for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: apache-commons-logging for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: apache-commons-lang for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: apache-commons-io for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: apache-commons-codec for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: apache-commons-cli for package: pki-base-java-10.5.18-7.el7.noarch\n---> Package pki-tools.x86_64 0:10.5.18-7.el7 will be installed\n---> Package python-jwcrypto.noarch 0:0.4.2-1.el7 will be installed\n---> Package python-nss.x86_64 0:0.16.0-3.el7 will be installed\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-ipalib.noarch 0:4.6.8-5.el7 will be installed\n--> Processing Dependency: python-yubico >= 1.2.3 for package: python2-ipalib-4.6.8-5.el7.noarch\n--> Processing Dependency: python-qrcode-core >= 5.0.0 for package: python2-ipalib-4.6.8-5.el7.noarch\n--> Processing Dependency: python-netifaces >= 0.10.4 for package: python2-ipalib-4.6.8-5.el7.noarch\n--> Processing Dependency: python-netaddr >= 0.7.5-9 for package: python2-ipalib-4.6.8-5.el7.noarch\n--> Processing Dependency: pyusb for package: python2-ipalib-4.6.8-5.el7.noarch\n--> Processing Dependency: python-sss-murmur for package: python2-ipalib-4.6.8-5.el7.noarch\n--> Processing Dependency: python-pyasn1-modules for package: python2-ipalib-4.6.8-5.el7.noarch\n--> Processing Dependency: python-libipa_hbac for package: python2-ipalib-4.6.8-5.el7.noarch\n---> Package sssd-ad.x86_64 0:1.16.5-10.el7 will be installed\n--> Processing Dependency: sssd-krb5-common = 1.16.5-10.el7 for package: sssd-ad-1.16.5-10.el7.x86_64\n--> Processing Dependency: sssd-common-pac = 1.16.5-10.el7 for package: sssd-ad-1.16.5-10.el7.x86_64\n--> Processing Dependency: libsmbclient.so.0(SMBCLIENT_0.1.0)(64bit) for package: sssd-ad-1.16.5-10.el7.x86_64\n--> Processing Dependency: libsmbclient.so.0()(64bit) for package: sssd-ad-1.16.5-10.el7.x86_64\n---> Package sssd-client.x86_64 0:1.16.5-10.el7 will be installed\n---> Package sssd-ipa.x86_64 0:1.16.5-10.el7 will be installed\n--> Processing Dependency: libipa_hbac(x86-64) = 1.16.5-10.el7 for package: sssd-ipa-1.16.5-10.el7.x86_64\n--> Processing Dependency: libipa_hbac.so.0(IPA_HBAC_0.1.0)(64bit) for package: sssd-ipa-1.16.5-10.el7.x86_64\n--> Processing Dependency: libipa_hbac.so.0(IPA_HBAC_0.0.1)(64bit) for package: sssd-ipa-1.16.5-10.el7.x86_64\n--> Processing Dependency: libipa_hbac.so.0()(64bit) for package: sssd-ipa-1.16.5-10.el7.x86_64\n---> Package sssd-krb5.x86_64 0:1.16.5-10.el7 will be installed\n---> Package sssd-ldap.x86_64 0:1.16.5-10.el7 will be installed\n---> Package sssd-proxy.x86_64 0:1.16.5-10.el7 will be installed\n---> Package tomcat.noarch 0:7.0.76-15.el7 will be installed\n--> Processing Dependency: tomcat-lib = 7.0.76-15.el7 for package: tomcat-7.0.76-15.el7.noarch\n--> Processing Dependency: java >= 1:1.6.0 for package: tomcat-7.0.76-15.el7.noarch\n--> Processing Dependency: apache-commons-pool for package: tomcat-7.0.76-15.el7.noarch\n--> Processing Dependency: apache-commons-dbcp for package: tomcat-7.0.76-15.el7.noarch\n--> Processing Dependency: apache-commons-daemon for package: tomcat-7.0.76-15.el7.noarch\n--> Processing Dependency: apache-commons-collections for package: tomcat-7.0.76-15.el7.noarch\n---> Package tomcatjss.noarch 0:7.2.5-1.el7 will be installed\n---> Package trousers.x86_64 0:0.3.14-2.el7 will be installed\n---> Package tzdata-java.noarch 0:2020a-1.el7 will be installed\n---> Package velocity.noarch 0:1.7-10.el7 will be installed\n--> Processing Dependency: servlet3 for package: velocity-1.7-10.el7.noarch\n--> Processing Dependency: log4j for package: velocity-1.7-10.el7.noarch\n--> Processing Dependency: junit for package: velocity-1.7-10.el7.noarch\n--> Processing Dependency: jdom for package: velocity-1.7-10.el7.noarch\n--> Processing Dependency: jaxen for package: velocity-1.7-10.el7.noarch\n--> Processing Dependency: jakarta-oro for package: velocity-1.7-10.el7.noarch\n--> Processing Dependency: hsqldb for package: velocity-1.7-10.el7.noarch\n--> Processing Dependency: bcel for package: velocity-1.7-10.el7.noarch\n--> Running transaction check\n---> Package apache-commons-cli.noarch 0:1.2-13.el7 will be installed\n---> Package apache-commons-codec.noarch 0:1.8-7.el7 will be installed\n---> Package apache-commons-collections.noarch 0:3.2.1-22.el7_2 will be installed\n---> Package apache-commons-daemon.x86_64 0:1.0.13-7.el7 will be installed\n---> Package apache-commons-dbcp.noarch 0:1.4-17.el7 will be installed\n--> Processing Dependency: mvn(org.apache.geronimo.specs:geronimo-jta_1.1_spec) for package: apache-commons-dbcp-1.4-17.el7.noarch\n---> Package apache-commons-io.noarch 1:2.4-12.el7 will be installed\n---> Package apache-commons-lang.noarch 0:2.6-15.el7 will be installed\n---> Package apache-commons-logging.noarch 0:1.1.2-7.el7 will be installed\n--> Processing Dependency: mvn(logkit:logkit) for package: apache-commons-logging-1.1.2-7.el7.noarch\n--> Processing Dependency: mvn(avalon-framework:avalon-framework-api) for package: apache-commons-logging-1.1.2-7.el7.noarch\n---> Package apache-commons-pool.noarch 0:1.6-9.el7 will be installed\n---> Package bcel.noarch 0:5.2-18.el7 will be installed\n--> Processing Dependency: mvn(regexp:regexp) for package: bcel-5.2-18.el7.noarch\n---> Package bind-license.noarch 32:9.11.4-26.P2.el7 will be installed\n---> Package geoipupdate.x86_64 0:2.5.0-1.el7 will be installed\n---> Package hsqldb.noarch 1:1.8.1.3-14.el7 will be installed\n---> Package jakarta-commons-httpclient.noarch 1:3.1-16.el7_0 will be installed\n---> Package jakarta-oro.noarch 0:2.0.8-16.el7 will be installed\n---> Package java-1.8.0-openjdk.x86_64 1:1.8.0.262.b10-1.el7 will be installed\n--> Processing Dependency: xorg-x11-fonts-Type1 for package: 1:java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64\n--> Processing Dependency: libasound.so.2(ALSA_0.9.0rc4)(64bit) for package: 1:java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64\n--> Processing Dependency: libasound.so.2(ALSA_0.9)(64bit) for package: 1:java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64\n--> Processing Dependency: libXcomposite(x86-64) for package: 1:java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64\n--> Processing Dependency: gtk2(x86-64) for package: 1:java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64\n--> Processing Dependency: fontconfig(x86-64) for package: 1:java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64\n--> Processing Dependency: libgif.so.4()(64bit) for package: 1:java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64\n--> Processing Dependency: libasound.so.2()(64bit) for package: 1:java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64\n--> Processing Dependency: libXtst.so.6()(64bit) for package: 1:java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64\n--> Processing Dependency: libXrender.so.1()(64bit) for package: 1:java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64\n--> Processing Dependency: libXi.so.6()(64bit) for package: 1:java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64\n--> Processing Dependency: libXext.so.6()(64bit) for package: 1:java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64\n--> Processing Dependency: libX11.so.6()(64bit) for package: 1:java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64\n---> Package javassist.noarch 0:3.16.1-10.el7 will be installed\n---> Package jaxen.noarch 0:1.1.3-11.el7 will be installed\n--> Processing Dependency: dom4j >= 1.6.1 for package: jaxen-1.1.3-11.el7.noarch\n---> Package jdom.noarch 0:1.1.3-6.el7 will be installed\n---> Package jss.x86_64 0:4.4.9-3.el7 will be installed\n---> Package junit.noarch 0:4.11-8.el7 will be installed\n--> Processing Dependency: osgi(org.hamcrest.core) for package: junit-4.11-8.el7.noarch\n--> Processing Dependency: hamcrest for package: junit-4.11-8.el7.noarch\n---> Package ldapjdk.noarch 0:4.19-5.el7 will be installed\n---> Package libipa_hbac.x86_64 0:1.16.5-10.el7 will be installed\n---> Package libsmbclient.x86_64 0:4.10.16-5.el7 will be installed\n---> Package log4j.noarch 0:1.2.17-16.el7_4 will be installed\n--> Processing Dependency: mvn(org.apache.geronimo.specs:geronimo-jms_1.1_spec) for package: log4j-1.2.17-16.el7_4.noarch\n--> Processing Dependency: mvn(javax.mail:mail) for package: log4j-1.2.17-16.el7_4.noarch\n---> Package nuxwdog.x86_64 0:1.0.5-1.el7 will be installed\n---> Package perl-Pod-Escapes.noarch 1:1.04-297.el7 will be installed\n---> Package perl-Pod-Perldoc.noarch 0:3.20-4.el7 will be installed\n--> Processing Dependency: perl(parent) for package: perl-Pod-Perldoc-3.20-4.el7.noarch\n--> Processing Dependency: perl(HTTP::Tiny) for package: perl-Pod-Perldoc-3.20-4.el7.noarch\n---> Package perl-podlators.noarch 0:2.5.1-3.el7 will be installed\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n---> Package python-javapackages.noarch 0:3.4.1-11.el7 will be installed\n---> Package python-libipa_hbac.x86_64 0:1.16.5-10.el7 will be installed\n---> Package python-netaddr.noarch 0:0.7.5-9.el7 will be installed\n---> Package python-netifaces.x86_64 0:0.10.4-3.el7 will be installed\n---> Package python-qrcode-core.noarch 0:5.0.1-1.el7 will be installed\n---> Package python-sss-murmur.x86_64 0:1.16.5-10.el7 will be installed\n---> Package python-yubico.noarch 0:1.2.3-1.el7 will be installed\n---> Package python2-pyasn1-modules.noarch 0:0.1.9-7.el7 will be installed\n---> Package pyusb.noarch 0:1.0.0-0.11.b1.el7 will be installed\n---> Package resteasy-base-atom-provider.noarch 0:3.0.6-4.el7 will be installed\n--> Processing Dependency: mvn(com.sun.xml.bind:jaxb-impl) for package: resteasy-base-atom-provider-3.0.6-4.el7.noarch\n---> Package resteasy-base-client.noarch 0:3.0.6-4.el7 will be installed\n---> Package resteasy-base-jackson-provider.noarch 0:3.0.6-4.el7 will be installed\n--> Processing Dependency: mvn(org.codehaus.jackson:jackson-xc) for package: resteasy-base-jackson-provider-3.0.6-4.el7.noarch\n--> Processing Dependency: mvn(org.codehaus.jackson:jackson-mapper-asl) for package: resteasy-base-jackson-provider-3.0.6-4.el7.noarch\n--> Processing Dependency: mvn(org.codehaus.jackson:jackson-jaxrs) for package: resteasy-base-jackson-provider-3.0.6-4.el7.noarch\n--> Processing Dependency: mvn(org.codehaus.jackson:jackson-core-asl) for package: resteasy-base-jackson-provider-3.0.6-4.el7.noarch\n---> Package resteasy-base-jaxb-provider.noarch 0:3.0.6-4.el7 will be installed\n---> Package resteasy-base-jaxrs.noarch 0:3.0.6-4.el7 will be installed\n--> Processing Dependency: mvn(org.scannotation:scannotation) for package: resteasy-base-jaxrs-3.0.6-4.el7.noarch\n--> Processing Dependency: mvn(org.jboss.spec.javax.annotation:jboss-annotations-api_1.1_spec) for package: resteasy-base-jaxrs-3.0.6-4.el7.noarch\n--> Processing Dependency: mvn(org.apache.httpcomponents:httpclient) for package: resteasy-base-jaxrs-3.0.6-4.el7.noarch\n---> Package resteasy-base-jaxrs-api.noarch 0:3.0.6-4.el7 will be installed\n---> Package slf4j.noarch 0:1.7.4-4.el7_4 will be installed\n--> Processing Dependency: mvn(ch.qos.cal10n:cal10n-api) for package: slf4j-1.7.4-4.el7_4.noarch\n---> Package sssd-common-pac.x86_64 0:1.16.5-10.el7 will be installed\n---> Package sssd-krb5-common.x86_64 0:1.16.5-10.el7 will be installed\n---> Package tomcat-lib.noarch 0:7.0.76-15.el7 will be installed\n--> Processing Dependency: tomcat-jsp-2.2-api = 7.0.76-15.el7 for package: tomcat-lib-7.0.76-15.el7.noarch\n--> Processing Dependency: tomcat-el-2.2-api = 7.0.76-15.el7 for package: tomcat-lib-7.0.76-15.el7.noarch\n--> Processing Dependency: ecj >= 1:4.2.1 for package: tomcat-lib-7.0.76-15.el7.noarch\n---> Package tomcat-servlet-3.0-api.noarch 0:7.0.76-15.el7 will be installed\n---> Package xalan-j2.noarch 0:2.7.1-23.el7 will be installed\n---> Package xerces-j2.noarch 0:2.11.0-17.el7_0 will be installed\n---> Package xml-commons-apis.noarch 0:1.4.01-16.el7 will be installed\n---> Package xml-commons-resolver.noarch 0:1.2-15.el7 will be installed\n--> Running transaction check\n---> Package alsa-lib.x86_64 0:1.1.8-1.el7 will be installed\n---> Package avalon-framework.noarch 0:4.3-10.el7 will be installed\n---> Package avalon-logkit.noarch 0:2.1-14.el7 will be installed\n---> Package cal10n.noarch 0:0.7.7-4.el7 will be installed\n---> Package dom4j.noarch 0:1.6.1-20.el7 will be installed\n--> Processing Dependency: xpp3 for package: dom4j-1.6.1-20.el7.noarch\n--> Processing Dependency: ws-jaxme for package: dom4j-1.6.1-20.el7.noarch\n--> Processing Dependency: relaxngDatatype for package: dom4j-1.6.1-20.el7.noarch\n--> Processing Dependency: msv-xsdlib for package: dom4j-1.6.1-20.el7.noarch\n--> Processing Dependency: msv-msv for package: dom4j-1.6.1-20.el7.noarch\n--> Processing Dependency: isorelax for package: dom4j-1.6.1-20.el7.noarch\n--> Processing Dependency: bea-stax-api for package: dom4j-1.6.1-20.el7.noarch\n--> Processing Dependency: bea-stax for package: dom4j-1.6.1-20.el7.noarch\n---> Package ecj.x86_64 1:4.5.2-3.el7 will be installed\n---> Package fontconfig.x86_64 0:2.13.0-4.3.el7 will be installed\n--> Processing Dependency: dejavu-sans-fonts for package: fontconfig-2.13.0-4.3.el7.x86_64\n---> Package geronimo-jms.noarch 0:1.1.1-19.el7 will be installed\n---> Package geronimo-jta.noarch 0:1.1.1-17.el7 will be installed\n---> Package giflib.x86_64 0:4.1.6-9.el7 will be installed\n--> Processing Dependency: libSM.so.6()(64bit) for package: giflib-4.1.6-9.el7.x86_64\n--> Processing Dependency: libICE.so.6()(64bit) for package: giflib-4.1.6-9.el7.x86_64\n---> Package glassfish-jaxb.noarch 0:2.2.5-6.el7 will be installed\n--> Processing Dependency: xsom for package: glassfish-jaxb-2.2.5-6.el7.noarch\n--> Processing Dependency: txw2 for package: glassfish-jaxb-2.2.5-6.el7.noarch\n--> Processing Dependency: stax-ex for package: glassfish-jaxb-2.2.5-6.el7.noarch\n--> Processing Dependency: rngom for package: glassfish-jaxb-2.2.5-6.el7.noarch\n--> Processing Dependency: jing for package: glassfish-jaxb-2.2.5-6.el7.noarch\n--> Processing Dependency: istack-commons for package: glassfish-jaxb-2.2.5-6.el7.noarch\n--> Processing Dependency: glassfish-jaxb-api for package: glassfish-jaxb-2.2.5-6.el7.noarch\n--> Processing Dependency: glassfish-fastinfoset for package: glassfish-jaxb-2.2.5-6.el7.noarch\n--> Processing Dependency: glassfish-dtd-parser for package: glassfish-jaxb-2.2.5-6.el7.noarch\n--> Processing Dependency: codemodel for package: glassfish-jaxb-2.2.5-6.el7.noarch\n---> Package gtk2.x86_64 0:2.24.31-1.el7 will be installed\n--> Processing Dependency: pango >= 1.20.0-1 for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libtiff >= 3.6.1 for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libXrandr >= 1.2.99.4-2 for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: atk >= 1.29.4-2 for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: hicolor-icon-theme for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: gtk-update-icon-cache for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libpangoft2-1.0.so.0()(64bit) for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libpangocairo-1.0.so.0()(64bit) for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libpango-1.0.so.0()(64bit) for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libgdk_pixbuf-2.0.so.0()(64bit) for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libcairo.so.2()(64bit) for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libatk-1.0.so.0()(64bit) for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libXrandr.so.2()(64bit) for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libXinerama.so.1()(64bit) for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libXfixes.so.3()(64bit) for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libXdamage.so.1()(64bit) for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libXcursor.so.1()(64bit) for package: gtk2-2.24.31-1.el7.x86_64\n---> Package hamcrest.noarch 0:1.3-6.el7 will be installed\n--> Processing Dependency: qdox for package: hamcrest-1.3-6.el7.noarch\n--> Processing Dependency: easymock2 for package: hamcrest-1.3-6.el7.noarch\n---> Package httpcomponents-client.noarch 0:4.2.5-5.el7_0 will be installed\n--> Processing Dependency: mvn(org.apache.httpcomponents:httpcore) for package: httpcomponents-client-4.2.5-5.el7_0.noarch\n---> Package jackson.noarch 0:1.9.4-7.el7 will be installed\n--> Processing Dependency: stax2-api >= 3.1.1 for package: jackson-1.9.4-7.el7.noarch\n--> Processing Dependency: objectweb-asm >= 3.3 for package: jackson-1.9.4-7.el7.noarch\n--> Processing Dependency: jsr-311 >= 1.1.1 for package: jackson-1.9.4-7.el7.noarch\n--> Processing Dependency: joda-time >= 1.6.2 for package: jackson-1.9.4-7.el7.noarch\n---> Package javamail.noarch 0:1.4.6-8.el7 will be installed\n---> Package jboss-annotations-1.1-api.noarch 0:1.0.1-0.6.20120212git76e1a2.el7 will be installed\n---> Package libX11.x86_64 0:1.6.7-2.el7 will be installed\n--> Processing Dependency: libX11-common >= 1.6.7-2.el7 for package: libX11-1.6.7-2.el7.x86_64\n--> Processing Dependency: libxcb.so.1()(64bit) for package: libX11-1.6.7-2.el7.x86_64\n---> Package libXcomposite.x86_64 0:0.4.4-4.1.el7 will be installed\n---> Package libXext.x86_64 0:1.3.3-3.el7 will be installed\n---> Package libXi.x86_64 0:1.7.9-1.el7 will be installed\n---> Package libXrender.x86_64 0:0.9.10-1.el7 will be installed\n---> Package libXtst.x86_64 0:1.2.3-1.el7 will be installed\n---> Package perl-HTTP-Tiny.noarch 0:0.033-3.el7 will be installed\n---> Package perl-parent.noarch 1:0.225-244.el7 will be installed\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n---> Package regexp.noarch 0:1.5-13.el7 will be installed\n---> Package scannotation.noarch 0:1.0.3-0.7.r12.el7 will be installed\n---> Package tomcat-el-2.2-api.noarch 0:7.0.76-15.el7 will be installed\n---> Package tomcat-jsp-2.2-api.noarch 0:7.0.76-15.el7 will be installed\n---> Package xorg-x11-fonts-Type1.noarch 0:7.5-9.el7 will be installed\n--> Processing Dependency: ttmkfdir for package: xorg-x11-fonts-Type1-7.5-9.el7.noarch\n--> Processing Dependency: ttmkfdir for package: xorg-x11-fonts-Type1-7.5-9.el7.noarch\n--> Processing Dependency: mkfontdir for package: xorg-x11-fonts-Type1-7.5-9.el7.noarch\n--> Processing Dependency: mkfontdir for package: xorg-x11-fonts-Type1-7.5-9.el7.noarch\n--> Running transaction check\n---> Package atk.x86_64 0:2.28.1-2.el7 will be installed\n---> Package bea-stax.noarch 0:1.2.0-9.el7 will be installed\n---> Package bea-stax-api.noarch 0:1.2.0-9.el7 will be installed\n---> Package cairo.x86_64 0:1.15.12-4.el7 will be installed\n--> Processing Dependency: libpixman-1.so.0()(64bit) for package: cairo-1.15.12-4.el7.x86_64\n--> Processing Dependency: libGL.so.1()(64bit) for package: cairo-1.15.12-4.el7.x86_64\n--> Processing Dependency: libEGL.so.1()(64bit) for package: cairo-1.15.12-4.el7.x86_64\n---> Package codemodel.noarch 0:2.6-9.el7 will be installed\n--> Processing Dependency: jvnet-parent for package: codemodel-2.6-9.el7.noarch\n---> Package dejavu-sans-fonts.noarch 0:2.33-6.el7 will be installed\n--> Processing Dependency: dejavu-fonts-common = 2.33-6.el7 for package: dejavu-sans-fonts-2.33-6.el7.noarch\n---> Package easymock2.noarch 0:2.5.2-12.el7 will be installed\n---> Package gdk-pixbuf2.x86_64 0:2.36.12-3.el7 will be installed\n--> Processing Dependency: libjasper.so.1()(64bit) for package: gdk-pixbuf2-2.36.12-3.el7.x86_64\n---> Package glassfish-dtd-parser.noarch 0:1.2-0.8.20120120svn.el7 will be installed\n---> Package glassfish-fastinfoset.noarch 0:1.2.12-9.el7 will be installed\n---> Package glassfish-jaxb-api.noarch 0:2.2.7-4.el7 will be installed\n---> Package gtk-update-icon-cache.x86_64 0:3.22.30-5.el7 will be installed\n---> Package hicolor-icon-theme.noarch 0:0.12-7.el7 will be installed\n---> Package httpcomponents-core.noarch 0:4.2.4-6.el7 will be installed\n---> Package isorelax.noarch 1:0-0.15.release20050331.el7 will be installed\n---> Package istack-commons.noarch 0:2.17-4.el7 will be installed\n---> Package jing.noarch 0:20091111-14.el7 will be installed\n---> Package joda-time.noarch 0:2.2-3.tzdata2013c.el7 will be installed\n--> Processing Dependency: mvn(org.joda:joda-convert) for package: joda-time-2.2-3.tzdata2013c.el7.noarch\n---> Package jsr-311.noarch 0:1.1.1-6.el7 will be installed\n---> Package libICE.x86_64 0:1.0.9-9.el7 will be installed\n---> Package libSM.x86_64 0:1.2.2-2.el7 will be installed\n---> Package libX11-common.noarch 0:1.6.7-2.el7 will be installed\n---> Package libXcursor.x86_64 0:1.1.15-1.el7 will be installed\n---> Package libXdamage.x86_64 0:1.1.4-4.1.el7 will be installed\n---> Package libXfixes.x86_64 0:5.0.3-1.el7 will be installed\n---> Package libXinerama.x86_64 0:1.1.3-2.1.el7 will be installed\n---> Package libXrandr.x86_64 0:1.5.1-2.el7 will be installed\n---> Package libtiff.x86_64 0:4.0.3-35.el7 will be installed\n--> Processing Dependency: libjbig.so.2.0()(64bit) for package: libtiff-4.0.3-35.el7.x86_64\n---> Package libxcb.x86_64 0:1.13-1.el7 will be installed\n--> Processing Dependency: libXau.so.6()(64bit) for package: libxcb-1.13-1.el7.x86_64\n---> Package msv-msv.noarch 1:2013.5.1-7.el7 will be installed\n---> Package msv-xsdlib.noarch 1:2013.5.1-7.el7 will be installed\n---> Package objectweb-asm.noarch 0:3.3.1-9.el7 will be installed\n---> Package pango.x86_64 0:1.42.4-4.el7_7 will be installed\n--> Processing Dependency: libthai(x86-64) >= 0.1.9 for package: pango-1.42.4-4.el7_7.x86_64\n--> Processing Dependency: libXft(x86-64) >= 2.0.0 for package: pango-1.42.4-4.el7_7.x86_64\n--> Processing Dependency: harfbuzz(x86-64) >= 1.4.2 for package: pango-1.42.4-4.el7_7.x86_64\n--> Processing Dependency: fribidi(x86-64) >= 1.0 for package: pango-1.42.4-4.el7_7.x86_64\n--> Processing Dependency: libthai.so.0(LIBTHAI_0.1)(64bit) for package: pango-1.42.4-4.el7_7.x86_64\n--> Processing Dependency: libthai.so.0()(64bit) for package: pango-1.42.4-4.el7_7.x86_64\n--> Processing Dependency: libharfbuzz.so.0()(64bit) for package: pango-1.42.4-4.el7_7.x86_64\n--> Processing Dependency: libfribidi.so.0()(64bit) for package: pango-1.42.4-4.el7_7.x86_64\n--> Processing Dependency: libXft.so.2()(64bit) for package: pango-1.42.4-4.el7_7.x86_64\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n---> Package qdox.noarch 0:1.12.1-10.el7 will be installed\n---> Package relaxngDatatype.noarch 0:1.0-11.el7 will be installed\n---> Package rngom.noarch 0:201103-0.8.20120119svn.el7 will be installed\n---> Package stax-ex.noarch 0:1.7.1-6.el7 will be installed\n---> Package stax2-api.noarch 0:3.1.1-10.el7 will be installed\n---> Package ttmkfdir.x86_64 0:3.0.9-42.el7 will be installed\n---> Package txw2.noarch 0:20110809-8.el7 will be installed\n--> Processing Dependency: args4j for package: txw2-20110809-8.el7.noarch\n---> Package ws-jaxme.noarch 0:0.5.2-10.el7 will be installed\n--> Processing Dependency: antlr for package: ws-jaxme-0.5.2-10.el7.noarch\n---> Package xorg-x11-font-utils.x86_64 1:7.5-21.el7 will be installed\n--> Processing Dependency: libfontenc.so.1()(64bit) for package: 1:xorg-x11-font-utils-7.5-21.el7.x86_64\n---> Package xpp3.noarch 0:1.1.3.8-11.el7 will be installed\n---> Package xsom.noarch 0:0-10.20110809svn.el7 will be installed\n--> Running transaction check\n---> Package antlr-tool.noarch 0:2.7.7-30.el7 will be installed\n---> Package args4j.noarch 0:2.0.16-13.el7 will be installed\n---> Package dejavu-fonts-common.noarch 0:2.33-6.el7 will be installed\n---> Package fribidi.x86_64 0:1.0.2-1.el7_7.1 will be installed\n---> Package harfbuzz.x86_64 0:1.7.5-2.el7 will be installed\n--> Processing Dependency: libgraphite2.so.3()(64bit) for package: harfbuzz-1.7.5-2.el7.x86_64\n---> Package jasper-libs.x86_64 0:1.900.1-33.el7 will be installed\n---> Package jbigkit-libs.x86_64 0:2.0-11.el7 will be installed\n---> Package joda-convert.noarch 0:1.3-5.el7 will be installed\n---> Package jvnet-parent.noarch 0:4-2.el7 will be installed\n---> Package libXau.x86_64 0:1.0.8-2.1.el7 will be installed\n---> Package libXft.x86_64 0:2.3.2-2.el7 will be installed\n---> Package libfontenc.x86_64 0:1.1.3-3.el7 will be installed\n---> Package libglvnd-egl.x86_64 1:1.0.1-0.8.git5baa1e5.el7 will be installed\n--> Processing Dependency: libglvnd(x86-64) = 1:1.0.1-0.8.git5baa1e5.el7 for package: 1:libglvnd-egl-1.0.1-0.8.git5baa1e5.el7.x86_64\n--> Processing Dependency: mesa-libEGL(x86-64) >= 13.0.4-1 for package: 1:libglvnd-egl-1.0.1-0.8.git5baa1e5.el7.x86_64\n--> Processing Dependency: libGLdispatch.so.0()(64bit) for package: 1:libglvnd-egl-1.0.1-0.8.git5baa1e5.el7.x86_64\n---> Package libglvnd-glx.x86_64 1:1.0.1-0.8.git5baa1e5.el7 will be installed\n--> Processing Dependency: mesa-libGL(x86-64) >= 13.0.4-1 for package: 1:libglvnd-glx-1.0.1-0.8.git5baa1e5.el7.x86_64\n---> Package libthai.x86_64 0:0.1.14-9.el7 will be installed\n---> Package pixman.x86_64 0:0.34.0-1.el7 will be installed\n--> Running transaction check\n---> Package graphite2.x86_64 0:1.3.10-1.el7_3 will be installed\n---> Package libglvnd.x86_64 1:1.0.1-0.8.git5baa1e5.el7 will be installed\n---> Package mesa-libEGL.x86_64 0:18.3.4-10.el7 will be installed\n--> Processing Dependency: mesa-libgbm = 18.3.4-10.el7 for package: mesa-libEGL-18.3.4-10.el7.x86_64\n--> Processing Dependency: libxshmfence.so.1()(64bit) for package: mesa-libEGL-18.3.4-10.el7.x86_64\n--> Processing Dependency: libwayland-server.so.0()(64bit) for package: mesa-libEGL-18.3.4-10.el7.x86_64\n--> Processing Dependency: libwayland-client.so.0()(64bit) for package: mesa-libEGL-18.3.4-10.el7.x86_64\n--> Processing Dependency: libglapi.so.0()(64bit) for package: mesa-libEGL-18.3.4-10.el7.x86_64\n--> Processing Dependency: libgbm.so.1()(64bit) for package: mesa-libEGL-18.3.4-10.el7.x86_64\n--> Processing Dependency: libdrm.so.2()(64bit) for package: mesa-libEGL-18.3.4-10.el7.x86_64\n---> Package mesa-libGL.x86_64 0:18.3.4-10.el7 will be installed\n--> Processing Dependency: libXxf86vm.so.1()(64bit) for package: mesa-libGL-18.3.4-10.el7.x86_64\n--> Running transaction check\n---> Package libXxf86vm.x86_64 0:1.1.4-1.el7 will be installed\n---> Package libdrm.x86_64 0:2.4.97-2.el7 will be installed\n--> Processing Dependency: libpciaccess.so.0()(64bit) for package: libdrm-2.4.97-2.el7.x86_64\n---> Package libwayland-client.x86_64 0:1.15.0-1.el7 will be installed\n---> Package libwayland-server.x86_64 0:1.15.0-1.el7 will be installed\n---> Package libxshmfence.x86_64 0:1.2-1.el7 will be installed\n---> Package mesa-libgbm.x86_64 0:18.3.4-10.el7 will be installed\n---> Package mesa-libglapi.x86_64 0:18.3.4-10.el7 will be installed\n--> Running transaction check\n---> Package libpciaccess.x86_64 0:0.14-1.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository\n Size\n================================================================================\nInstalling:\n ipa-server x86_64 4.6.8-5.el7 rhel 531 k\nInstalling for dependencies:\n 389-ds-base x86_64 1.3.10.2-6.el7 rhel 1.7 M\n 389-ds-base-libs x86_64 1.3.10.2-6.el7 rhel 713 k\n GeoIP x86_64 1.5.0-14.el7 rhel 1.5 M\n alsa-lib x86_64 1.1.8-1.el7 rhel 425 k\n antlr-tool noarch 2.7.7-30.el7 rhel 357 k\n apache-commons-cli noarch 1.2-13.el7 rhel 51 k\n apache-commons-codec noarch 1.8-7.el7 rhel 223 k\n apache-commons-collections noarch 3.2.1-22.el7_2 rhel 509 k\n apache-commons-daemon x86_64 1.0.13-7.el7 rhel 54 k\n apache-commons-dbcp noarch 1.4-17.el7 rhel 167 k\n apache-commons-io noarch 1:2.4-12.el7 rhel 189 k\n apache-commons-lang noarch 2.6-15.el7 rhel 276 k\n apache-commons-logging noarch 1.1.2-7.el7 rhel 78 k\n apache-commons-pool noarch 1.6-9.el7 rhel 113 k\n apr x86_64 1.4.8-7.el7 rhel 104 k\n apr-util x86_64 1.5.2-6.el7 rhel 92 k\n apr-util-openssl x86_64 1.5.2-6.el7 rhel 20 k\n args4j noarch 2.0.16-13.el7 rhel 70 k\n atk x86_64 2.28.1-2.el7 rhel 263 k\n augeas-libs x86_64 1.4.0-10.el7 rhel 357 k\n autofs x86_64 1:5.0.7-113.el7 rhel 836 k\n autogen-libopts x86_64 5.18-5.el7 rhel 66 k\n avahi-libs x86_64 0.6.31-20.el7 rhel 62 k\n avalon-framework noarch 4.3-10.el7 rhel 87 k\n avalon-logkit noarch 2.1-14.el7 rhel 87 k\n bcel noarch 5.2-18.el7 rhel 469 k\n bea-stax noarch 1.2.0-9.el7 rhel 176 k\n bea-stax-api noarch 1.2.0-9.el7 rhel 31 k\n bind-libs x86_64 32:9.11.4-26.P2.el7 rhel 156 k\n bind-libs-lite x86_64 32:9.11.4-26.P2.el7 rhel 1.1 M\n bind-license noarch 32:9.11.4-26.P2.el7 rhel 90 k\n bind-utils x86_64 32:9.11.4-26.P2.el7 rhel 260 k\n c-ares x86_64 1.10.0-3.el7 rhel 78 k\n cairo x86_64 1.15.12-4.el7 rhel 741 k\n cal10n noarch 0.7.7-4.el7 rhel 36 k\n certmonger x86_64 0.78.4-14.el7 rhel 604 k\n codemodel noarch 2.6-9.el7 rhel 164 k\n copy-jdk-configs noarch 3.3-10.el7_5 rhel 21 k\n cups-libs x86_64 1:1.6.3-51.el7 rhel 359 k\n custodia noarch 0.3.1-4.el7 rhel 24 k\n cyrus-sasl-gssapi x86_64 2.1.26-23.el7 rhel 41 k\n cyrus-sasl-md5 x86_64 2.1.26-23.el7 rhel 57 k\n cyrus-sasl-plain x86_64 2.1.26-23.el7 rhel 39 k\n dejavu-fonts-common noarch 2.33-6.el7 rhel 64 k\n dejavu-sans-fonts noarch 2.33-6.el7 rhel 1.4 M\n dom4j noarch 1.6.1-20.el7 rhel 277 k\n easymock2 noarch 2.5.2-12.el7 rhel 92 k\n ecj x86_64 1:4.5.2-3.el7 rhel 1.9 M\n fontawesome-fonts noarch 4.1.0-2.el7 rhel 137 k\n fontconfig x86_64 2.13.0-4.3.el7 rhel 254 k\n fontpackages-filesystem noarch 1.44-8.el7 rhel 9.9 k\n fribidi x86_64 1.0.2-1.el7_7.1 rhel 80 k\n gdk-pixbuf2 x86_64 2.36.12-3.el7 rhel 570 k\n geoipupdate x86_64 2.5.0-1.el7 rhel 35 k\n geronimo-jms noarch 1.1.1-19.el7 rhel 31 k\n geronimo-jta noarch 1.1.1-17.el7 rhel 20 k\n giflib x86_64 4.1.6-9.el7 rhel 40 k\n glassfish-dtd-parser noarch 1.2-0.8.20120120svn.el7 rhel 70 k\n glassfish-fastinfoset noarch 1.2.12-9.el7 rhel 272 k\n glassfish-jaxb noarch 2.2.5-6.el7 rhel 1.8 M\n glassfish-jaxb-api noarch 2.2.7-4.el7 rhel 92 k\n gnutls x86_64 3.3.29-9.el7_6 rhel 681 k\n gperftools-libs x86_64 2.6.1-1.el7 rhel 272 k\n graphite2 x86_64 1.3.10-1.el7_3 rhel 115 k\n gtk-update-icon-cache x86_64 3.22.30-5.el7 rhel 27 k\n gtk2 x86_64 2.24.31-1.el7 rhel 3.4 M\n hamcrest noarch 1.3-6.el7 rhel 125 k\n harfbuzz x86_64 1.7.5-2.el7 rhel 267 k\n hesiod x86_64 3.2.1-3.el7 rhel 30 k\n hicolor-icon-theme noarch 0.12-7.el7 rhel 43 k\n hsqldb noarch 1:1.8.1.3-14.el7 rhel 950 k\n http-parser x86_64 2.7.1-9.el7 rhel 29 k\n httpcomponents-client noarch 4.2.5-5.el7_0 rhel 425 k\n httpcomponents-core noarch 4.2.4-6.el7 rhel 466 k\n httpd x86_64 2.4.6-95.el7 rhel 1.2 M\n httpd-tools x86_64 2.4.6-95.el7 rhel 93 k\n ipa-client x86_64 4.6.8-5.el7 rhel 288 k\n ipa-client-common noarch 4.6.8-5.el7 rhel 193 k\n ipa-common noarch 4.6.8-5.el7 rhel 619 k\n ipa-server-common noarch 4.6.8-5.el7 rhel 700 k\n isorelax noarch 1:0-0.15.release20050331.el7 rhel 75 k\n istack-commons noarch 2.17-4.el7 rhel 100 k\n jackson noarch 1.9.4-7.el7 rhel 1.0 M\n jakarta-commons-httpclient noarch 1:3.1-16.el7_0 rhel 241 k\n jakarta-oro noarch 2.0.8-16.el7 rhel 78 k\n jasper-libs x86_64 1.900.1-33.el7 rhel 150 k\n java-1.8.0-openjdk x86_64 1:1.8.0.262.b10-1.el7 rhel 300 k\n java-1.8.0-openjdk-headless x86_64 1:1.8.0.262.b10-1.el7 rhel 33 M\n javamail noarch 1.4.6-8.el7 rhel 758 k\n javapackages-tools noarch 3.4.1-11.el7 rhel 73 k\n javassist noarch 3.16.1-10.el7 rhel 627 k\n jaxen noarch 1.1.3-11.el7 rhel 204 k\n jbigkit-libs x86_64 2.0-11.el7 rhel 46 k\n jboss-annotations-1.1-api noarch 1.0.1-0.6.20120212git76e1a2.el7 rhel 20 k\n jdom noarch 1.1.3-6.el7 rhel 174 k\n jing noarch 20091111-14.el7 rhel 611 k\n joda-convert noarch 1.3-5.el7 rhel 46 k\n joda-time noarch 2.2-3.tzdata2013c.el7 rhel 484 k\n jsr-311 noarch 1.1.1-6.el7 rhel 45 k\n jss x86_64 4.4.9-3.el7 rhel 1.1 M\n junit noarch 4.11-8.el7 rhel 261 k\n jvnet-parent noarch 4-2.el7 rhel 10 k\n krb5-pkinit x86_64 1.15.1-50.el7 rhel 167 k\n krb5-server x86_64 1.15.1-50.el7 rhel 1.0 M\n krb5-workstation x86_64 1.15.1-50.el7 rhel 820 k\n ldapjdk noarch 4.19-5.el7 rhel 316 k\n libICE x86_64 1.0.9-9.el7 rhel 66 k\n libSM x86_64 1.2.2-2.el7 rhel 39 k\n libX11 x86_64 1.6.7-2.el7 rhel 607 k\n libX11-common noarch 1.6.7-2.el7 rhel 164 k\n libXau x86_64 1.0.8-2.1.el7 rhel 29 k\n libXcomposite x86_64 0.4.4-4.1.el7 rhel 22 k\n libXcursor x86_64 1.1.15-1.el7 rhel 30 k\n libXdamage x86_64 1.1.4-4.1.el7 rhel 20 k\n libXext x86_64 1.3.3-3.el7 rhel 39 k\n libXfixes x86_64 5.0.3-1.el7 rhel 18 k\n libXft x86_64 2.3.2-2.el7 rhel 58 k\n libXi x86_64 1.7.9-1.el7 rhel 40 k\n libXinerama x86_64 1.1.3-2.1.el7 rhel 14 k\n libXrandr x86_64 1.5.1-2.el7 rhel 27 k\n libXrender x86_64 0.9.10-1.el7 rhel 26 k\n libXtst x86_64 1.2.3-1.el7 rhel 20 k\n libXxf86vm x86_64 1.1.4-1.el7 rhel 18 k\n libdhash x86_64 0.5.0-32.el7 rhel 29 k\n libdrm x86_64 2.4.97-2.el7 rhel 151 k\n libfontenc x86_64 1.1.3-3.el7 rhel 31 k\n libglvnd x86_64 1:1.0.1-0.8.git5baa1e5.el7 rhel 90 k\n libglvnd-egl x86_64 1:1.0.1-0.8.git5baa1e5.el7 rhel 44 k\n libglvnd-glx x86_64 1:1.0.1-0.8.git5baa1e5.el7 rhel 125 k\n libicu x86_64 50.2-4.el7_7 rhel 6.9 M\n libipa_hbac x86_64 1.16.5-10.el7 rhel 153 k\n libjpeg-turbo x86_64 1.2.90-8.el7 rhel 135 k\n libkadm5 x86_64 1.15.1-50.el7 rhel 179 k\n libldb x86_64 1.5.4-1.el7 rhel 149 k\n libpciaccess x86_64 0.14-1.el7 rhel 26 k\n libsmbclient x86_64 4.10.16-5.el7 rhel 144 k\n libsss_autofs x86_64 1.16.5-10.el7 rhel 155 k\n libsss_certmap x86_64 1.16.5-10.el7 rhel 186 k\n libsss_idmap x86_64 1.16.5-10.el7 rhel 158 k\n libsss_nss_idmap x86_64 1.16.5-10.el7 rhel 164 k\n libsss_sudo x86_64 1.16.5-10.el7 rhel 153 k\n libtalloc x86_64 2.1.16-1.el7 rhel 33 k\n libtdb x86_64 1.3.18-1.el7 rhel 49 k\n libtevent x86_64 0.9.39-1.el7 rhel 41 k\n libthai x86_64 0.1.14-9.el7 rhel 187 k\n libtiff x86_64 4.0.3-35.el7 rhel 172 k\n libwayland-client x86_64 1.15.0-1.el7 rhel 33 k\n libwayland-server x86_64 1.15.0-1.el7 rhel 39 k\n libwbclient x86_64 4.10.16-5.el7 rhel 114 k\n libxcb x86_64 1.13-1.el7 rhel 214 k\n libxshmfence x86_64 1.2-1.el7 rhel 7.1 k\n lksctp-tools x86_64 1.0.17-2.el7 rhel 88 k\n log4j noarch 1.2.17-16.el7_4 rhel 444 k\n mailcap noarch 2.1.41-2.el7 rhel 31 k\n mesa-libEGL x86_64 18.3.4-10.el7 rhel 109 k\n mesa-libGL x86_64 18.3.4-10.el7 rhel 166 k\n mesa-libgbm x86_64 18.3.4-10.el7 rhel 39 k\n mesa-libglapi x86_64 18.3.4-10.el7 rhel 46 k\n mod_auth_gssapi x86_64 1.5.1-7.el7 rhel 67 k\n mod_lookup_identity x86_64 1.0.0-1.el7 rhel 24 k\n mod_nss x86_64 1.0.14-12.el7 rhel 113 k\n mod_session x86_64 2.4.6-95.el7 rhel 63 k\n mod_wsgi x86_64 3.4-18.el7 rhel 77 k\n msv-msv noarch 1:2013.5.1-7.el7 rhel 3.7 M\n msv-xsdlib noarch 1:2013.5.1-7.el7 rhel 1.1 M\n nettle x86_64 2.7.1-8.el7 rhel 327 k\n ntp x86_64 4.2.6p5-29.el7_8.2 rhel 549 k\n ntpdate x86_64 4.2.6p5-29.el7_8.2 rhel 87 k\n nuxwdog x86_64 1.0.5-1.el7 rhel 46 k\n nuxwdog-client-java x86_64 1.0.5-1.el7 rhel 12 k\n objectweb-asm noarch 3.3.1-9.el7 rhel 197 k\n oddjob x86_64 0.31.5-4.el7 rhel 69 k\n oddjob-mkhomedir x86_64 0.31.5-4.el7 rhel 38 k\n open-sans-fonts noarch 1.10-1.el7 rhel 475 k\n openldap-clients x86_64 2.4.44-22.el7 rhel 191 k\n pango x86_64 1.42.4-4.el7_7 rhel 280 k\n pcsc-lite-libs x86_64 1.8.8-8.el7 rhel 34 k\n perl x86_64 4:5.16.3-297.el7 rhel 8.0 M\n perl-Archive-Tar noarch 1.92-3.el7 rhel 73 k\n perl-Carp noarch 1.26-244.el7 rhel 19 k\n perl-Compress-Raw-Bzip2 x86_64 2.061-3.el7 rhel 32 k\n perl-Compress-Raw-Zlib x86_64 1:2.061-4.el7 rhel 57 k\n perl-DB_File x86_64 1.830-6.el7 rhel 74 k\n perl-Data-Dumper x86_64 2.145-3.el7 rhel 47 k\n perl-Encode x86_64 2.51-7.el7 rhel 1.5 M\n perl-Exporter noarch 5.68-3.el7 rhel 28 k\n perl-File-Path noarch 2.09-2.el7 rhel 27 k\n perl-File-Temp noarch 0.23.01-3.el7 rhel 56 k\n perl-Filter x86_64 1.49-3.el7 rhel 76 k\n perl-Getopt-Long noarch 2.40-3.el7 rhel 56 k\n perl-HTTP-Tiny noarch 0.033-3.el7 rhel 38 k\n perl-IO-Compress noarch 2.061-2.el7 rhel 260 k\n perl-IO-Zlib noarch 1:1.10-297.el7 rhel 52 k\n perl-Mozilla-LDAP x86_64 1.5.3-12.el7 rhel 147 k\n perl-NetAddr-IP x86_64 4.069-3.el7 rhel 125 k\n perl-Package-Constants noarch 1:0.02-297.el7 rhel 46 k\n perl-PathTools x86_64 3.40-5.el7 rhel 83 k\n perl-Pod-Escapes noarch 1:1.04-297.el7 rhel 52 k\n perl-Pod-Perldoc noarch 3.20-4.el7 rhel 87 k\n perl-Pod-Simple noarch 1:3.28-4.el7 rhel 216 k\n perl-Pod-Usage noarch 1.63-3.el7 rhel 27 k\n perl-Scalar-List-Utils x86_64 1.27-248.el7 rhel 36 k\n perl-Socket x86_64 2.010-5.el7 rhel 49 k\n perl-Storable x86_64 2.45-3.el7 rhel 77 k\n perl-Text-ParseWords noarch 3.29-4.el7 rhel 14 k\n perl-Time-HiRes x86_64 4:1.9725-3.el7 rhel 45 k\n perl-Time-Local noarch 1.2300-2.el7 rhel 24 k\n perl-constant noarch 1.27-2.el7 rhel 19 k\n perl-libs x86_64 4:5.16.3-297.el7 rhel 689 k\n perl-macros x86_64 4:5.16.3-297.el7 rhel 44 k\n perl-parent noarch 1:0.225-244.el7 rhel 12 k\n perl-podlators noarch 2.5.1-3.el7 rhel 112 k\n perl-threads x86_64 1.87-4.el7 rhel 49 k\n perl-threads-shared x86_64 1.43-6.el7 rhel 39 k\n pixman x86_64 0.34.0-1.el7 rhel 248 k\n pki-base noarch 10.5.18-7.el7 rhel 423 k\n pki-base-java noarch 10.5.18-7.el7 rhel 1.2 M\n pki-ca noarch 10.5.18-7.el7 rhel 479 k\n pki-kra noarch 10.5.18-7.el7 rhel 302 k\n pki-server noarch 10.5.18-7.el7 rhel 2.9 M\n pki-tools x86_64 10.5.18-7.el7 rhel 764 k\n psmisc x86_64 22.20-17.el7 rhel 141 k\n python-augeas noarch 0.5.0-2.el7 rhel 25 k\n python-cffi x86_64 1.6.0-5.el7 rhel 218 k\n python-custodia noarch 0.3.1-4.el7 rhel 115 k\n python-dns noarch 1.12.0-4.20150617git465785f.el7 rhel 234 k\n python-enum34 noarch 1.0.4-1.el7 rhel 52 k\n python-gssapi x86_64 1.2.0-3.el7 rhel 322 k\n python-idna noarch 2.4-1.el7 rhel 94 k\n python-javapackages noarch 3.4.1-11.el7 rhel 31 k\n python-jwcrypto noarch 0.4.2-1.el7 rhel 57 k\n python-kdcproxy noarch 0.3.2-3.el7 rhel 28 k\n python-ldap x86_64 2.4.15-2.el7 rhel 159 k\n python-libipa_hbac x86_64 1.16.5-10.el7 rhel 146 k\n python-netaddr noarch 0.7.5-9.el7 rhel 983 k\n python-netifaces x86_64 0.10.4-3.el7 rhel 18 k\n python-nss x86_64 0.16.0-3.el7 rhel 266 k\n python-ply noarch 3.4-11.el7 rhel 123 k\n python-pycparser noarch 2.14-1.el7 rhel 105 k\n python-qrcode-core noarch 5.0.1-1.el7 rhel 40 k\n python-sss-murmur x86_64 1.16.5-10.el7 rhel 136 k\n python-sssdconfig noarch 1.16.5-10.el7 rhel 176 k\n python-yubico noarch 1.2.3-1.el7 rhel 47 k\n python2-cryptography x86_64 1.7.2-2.el7 rhel 503 k\n python2-ipaclient noarch 4.6.8-5.el7 rhel 702 k\n python2-ipalib noarch 4.6.8-5.el7 rhel 685 k\n python2-ipaserver noarch 4.6.8-5.el7 rhel 1.5 M\n python2-pyasn1 noarch 0.1.9-7.el7 rhel 100 k\n python2-pyasn1-modules noarch 0.1.9-7.el7 rhel 59 k\n pyusb noarch 1.0.0-0.11.b1.el7 rhel 66 k\n qdox noarch 1.12.1-10.el7 rhel 170 k\n redhat-logos noarch 70.7.0-1.el7 rhel 13 M\n regexp noarch 1.5-13.el7 rhel 47 k\n relaxngDatatype noarch 1.0-11.el7 rhel 16 k\n resteasy-base-atom-provider noarch 3.0.6-4.el7 rhel 41 k\n resteasy-base-client noarch 3.0.6-4.el7 rhel 125 k\n resteasy-base-jackson-provider\n noarch 3.0.6-4.el7 rhel 13 k\n resteasy-base-jaxb-provider noarch 3.0.6-4.el7 rhel 65 k\n resteasy-base-jaxrs noarch 3.0.6-4.el7 rhel 728 k\n resteasy-base-jaxrs-api noarch 3.0.6-4.el7 rhel 96 k\n rngom noarch 201103-0.8.20120119svn.el7 rhel 266 k\n samba-client-libs x86_64 4.10.16-5.el7 rhel 5.0 M\n samba-common noarch 4.10.16-5.el7 rhel 214 k\n samba-common-libs x86_64 4.10.16-5.el7 rhel 180 k\n scannotation noarch 1.0.3-0.7.r12.el7 rhel 23 k\n slapi-nis x86_64 0.56.5-2.el7 rhel 149 k\n slf4j noarch 1.7.4-4.el7_4 rhel 170 k\n softhsm x86_64 2.1.0-3.el7 rhel 291 k\n sssd x86_64 1.16.5-10.el7 rhel 145 k\n sssd-ad x86_64 1.16.5-10.el7 rhel 296 k\n sssd-client x86_64 1.16.5-10.el7 rhel 224 k\n sssd-common x86_64 1.16.5-10.el7 rhel 1.5 M\n sssd-common-pac x86_64 1.16.5-10.el7 rhel 218 k\n sssd-dbus x86_64 1.16.5-10.el7 rhel 256 k\n sssd-ipa x86_64 1.16.5-10.el7 rhel 378 k\n sssd-krb5 x86_64 1.16.5-10.el7 rhel 187 k\n sssd-krb5-common x86_64 1.16.5-10.el7 rhel 220 k\n sssd-ldap x86_64 1.16.5-10.el7 rhel 280 k\n sssd-proxy x86_64 1.16.5-10.el7 rhel 180 k\n stax-ex noarch 1.7.1-6.el7 rhel 33 k\n stax2-api noarch 3.1.1-10.el7 rhel 165 k\n svrcore x86_64 4.1.3-2.el7 rhel 19 k\n systemd-python x86_64 219-78.el7 rhel 145 k\n tomcat noarch 7.0.76-15.el7 rhel 93 k\n tomcat-el-2.2-api noarch 7.0.76-15.el7 rhel 83 k\n tomcat-jsp-2.2-api noarch 7.0.76-15.el7 rhel 96 k\n tomcat-lib noarch 7.0.76-15.el7 rhel 3.9 M\n tomcat-servlet-3.0-api noarch 7.0.76-15.el7 rhel 214 k\n tomcatjss noarch 7.2.5-1.el7 rhel 40 k\n trousers x86_64 0.3.14-2.el7 rhel 289 k\n ttmkfdir x86_64 3.0.9-42.el7 rhel 48 k\n txw2 noarch 20110809-8.el7 rhel 134 k\n tzdata-java noarch 2020a-1.el7 rhel 188 k\n velocity noarch 1.7-10.el7 rhel 414 k\n words noarch 3.0-22.el7 rhel 1.4 M\n ws-jaxme noarch 0.5.2-10.el7 rhel 1.1 M\n xalan-j2 noarch 2.7.1-23.el7 rhel 1.9 M\n xerces-j2 noarch 2.11.0-17.el7_0 rhel 1.1 M\n xml-commons-apis noarch 1.4.01-16.el7 rhel 227 k\n xml-commons-resolver noarch 1.2-15.el7 rhel 108 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 rhel 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 rhel 32 k\n xorg-x11-font-utils x86_64 1:7.5-21.el7 rhel 104 k\n xorg-x11-fonts-Type1 noarch 7.5-9.el7 rhel 521 k\n xpp3 noarch 1.1.3.8-11.el7 rhel 336 k\n xsom noarch 0-10.20110809svn.el7 rhel 380 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+306 Dependent packages)\n\nTotal download size: 154 M\nInstalled size: 399 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 27 MB/s | 154 MB 00:05 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : libtalloc-2.1.16-1.el7.x86_64 1/307 \n Installing : libtevent-0.9.39-1.el7.x86_64 2/307 \n Installing : libtdb-1.3.18-1.el7.x86_64 3/307 \n Installing : libldb-1.5.4-1.el7.x86_64 4/307 \n Installing : libsss_certmap-1.16.5-10.el7.x86_64 5/307 \n Installing : libdhash-0.5.0-32.el7.x86_64 6/307 \n Installing : python-ldap-2.4.15-2.el7.x86_64 7/307 \n Installing : libsss_idmap-1.16.5-10.el7.x86_64 8/307 \n Installing : python2-pyasn1-0.1.9-7.el7.noarch 9/307 \n Installing : libjpeg-turbo-1.2.90-8.el7.x86_64 10/307 \n Installing : ipa-common-4.6.8-5.el7.noarch 11/307 \n Installing : cyrus-sasl-gssapi-2.1.26-23.el7.x86_64 12/307 \n Installing : python-dns-1.12.0-4.20150617git465785f.el7.noarch 13/307 \n Installing : fontpackages-filesystem-1.44-8.el7.noarch 14/307 \n Installing : openldap-clients-2.4.44-22.el7.x86_64 15/307 \n Installing : samba-common-4.10.16-5.el7.noarch 16/307 \n Installing : python-enum34-1.0.4-1.el7.noarch 17/307 \n Installing : python-gssapi-1.2.0-3.el7.x86_64 18/307 \n Installing : libsss_nss_idmap-1.16.5-10.el7.x86_64 19/307 \n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 20/307 \n Installing : mesa-libglapi-18.3.4-10.el7.x86_64 21/307 \n Installing : python-sssdconfig-1.16.5-10.el7.noarch 22/307 \n Installing : ipa-client-common-4.6.8-5.el7.noarch 23/307 \n Installing : psmisc-22.20-17.el7.x86_64 24/307 \n Installing : apr-1.4.8-7.el7.x86_64 25/307 \n Installing : apr-util-1.5.2-6.el7.x86_64 26/307 \n Installing : oddjob-0.31.5-4.el7.x86_64 27/307 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 28/307 \n Installing : certmonger-0.78.4-14.el7.x86_64 29/307 \n Installing : 32:bind-license-9.11.4-26.P2.el7.noarch 30/307 \n Installing : libsss_autofs-1.16.5-10.el7.x86_64 31/307 \n Installing : svrcore-4.1.3-2.el7.x86_64 32/307 \n Installing : pyusb-1.0.0-0.11.b1.el7.noarch 33/307 \n Installing : avahi-libs-0.6.31-20.el7.x86_64 34/307 \n Installing : 1:cups-libs-1.6.3-51.el7.x86_64 35/307 \n Installing : 1:libglvnd-1.0.1-0.8.git5baa1e5.el7.x86_64 36/307 \n Installing : systemd-python-219-78.el7.x86_64 37/307 \n Installing : libipa_hbac-1.16.5-10.el7.x86_64 38/307 \n Installing : libICE-1.0.9-9.el7.x86_64 39/307 \n Installing : gperftools-libs-2.6.1-1.el7.x86_64 40/307 \n Installing : libwayland-server-1.15.0-1.el7.x86_64 41/307 \n Installing : libxshmfence-1.2-1.el7.x86_64 42/307 \n Installing : redhat-logos-70.7.0-1.el7.noarch 43/307 \n Installing : python-nss-0.16.0-3.el7.x86_64 44/307 \n Installing : libkadm5-1.15.1-50.el7.x86_64 45/307 \n Installing : krb5-workstation-1.15.1-50.el7.x86_64 46/307 \n Installing : 389-ds-base-libs-1.3.10.2-6.el7.x86_64 47/307 \n Installing : libSM-1.2.2-2.el7.x86_64 48/307 \n Installing : python-libipa_hbac-1.16.5-10.el7.x86_64 49/307 \n Installing : python-yubico-1.2.3-1.el7.noarch 50/307 \n Installing : oddjob-mkhomedir-0.31.5-4.el7.x86_64 51/307 \n Installing : apr-util-openssl-1.5.2-6.el7.x86_64 52/307 \n Installing : httpd-tools-2.4.6-95.el7.x86_64 53/307 \n Installing : sssd-client-1.16.5-10.el7.x86_64 54/307 \n Installing : fontawesome-fonts-4.1.0-2.el7.noarch 55/307 \n Installing : open-sans-fonts-1.10-1.el7.noarch 56/307 \n Installing : dejavu-fonts-common-2.33-6.el7.noarch 57/307 \n Installing : dejavu-sans-fonts-2.33-6.el7.noarch 58/307 \n Installing : fontconfig-2.13.0-4.3.el7.x86_64 59/307 \n Installing : python-kdcproxy-0.3.2-3.el7.noarch 60/307 \n Installing : jasper-libs-1.900.1-33.el7.x86_64 61/307 \n Installing : python2-pyasn1-modules-0.1.9-7.el7.noarch 62/307 \n Installing : 1:perl-parent-0.225-244.el7.noarch 63/307 \n Installing : perl-HTTP-Tiny-0.033-3.el7.noarch 64/307 \n Installing : perl-podlators-2.5.1-3.el7.noarch 65/307 \n Installing : perl-Pod-Perldoc-3.20-4.el7.noarch 66/307 \n Installing : 1:perl-Pod-Escapes-1.04-297.el7.noarch 67/307 \n Installing : perl-Text-ParseWords-3.29-4.el7.noarch 68/307 \n Installing : perl-Encode-2.51-7.el7.x86_64 69/307 \n Installing : perl-Pod-Usage-1.63-3.el7.noarch 70/307 \n Installing : 4:perl-macros-5.16.3-297.el7.x86_64 71/307 \n Installing : 4:perl-libs-5.16.3-297.el7.x86_64 72/307 \n Installing : perl-threads-1.87-4.el7.x86_64 73/307 \n Installing : perl-Storable-2.45-3.el7.x86_64 74/307 \n Installing : perl-Carp-1.26-244.el7.noarch 75/307 \n Installing : 4:perl-Time-HiRes-1.9725-3.el7.x86_64 76/307 \n Installing : perl-Filter-1.49-3.el7.x86_64 77/307 \n Installing : perl-Exporter-5.68-3.el7.noarch 78/307 \n Installing : perl-constant-1.27-2.el7.noarch 79/307 \n Installing : perl-Socket-2.010-5.el7.x86_64 80/307 \n Installing : perl-Time-Local-1.2300-2.el7.noarch 81/307 \n Installing : perl-threads-shared-1.43-6.el7.x86_64 82/307 \n Installing : perl-File-Temp-0.23.01-3.el7.noarch 83/307 \n Installing : perl-File-Path-2.09-2.el7.noarch 84/307 \n Installing : perl-PathTools-3.40-5.el7.x86_64 85/307 \n Installing : perl-Scalar-List-Utils-1.27-248.el7.x86_64 86/307 \n Installing : 1:perl-Pod-Simple-3.28-4.el7.noarch 87/307 \n Installing : perl-Getopt-Long-2.40-3.el7.noarch 88/307 \n Installing : 4:perl-5.16.3-297.el7.x86_64 89/307 \n Installing : perl-Data-Dumper-2.145-3.el7.x86_64 90/307 \n Installing : perl-Mozilla-LDAP-1.5.3-12.el7.x86_64 91/307 \n Installing : perl-DB_File-1.830-6.el7.x86_64 92/307 \n Installing : perl-Compress-Raw-Bzip2-2.061-3.el7.x86_64 93/307 \n Installing : perl-NetAddr-IP-4.069-3.el7.x86_64 94/307 \n Installing : 1:perl-Package-Constants-0.02-297.el7.noarch 95/307 \n Installing : 1:perl-Compress-Raw-Zlib-2.061-4.el7.x86_64 96/307 \n Installing : perl-IO-Compress-2.061-2.el7.noarch 97/307 \n Installing : 1:perl-IO-Zlib-1.10-297.el7.noarch 98/307 \n Installing : perl-Archive-Tar-1.92-3.el7.noarch 99/307 \n Installing : libfontenc-1.1.3-3.el7.x86_64 100/307 \n Installing : 1:xorg-x11-font-utils-7.5-21.el7.x86_64 101/307 \n Installing : jbigkit-libs-2.0-11.el7.x86_64 102/307 \n Installing : libtiff-4.0.3-35.el7.x86_64 103/307 \n Installing : ntpdate-4.2.6p5-29.el7_8.2.x86_64 104/307 \n Installing : python-netifaces-0.10.4-3.el7.x86_64 105/307 \n Installing : libX11-common-1.6.7-2.el7.noarch 106/307 \n Installing : softhsm-2.1.0-3.el7.x86_64 107/307 \n Installing : alsa-lib-1.1.8-1.el7.x86_64 108/307 \n Installing : python-netaddr-0.7.5-9.el7.noarch 109/307 \n Installing : python-sss-murmur-1.16.5-10.el7.x86_64 110/307 \n Installing : fribidi-1.0.2-1.el7_7.1.x86_64 111/307 \n Installing : geoipupdate-2.5.0-1.el7.x86_64 112/307 \n Installing : GeoIP-1.5.0-14.el7.x86_64 113/307 \n Installing : 32:bind-libs-lite-9.11.4-26.P2.el7.x86_64 114/307 \n Installing : 32:bind-libs-9.11.4-26.P2.el7.x86_64 115/307 \n Installing : 32:bind-utils-9.11.4-26.P2.el7.x86_64 116/307 \n Installing : copy-jdk-configs-3.3-10.el7_5.noarch 117/307 \n Installing : hicolor-icon-theme-0.12-7.el7.noarch 118/307 \n Installing : ttmkfdir-3.0.9-42.el7.x86_64 119/307 \n Installing : xorg-x11-fonts-Type1-7.5-9.el7.noarch 120/307 \n Installing : libwayland-client-1.15.0-1.el7.x86_64 121/307 \n Installing : libpciaccess-0.14-1.el7.x86_64 122/307 \n Installing : libdrm-2.4.97-2.el7.x86_64 123/307 \n Installing : mesa-libgbm-18.3.4-10.el7.x86_64 124/307 \n Installing : tzdata-java-2020a-1.el7.noarch 125/307 \n Installing : mailcap-2.1.41-2.el7.noarch 126/307 \n Installing : httpd-2.4.6-95.el7.x86_64 127/307 \n Installing : mod_wsgi-3.4-18.el7.x86_64 128/307 \n Installing : mod_nss-1.0.14-12.el7.x86_64 129/307 \n\nmod_nss certificate database generated.\n\n Installing : mod_session-2.4.6-95.el7.x86_64 130/307 \n Installing : mod_lookup_identity-1.0.0-1.el7.x86_64 131/307 \n Installing : mod_auth_gssapi-1.5.1-7.el7.x86_64 132/307 \n Installing : augeas-libs-1.4.0-10.el7.x86_64 133/307 \n Installing : python-augeas-0.5.0-2.el7.noarch 134/307 \n Installing : atk-2.28.1-2.el7.x86_64 135/307 \n Installing : http-parser-2.7.1-9.el7.x86_64 136/307 \n Installing : pixman-0.34.0-1.el7.x86_64 137/307 \n Installing : python-ply-3.4-11.el7.noarch 138/307 \n Installing : python-pycparser-2.14-1.el7.noarch 139/307 \n Installing : python-cffi-1.6.0-5.el7.x86_64 140/307 \n Installing : python-idna-2.4-1.el7.noarch 141/307 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 142/307 \n Installing : pki-base-10.5.18-7.el7.noarch 143/307 \n Installing : python-jwcrypto-0.4.2-1.el7.noarch 144/307 \n Installing : python-custodia-0.3.1-4.el7.noarch 145/307 \n Installing : custodia-0.3.1-4.el7.noarch 146/307 \n Installing : ipa-server-common-4.6.8-5.el7.noarch 147/307 \n Installing : libicu-50.2-4.el7_7.x86_64 148/307 \n Installing : cyrus-sasl-plain-2.1.26-23.el7.x86_64 149/307 \n Installing : nuxwdog-1.0.5-1.el7.x86_64 150/307 \n Installing : libthai-0.1.14-9.el7.x86_64 151/307 \n Installing : python-qrcode-core-5.0.1-1.el7.noarch 152/307 \n Installing : python2-ipalib-4.6.8-5.el7.noarch 153/307 \n Installing : python2-ipaclient-4.6.8-5.el7.noarch 154/307 \n Installing : python2-ipaserver-4.6.8-5.el7.noarch 155/307 \n Installing : autogen-libopts-5.18-5.el7.x86_64 156/307 \n Installing : ntp-4.2.6p5-29.el7_8.2.x86_64 157/307 \n Installing : trousers-0.3.14-2.el7.x86_64 158/307 \n Installing : libXau-1.0.8-2.1.el7.x86_64 159/307 \n Installing : libxcb-1.13-1.el7.x86_64 160/307 \n Installing : libX11-1.6.7-2.el7.x86_64 161/307 \n Installing : libXext-1.3.3-3.el7.x86_64 162/307 \n Installing : libXrender-0.9.10-1.el7.x86_64 163/307 \n Installing : libXfixes-5.0.3-1.el7.x86_64 164/307 \n Installing : libXi-1.7.9-1.el7.x86_64 165/307 \n Installing : libXdamage-1.1.4-4.1.el7.x86_64 166/307 \n Installing : libXcomposite-0.4.4-4.1.el7.x86_64 167/307 \n Installing : gdk-pixbuf2-2.36.12-3.el7.x86_64 168/307 \n Installing : gtk-update-icon-cache-3.22.30-5.el7.x86_64 169/307 \n Installing : libXtst-1.2.3-1.el7.x86_64 170/307 \n Installing : libXcursor-1.1.15-1.el7.x86_64 171/307 \n Installing : libXrandr-1.5.1-2.el7.x86_64 172/307 \n Installing : libXft-2.3.2-2.el7.x86_64 173/307 \n Installing : libXxf86vm-1.1.4-1.el7.x86_64 174/307 \n Installing : 1:libglvnd-glx-1.0.1-0.8.git5baa1e5.el7.x86_64 175/307 \n Installing : mesa-libGL-18.3.4-10.el7.x86_64 176/307 \n Installing : libXinerama-1.1.3-2.1.el7.x86_64 177/307 \n Installing : 1:libglvnd-egl-1.0.1-0.8.git5baa1e5.el7.x86_64 178/307 \n Installing : mesa-libEGL-18.3.4-10.el7.x86_64 179/307 \n Installing : cairo-1.15.12-4.el7.x86_64 180/307 \n Installing : giflib-4.1.6-9.el7.x86_64 181/307 \n Installing : libsss_sudo-1.16.5-10.el7.x86_64 182/307 \n Installing : graphite2-1.3.10-1.el7_3.x86_64 183/307 \n Installing : harfbuzz-1.7.5-2.el7.x86_64 184/307 \n Installing : pango-1.42.4-4.el7_7.x86_64 185/307 \n Installing : gtk2-2.24.31-1.el7.x86_64 186/307 \n Installing : pcsc-lite-libs-1.8.8-8.el7.x86_64 187/307 \n Installing : lksctp-tools-1.0.17-2.el7.x86_64 188/307 \n Installing : c-ares-1.10.0-3.el7.x86_64 189/307 \n Installing : python-javapackages-3.4.1-11.el7.noarch 190/307 \n Installing : javapackages-tools-3.4.1-11.el7.noarch 191/307 \n Installing : 1:java-1.8.0-openjdk-headless-1.8.0.262.b10-1.el7.x86_ 192/307 \n Installing : 1:java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64 193/307 \n Installing : relaxngDatatype-1.0-11.el7.noarch 194/307 \n Installing : apache-commons-codec-1.8-7.el7.noarch 195/307 \n Installing : apache-commons-lang-2.6-15.el7.noarch 196/307 \n Installing : xml-commons-apis-1.4.01-16.el7.noarch 197/307 \n Installing : xml-commons-resolver-1.2-15.el7.noarch 198/307 \n Installing : xalan-j2-2.7.1-23.el7.noarch 199/307 \n Installing : xerces-j2-2.11.0-17.el7_0.noarch 200/307 \n Installing : tomcat-servlet-3.0-api-7.0.76-15.el7.noarch 201/307 \n Installing : 1:isorelax-0-0.15.release20050331.el7.noarch 202/307 \n Installing : bea-stax-api-1.2.0-9.el7.noarch 203/307 \n Installing : 1:msv-xsdlib-2013.5.1-7.el7.noarch 204/307 \n Installing : jss-4.4.9-3.el7.x86_64 205/307 \n Installing : xsom-0-10.20110809svn.el7.noarch 206/307 \n Installing : apache-commons-pool-1.6-9.el7.noarch 207/307 \n Installing : apache-commons-collections-3.2.1-22.el7_2.noarch 208/307 \n Installing : javassist-3.16.1-10.el7.noarch 209/307 \n Installing : stax2-api-3.1.1-10.el7.noarch 210/307 \n Installing : rngom-201103-0.8.20120119svn.el7.noarch 211/307 \n Installing : 1:hsqldb-1.8.1.3-14.el7.noarch 212/307 \n Installing : geronimo-jms-1.1.1-19.el7.noarch 213/307 \n Installing : resteasy-base-jaxrs-api-3.0.6-4.el7.noarch 214/307 \n Installing : 1:apache-commons-io-2.4-12.el7.noarch 215/307 \n Installing : jvnet-parent-4-2.el7.noarch 216/307 \n Installing : codemodel-2.6-9.el7.noarch 217/307 \n Installing : bea-stax-1.2.0-9.el7.noarch 218/307 \n Installing : stax-ex-1.7.1-6.el7.noarch 219/307 \n Installing : istack-commons-2.17-4.el7.noarch 220/307 \n Installing : scannotation-1.0.3-0.7.r12.el7.noarch 221/307 \n Installing : glassfish-fastinfoset-1.2.12-9.el7.noarch 222/307 \n Installing : ldapjdk-4.19-5.el7.noarch 223/307 \n Installing : 1:msv-msv-2013.5.1-7.el7.noarch 224/307 \n Installing : tomcat-jsp-2.2-api-7.0.76-15.el7.noarch 225/307 \n Installing : jing-20091111-14.el7.noarch 226/307 \n Installing : objectweb-asm-3.3.1-9.el7.noarch 227/307 \n Installing : glassfish-dtd-parser-1.2-0.8.20120120svn.el7.noarch 228/307 \n Installing : joda-convert-1.3-5.el7.noarch 229/307 \n Installing : joda-time-2.2-3.tzdata2013c.el7.noarch 230/307 \n Installing : javamail-1.4.6-8.el7.noarch 231/307 \n Installing : log4j-1.2.17-16.el7_4.noarch 232/307 \n Installing : avalon-logkit-2.1-14.el7.noarch 233/307 \n Installing : apache-commons-logging-1.1.2-7.el7.noarch 234/307 \n Installing : avalon-framework-4.3-10.el7.noarch 235/307 \n Installing : 1:jakarta-commons-httpclient-3.1-16.el7_0.noarch 236/307 \n Installing : 1:ecj-4.5.2-3.el7.x86_64 237/307 \n Installing : antlr-tool-2.7.7-30.el7.noarch 238/307 \n Installing : args4j-2.0.16-13.el7.noarch 239/307 \n Installing : txw2-20110809-8.el7.noarch 240/307 \n Installing : easymock2-2.5.2-12.el7.noarch 241/307 \n Installing : qdox-1.12.1-10.el7.noarch 242/307 \n Installing : hamcrest-1.3-6.el7.noarch 243/307 \n Installing : junit-4.11-8.el7.noarch 244/307 \n Installing : ws-jaxme-0.5.2-10.el7.noarch 245/307 \n Installing : xpp3-1.1.3.8-11.el7.noarch 246/307 \n Installing : jdom-1.1.3-6.el7.noarch 247/307 \n Installing : jaxen-1.1.3-11.el7.noarch 248/307 \n Installing : dom4j-1.6.1-20.el7.noarch 249/307 \n Installing : glassfish-jaxb-api-2.2.7-4.el7.noarch 250/307 \n Installing : glassfish-jaxb-2.2.5-6.el7.noarch 251/307 \n Installing : resteasy-base-jaxb-provider-3.0.6-4.el7.noarch 252/307 \n Installing : httpcomponents-core-4.2.4-6.el7.noarch 253/307 \n Installing : httpcomponents-client-4.2.5-5.el7_0.noarch 254/307 \n Installing : jboss-annotations-1.1-api-1.0.1-0.6.20120212git76e1a2. 255/307 \n Installing : resteasy-base-jaxrs-3.0.6-4.el7.noarch 256/307 \n Installing : resteasy-base-atom-provider-3.0.6-4.el7.noarch 257/307 \n Installing : resteasy-base-client-3.0.6-4.el7.noarch 258/307 \n Installing : apache-commons-cli-1.2-13.el7.noarch 259/307 \n Installing : geronimo-jta-1.1.1-17.el7.noarch 260/307 \n Installing : apache-commons-dbcp-1.4-17.el7.noarch 261/307 \n Installing : cal10n-0.7.7-4.el7.noarch 262/307 \n Installing : slf4j-1.7.4-4.el7_4.noarch 263/307 \n Installing : jsr-311-1.1.1-6.el7.noarch 264/307 \n Installing : jackson-1.9.4-7.el7.noarch 265/307 \n Installing : resteasy-base-jackson-provider-3.0.6-4.el7.noarch 266/307 \n Installing : pki-base-java-10.5.18-7.el7.noarch 267/307 \n Installing : pki-tools-10.5.18-7.el7.x86_64 268/307 \n Installing : apache-commons-daemon-1.0.13-7.el7.x86_64 269/307 \n Installing : regexp-1.5-13.el7.noarch 270/307 \n Installing : bcel-5.2-18.el7.noarch 271/307 \n Installing : nuxwdog-client-java-1.0.5-1.el7.x86_64 272/307 \n Installing : tomcat-el-2.2-api-7.0.76-15.el7.noarch 273/307 \n Installing : tomcat-lib-7.0.76-15.el7.noarch 274/307 \n Installing : tomcat-7.0.76-15.el7.noarch 275/307 \n Installing : tomcatjss-7.2.5-1.el7.noarch 276/307 \n Installing : jakarta-oro-2.0.8-16.el7.noarch 277/307 \n Installing : velocity-1.7-10.el7.noarch 278/307 \n Installing : pki-server-10.5.18-7.el7.noarch 279/307 \n Installing : pki-ca-10.5.18-7.el7.noarch 280/307 \n Installing : pki-kra-10.5.18-7.el7.noarch 281/307 \n Installing : krb5-pkinit-1.15.1-50.el7.x86_64 282/307 \n Installing : nettle-2.7.1-8.el7.x86_64 283/307 \n Installing : gnutls-3.3.29-9.el7_6.x86_64 284/307 \n Installing : samba-common-libs-4.10.16-5.el7.x86_64 285/307 \n Installing : libwbclient-4.10.16-5.el7.x86_64 286/307 \n Installing : samba-client-libs-4.10.16-5.el7.x86_64 287/307 \n Installing : sssd-common-1.16.5-10.el7.x86_64 288/307 \n Installing : sssd-krb5-common-1.16.5-10.el7.x86_64 289/307 \n Installing : sssd-common-pac-1.16.5-10.el7.x86_64 290/307 \n Installing : sssd-ipa-1.16.5-10.el7.x86_64 291/307 \n Installing : sssd-ldap-1.16.5-10.el7.x86_64 292/307 \n Installing : sssd-krb5-1.16.5-10.el7.x86_64 293/307 \n Installing : sssd-dbus-1.16.5-10.el7.x86_64 294/307 \n Installing : sssd-proxy-1.16.5-10.el7.x86_64 295/307 \n Installing : libsmbclient-4.10.16-5.el7.x86_64 296/307 \n Installing : sssd-ad-1.16.5-10.el7.x86_64 297/307 \n Installing : sssd-1.16.5-10.el7.x86_64 298/307 \n Installing : words-3.0-22.el7.noarch 299/307 \n Installing : krb5-server-1.15.1-50.el7.x86_64 300/307 \n Installing : hesiod-3.2.1-3.el7.x86_64 301/307 \n Installing : 1:autofs-5.0.7-113.el7.x86_64 302/307 \n Installing : ipa-client-4.6.8-5.el7.x86_64 303/307 \n Installing : cyrus-sasl-md5-2.1.26-23.el7.x86_64 304/307 \n Installing : 389-ds-base-1.3.10.2-6.el7.x86_64 305/307 \n Installing : slapi-nis-0.56.5-2.el7.x86_64 306/307 \n Installing : ipa-server-4.6.8-5.el7.x86_64 307/307 \n Verifying : libXext-1.3.3-3.el7.x86_64 1/307 \n Verifying : perl-HTTP-Tiny-0.033-3.el7.noarch 2/307 \n Verifying : cyrus-sasl-md5-2.1.26-23.el7.x86_64 3/307 \n Verifying : mesa-libEGL-18.3.4-10.el7.x86_64 4/307 \n Verifying : jackson-1.9.4-7.el7.noarch 5/307 \n Verifying : avalon-logkit-2.1-14.el7.noarch 6/307 \n Verifying : libXrender-0.9.10-1.el7.x86_64 7/307 \n Verifying : libXi-1.7.9-1.el7.x86_64 8/307 \n Verifying : hesiod-3.2.1-3.el7.x86_64 9/307 \n Verifying : sssd-ipa-1.16.5-10.el7.x86_64 10/307 \n Verifying : glassfish-dtd-parser-1.2-0.8.20120120svn.el7.noarch 11/307 \n Verifying : words-3.0-22.el7.noarch 12/307 \n Verifying : junit-4.11-8.el7.noarch 13/307 \n Verifying : nettle-2.7.1-8.el7.x86_64 14/307 \n Verifying : samba-common-libs-4.10.16-5.el7.x86_64 15/307 \n Verifying : sssd-client-1.16.5-10.el7.x86_64 16/307 \n Verifying : gtk-update-icon-cache-3.22.30-5.el7.x86_64 17/307 \n Verifying : 32:bind-libs-lite-9.11.4-26.P2.el7.x86_64 18/307 \n Verifying : libkadm5-1.15.1-50.el7.x86_64 19/307 \n Verifying : pki-ca-10.5.18-7.el7.noarch 20/307 \n Verifying : sssd-krb5-common-1.16.5-10.el7.x86_64 21/307 \n Verifying : krb5-pkinit-1.15.1-50.el7.x86_64 22/307 \n Verifying : python-libipa_hbac-1.16.5-10.el7.x86_64 23/307 \n Verifying : jaxen-1.1.3-11.el7.noarch 24/307 \n Verifying : libsmbclient-4.10.16-5.el7.x86_64 25/307 \n Verifying : python-javapackages-3.4.1-11.el7.noarch 26/307 \n Verifying : perl-File-Temp-0.23.01-3.el7.noarch 27/307 \n Verifying : libsss_certmap-1.16.5-10.el7.x86_64 28/307 \n Verifying : libXcomposite-0.4.4-4.1.el7.x86_64 29/307 \n Verifying : mod_wsgi-3.4-18.el7.x86_64 30/307 \n Verifying : c-ares-1.10.0-3.el7.x86_64 31/307 \n Verifying : xerces-j2-2.11.0-17.el7_0.noarch 32/307 \n Verifying : libX11-1.6.7-2.el7.x86_64 33/307 \n Verifying : python-yubico-1.2.3-1.el7.noarch 34/307 \n Verifying : lksctp-tools-1.0.17-2.el7.x86_64 35/307 \n Verifying : httpd-2.4.6-95.el7.x86_64 36/307 \n Verifying : jing-20091111-14.el7.noarch 37/307 \n Verifying : perl-Archive-Tar-1.92-3.el7.noarch 38/307 \n Verifying : 1:libglvnd-glx-1.0.1-0.8.git5baa1e5.el7.x86_64 39/307 \n Verifying : perl-Data-Dumper-2.145-3.el7.x86_64 40/307 \n Verifying : perl-threads-shared-1.43-6.el7.x86_64 41/307 \n Verifying : python-nss-0.16.0-3.el7.x86_64 42/307 \n Verifying : apr-util-1.5.2-6.el7.x86_64 43/307 \n Verifying : certmonger-0.78.4-14.el7.x86_64 44/307 \n Verifying : apr-util-openssl-1.5.2-6.el7.x86_64 45/307 \n Verifying : dejavu-sans-fonts-2.33-6.el7.noarch 46/307 \n Verifying : pcsc-lite-libs-1.8.8-8.el7.x86_64 47/307 \n Verifying : graphite2-1.3.10-1.el7_3.x86_64 48/307 \n Verifying : libsss_sudo-1.16.5-10.el7.x86_64 49/307 \n Verifying : redhat-logos-70.7.0-1.el7.noarch 50/307 \n Verifying : rngom-201103-0.8.20120119svn.el7.noarch 51/307 \n Verifying : libxshmfence-1.2-1.el7.x86_64 52/307 \n Verifying : python-pycparser-2.14-1.el7.noarch 53/307 \n Verifying : libwayland-server-1.15.0-1.el7.x86_64 54/307 \n Verifying : 389-ds-base-1.3.10.2-6.el7.x86_64 55/307 \n Verifying : apache-commons-logging-1.1.2-7.el7.noarch 56/307 \n Verifying : ipa-common-4.6.8-5.el7.noarch 57/307 \n Verifying : joda-convert-1.3-5.el7.noarch 58/307 \n Verifying : ws-jaxme-0.5.2-10.el7.noarch 59/307 \n Verifying : 1:java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64 60/307 \n Verifying : libXau-1.0.8-2.1.el7.x86_64 61/307 \n Verifying : perl-File-Path-2.09-2.el7.noarch 62/307 \n Verifying : apache-commons-pool-1.6-9.el7.noarch 63/307 \n Verifying : libXcursor-1.1.15-1.el7.x86_64 64/307 \n Verifying : gperftools-libs-2.6.1-1.el7.x86_64 65/307 \n Verifying : slf4j-1.7.4-4.el7_4.noarch 66/307 \n Verifying : 1:hsqldb-1.8.1.3-14.el7.noarch 67/307 \n Verifying : perl-Text-ParseWords-3.29-4.el7.noarch 68/307 \n Verifying : libdhash-0.5.0-32.el7.x86_64 69/307 \n Verifying : sssd-dbus-1.16.5-10.el7.x86_64 70/307 \n Verifying : glassfish-jaxb-2.2.5-6.el7.noarch 71/307 \n Verifying : 4:perl-macros-5.16.3-297.el7.x86_64 72/307 \n Verifying : python-augeas-0.5.0-2.el7.noarch 73/307 \n Verifying : trousers-0.3.14-2.el7.x86_64 74/307 \n Verifying : libICE-1.0.9-9.el7.x86_64 75/307 \n Verifying : sssd-common-pac-1.16.5-10.el7.x86_64 76/307 \n Verifying : giflib-4.1.6-9.el7.x86_64 77/307 \n Verifying : libldb-1.5.4-1.el7.x86_64 78/307 \n Verifying : velocity-1.7-10.el7.noarch 79/307 \n Verifying : openldap-clients-2.4.44-22.el7.x86_64 80/307 \n Verifying : autogen-libopts-5.18-5.el7.x86_64 81/307 \n Verifying : javamail-1.4.6-8.el7.noarch 82/307 \n Verifying : bcel-5.2-18.el7.noarch 83/307 \n Verifying : python-qrcode-core-5.0.1-1.el7.noarch 84/307 \n Verifying : libtdb-1.3.18-1.el7.x86_64 85/307 \n Verifying : perl-Mozilla-LDAP-1.5.3-12.el7.x86_64 86/307 \n Verifying : xml-commons-resolver-1.2-15.el7.noarch 87/307 \n Verifying : libipa_hbac-1.16.5-10.el7.x86_64 88/307 \n Verifying : jvnet-parent-4-2.el7.noarch 89/307 \n Verifying : 32:bind-utils-9.11.4-26.P2.el7.x86_64 90/307 \n Verifying : libthai-0.1.14-9.el7.x86_64 91/307 \n Verifying : python2-ipaclient-4.6.8-5.el7.noarch 92/307 \n Verifying : 1:cups-libs-1.6.3-51.el7.x86_64 93/307 \n Verifying : joda-time-2.2-3.tzdata2013c.el7.noarch 94/307 \n Verifying : libsss_idmap-1.16.5-10.el7.x86_64 95/307 \n Verifying : bea-stax-1.2.0-9.el7.noarch 96/307 \n Verifying : resteasy-base-atom-provider-3.0.6-4.el7.noarch 97/307 \n Verifying : apr-1.4.8-7.el7.x86_64 98/307 \n Verifying : 389-ds-base-libs-1.3.10.2-6.el7.x86_64 99/307 \n Verifying : 1:ecj-4.5.2-3.el7.x86_64 100/307 \n Verifying : nuxwdog-1.0.5-1.el7.x86_64 101/307 \n Verifying : resteasy-base-client-3.0.6-4.el7.noarch 102/307 \n Verifying : libXtst-1.2.3-1.el7.x86_64 103/307 \n Verifying : cyrus-sasl-plain-2.1.26-23.el7.x86_64 104/307 \n Verifying : xsom-0-10.20110809svn.el7.noarch 105/307 \n Verifying : libicu-50.2-4.el7_7.x86_64 106/307 \n Verifying : mesa-libgbm-18.3.4-10.el7.x86_64 107/307 \n Verifying : apache-commons-codec-1.8-7.el7.noarch 108/307 \n Verifying : gnutls-3.3.29-9.el7_6.x86_64 109/307 \n Verifying : python-idna-2.4-1.el7.noarch 110/307 \n Verifying : python-ply-3.4-11.el7.noarch 111/307 \n Verifying : geronimo-jms-1.1.1-19.el7.noarch 112/307 \n Verifying : libXdamage-1.1.4-4.1.el7.x86_64 113/307 \n Verifying : mod_nss-1.0.14-12.el7.x86_64 114/307 \n Verifying : 1:perl-IO-Zlib-1.10-297.el7.noarch 115/307 \n Verifying : krb5-workstation-1.15.1-50.el7.x86_64 116/307 \n Verifying : tomcat-el-2.2-api-7.0.76-15.el7.noarch 117/307 \n Verifying : sssd-proxy-1.16.5-10.el7.x86_64 118/307 \n Verifying : systemd-python-219-78.el7.x86_64 119/307 \n Verifying : pixman-0.34.0-1.el7.x86_64 120/307 \n Verifying : python-jwcrypto-0.4.2-1.el7.noarch 121/307 \n Verifying : python-ldap-2.4.15-2.el7.x86_64 122/307 \n Verifying : ipa-server-4.6.8-5.el7.x86_64 123/307 \n Verifying : 1:libglvnd-1.0.1-0.8.git5baa1e5.el7.x86_64 124/307 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 125/307 \n Verifying : perl-Pod-Usage-1.63-3.el7.noarch 126/307 \n Verifying : perl-Encode-2.51-7.el7.x86_64 127/307 \n Verifying : python2-pyasn1-modules-0.1.9-7.el7.noarch 128/307 \n Verifying : perl-DB_File-1.830-6.el7.x86_64 129/307 \n Verifying : http-parser-2.7.1-9.el7.x86_64 130/307 \n Verifying : stax2-api-3.1.1-10.el7.noarch 131/307 \n Verifying : 1:java-1.8.0-openjdk-headless-1.8.0.262.b10-1.el7.x86_ 132/307 \n Verifying : 1:libglvnd-egl-1.0.1-0.8.git5baa1e5.el7.x86_64 133/307 \n Verifying : jasper-libs-1.900.1-33.el7.x86_64 134/307 \n Verifying : perl-threads-1.87-4.el7.x86_64 135/307 \n Verifying : fontawesome-fonts-4.1.0-2.el7.noarch 136/307 \n Verifying : perl-Getopt-Long-2.40-3.el7.noarch 137/307 \n Verifying : 1:autofs-5.0.7-113.el7.x86_64 138/307 \n Verifying : atk-2.28.1-2.el7.x86_64 139/307 \n Verifying : antlr-tool-2.7.7-30.el7.noarch 140/307 \n Verifying : psmisc-22.20-17.el7.x86_64 141/307 \n Verifying : 4:perl-5.16.3-297.el7.x86_64 142/307 \n Verifying : relaxngDatatype-1.0-11.el7.noarch 143/307 \n Verifying : avahi-libs-0.6.31-20.el7.x86_64 144/307 \n Verifying : 32:bind-libs-9.11.4-26.P2.el7.x86_64 145/307 \n Verifying : augeas-libs-1.4.0-10.el7.x86_64 146/307 \n Verifying : 1:xorg-x11-font-utils-7.5-21.el7.x86_64 147/307 \n Verifying : httpcomponents-client-4.2.5-5.el7_0.noarch 148/307 \n Verifying : fontconfig-2.13.0-4.3.el7.x86_64 149/307 \n Verifying : gdk-pixbuf2-2.36.12-3.el7.x86_64 150/307 \n Verifying : args4j-2.0.16-13.el7.noarch 151/307 \n Verifying : 1:msv-msv-2013.5.1-7.el7.noarch 152/307 \n Verifying : mailcap-2.1.41-2.el7.noarch 153/307 \n Verifying : javapackages-tools-3.4.1-11.el7.noarch 154/307 \n Verifying : libtevent-0.9.39-1.el7.x86_64 155/307 \n Verifying : perl-Storable-2.45-3.el7.x86_64 156/307 \n Verifying : easymock2-2.5.2-12.el7.noarch 157/307 \n Verifying : mod_session-2.4.6-95.el7.x86_64 158/307 \n Verifying : tzdata-java-2020a-1.el7.noarch 159/307 \n Verifying : resteasy-base-jaxb-provider-3.0.6-4.el7.noarch 160/307 \n Verifying : 1:jakarta-commons-httpclient-3.1-16.el7_0.noarch 161/307 \n Verifying : libpciaccess-0.14-1.el7.x86_64 162/307 \n Verifying : libwayland-client-1.15.0-1.el7.x86_64 163/307 \n Verifying : libXrandr-1.5.1-2.el7.x86_64 164/307 \n Verifying : perl-Compress-Raw-Bzip2-2.061-3.el7.x86_64 165/307 \n Verifying : fontpackages-filesystem-1.44-8.el7.noarch 166/307 \n Verifying : ttmkfdir-3.0.9-42.el7.x86_64 167/307 \n Verifying : sssd-1.16.5-10.el7.x86_64 168/307 \n Verifying : hicolor-icon-theme-0.12-7.el7.noarch 169/307 \n Verifying : log4j-1.2.17-16.el7_4.noarch 170/307 \n Verifying : 1:perl-parent-0.225-244.el7.noarch 171/307 \n Verifying : slapi-nis-0.56.5-2.el7.x86_64 172/307 \n Verifying : samba-client-libs-4.10.16-5.el7.x86_64 173/307 \n Verifying : apache-commons-lang-2.6-15.el7.noarch 174/307 \n Verifying : python-gssapi-1.2.0-3.el7.x86_64 175/307 \n Verifying : copy-jdk-configs-3.3-10.el7_5.noarch 176/307 \n Verifying : geoipupdate-2.5.0-1.el7.x86_64 177/307 \n Verifying : 1:perl-Pod-Escapes-1.04-297.el7.noarch 178/307 \n Verifying : python-dns-1.12.0-4.20150617git465785f.el7.noarch 179/307 \n Verifying : sssd-ldap-1.16.5-10.el7.x86_64 180/307 \n Verifying : pango-1.42.4-4.el7_7.x86_64 181/307 \n Verifying : fribidi-1.0.2-1.el7_7.1.x86_64 182/307 \n Verifying : custodia-0.3.1-4.el7.noarch 183/307 \n Verifying : python-sss-murmur-1.16.5-10.el7.x86_64 184/307 \n Verifying : pyusb-1.0.0-0.11.b1.el7.noarch 185/307 \n Verifying : libwbclient-4.10.16-5.el7.x86_64 186/307 \n Verifying : jakarta-oro-2.0.8-16.el7.noarch 187/307 \n Verifying : tomcat-servlet-3.0-api-7.0.76-15.el7.noarch 188/307 \n Verifying : httpd-tools-2.4.6-95.el7.x86_64 189/307 \n Verifying : cyrus-sasl-gssapi-2.1.26-23.el7.x86_64 190/307 \n Verifying : avalon-framework-4.3-10.el7.noarch 191/307 \n Verifying : libjpeg-turbo-1.2.90-8.el7.x86_64 192/307 \n Verifying : open-sans-fonts-1.10-1.el7.noarch 193/307 \n Verifying : perl-Carp-1.26-244.el7.noarch 194/307 \n Verifying : 1:isorelax-0-0.15.release20050331.el7.noarch 195/307 \n Verifying : harfbuzz-1.7.5-2.el7.x86_64 196/307 \n Verifying : resteasy-base-jaxrs-api-3.0.6-4.el7.noarch 197/307 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 198/307 \n Verifying : 4:perl-Time-HiRes-1.9725-3.el7.x86_64 199/307 \n Verifying : apache-commons-dbcp-1.4-17.el7.noarch 200/307 \n Verifying : tomcat-7.0.76-15.el7.noarch 201/307 \n Verifying : tomcatjss-7.2.5-1.el7.noarch 202/307 \n Verifying : codemodel-2.6-9.el7.noarch 203/307 \n Verifying : xalan-j2-2.7.1-23.el7.noarch 204/307 \n Verifying : ipa-client-common-4.6.8-5.el7.noarch 205/307 \n Verifying : apache-commons-collections-3.2.1-22.el7_2.noarch 206/307 \n Verifying : libXft-2.3.2-2.el7.x86_64 207/307 \n Verifying : python-sssdconfig-1.16.5-10.el7.noarch 208/307 \n Verifying : libXfixes-5.0.3-1.el7.x86_64 209/307 \n Verifying : nuxwdog-client-java-1.0.5-1.el7.x86_64 210/307 \n Verifying : mesa-libGL-18.3.4-10.el7.x86_64 211/307 \n Verifying : istack-commons-2.17-4.el7.noarch 212/307 \n Verifying : mesa-libglapi-18.3.4-10.el7.x86_64 213/307 \n Verifying : perl-Pod-Perldoc-3.20-4.el7.noarch 214/307 \n Verifying : xpp3-1.1.3.8-11.el7.noarch 215/307 \n Verifying : scannotation-1.0.3-0.7.r12.el7.noarch 216/307 \n Verifying : jss-4.4.9-3.el7.x86_64 217/307 \n Verifying : libSM-1.2.2-2.el7.x86_64 218/307 \n Verifying : python2-ipalib-4.6.8-5.el7.noarch 219/307 \n Verifying : libtiff-4.0.3-35.el7.x86_64 220/307 \n Verifying : perl-Filter-1.49-3.el7.x86_64 221/307 \n Verifying : ipa-server-common-4.6.8-5.el7.noarch 222/307 \n Verifying : qdox-1.12.1-10.el7.noarch 223/307 \n Verifying : oddjob-mkhomedir-0.31.5-4.el7.x86_64 224/307 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 225/307 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 226/307 \n Verifying : tomcat-jsp-2.2-api-7.0.76-15.el7.noarch 227/307 \n Verifying : libsss_nss_idmap-1.16.5-10.el7.x86_64 228/307 \n Verifying : pki-base-10.5.18-7.el7.noarch 229/307 \n Verifying : libXxf86vm-1.1.4-1.el7.x86_64 230/307 \n Verifying : python-netaddr-0.7.5-9.el7.noarch 231/307 \n Verifying : bea-stax-api-1.2.0-9.el7.noarch 232/307 \n Verifying : sssd-ad-1.16.5-10.el7.x86_64 233/307 \n Verifying : libXinerama-1.1.3-2.1.el7.x86_64 234/307 \n Verifying : pki-server-10.5.18-7.el7.noarch 235/307 \n Verifying : python2-ipaserver-4.6.8-5.el7.noarch 236/307 \n Verifying : glassfish-jaxb-api-2.2.7-4.el7.noarch 237/307 \n Verifying : resteasy-base-jaxrs-3.0.6-4.el7.noarch 238/307 \n Verifying : pki-base-java-10.5.18-7.el7.noarch 239/307 \n Verifying : 4:perl-libs-5.16.3-297.el7.x86_64 240/307 \n Verifying : perl-IO-Compress-2.061-2.el7.noarch 241/307 \n Verifying : perl-Exporter-5.68-3.el7.noarch 242/307 \n Verifying : perl-constant-1.27-2.el7.noarch 243/307 \n Verifying : perl-PathTools-3.40-5.el7.x86_64 244/307 \n Verifying : python-enum34-1.0.4-1.el7.noarch 245/307 \n Verifying : 1:msv-xsdlib-2013.5.1-7.el7.noarch 246/307 \n Verifying : perl-NetAddr-IP-4.069-3.el7.x86_64 247/307 \n Verifying : perl-Socket-2.010-5.el7.x86_64 248/307 \n Verifying : gtk2-2.24.31-1.el7.x86_64 249/307 \n Verifying : xml-commons-apis-1.4.01-16.el7.noarch 250/307 \n Verifying : alsa-lib-1.1.8-1.el7.x86_64 251/307 \n Verifying : mod_lookup_identity-1.0.0-1.el7.x86_64 252/307 \n Verifying : oddjob-0.31.5-4.el7.x86_64 253/307 \n Verifying : python-kdcproxy-0.3.2-3.el7.noarch 254/307 \n Verifying : softhsm-2.1.0-3.el7.x86_64 255/307 \n Verifying : svrcore-4.1.3-2.el7.x86_64 256/307 \n Verifying : dejavu-fonts-common-2.33-6.el7.noarch 257/307 \n Verifying : glassfish-fastinfoset-1.2.12-9.el7.noarch 258/307 \n Verifying : 1:perl-Pod-Simple-3.28-4.el7.noarch 259/307 \n Verifying : dom4j-1.6.1-20.el7.noarch 260/307 \n Verifying : perl-Time-Local-1.2300-2.el7.noarch 261/307 \n Verifying : libX11-common-1.6.7-2.el7.noarch 262/307 \n Verifying : libxcb-1.13-1.el7.x86_64 263/307 \n Verifying : mod_auth_gssapi-1.5.1-7.el7.x86_64 264/307 \n Verifying : 1:apache-commons-io-2.4-12.el7.noarch 265/307 \n Verifying : hamcrest-1.3-6.el7.noarch 266/307 \n Verifying : libsss_autofs-1.16.5-10.el7.x86_64 267/307 \n Verifying : httpcomponents-core-4.2.4-6.el7.noarch 268/307 \n Verifying : GeoIP-1.5.0-14.el7.x86_64 269/307 \n Verifying : jboss-annotations-1.1-api-1.0.1-0.6.20120212git76e1a2. 270/307 \n Verifying : sssd-krb5-1.16.5-10.el7.x86_64 271/307 \n Verifying : 1:perl-Package-Constants-0.02-297.el7.noarch 272/307 \n Verifying : apache-commons-cli-1.2-13.el7.noarch 273/307 \n Verifying : xorg-x11-fonts-Type1-7.5-9.el7.noarch 274/307 \n Verifying : txw2-20110809-8.el7.noarch 275/307 \n Verifying : geronimo-jta-1.1.1-17.el7.noarch 276/307 \n Verifying : samba-common-4.10.16-5.el7.noarch 277/307 \n Verifying : cal10n-0.7.7-4.el7.noarch 278/307 \n Verifying : pki-kra-10.5.18-7.el7.noarch 279/307 \n Verifying : krb5-server-1.15.1-50.el7.x86_64 280/307 \n Verifying : pki-tools-10.5.18-7.el7.x86_64 281/307 \n Verifying : perl-Scalar-List-Utils-1.27-248.el7.x86_64 282/307 \n Verifying : 1:perl-Compress-Raw-Zlib-2.061-4.el7.x86_64 283/307 \n Verifying : objectweb-asm-3.3.1-9.el7.noarch 284/307 \n Verifying : python-custodia-0.3.1-4.el7.noarch 285/307 \n Verifying : resteasy-base-jackson-provider-3.0.6-4.el7.noarch 286/307 \n Verifying : python-netifaces-0.10.4-3.el7.x86_64 287/307 \n Verifying : cairo-1.15.12-4.el7.x86_64 288/307 \n Verifying : ntpdate-4.2.6p5-29.el7_8.2.x86_64 289/307 \n Verifying : stax-ex-1.7.1-6.el7.noarch 290/307 \n Verifying : sssd-common-1.16.5-10.el7.x86_64 291/307 \n Verifying : jdom-1.1.3-6.el7.noarch 292/307 \n Verifying : tomcat-lib-7.0.76-15.el7.noarch 293/307 \n Verifying : perl-podlators-2.5.1-3.el7.noarch 294/307 \n Verifying : ldapjdk-4.19-5.el7.noarch 295/307 \n Verifying : jsr-311-1.1.1-6.el7.noarch 296/307 \n Verifying : jbigkit-libs-2.0-11.el7.x86_64 297/307 \n Verifying : apache-commons-daemon-1.0.13-7.el7.x86_64 298/307 \n Verifying : libdrm-2.4.97-2.el7.x86_64 299/307 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 300/307 \n Verifying : javassist-3.16.1-10.el7.noarch 301/307 \n Verifying : libfontenc-1.1.3-3.el7.x86_64 302/307 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 303/307 \n Verifying : ipa-client-4.6.8-5.el7.x86_64 304/307 \n Verifying : 32:bind-license-9.11.4-26.P2.el7.noarch 305/307 \n Verifying : ntp-4.2.6p5-29.el7_8.2.x86_64 306/307 \n Verifying : regexp-1.5-13.el7.noarch 307/307 \n\nInstalled:\n ipa-server.x86_64 0:4.6.8-5.el7 \n\nDependency Installed:\n 389-ds-base.x86_64 0:1.3.10.2-6.el7 \n 389-ds-base-libs.x86_64 0:1.3.10.2-6.el7 \n GeoIP.x86_64 0:1.5.0-14.el7 \n alsa-lib.x86_64 0:1.1.8-1.el7 \n antlr-tool.noarch 0:2.7.7-30.el7 \n apache-commons-cli.noarch 0:1.2-13.el7 \n apache-commons-codec.noarch 0:1.8-7.el7 \n apache-commons-collections.noarch 0:3.2.1-22.el7_2 \n apache-commons-daemon.x86_64 0:1.0.13-7.el7 \n apache-commons-dbcp.noarch 0:1.4-17.el7 \n apache-commons-io.noarch 1:2.4-12.el7 \n apache-commons-lang.noarch 0:2.6-15.el7 \n apache-commons-logging.noarch 0:1.1.2-7.el7 \n apache-commons-pool.noarch 0:1.6-9.el7 \n apr.x86_64 0:1.4.8-7.el7 \n apr-util.x86_64 0:1.5.2-6.el7 \n apr-util-openssl.x86_64 0:1.5.2-6.el7 \n args4j.noarch 0:2.0.16-13.el7 \n atk.x86_64 0:2.28.1-2.el7 \n augeas-libs.x86_64 0:1.4.0-10.el7 \n autofs.x86_64 1:5.0.7-113.el7 \n autogen-libopts.x86_64 0:5.18-5.el7 \n avahi-libs.x86_64 0:0.6.31-20.el7 \n avalon-framework.noarch 0:4.3-10.el7 \n avalon-logkit.noarch 0:2.1-14.el7 \n bcel.noarch 0:5.2-18.el7 \n bea-stax.noarch 0:1.2.0-9.el7 \n bea-stax-api.noarch 0:1.2.0-9.el7 \n bind-libs.x86_64 32:9.11.4-26.P2.el7 \n bind-libs-lite.x86_64 32:9.11.4-26.P2.el7 \n bind-license.noarch 32:9.11.4-26.P2.el7 \n bind-utils.x86_64 32:9.11.4-26.P2.el7 \n c-ares.x86_64 0:1.10.0-3.el7 \n cairo.x86_64 0:1.15.12-4.el7 \n cal10n.noarch 0:0.7.7-4.el7 \n certmonger.x86_64 0:0.78.4-14.el7 \n codemodel.noarch 0:2.6-9.el7 \n copy-jdk-configs.noarch 0:3.3-10.el7_5 \n cups-libs.x86_64 1:1.6.3-51.el7 \n custodia.noarch 0:0.3.1-4.el7 \n cyrus-sasl-gssapi.x86_64 0:2.1.26-23.el7 \n cyrus-sasl-md5.x86_64 0:2.1.26-23.el7 \n cyrus-sasl-plain.x86_64 0:2.1.26-23.el7 \n dejavu-fonts-common.noarch 0:2.33-6.el7 \n dejavu-sans-fonts.noarch 0:2.33-6.el7 \n dom4j.noarch 0:1.6.1-20.el7 \n easymock2.noarch 0:2.5.2-12.el7 \n ecj.x86_64 1:4.5.2-3.el7 \n fontawesome-fonts.noarch 0:4.1.0-2.el7 \n fontconfig.x86_64 0:2.13.0-4.3.el7 \n fontpackages-filesystem.noarch 0:1.44-8.el7 \n fribidi.x86_64 0:1.0.2-1.el7_7.1 \n gdk-pixbuf2.x86_64 0:2.36.12-3.el7 \n geoipupdate.x86_64 0:2.5.0-1.el7 \n geronimo-jms.noarch 0:1.1.1-19.el7 \n geronimo-jta.noarch 0:1.1.1-17.el7 \n giflib.x86_64 0:4.1.6-9.el7 \n glassfish-dtd-parser.noarch 0:1.2-0.8.20120120svn.el7 \n glassfish-fastinfoset.noarch 0:1.2.12-9.el7 \n glassfish-jaxb.noarch 0:2.2.5-6.el7 \n glassfish-jaxb-api.noarch 0:2.2.7-4.el7 \n gnutls.x86_64 0:3.3.29-9.el7_6 \n gperftools-libs.x86_64 0:2.6.1-1.el7 \n graphite2.x86_64 0:1.3.10-1.el7_3 \n gtk-update-icon-cache.x86_64 0:3.22.30-5.el7 \n gtk2.x86_64 0:2.24.31-1.el7 \n hamcrest.noarch 0:1.3-6.el7 \n harfbuzz.x86_64 0:1.7.5-2.el7 \n hesiod.x86_64 0:3.2.1-3.el7 \n hicolor-icon-theme.noarch 0:0.12-7.el7 \n hsqldb.noarch 1:1.8.1.3-14.el7 \n http-parser.x86_64 0:2.7.1-9.el7 \n httpcomponents-client.noarch 0:4.2.5-5.el7_0 \n httpcomponents-core.noarch 0:4.2.4-6.el7 \n httpd.x86_64 0:2.4.6-95.el7 \n httpd-tools.x86_64 0:2.4.6-95.el7 \n ipa-client.x86_64 0:4.6.8-5.el7 \n ipa-client-common.noarch 0:4.6.8-5.el7 \n ipa-common.noarch 0:4.6.8-5.el7 \n ipa-server-common.noarch 0:4.6.8-5.el7 \n isorelax.noarch 1:0-0.15.release20050331.el7 \n istack-commons.noarch 0:2.17-4.el7 \n jackson.noarch 0:1.9.4-7.el7 \n jakarta-commons-httpclient.noarch 1:3.1-16.el7_0 \n jakarta-oro.noarch 0:2.0.8-16.el7 \n jasper-libs.x86_64 0:1.900.1-33.el7 \n java-1.8.0-openjdk.x86_64 1:1.8.0.262.b10-1.el7 \n java-1.8.0-openjdk-headless.x86_64 1:1.8.0.262.b10-1.el7 \n javamail.noarch 0:1.4.6-8.el7 \n javapackages-tools.noarch 0:3.4.1-11.el7 \n javassist.noarch 0:3.16.1-10.el7 \n jaxen.noarch 0:1.1.3-11.el7 \n jbigkit-libs.x86_64 0:2.0-11.el7 \n jboss-annotations-1.1-api.noarch 0:1.0.1-0.6.20120212git76e1a2.el7 \n jdom.noarch 0:1.1.3-6.el7 \n jing.noarch 0:20091111-14.el7 \n joda-convert.noarch 0:1.3-5.el7 \n joda-time.noarch 0:2.2-3.tzdata2013c.el7 \n jsr-311.noarch 0:1.1.1-6.el7 \n jss.x86_64 0:4.4.9-3.el7 \n junit.noarch 0:4.11-8.el7 \n jvnet-parent.noarch 0:4-2.el7 \n krb5-pkinit.x86_64 0:1.15.1-50.el7 \n krb5-server.x86_64 0:1.15.1-50.el7 \n krb5-workstation.x86_64 0:1.15.1-50.el7 \n ldapjdk.noarch 0:4.19-5.el7 \n libICE.x86_64 0:1.0.9-9.el7 \n libSM.x86_64 0:1.2.2-2.el7 \n libX11.x86_64 0:1.6.7-2.el7 \n libX11-common.noarch 0:1.6.7-2.el7 \n libXau.x86_64 0:1.0.8-2.1.el7 \n libXcomposite.x86_64 0:0.4.4-4.1.el7 \n libXcursor.x86_64 0:1.1.15-1.el7 \n libXdamage.x86_64 0:1.1.4-4.1.el7 \n libXext.x86_64 0:1.3.3-3.el7 \n libXfixes.x86_64 0:5.0.3-1.el7 \n libXft.x86_64 0:2.3.2-2.el7 \n libXi.x86_64 0:1.7.9-1.el7 \n libXinerama.x86_64 0:1.1.3-2.1.el7 \n libXrandr.x86_64 0:1.5.1-2.el7 \n libXrender.x86_64 0:0.9.10-1.el7 \n libXtst.x86_64 0:1.2.3-1.el7 \n libXxf86vm.x86_64 0:1.1.4-1.el7 \n libdhash.x86_64 0:0.5.0-32.el7 \n libdrm.x86_64 0:2.4.97-2.el7 \n libfontenc.x86_64 0:1.1.3-3.el7 \n libglvnd.x86_64 1:1.0.1-0.8.git5baa1e5.el7 \n libglvnd-egl.x86_64 1:1.0.1-0.8.git5baa1e5.el7 \n libglvnd-glx.x86_64 1:1.0.1-0.8.git5baa1e5.el7 \n libicu.x86_64 0:50.2-4.el7_7 \n libipa_hbac.x86_64 0:1.16.5-10.el7 \n libjpeg-turbo.x86_64 0:1.2.90-8.el7 \n libkadm5.x86_64 0:1.15.1-50.el7 \n libldb.x86_64 0:1.5.4-1.el7 \n libpciaccess.x86_64 0:0.14-1.el7 \n libsmbclient.x86_64 0:4.10.16-5.el7 \n libsss_autofs.x86_64 0:1.16.5-10.el7 \n libsss_certmap.x86_64 0:1.16.5-10.el7 \n libsss_idmap.x86_64 0:1.16.5-10.el7 \n libsss_nss_idmap.x86_64 0:1.16.5-10.el7 \n libsss_sudo.x86_64 0:1.16.5-10.el7 \n libtalloc.x86_64 0:2.1.16-1.el7 \n libtdb.x86_64 0:1.3.18-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n libthai.x86_64 0:0.1.14-9.el7 \n libtiff.x86_64 0:4.0.3-35.el7 \n libwayland-client.x86_64 0:1.15.0-1.el7 \n libwayland-server.x86_64 0:1.15.0-1.el7 \n libwbclient.x86_64 0:4.10.16-5.el7 \n libxcb.x86_64 0:1.13-1.el7 \n libxshmfence.x86_64 0:1.2-1.el7 \n lksctp-tools.x86_64 0:1.0.17-2.el7 \n log4j.noarch 0:1.2.17-16.el7_4 \n mailcap.noarch 0:2.1.41-2.el7 \n mesa-libEGL.x86_64 0:18.3.4-10.el7 \n mesa-libGL.x86_64 0:18.3.4-10.el7 \n mesa-libgbm.x86_64 0:18.3.4-10.el7 \n mesa-libglapi.x86_64 0:18.3.4-10.el7 \n mod_auth_gssapi.x86_64 0:1.5.1-7.el7 \n mod_lookup_identity.x86_64 0:1.0.0-1.el7 \n mod_nss.x86_64 0:1.0.14-12.el7 \n mod_session.x86_64 0:2.4.6-95.el7 \n mod_wsgi.x86_64 0:3.4-18.el7 \n msv-msv.noarch 1:2013.5.1-7.el7 \n msv-xsdlib.noarch 1:2013.5.1-7.el7 \n nettle.x86_64 0:2.7.1-8.el7 \n ntp.x86_64 0:4.2.6p5-29.el7_8.2 \n ntpdate.x86_64 0:4.2.6p5-29.el7_8.2 \n nuxwdog.x86_64 0:1.0.5-1.el7 \n nuxwdog-client-java.x86_64 0:1.0.5-1.el7 \n objectweb-asm.noarch 0:3.3.1-9.el7 \n oddjob.x86_64 0:0.31.5-4.el7 \n oddjob-mkhomedir.x86_64 0:0.31.5-4.el7 \n open-sans-fonts.noarch 0:1.10-1.el7 \n openldap-clients.x86_64 0:2.4.44-22.el7 \n pango.x86_64 0:1.42.4-4.el7_7 \n pcsc-lite-libs.x86_64 0:1.8.8-8.el7 \n perl.x86_64 4:5.16.3-297.el7 \n perl-Archive-Tar.noarch 0:1.92-3.el7 \n perl-Carp.noarch 0:1.26-244.el7 \n perl-Compress-Raw-Bzip2.x86_64 0:2.061-3.el7 \n perl-Compress-Raw-Zlib.x86_64 1:2.061-4.el7 \n perl-DB_File.x86_64 0:1.830-6.el7 \n perl-Data-Dumper.x86_64 0:2.145-3.el7 \n perl-Encode.x86_64 0:2.51-7.el7 \n perl-Exporter.noarch 0:5.68-3.el7 \n perl-File-Path.noarch 0:2.09-2.el7 \n perl-File-Temp.noarch 0:0.23.01-3.el7 \n perl-Filter.x86_64 0:1.49-3.el7 \n perl-Getopt-Long.noarch 0:2.40-3.el7 \n perl-HTTP-Tiny.noarch 0:0.033-3.el7 \n perl-IO-Compress.noarch 0:2.061-2.el7 \n perl-IO-Zlib.noarch 1:1.10-297.el7 \n perl-Mozilla-LDAP.x86_64 0:1.5.3-12.el7 \n perl-NetAddr-IP.x86_64 0:4.069-3.el7 \n perl-Package-Constants.noarch 1:0.02-297.el7 \n perl-PathTools.x86_64 0:3.40-5.el7 \n perl-Pod-Escapes.noarch 1:1.04-297.el7 \n perl-Pod-Perldoc.noarch 0:3.20-4.el7 \n perl-Pod-Simple.noarch 1:3.28-4.el7 \n perl-Pod-Usage.noarch 0:1.63-3.el7 \n perl-Scalar-List-Utils.x86_64 0:1.27-248.el7 \n perl-Socket.x86_64 0:2.010-5.el7 \n perl-Storable.x86_64 0:2.45-3.el7 \n perl-Text-ParseWords.noarch 0:3.29-4.el7 \n perl-Time-HiRes.x86_64 4:1.9725-3.el7 \n perl-Time-Local.noarch 0:1.2300-2.el7 \n perl-constant.noarch 0:1.27-2.el7 \n perl-libs.x86_64 4:5.16.3-297.el7 \n perl-macros.x86_64 4:5.16.3-297.el7 \n perl-parent.noarch 1:0.225-244.el7 \n perl-podlators.noarch 0:2.5.1-3.el7 \n perl-threads.x86_64 0:1.87-4.el7 \n perl-threads-shared.x86_64 0:1.43-6.el7 \n pixman.x86_64 0:0.34.0-1.el7 \n pki-base.noarch 0:10.5.18-7.el7 \n pki-base-java.noarch 0:10.5.18-7.el7 \n pki-ca.noarch 0:10.5.18-7.el7 \n pki-kra.noarch 0:10.5.18-7.el7 \n pki-server.noarch 0:10.5.18-7.el7 \n pki-tools.x86_64 0:10.5.18-7.el7 \n psmisc.x86_64 0:22.20-17.el7 \n python-augeas.noarch 0:0.5.0-2.el7 \n python-cffi.x86_64 0:1.6.0-5.el7 \n python-custodia.noarch 0:0.3.1-4.el7 \n python-dns.noarch 0:1.12.0-4.20150617git465785f.el7 \n python-enum34.noarch 0:1.0.4-1.el7 \n python-gssapi.x86_64 0:1.2.0-3.el7 \n python-idna.noarch 0:2.4-1.el7 \n python-javapackages.noarch 0:3.4.1-11.el7 \n python-jwcrypto.noarch 0:0.4.2-1.el7 \n python-kdcproxy.noarch 0:0.3.2-3.el7 \n python-ldap.x86_64 0:2.4.15-2.el7 \n python-libipa_hbac.x86_64 0:1.16.5-10.el7 \n python-netaddr.noarch 0:0.7.5-9.el7 \n python-netifaces.x86_64 0:0.10.4-3.el7 \n python-nss.x86_64 0:0.16.0-3.el7 \n python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n python-qrcode-core.noarch 0:5.0.1-1.el7 \n python-sss-murmur.x86_64 0:1.16.5-10.el7 \n python-sssdconfig.noarch 0:1.16.5-10.el7 \n python-yubico.noarch 0:1.2.3-1.el7 \n python2-cryptography.x86_64 0:1.7.2-2.el7 \n python2-ipaclient.noarch 0:4.6.8-5.el7 \n python2-ipalib.noarch 0:4.6.8-5.el7 \n python2-ipaserver.noarch 0:4.6.8-5.el7 \n python2-pyasn1.noarch 0:0.1.9-7.el7 \n python2-pyasn1-modules.noarch 0:0.1.9-7.el7 \n pyusb.noarch 0:1.0.0-0.11.b1.el7 \n qdox.noarch 0:1.12.1-10.el7 \n redhat-logos.noarch 0:70.7.0-1.el7 \n regexp.noarch 0:1.5-13.el7 \n relaxngDatatype.noarch 0:1.0-11.el7 \n resteasy-base-atom-provider.noarch 0:3.0.6-4.el7 \n resteasy-base-client.noarch 0:3.0.6-4.el7 \n resteasy-base-jackson-provider.noarch 0:3.0.6-4.el7 \n resteasy-base-jaxb-provider.noarch 0:3.0.6-4.el7 \n resteasy-base-jaxrs.noarch 0:3.0.6-4.el7 \n resteasy-base-jaxrs-api.noarch 0:3.0.6-4.el7 \n rngom.noarch 0:201103-0.8.20120119svn.el7 \n samba-client-libs.x86_64 0:4.10.16-5.el7 \n samba-common.noarch 0:4.10.16-5.el7 \n samba-common-libs.x86_64 0:4.10.16-5.el7 \n scannotation.noarch 0:1.0.3-0.7.r12.el7 \n slapi-nis.x86_64 0:0.56.5-2.el7 \n slf4j.noarch 0:1.7.4-4.el7_4 \n softhsm.x86_64 0:2.1.0-3.el7 \n sssd.x86_64 0:1.16.5-10.el7 \n sssd-ad.x86_64 0:1.16.5-10.el7 \n sssd-client.x86_64 0:1.16.5-10.el7 \n sssd-common.x86_64 0:1.16.5-10.el7 \n sssd-common-pac.x86_64 0:1.16.5-10.el7 \n sssd-dbus.x86_64 0:1.16.5-10.el7 \n sssd-ipa.x86_64 0:1.16.5-10.el7 \n sssd-krb5.x86_64 0:1.16.5-10.el7 \n sssd-krb5-common.x86_64 0:1.16.5-10.el7 \n sssd-ldap.x86_64 0:1.16.5-10.el7 \n sssd-proxy.x86_64 0:1.16.5-10.el7 \n stax-ex.noarch 0:1.7.1-6.el7 \n stax2-api.noarch 0:3.1.1-10.el7 \n svrcore.x86_64 0:4.1.3-2.el7 \n systemd-python.x86_64 0:219-78.el7 \n tomcat.noarch 0:7.0.76-15.el7 \n tomcat-el-2.2-api.noarch 0:7.0.76-15.el7 \n tomcat-jsp-2.2-api.noarch 0:7.0.76-15.el7 \n tomcat-lib.noarch 0:7.0.76-15.el7 \n tomcat-servlet-3.0-api.noarch 0:7.0.76-15.el7 \n tomcatjss.noarch 0:7.2.5-1.el7 \n trousers.x86_64 0:0.3.14-2.el7 \n ttmkfdir.x86_64 0:3.0.9-42.el7 \n txw2.noarch 0:20110809-8.el7 \n tzdata-java.noarch 0:2020a-1.el7 \n velocity.noarch 0:1.7-10.el7 \n words.noarch 0:3.0-22.el7 \n ws-jaxme.noarch 0:0.5.2-10.el7 \n xalan-j2.noarch 0:2.7.1-23.el7 \n xerces-j2.noarch 0:2.11.0-17.el7_0 \n xml-commons-apis.noarch 0:1.4.01-16.el7 \n xml-commons-resolver.noarch 0:1.2-15.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n xorg-x11-font-utils.x86_64 1:7.5-21.el7 \n xorg-x11-fonts-Type1.noarch 0:7.5-9.el7 \n xpp3.noarch 0:1.1.3.8-11.el7 \n xsom.noarch 0:0-10.20110809svn.el7 \n\nComplete!\n" ] } TASK [ipaserver : Install - Ensure that IPA server packages for dns are installed] *** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:10 Monday 22 November 2021 16:41:56 +0000 (0:00:40.376) 0:00:48.576 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "ipa-server-dns" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package ipa-server-dns.noarch 0:4.6.8-5.el7 will be installed\n--> Processing Dependency: opendnssec >= 1.4.6-4 for package: ipa-server-dns-4.6.8-5.el7.noarch\n--> Processing Dependency: bind-pkcs11-utils >= 9.9.4-51 for package: ipa-server-dns-4.6.8-5.el7.noarch\n--> Processing Dependency: bind-pkcs11 >= 9.9.4-51 for package: ipa-server-dns-4.6.8-5.el7.noarch\n--> Processing Dependency: bind-dyndb-ldap >= 11.1-4 for package: ipa-server-dns-4.6.8-5.el7.noarch\n--> Processing Dependency: bind >= 9.9.4-51 for package: ipa-server-dns-4.6.8-5.el7.noarch\n--> Running transaction check\n---> Package bind.x86_64 32:9.11.4-26.P2.el7 will be installed\n---> Package bind-dyndb-ldap.x86_64 0:11.1-7.el7 will be installed\n---> Package bind-pkcs11.x86_64 32:9.11.4-26.P2.el7 will be installed\n--> Processing Dependency: bind-pkcs11-libs(x86-64) = 32:9.11.4-26.P2.el7 for package: 32:bind-pkcs11-9.11.4-26.P2.el7.x86_64\n--> Processing Dependency: libisc-pkcs11.so.169()(64bit) for package: 32:bind-pkcs11-9.11.4-26.P2.el7.x86_64\n--> Processing Dependency: libdns-pkcs11.so.1102()(64bit) for package: 32:bind-pkcs11-9.11.4-26.P2.el7.x86_64\n---> Package bind-pkcs11-utils.x86_64 32:9.11.4-26.P2.el7 will be installed\n---> Package opendnssec.x86_64 0:1.4.7-4.el7 will be installed\n--> Processing Dependency: opencryptoki for package: opendnssec-1.4.7-4.el7.x86_64\n--> Processing Dependency: libldns.so.1()(64bit) for package: opendnssec-1.4.7-4.el7.x86_64\n--> Running transaction check\n---> Package bind-pkcs11-libs.x86_64 32:9.11.4-26.P2.el7 will be installed\n---> Package ldns.x86_64 0:1.6.16-10.el7 will be installed\n---> Package opencryptoki.x86_64 0:3.12.1-2.el7 will be installed\n--> Processing Dependency: opencryptoki-libs(x86-64) = 3.12.1-2.el7 for package: opencryptoki-3.12.1-2.el7.x86_64\n--> Processing Dependency: opencryptoki-libs(x86-64) = 3.12.1-2.el7 for package: opencryptoki-3.12.1-2.el7.x86_64\n--> Processing Dependency: opencryptoki(token) for package: opencryptoki-3.12.1-2.el7.x86_64\n--> Processing Dependency: libitm.so.1(LIBITM_1.0)(64bit) for package: opencryptoki-3.12.1-2.el7.x86_64\n--> Processing Dependency: libitm.so.1()(64bit) for package: opencryptoki-3.12.1-2.el7.x86_64\n--> Running transaction check\n---> Package libitm.x86_64 0:4.8.5-44.el7 will be installed\n---> Package opencryptoki-libs.x86_64 0:3.12.1-2.el7 will be installed\n---> Package opencryptoki-swtok.x86_64 0:3.12.1-2.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository\n Size\n================================================================================\nInstalling:\n ipa-server-dns noarch 4.6.8-5.el7 rhel 191 k\nInstalling for dependencies:\n bind x86_64 32:9.11.4-26.P2.el7 rhel 2.3 M\n bind-dyndb-ldap x86_64 11.1-7.el7 rhel 121 k\n bind-pkcs11 x86_64 32:9.11.4-26.P2.el7 rhel 361 k\n bind-pkcs11-libs x86_64 32:9.11.4-26.P2.el7 rhel 1.1 M\n bind-pkcs11-utils x86_64 32:9.11.4-26.P2.el7 rhel 208 k\n ldns x86_64 1.6.16-10.el7 rhel 475 k\n libitm x86_64 4.8.5-44.el7 rhel 92 k\n opencryptoki x86_64 3.12.1-2.el7 rhel 76 k\n opencryptoki-libs x86_64 3.12.1-2.el7 rhel 48 k\n opencryptoki-swtok x86_64 3.12.1-2.el7 rhel 196 k\n opendnssec x86_64 1.4.7-4.el7 rhel 437 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+11 Dependent packages)\n\nTotal download size: 5.5 M\nInstalled size: 14 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 20 MB/s | 5.5 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : libitm-4.8.5-44.el7.x86_64 1/12 \n Installing : opencryptoki-libs-3.12.1-2.el7.x86_64 2/12 \n Installing : 32:bind-9.11.4-26.P2.el7.x86_64 3/12 \n Installing : 32:bind-pkcs11-libs-9.11.4-26.P2.el7.x86_64 4/12 \n Installing : 32:bind-pkcs11-9.11.4-26.P2.el7.x86_64 5/12 \n Installing : 32:bind-pkcs11-utils-9.11.4-26.P2.el7.x86_64 6/12 \n Installing : bind-dyndb-ldap-11.1-7.el7.x86_64 7/12 \n Installing : opencryptoki-swtok-3.12.1-2.el7.x86_64 8/12 \n Installing : opencryptoki-3.12.1-2.el7.x86_64 9/12 \n Installing : ldns-1.6.16-10.el7.x86_64 10/12 \n Installing : opendnssec-1.4.7-4.el7.x86_64 11/12 \n Installing : ipa-server-dns-4.6.8-5.el7.noarch 12/12 \n Verifying : opencryptoki-libs-3.12.1-2.el7.x86_64 1/12 \n Verifying : opencryptoki-swtok-3.12.1-2.el7.x86_64 2/12 \n Verifying : ipa-server-dns-4.6.8-5.el7.noarch 3/12 \n Verifying : opendnssec-1.4.7-4.el7.x86_64 4/12 \n Verifying : bind-dyndb-ldap-11.1-7.el7.x86_64 5/12 \n Verifying : libitm-4.8.5-44.el7.x86_64 6/12 \n Verifying : opencryptoki-3.12.1-2.el7.x86_64 7/12 \n Verifying : 32:bind-pkcs11-libs-9.11.4-26.P2.el7.x86_64 8/12 \n Verifying : 32:bind-pkcs11-9.11.4-26.P2.el7.x86_64 9/12 \n Verifying : 32:bind-9.11.4-26.P2.el7.x86_64 10/12 \n Verifying : ldns-1.6.16-10.el7.x86_64 11/12 \n Verifying : 32:bind-pkcs11-utils-9.11.4-26.P2.el7.x86_64 12/12 \n\nInstalled:\n ipa-server-dns.noarch 0:4.6.8-5.el7 \n\nDependency Installed:\n bind.x86_64 32:9.11.4-26.P2.el7 \n bind-dyndb-ldap.x86_64 0:11.1-7.el7 \n bind-pkcs11.x86_64 32:9.11.4-26.P2.el7 \n bind-pkcs11-libs.x86_64 32:9.11.4-26.P2.el7 \n bind-pkcs11-utils.x86_64 32:9.11.4-26.P2.el7 \n ldns.x86_64 0:1.6.16-10.el7 \n libitm.x86_64 0:4.8.5-44.el7 \n opencryptoki.x86_64 0:3.12.1-2.el7 \n opencryptoki-libs.x86_64 0:3.12.1-2.el7 \n opencryptoki-swtok.x86_64 0:3.12.1-2.el7 \n opendnssec.x86_64 0:1.4.7-4.el7 \n\nComplete!\n" ] } TASK [ipaserver : Install - Ensure that IPA server packages for adtrust are installed] *** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:16 Monday 22 November 2021 16:42:03 +0000 (0:00:07.008) 0:00:55.585 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaserver : Install - Ensure that firewall packages installed] *********** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:22 Monday 22 November 2021 16:42:03 +0000 (0:00:00.032) 0:00:55.617 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "firewalld" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package firewalld.noarch 0:0.6.3-11.el7 will be installed\n--> Processing Dependency: python-firewall = 0.6.3-11.el7 for package: firewalld-0.6.3-11.el7.noarch\n--> Processing Dependency: firewalld-filesystem = 0.6.3-11.el7 for package: firewalld-0.6.3-11.el7.noarch\n--> Processing Dependency: ipset for package: firewalld-0.6.3-11.el7.noarch\n--> Processing Dependency: ebtables for package: firewalld-0.6.3-11.el7.noarch\n--> Running transaction check\n---> Package ebtables.x86_64 0:2.0.10-16.el7 will be installed\n---> Package firewalld-filesystem.noarch 0:0.6.3-11.el7 will be installed\n---> Package ipset.x86_64 0:7.1-1.el7 will be installed\n--> Processing Dependency: ipset-libs(x86-64) = 7.1-1.el7 for package: ipset-7.1-1.el7.x86_64\n--> Processing Dependency: libipset.so.13(LIBIPSET_4.8)(64bit) for package: ipset-7.1-1.el7.x86_64\n--> Processing Dependency: libipset.so.13(LIBIPSET_2.0)(64bit) for package: ipset-7.1-1.el7.x86_64\n--> Processing Dependency: libipset.so.13()(64bit) for package: ipset-7.1-1.el7.x86_64\n---> Package python-firewall.noarch 0:0.6.3-11.el7 will be installed\n--> Processing Dependency: python-slip-dbus for package: python-firewall-0.6.3-11.el7.noarch\n--> Running transaction check\n---> Package ipset-libs.x86_64 0:7.1-1.el7 will be installed\n---> Package python-slip-dbus.noarch 0:0.4.0-4.el7 will be installed\n--> Processing Dependency: python-slip = 0.4.0-4.el7 for package: python-slip-dbus-0.4.0-4.el7.noarch\n--> Running transaction check\n---> Package python-slip.noarch 0:0.4.0-4.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n firewalld noarch 0.6.3-11.el7 rhel 448 k\nInstalling for dependencies:\n ebtables x86_64 2.0.10-16.el7 rhel 123 k\n firewalld-filesystem noarch 0.6.3-11.el7 rhel 51 k\n ipset x86_64 7.1-1.el7 rhel 39 k\n ipset-libs x86_64 7.1-1.el7 rhel 64 k\n python-firewall noarch 0.6.3-11.el7 rhel 355 k\n python-slip noarch 0.4.0-4.el7 rhel 31 k\n python-slip-dbus noarch 0.4.0-4.el7 rhel 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+7 Dependent packages)\n\nTotal download size: 1.1 M\nInstalled size: 4.5 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 12 MB/s | 1.1 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : ebtables-2.0.10-16.el7.x86_64 1/8 \n Installing : ipset-libs-7.1-1.el7.x86_64 2/8 \n Installing : ipset-7.1-1.el7.x86_64 3/8 \n Installing : python-slip-0.4.0-4.el7.noarch 4/8 \n Installing : python-slip-dbus-0.4.0-4.el7.noarch 5/8 \n Installing : python-firewall-0.6.3-11.el7.noarch 6/8 \n Installing : firewalld-filesystem-0.6.3-11.el7.noarch 7/8 \n Installing : firewalld-0.6.3-11.el7.noarch 8/8 \n Verifying : ipset-7.1-1.el7.x86_64 1/8 \n Verifying : python-firewall-0.6.3-11.el7.noarch 2/8 \n Verifying : firewalld-filesystem-0.6.3-11.el7.noarch 3/8 \n Verifying : firewalld-0.6.3-11.el7.noarch 4/8 \n Verifying : python-slip-0.4.0-4.el7.noarch 5/8 \n Verifying : python-slip-dbus-0.4.0-4.el7.noarch 6/8 \n Verifying : ipset-libs-7.1-1.el7.x86_64 7/8 \n Verifying : ebtables-2.0.10-16.el7.x86_64 8/8 \n\nInstalled:\n firewalld.noarch 0:0.6.3-11.el7 \n\nDependency Installed:\n ebtables.x86_64 0:2.0.10-16.el7 \n firewalld-filesystem.noarch 0:0.6.3-11.el7 \n ipset.x86_64 0:7.1-1.el7 \n ipset-libs.x86_64 0:7.1-1.el7 \n python-firewall.noarch 0:0.6.3-11.el7 \n python-slip.noarch 0:0.4.0-4.el7 \n python-slip-dbus.noarch 0:0.4.0-4.el7 \n\nComplete!\n" ] } TASK [ipaserver : Firewalld service - Ensure that firewalld is running] ******** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:31 Monday 22 November 2021 16:42:05 +0000 (0:00:02.302) 0:00:57.920 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "enabled": true, "name": "firewalld", "state": "started", "status": { "ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "basic.target dbus.service system.slice polkit.service", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "network-pre.target multi-user.target shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedoraproject.FirewallD1", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "yes", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "ebtables.service iptables.service ipset.service ip6tables.service shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "firewalld - dynamic firewall daemon", "DevicePolicy": "auto", "Documentation": "man:firewalld(1)", "EnvironmentFile": "/etc/sysconfig/firewalld (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecReload": "{ path=/bin/kill ; argv[]=/bin/kill -HUP $MAINPID ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "ExecStart": "{ path=/usr/sbin/firewalld ; argv[]=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/firewalld.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "firewalld.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "mixed", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14968", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14968", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "firewalld.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "basic.target system.slice", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "null", "StandardInput": "null", "StandardOutput": "null", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "enabled", "UnitFileState": "enabled", "WantedBy": "multi-user.target", "Wants": "network-pre.target", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0" } } TASK [ipaserver : Firewalld - Verify runtime zone "{{ ipaserver_firewalld_zone }}"] *** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:37 Monday 22 November 2021 16:42:06 +0000 (0:00:00.976) 0:00:58.897 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaserver : Firewalld - Verify permanent zone "{{ ipaserver_firewalld_zone }}"] *** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:44 Monday 22 November 2021 16:42:06 +0000 (0:00:00.035) 0:00:58.932 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaserver : include_tasks] *********************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:54 Monday 22 November 2021 16:42:06 +0000 (0:00:00.034) 0:00:58.967 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaserver : Install - Server installation test] ************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:60 Monday 22 November 2021 16:42:06 +0000 (0:00:00.033) 0:00:59.001 ******* ok: [/cache/rhel-7.qcow2] => { "_dirsrv_ca_cert": null, "_dirsrv_pkcs12_info": null, "_hostname_overridden": true, "_http_ca_cert": null, "_http_pkcs12_info": null, "_installation_cleanup": true, "_pkinit_ca_cert": null, "_pkinit_pkcs12_info": null, "changed": false, "domain": "test.local", "domainlevel": 1, "external_ca": false, "external_ca_profile": null, "external_ca_type": null, "hostname": "ipaserver.test.local", "idmax": 1754799999, "idstart": 1754600000, "ipa_python_version": 40608, "no_host_dns": true, "no_pkinit": false, "ntp_pool": null, "ntp_servers": null, "realm": "TEST.LOCAL", "rid_base": 1000, "secondary_rid_base": 100000000, "setup_adtrust": false, "setup_ca": true, "setup_kra": false } TASK [ipaserver : Install - Master password creation] ************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:137 Monday 22 November 2021 16:42:08 +0000 (0:00:01.103) 0:01:00.105 ******* changed: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } TASK [ipaserver : Install - Use new master password] *************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:144 Monday 22 November 2021 16:42:08 +0000 (0:00:00.961) 0:01:01.066 ******* ok: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } TASK [ipaserver : Install - Server preparation] ******************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:152 Monday 22 November 2021 16:42:08 +0000 (0:00:00.027) 0:01:01.093 ******* changed: [/cache/rhel-7.qcow2] => { "_ca_subject": "CN=Certificate Authority,O=TEST.LOCAL", "_subject_base": "O=TEST.LOCAL", "adtrust_netbios_name": null, "adtrust_reset_netbios_name": false, "ca_subject": "CN=Certificate Authority,O=TEST.LOCAL", "changed": true, "dns_ip_addresses": [ "fec0::5054:ff:fe12:3456", "10.0.2.15" ], "dns_reverse_zones": [], "forward_policy": "only", "forwarders": [ "10.0.2.3" ], "ip_addresses": [ "fec0::5054:ff:fe12:3456", "10.0.2.15" ], "no_dnssec_validation": true, "reverse_zones": [], "subject_base": "O=TEST.LOCAL" } TASK [ipaserver : Install - Setup NTP] ***************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:196 Monday 22 November 2021 16:42:11 +0000 (0:00:02.209) 0:01:03.303 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true } TASK [ipaserver : Install - Setup DS] ****************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:203 Monday 22 November 2021 16:42:12 +0000 (0:00:01.317) 0:01:04.621 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true } TASK [ipaserver : Install - Setup KRB] ***************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:232 Monday 22 November 2021 16:42:34 +0000 (0:00:22.226) 0:01:26.847 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true } TASK [ipaserver : Install - Setup custodia] ************************************ task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:259 Monday 22 November 2021 16:42:39 +0000 (0:00:04.957) 0:01:31.805 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true } TASK [ipaserver : Install - Setup CA] ****************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:265 Monday 22 November 2021 16:42:43 +0000 (0:00:04.047) 0:01:35.852 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "csr_generated": false } TASK [ipaserver : Copy /root/ipa.csr to "/cache/rhel-7.qcow2-ipa.csr"] ********* task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:306 Monday 22 November 2021 16:45:04 +0000 (0:02:20.299) 0:03:56.152 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaserver : Install - Setup otpd] **************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:315 Monday 22 November 2021 16:45:04 +0000 (0:00:00.036) 0:03:56.189 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true } TASK [ipaserver : Install - Setup HTTP] **************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:321 Monday 22 November 2021 16:45:06 +0000 (0:00:02.454) 0:03:58.643 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true } TASK [ipaserver : Install - Setup KRA] ***************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:353 Monday 22 November 2021 16:46:03 +0000 (0:00:56.678) 0:04:55.321 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaserver : Install - Setup DNS] ***************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:364 Monday 22 November 2021 16:46:03 +0000 (0:00:00.039) 0:04:55.361 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true } TASK [ipaserver : Install - Setup ADTRUST] ************************************* task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:381 Monday 22 November 2021 16:46:11 +0000 (0:00:08.049) 0:05:03.411 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaserver : Install - Set DS password] *********************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:396 Monday 22 November 2021 16:46:11 +0000 (0:00:00.045) 0:05:03.456 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true } TASK [Install - Setup client] ************************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:413 Monday 22 November 2021 16:46:13 +0000 (0:00:02.218) 0:05:05.675 ******* TASK [ipaclient : Import variables specific to distribution] ******************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/main.yml:4 Monday 22 November 2021 16:46:13 +0000 (0:00:00.058) 0:05:05.734 ******* ok: [/cache/rhel-7.qcow2] => (item=/tmp/freeipa-repo/roles/ipaclient/vars/RedHat-7.yml) => { "ansible_facts": { "ipaclient_packages": [ "ipa-client", "libselinux-python" ] }, "ansible_included_var_files": [ "/tmp/freeipa-repo/roles/ipaclient/vars/RedHat-7.yml" ], "ansible_loop_var": "item", "changed": false, "item": "/tmp/freeipa-repo/roles/ipaclient/vars/RedHat-7.yml" } TASK [ipaclient : Install IPA client] ****************************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/main.yml:12 Monday 22 November 2021 16:46:13 +0000 (0:00:00.052) 0:05:05.786 ******* included: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml for /cache/rhel-7.qcow2 TASK [ipaclient : Install - Ensure that IPA client packages are installed] ***** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:4 Monday 22 November 2021 16:46:13 +0000 (0:00:00.070) 0:05:05.856 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0, "results": [ "ipa-client-4.6.8-5.el7.x86_64 providing ipa-client is already installed", "libselinux-python-2.5-15.el7.x86_64 providing libselinux-python is already installed" ] } TASK [ipaclient : Install - Set ipaclient_servers] ***************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:10 Monday 22 November 2021 16:46:14 +0000 (0:00:00.562) 0:05:06.419 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Set ipaclient_servers from cluster inventory] ****** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:15 Monday 22 November 2021 16:46:14 +0000 (0:00:00.036) 0:05:06.456 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Check that either principal or keytab is set] ****** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:21 Monday 22 November 2021 16:46:14 +0000 (0:00:00.036) 0:05:06.492 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Set default principal if no keytab is given] ******* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:25 Monday 22 November 2021 16:46:14 +0000 (0:00:00.034) 0:05:06.527 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "ipaadmin_principal": "admin" }, "changed": false } TASK [ipaclient : Install - IPA client test] *********************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:30 Monday 22 November 2021 16:46:14 +0000 (0:00:00.037) 0:05:06.565 ******* ok: [/cache/rhel-7.qcow2] => { "basedn": "dc=test,dc=local", "changed": false, "client_already_configured": false, "client_domain": "test.local", "dnsok": false, "domain": "test.local", "hostname": "ipaserver.test.local", "ipa_python_version": 40608, "kdc": "ipaserver.test.local", "ntp_pool": null, "ntp_servers": null, "realm": "TEST.LOCAL", "servers": [ "ipaserver.test.local" ], "sssd": true } TASK [ipaclient : Install - Cleanup leftover ccache] *************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:56 Monday 22 November 2021 16:46:15 +0000 (0:00:00.717) 0:05:07.282 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "path": "/etc/ipa/.dns_ccache", "state": "absent" } TASK [ipaclient : Install - Configure NTP] ************************************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:61 Monday 22 November 2021 16:46:15 +0000 (0:00:00.342) 0:05:07.625 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } TASK [ipaclient : Install - Make sure One-Time Password is enabled if it's already defined] *** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:73 Monday 22 November 2021 16:46:16 +0000 (0:00:00.667) 0:05:08.292 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Disable One-Time Password for on_master] *********** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:78 Monday 22 November 2021 16:46:16 +0000 (0:00:00.040) 0:05:08.332 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Test if IPA client has working krb5.keytab] ******** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:83 Monday 22 November 2021 16:46:16 +0000 (0:00:00.037) 0:05:08.369 ******* ok: [/cache/rhel-7.qcow2] => { "ca_crt_exists": true, "changed": false, "krb5_conf_ok": true, "krb5_keytab_ok": true, "ping_test_ok": false } TASK [ipaclient : Install - Disable One-Time Password for client with working krb5.keytab] *** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:93 Monday 22 November 2021 16:46:17 +0000 (0:00:00.840) 0:05:09.209 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Keytab or password is required for getting otp] **** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:109 Monday 22 November 2021 16:46:17 +0000 (0:00:00.040) 0:05:09.250 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Get One-Time Password for client enrollment] ******* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:113 Monday 22 November 2021 16:46:17 +0000 (0:00:00.041) 0:05:09.291 ******* skipping: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } TASK [ipaclient : Install - Report error for OTP generation] ******************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:132 Monday 22 November 2021 16:46:17 +0000 (0:00:00.036) 0:05:09.327 ******* skipping: [/cache/rhel-7.qcow2] => {} TASK [ipaclient : Install - Store the previously obtained OTP] ***************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:138 Monday 22 November 2021 16:46:17 +0000 (0:00:00.035) 0:05:09.363 ******* skipping: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } TASK [ipaclient : Store predefined OTP in admin_password] ********************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:147 Monday 22 November 2021 16:46:17 +0000 (0:00:00.034) 0:05:09.398 ******* skipping: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } TASK [ipaclient : Install - Check if principal and keytab are set] ************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:163 Monday 22 November 2021 16:46:17 +0000 (0:00:00.034) 0:05:09.432 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Check if one of password or keytabs are set] ******* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:167 Monday 22 November 2021 16:46:17 +0000 (0:00:00.035) 0:05:09.468 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Purge TEST.LOCAL from host keytab] ***************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:175 Monday 22 November 2021 16:46:17 +0000 (0:00:00.037) 0:05:09.506 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Backup and set hostname] *************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:188 Monday 22 November 2021 16:46:17 +0000 (0:00:00.038) 0:05:09.544 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Join IPA] ****************************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:193 Monday 22 November 2021 16:46:17 +0000 (0:00:00.037) 0:05:09.582 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : fail] ******************************************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:215 Monday 22 November 2021 16:46:17 +0000 (0:00:00.074) 0:05:09.656 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : fail] ******************************************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:220 Monday 22 November 2021 16:46:17 +0000 (0:00:00.037) 0:05:09.693 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : fail] ******************************************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:223 Monday 22 November 2021 16:46:17 +0000 (0:00:00.037) 0:05:09.731 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Configure IPA default.conf] ************************ task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:235 Monday 22 November 2021 16:46:17 +0000 (0:00:00.040) 0:05:09.771 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Configure SSSD] ************************************ task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:244 Monday 22 November 2021 16:46:17 +0000 (0:00:00.044) 0:05:09.815 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true } TASK [ipaclient : Install - Configure krb5 for IPA realm] ********************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:266 Monday 22 November 2021 16:46:18 +0000 (0:00:00.688) 0:05:10.504 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - IPA API calls for remaining enrollment parts] ****** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:280 Monday 22 November 2021 16:46:18 +0000 (0:00:00.038) 0:05:10.543 ******* changed: [/cache/rhel-7.qcow2] => { "ca_enabled": true, "changed": true, "subject_base": "O=TEST.LOCAL" } TASK [ipaclient : Install - Fix IPA ca] **************************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:288 Monday 22 November 2021 16:46:21 +0000 (0:00:02.702) 0:05:13.245 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Create IPA NSS database] *************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:298 Monday 22 November 2021 16:46:21 +0000 (0:00:00.046) 0:05:13.292 ******* changed: [/cache/rhel-7.qcow2] => { "ca_enabled_ra": true, "changed": true } TASK [ipaclient : Install - Configure SSH and SSHD] **************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:329 Monday 22 November 2021 16:46:24 +0000 (0:00:03.593) 0:05:16.885 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true } TASK [ipaclient : Install - Configure automount] ******************************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:337 Monday 22 November 2021 16:46:25 +0000 (0:00:00.748) 0:05:17.634 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true } TASK [ipaclient : Install - Configure firefox] ********************************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:343 Monday 22 November 2021 16:46:26 +0000 (0:00:00.661) 0:05:18.296 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Configure NIS] ************************************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:349 Monday 22 November 2021 16:46:26 +0000 (0:00:00.043) 0:05:18.339 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true } TASK [ipaclient : Install - Restore original admin password if overwritten by OTP] *** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:367 Monday 22 November 2021 16:46:27 +0000 (0:00:00.925) 0:05:19.264 ******* skipping: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } TASK [ipaclient : Cleanup leftover ccache] ************************************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:373 Monday 22 November 2021 16:46:27 +0000 (0:00:00.041) 0:05:19.305 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "path": "/etc/ipa/.dns_ccache", "state": "absent" } TASK [ipaclient : Uninstall IPA client] **************************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/main.yml:16 Monday 22 November 2021 16:46:27 +0000 (0:00:00.346) 0:05:19.652 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: role_complete for /cache/rhel-7.qcow2 TASK [ipaserver : Install - Enable IPA] **************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:428 Monday 22 November 2021 16:46:27 +0000 (0:00:00.042) 0:05:19.695 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true } TASK [ipaserver : Install - Cleanup root IPA cache] **************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:435 Monday 22 November 2021 16:46:32 +0000 (0:00:04.715) 0:05:24.411 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "path": "/root/.ipa_cache", "state": "absent" } TASK [ipaserver : Install - Configure firewalld] ******************************* task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:441 Monday 22 November 2021 16:46:32 +0000 (0:00:00.339) 0:05:24.750 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "firewall-cmd", "--permanent", "--zone=", "--add-service=freeipa-ldap", "--add-service=freeipa-ldaps", "--add-service=dns", "--add-service=ntp" ], "delta": "0:00:00.287160", "end": "2021-11-22 11:46:32.041768", "rc": 0, "start": "2021-11-22 11:46:31.754608" } STDOUT: success TASK [ipaserver : Install - Configure firewalld runtime] *********************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:455 Monday 22 November 2021 16:46:33 +0000 (0:00:00.755) 0:05:25.505 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "firewall-cmd", "--zone=", "--add-service=freeipa-ldap", "--add-service=freeipa-ldaps", "--add-service=dns", "--add-service=ntp" ], "delta": "0:00:00.323284", "end": "2021-11-22 11:46:32.692846", "rc": 0, "start": "2021-11-22 11:46:32.369562" } STDOUT: success TASK [ipaserver : Cleanup temporary files] ************************************* task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:471 Monday 22 November 2021 16:46:34 +0000 (0:00:00.655) 0:05:26.160 ******* ok: [/cache/rhel-7.qcow2] => (item=/etc/ipa/.tmp_pkcs12_dirsrv) => { "ansible_loop_var": "item", "changed": false, "item": "/etc/ipa/.tmp_pkcs12_dirsrv", "path": "/etc/ipa/.tmp_pkcs12_dirsrv", "state": "absent" } ok: [/cache/rhel-7.qcow2] => (item=/etc/ipa/.tmp_pkcs12_http) => { "ansible_loop_var": "item", "changed": false, "item": "/etc/ipa/.tmp_pkcs12_http", "path": "/etc/ipa/.tmp_pkcs12_http", "state": "absent" } ok: [/cache/rhel-7.qcow2] => (item=/etc/ipa/.tmp_pkcs12_pkinit) => { "ansible_loop_var": "item", "changed": false, "item": "/etc/ipa/.tmp_pkcs12_pkinit", "path": "/etc/ipa/.tmp_pkcs12_pkinit", "state": "absent" } TASK [ipaserver : Uninstall IPA server] **************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/main.yml:16 Monday 22 November 2021 16:46:34 +0000 (0:00:00.938) 0:05:27.099 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: role_complete for /cache/rhel-7.qcow2 META: ran handlers META: ran handlers PLAY [Issue IPA signed certificates] ******************************************* TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_basic_ipa.yml:8 Monday 22 November 2021 16:46:35 +0000 (0:00:00.047) 0:05:27.146 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpcx8fxgbp/tasks/main.yml:2 Monday 22 November 2021 16:46:35 +0000 (0:00:00.707) 0:05:27.853 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpcx8fxgbp/vars/RedHat_7.yml" ], "changed": false } TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:17 Monday 22 November 2021 16:46:35 +0000 (0:00:00.026) 0:05:27.880 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0, "results": [ "python2-pyasn1-0.1.9-7.el7.noarch providing python-pyasn1 is already installed", "python2-cryptography-1.7.2-2.el7.x86_64 providing python-cryptography is already installed", "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed" ] } TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:34 Monday 22 November 2021 16:46:36 +0000 (0:00:00.967) 0:05:28.847 ******* ok: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "rc": 0, "results": [ "certmonger-0.78.4-14.el7.x86_64 providing certmonger is already installed" ] } TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:45 Monday 22 November 2021 16:46:37 +0000 (0:00:00.584) 0:05:29.432 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:71 Monday 22 November 2021 16:46:37 +0000 (0:00:00.363) 0:05:29.796 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:100 Monday 22 November 2021 16:46:38 +0000 (0:00:00.365) 0:05:30.161 ******* ok: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestamp": "Mon 2021-11-22 11:43:50 EST", "ActiveEnterTimestampMonotonic": "174445415", "ActiveExitTimestampMonotonic": "0", "ActiveState": "active", "After": "basic.target dbus.service systemd-journald.socket network.target system.slice syslog.target", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "yes", "AssertTimestamp": "Mon 2021-11-22 11:43:50 EST", "AssertTimestampMonotonic": "174431851", "Before": "multi-user.target shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "yes", "ConditionTimestamp": "Mon 2021-11-22 11:43:50 EST", "ConditionTimestampMonotonic": "174431851", "Conflicts": "shutdown.target", "ControlGroup": "/system.slice/certmonger.service", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "12325", "ExecMainStartTimestamp": "Mon 2021-11-22 11:43:50 EST", "ExecMainStartTimestampMonotonic": "174432495", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestamp": "Mon 2021-11-22 11:43:50 EST", "InactiveExitTimestampMonotonic": "174432541", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14968", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14968", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "12325", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "system.slice basic.target", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "running", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "enabled", "WantedBy": "multi-user.target", "WatchdogTimestamp": "Mon 2021-11-22 11:43:50 EST", "WatchdogTimestampMonotonic": "174445297", "WatchdogUSec": "0" } } TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpcx8fxgbp/tasks/main.yml:112 Monday 22 November 2021 16:46:38 +0000 (0:00:00.740) 0:05:30.902 ******* changed: [/cache/rhel-7.qcow2] => (item={'name': 'mycert', 'dns': 'ipaserver.test.local', 'principal': 'HTTP/ipaserver.test.local@TEST.LOCAL', 'ca': 'ipa'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "ipa", "dns": "ipaserver.test.local", "name": "mycert", "principal": "HTTP/ipaserver.test.local@TEST.LOCAL" } } MSG: Certificate requested (new). changed: [/cache/rhel-7.qcow2] => (item={'name': 'groupcert', 'dns': 'ipaserver.test.local', 'principal': 'HTTP/ipaserver.test.local@TEST.LOCAL', 'ca': 'ipa', 'group': 'ftp'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "ipa", "dns": "ipaserver.test.local", "group": "ftp", "name": "groupcert", "principal": "HTTP/ipaserver.test.local@TEST.LOCAL" } } MSG: Certificate requested (new). File attributes updated. META: role_complete for /cache/rhel-7.qcow2 META: ran handlers META: ran handlers PLAY [Verify certificates] ***************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_basic_ipa.yml:27 Monday 22 November 2021 16:46:42 +0000 (0:00:03.893) 0:05:34.795 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_basic_ipa.yml:84 Monday 22 November 2021 16:46:43 +0000 (0:00:00.716) 0:05:35.511 ******* included: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml for /cache/rhel-7.qcow2 => (item={'path': '/etc/pki/tls/certs/mycert.crt', 'key_path': '/etc/pki/tls/private/mycert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'ipaserver.test.local'}, {'name': 'organizationName', 'oid': '2.5.4.10', 'value': 'TEST.LOCAL'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'ipaserver.test.local'}, {'name': 'Universal Principal Name (UPN)', 'oid': '1.3.6.1.4.1.311.20.2.3', 'value': 'HTTP/ipaserver.test.local@TEST.LOCAL'}, {'name': 'Kerberos principalname', 'oid': '1.3.6.1.5.2.2', 'value': 'HTTP/ipaserver.test.local@TEST.LOCAL'}], 'key_usage': ['digital_signature', 'content_commitment', 'key_encipherment', 'data_encipherment']}) included: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml for /cache/rhel-7.qcow2 => (item={'path': '/etc/pki/tls/certs/groupcert.crt', 'key_path': '/etc/pki/tls/private/groupcert.key', 'owner': 'root', 'group': 'ftp', 'mode': '0640', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'ipaserver.test.local'}, {'name': 'organizationName', 'oid': '2.5.4.10', 'value': 'TEST.LOCAL'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'ipaserver.test.local'}, {'name': 'Universal Principal Name (UPN)', 'oid': '1.3.6.1.4.1.311.20.2.3', 'value': 'HTTP/ipaserver.test.local@TEST.LOCAL'}, {'name': 'Kerberos principalname', 'oid': '1.3.6.1.5.2.2', 'value': 'HTTP/ipaserver.test.local@TEST.LOCAL'}], 'key_usage': ['digital_signature', 'content_commitment', 'key_encipherment', 'data_encipherment']}) TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:2 Monday 22 November 2021 16:46:43 +0000 (0:00:00.041) 0:05:35.553 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:6 Monday 22 November 2021 16:46:43 +0000 (0:00:00.017) 0:05:35.571 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python3" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-17.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-17.el7 for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-17.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-17.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-17.el7 rhel 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-17.el7 rhel 6.9 M\n python3-pip noarch 9.0.3-8.el7 rhel 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 rhel 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 27 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Installing : python3-libs-3.6.8-17.el7.x86_64 2/4 \n Installing : python3-3.6.8-17.el7.x86_64 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 1/4 \n Verifying : python3-3.6.8-17.el7.x86_64 2/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Verifying : python3-libs-3.6.8-17.el7.x86_64 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-17.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-17.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:11 Monday 22 November 2021 16:46:48 +0000 (0:00:04.569) 0:05:40.140 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting pip Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB) Installing collected packages: pip Found existing installation: pip 9.0.3 Uninstalling pip-9.0.3: Successfully uninstalled pip-9.0.3 Successfully installed pip-21.3.1 TASK [Install certreader] ****************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:18 Monday 22 November 2021 16:46:52 +0000 (0:00:04.538) 0:05:44.679 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting cryptography<35 Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB) Collecting certreader>=0.1.1 Downloading certreader-0.1.1.tar.gz (4.4 kB) Preparing metadata (setup.py): started Preparing metadata (setup.py): finished with status 'done' Collecting cffi>=1.12 Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB) Collecting pyasn1 Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB) Collecting pyyaml Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB) Collecting pycparser Downloading pycparser-2.21-py2.py3-none-any.whl (118 kB) Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed. Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader Running setup.py install for certreader: started Running setup.py install for certreader: finished with status 'done' Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.21 pyyaml-6.0 TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:26 Monday 22 November 2021 16:46:55 +0000 (0:00:03.138) 0:05:47.817 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637599599.794059, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "b52fc3ee4f2d845488d62d1660c85bcc6272fdbe", "ctime": 1637599599.791059, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12849429, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637599599.791059, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1684, "uid": 0, "version": "1547952513", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:31 Monday 22 November 2021 16:46:56 +0000 (0:00:00.477) 0:05:48.295 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:37 Monday 22 November 2021 16:46:56 +0000 (0:00:00.022) 0:05:48.318 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:49 Monday 22 November 2021 16:46:56 +0000 (0:00:00.036) 0:05:48.354 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:55 Monday 22 November 2021 16:46:56 +0000 (0:00:00.034) 0:05:48.388 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637599598.274059, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "7d30c1f9b6cc77a4c6ef52609604239819faed70", "ctime": 1637599599.791059, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12849492, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637599599.791059, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "18446744072682741802", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:60 Monday 22 November 2021 16:46:56 +0000 (0:00:00.318) 0:05:48.707 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:66 Monday 22 November 2021 16:46:56 +0000 (0:00:00.021) 0:05:48.729 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:78 Monday 22 November 2021 16:46:56 +0000 (0:00:00.036) 0:05:48.766 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt" ], "delta": "0:00:00.256339", "end": "2021-11-22 11:46:55.852513", "rc": 0, "start": "2021-11-22 11:46:55.596174" } STDOUT: { "subject": [ { "name": "organizationName", "oid": "2.5.4.10", "value": "TEST.LOCAL" }, { "name": "commonName", "oid": "2.5.4.3", "value": "ipaserver.test.local" } ], "extensions": { "authorityKeyIdentifier": { "value": "91:DE:62:F0:17:FC:3B:CC:5C:16:A9:47:7D:E7:BF:3E:D0:F2:68:5E", "critical": false }, "authorityInfoAccess": { "value": [ { "method": "OCSP", "location": "http://ipa-ca.test.local/ca/ocsp" } ], "critical": false }, "keyUsage": { "value": [ "digital_signature", "content_commitment", "key_encipherment", "data_encipherment" ], "critical": true }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "cRLDistributionPoints": { "value": [ { "full_name": [ "http://ipa-ca.test.local/ipa/crl/MasterCRL.bin" ], "crl_issuer": [ { "organizationName": "ipaca", "commonName": "Certificate Authority" } ] } ], "critical": false }, "subjectKeyIdentifier": { "value": "35:8E:32:6B:E4:8C:15:79:6A:D3:90:62:61:52:F6:F4:24:6C:8B:F5", "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "ipaserver.test.local" }, { "name": "Universal Principal Name (UPN)", "value": "HTTP/ipaserver.test.local@TEST.LOCAL", "oid": "1.3.6.1.4.1.311.20.2.3" }, { "name": "Kerberos principalname", "value": "HTTP/ipaserver.test.local@TEST.LOCAL", "oid": "1.3.6.1.5.2.2" } ], "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "5C:D6:D1:0E:27:80:0A:2F:9A:1D:54:7A:2C:50:11:34:A6:BF:80:B5:C9:CC:D1:90:57:C4:F2:A2:DD:03:ED:8F:31:2F:09:B0:89:5D:05:32:C6:72:C8:2B:01:8A:4F:D2:43:03:37:03:2A:DC:6F:11:D7:72:3B:BB:9C:1F:81:5C:38:17:3D:44:70:FB:B3:5C:8B:86:AF:02:39:BB:F0:D3:CE:BE:10:1E:B1:32:3E:FC:AF:B9:26:D9:26:84:16:A8:F9:A3:27:A3:01:33:65:8D:4B:DA:71:60:71:1E:3E:AE:CD:10:6F:FC:43:00:A2:03:40:64:A4:56:D5:20:82:E9:B7:CE:C6:98:A9:B7:AC:F8:C2:47:31:B7:67:B8:C6:2B:CA:D5:61:5A:28:32:46:65:E6:D1:92:8C:F6:F2:83:23:3E:3A:B7:EC:0F:50:9D:24:C6:B8:D8:71:35:92:E2:68:3A:F4:06:32:0B:D1:82:CE:A6:79:07:04:94:80:9B:FF:D2:BD:0A:05:25:95:30:6A:77:14:CB:8E:6A:71:33:58:65:56:F4:53:B1:57:A7:E3:8D:9E:E5:A6:3E:D8:93:37:22:AC:42:D7:12:A9:44:8D:F9:58:AC:2F:3B:24:AE:21:BE:01:C3:4F:0C:AA:1F:17:5B:B3:10:17:7B:B5:73:AC" }, "key_size": 2048, "validity": { "not_valid_after": "2023-11-23 16:46:39", "not_valid_before": "2021-11-22 16:46:39" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:83 Monday 22 November 2021 16:46:57 +0000 (0:00:00.553) 0:05:49.319 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityInfoAccess": { "critical": false, "value": [ { "location": "http://ipa-ca.test.local/ca/ocsp", "method": "OCSP" } ] }, "authorityKeyIdentifier": { "critical": false, "value": "91:DE:62:F0:17:FC:3B:CC:5C:16:A9:47:7D:E7:BF:3E:D0:F2:68:5E" }, "cRLDistributionPoints": { "critical": false, "value": [ { "crl_issuer": [ { "commonName": "Certificate Authority", "organizationName": "ipaca" } ], "full_name": [ "http://ipa-ca.test.local/ipa/crl/MasterCRL.bin" ] } ] }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": true, "value": [ "digital_signature", "content_commitment", "key_encipherment", "data_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "ipaserver.test.local" }, { "name": "Universal Principal Name (UPN)", "oid": "1.3.6.1.4.1.311.20.2.3", "value": "HTTP/ipaserver.test.local@TEST.LOCAL" }, { "name": "Kerberos principalname", "oid": "1.3.6.1.5.2.2", "value": "HTTP/ipaserver.test.local@TEST.LOCAL" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "35:8E:32:6B:E4:8C:15:79:6A:D3:90:62:61:52:F6:F4:24:6C:8B:F5" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "5C:D6:D1:0E:27:80:0A:2F:9A:1D:54:7A:2C:50:11:34:A6:BF:80:B5:C9:CC:D1:90:57:C4:F2:A2:DD:03:ED:8F:31:2F:09:B0:89:5D:05:32:C6:72:C8:2B:01:8A:4F:D2:43:03:37:03:2A:DC:6F:11:D7:72:3B:BB:9C:1F:81:5C:38:17:3D:44:70:FB:B3:5C:8B:86:AF:02:39:BB:F0:D3:CE:BE:10:1E:B1:32:3E:FC:AF:B9:26:D9:26:84:16:A8:F9:A3:27:A3:01:33:65:8D:4B:DA:71:60:71:1E:3E:AE:CD:10:6F:FC:43:00:A2:03:40:64:A4:56:D5:20:82:E9:B7:CE:C6:98:A9:B7:AC:F8:C2:47:31:B7:67:B8:C6:2B:CA:D5:61:5A:28:32:46:65:E6:D1:92:8C:F6:F2:83:23:3E:3A:B7:EC:0F:50:9D:24:C6:B8:D8:71:35:92:E2:68:3A:F4:06:32:0B:D1:82:CE:A6:79:07:04:94:80:9B:FF:D2:BD:0A:05:25:95:30:6A:77:14:CB:8E:6A:71:33:58:65:56:F4:53:B1:57:A7:E3:8D:9E:E5:A6:3E:D8:93:37:22:AC:42:D7:12:A9:44:8D:F9:58:AC:2F:3B:24:AE:21:BE:01:C3:4F:0C:AA:1F:17:5B:B3:10:17:7B:B5:73:AC" }, "subject": [ { "name": "organizationName", "oid": "2.5.4.10", "value": "TEST.LOCAL" }, { "name": "commonName", "oid": "2.5.4.3", "value": "ipaserver.test.local" } ], "validity": { "not_valid_after": "2023-11-23 16:46:39", "not_valid_before": "2021-11-22 16:46:39" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:87 Monday 22 November 2021 16:46:57 +0000 (0:00:00.038) 0:05:49.358 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:96 Monday 22 November 2021 16:46:57 +0000 (0:00:00.035) 0:05:49.394 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:105 Monday 22 November 2021 16:46:57 +0000 (0:00:00.021) 0:05:49.416 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:112 Monday 22 November 2021 16:46:57 +0000 (0:00:00.035) 0:05:49.451 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:125 Monday 22 November 2021 16:46:57 +0000 (0:00:00.034) 0:05:49.485 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:141 Monday 22 November 2021 16:46:57 +0000 (0:00:00.034) 0:05:49.520 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.059893", "end": "2021-11-22 11:46:56.422651", "rc": 0, "start": "2021-11-22 11:46:56.362758" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:150 Monday 22 November 2021 16:46:57 +0000 (0:00:00.366) 0:05:49.886 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:2 Monday 22 November 2021 16:46:57 +0000 (0:00:00.036) 0:05:49.923 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:6 Monday 22 November 2021 16:46:57 +0000 (0:00:00.017) 0:05:49.941 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0, "results": [ "python3-3.6.8-17.el7.x86_64 providing python3 is already installed" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:11 Monday 22 November 2021 16:46:58 +0000 (0:00:00.574) 0:05:50.515 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1) TASK [Install certreader] ****************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:18 Monday 22 November 2021 16:46:59 +0000 (0:00:00.988) 0:05:51.504 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8) Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1) Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.0) Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8) Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0) Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21) TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:26 Monday 22 November 2021 16:47:00 +0000 (0:00:00.854) 0:05:52.359 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637599601.2500591, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "4099b0797bfb2f4816e6641f79740f95b56fb8dc", "ctime": 1637599601.307059, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 50, "gr_name": "ftp", "inode": 12791517, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0640", "mtime": 1637599601.2460592, "nlink": 1, "path": "/etc/pki/tls/certs/groupcert.crt", "pw_name": "root", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 1684, "uid": 0, "version": "18446744072444256444", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:31 Monday 22 November 2021 16:47:00 +0000 (0:00:00.336) 0:05:52.695 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:37 Monday 22 November 2021 16:47:00 +0000 (0:00:00.022) 0:05:52.717 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:49 Monday 22 November 2021 16:47:00 +0000 (0:00:00.036) 0:05:52.754 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:55 Monday 22 November 2021 16:47:00 +0000 (0:00:00.033) 0:05:52.788 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637599600.548059, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "2ec82b9ecc9635b063805c47a2bd8e64541291c0", "ctime": 1637599601.307059, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 50, "gr_name": "ftp", "inode": 12791516, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0640", "mtime": 1637599601.2460592, "nlink": 1, "path": "/etc/pki/tls/private/groupcert.key", "pw_name": "root", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 1708, "uid": 0, "version": "1733184863", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:60 Monday 22 November 2021 16:47:01 +0000 (0:00:00.339) 0:05:53.128 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:66 Monday 22 November 2021 16:47:01 +0000 (0:00:00.026) 0:05:53.154 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:78 Monday 22 November 2021 16:47:01 +0000 (0:00:00.039) 0:05:53.194 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/groupcert.crt" ], "delta": "0:00:00.281378", "end": "2021-11-22 11:47:00.335566", "rc": 0, "start": "2021-11-22 11:47:00.054188" } STDOUT: { "subject": [ { "name": "organizationName", "oid": "2.5.4.10", "value": "TEST.LOCAL" }, { "name": "commonName", "oid": "2.5.4.3", "value": "ipaserver.test.local" } ], "extensions": { "authorityKeyIdentifier": { "value": "91:DE:62:F0:17:FC:3B:CC:5C:16:A9:47:7D:E7:BF:3E:D0:F2:68:5E", "critical": false }, "authorityInfoAccess": { "value": [ { "method": "OCSP", "location": "http://ipa-ca.test.local/ca/ocsp" } ], "critical": false }, "keyUsage": { "value": [ "digital_signature", "content_commitment", "key_encipherment", "data_encipherment" ], "critical": true }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "cRLDistributionPoints": { "value": [ { "full_name": [ "http://ipa-ca.test.local/ipa/crl/MasterCRL.bin" ], "crl_issuer": [ { "organizationName": "ipaca", "commonName": "Certificate Authority" } ] } ], "critical": false }, "subjectKeyIdentifier": { "value": "51:B9:70:87:7F:D0:14:CA:96:5F:46:2B:7B:46:86:8C:1E:93:0A:21", "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "ipaserver.test.local" }, { "name": "Universal Principal Name (UPN)", "value": "HTTP/ipaserver.test.local@TEST.LOCAL", "oid": "1.3.6.1.4.1.311.20.2.3" }, { "name": "Kerberos principalname", "value": "HTTP/ipaserver.test.local@TEST.LOCAL", "oid": "1.3.6.1.5.2.2" } ], "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "58:DC:FA:55:48:5C:B3:2C:A2:C1:EA:FC:33:D4:5A:CA:78:EF:07:D3:31:63:08:F8:15:A2:E1:C8:23:19:E5:90:FF:03:C1:88:32:B0:08:E9:C3:89:CC:38:84:A4:0F:22:97:73:C4:EC:5A:D9:AE:68:0C:A7:55:7B:77:42:F9:6B:2C:F0:AA:F4:2C:A6:F6:25:FD:5F:F4:9F:37:24:0C:27:86:CD:52:58:A6:AB:5E:20:7D:5D:43:71:57:A1:CC:10:58:03:43:BD:9C:B1:58:BF:E4:06:7F:DC:06:2F:ED:34:BE:F7:A9:B4:04:FD:A6:EE:33:2F:4F:C3:32:9F:26:FB:87:77:34:EB:6D:6D:AB:A4:CA:86:8A:9E:E0:AC:73:C7:9A:34:59:4A:52:96:BF:C4:03:D8:02:AD:17:BD:8C:D7:7E:12:16:F6:46:FC:EF:95:F5:9E:9E:ED:7F:D9:4F:96:62:E6:4C:8A:57:D1:30:A3:FB:14:17:37:9C:6D:4A:57:F4:5F:0F:68:E5:5B:47:F5:AA:86:CB:2B:71:42:B7:DF:24:87:73:D4:5E:02:DC:FD:77:74:9B:88:59:91:71:7F:42:41:73:EF:C8:77:00:66:3D:A0:B2:AD:DE:6E:8E:E6:2E:6E:BF:86:15:35:90:02:F9:60:63:ED:C7:6D:40:5A" }, "key_size": 2048, "validity": { "not_valid_after": "2023-11-23 16:46:41", "not_valid_before": "2021-11-22 16:46:41" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:83 Monday 22 November 2021 16:47:01 +0000 (0:00:00.611) 0:05:53.806 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityInfoAccess": { "critical": false, "value": [ { "location": "http://ipa-ca.test.local/ca/ocsp", "method": "OCSP" } ] }, "authorityKeyIdentifier": { "critical": false, "value": "91:DE:62:F0:17:FC:3B:CC:5C:16:A9:47:7D:E7:BF:3E:D0:F2:68:5E" }, "cRLDistributionPoints": { "critical": false, "value": [ { "crl_issuer": [ { "commonName": "Certificate Authority", "organizationName": "ipaca" } ], "full_name": [ "http://ipa-ca.test.local/ipa/crl/MasterCRL.bin" ] } ] }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": true, "value": [ "digital_signature", "content_commitment", "key_encipherment", "data_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "ipaserver.test.local" }, { "name": "Universal Principal Name (UPN)", "oid": "1.3.6.1.4.1.311.20.2.3", "value": "HTTP/ipaserver.test.local@TEST.LOCAL" }, { "name": "Kerberos principalname", "oid": "1.3.6.1.5.2.2", "value": "HTTP/ipaserver.test.local@TEST.LOCAL" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "51:B9:70:87:7F:D0:14:CA:96:5F:46:2B:7B:46:86:8C:1E:93:0A:21" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "58:DC:FA:55:48:5C:B3:2C:A2:C1:EA:FC:33:D4:5A:CA:78:EF:07:D3:31:63:08:F8:15:A2:E1:C8:23:19:E5:90:FF:03:C1:88:32:B0:08:E9:C3:89:CC:38:84:A4:0F:22:97:73:C4:EC:5A:D9:AE:68:0C:A7:55:7B:77:42:F9:6B:2C:F0:AA:F4:2C:A6:F6:25:FD:5F:F4:9F:37:24:0C:27:86:CD:52:58:A6:AB:5E:20:7D:5D:43:71:57:A1:CC:10:58:03:43:BD:9C:B1:58:BF:E4:06:7F:DC:06:2F:ED:34:BE:F7:A9:B4:04:FD:A6:EE:33:2F:4F:C3:32:9F:26:FB:87:77:34:EB:6D:6D:AB:A4:CA:86:8A:9E:E0:AC:73:C7:9A:34:59:4A:52:96:BF:C4:03:D8:02:AD:17:BD:8C:D7:7E:12:16:F6:46:FC:EF:95:F5:9E:9E:ED:7F:D9:4F:96:62:E6:4C:8A:57:D1:30:A3:FB:14:17:37:9C:6D:4A:57:F4:5F:0F:68:E5:5B:47:F5:AA:86:CB:2B:71:42:B7:DF:24:87:73:D4:5E:02:DC:FD:77:74:9B:88:59:91:71:7F:42:41:73:EF:C8:77:00:66:3D:A0:B2:AD:DE:6E:8E:E6:2E:6E:BF:86:15:35:90:02:F9:60:63:ED:C7:6D:40:5A" }, "subject": [ { "name": "organizationName", "oid": "2.5.4.10", "value": "TEST.LOCAL" }, { "name": "commonName", "oid": "2.5.4.3", "value": "ipaserver.test.local" } ], "validity": { "not_valid_after": "2023-11-23 16:46:41", "not_valid_before": "2021-11-22 16:46:41" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:87 Monday 22 November 2021 16:47:01 +0000 (0:00:00.035) 0:05:53.841 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:96 Monday 22 November 2021 16:47:01 +0000 (0:00:00.033) 0:05:53.874 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:105 Monday 22 November 2021 16:47:01 +0000 (0:00:00.019) 0:05:53.894 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:112 Monday 22 November 2021 16:47:01 +0000 (0:00:00.031) 0:05:53.926 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:125 Monday 22 November 2021 16:47:01 +0000 (0:00:00.034) 0:05:53.960 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:141 Monday 22 November 2021 16:47:01 +0000 (0:00:00.033) 0:05:53.994 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/groupcert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.057027", "end": "2021-11-22 11:47:00.910293", "rc": 0, "start": "2021-11-22 11:47:00.853266" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:150 Monday 22 November 2021 16:47:02 +0000 (0:00:00.379) 0:05:54.373 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=99 changed=33 unreachable=0 failed=0 skipped=35 rescued=0 ignored=0 Monday 22 November 2021 16:47:02 +0000 (0:00:00.038) 0:05:54.412 ******* =============================================================================== ipaserver : Install - Setup CA ---------------------------------------- 140.30s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:265 ----------------------- ipaserver : Install - Setup HTTP --------------------------------------- 56.68s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:321 ----------------------- ipaserver : Install - Ensure that IPA server packages are installed ---- 40.38s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:5 ------------------------- ipaserver : Install - Setup DS ----------------------------------------- 22.23s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:203 ----------------------- ipaserver : Install - Setup DNS ----------------------------------------- 8.05s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:364 ----------------------- ipaserver : Install - Ensure that IPA server packages for dns are installed --- 7.01s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:10 ------------------------ ipaserver : Install - Setup KRB ----------------------------------------- 4.96s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:232 ----------------------- ipaserver : Install - Enable IPA ---------------------------------------- 4.72s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:428 ----------------------- Ensure python3 is installed --------------------------------------------- 4.57s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:6 -------------- Install the package, force upgrade -------------------------------------- 4.54s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:11 ------------- ipaserver : Install - Setup custodia ------------------------------------ 4.05s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:259 ----------------------- linux-system-roles.certificate : Ensure certificate requests ------------ 3.89s /tmp/tmpcx8fxgbp/tasks/main.yml:112 ------------------------------------------- ipaclient : Install - Create IPA NSS database --------------------------- 3.59s /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:298 ----------------------- Install certreader ------------------------------------------------------ 3.14s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:18 ------------- Ensure nss package is up-to-date ---------------------------------------- 2.77s /tmp/tmpcx8fxgbp/tests/tasks/setup_ipa.yml:42 --------------------------------- ipaclient : Install - IPA API calls for remaining enrollment parts ------ 2.70s /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:280 ----------------------- ipaserver : Install - Setup otpd ---------------------------------------- 2.45s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:315 ----------------------- ipaserver : Install - Ensure that firewall packages installed ----------- 2.30s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:22 ------------------------ ipaserver : Install - Set DS password ----------------------------------- 2.22s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:396 ----------------------- ipaserver : Install - Server preparation -------------------------------- 2.21s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:152 ----------------------- + cd /tmp/tmpcx8fxgbp/tests; TEST_SSHD_USEDNS_NO=True TEST_SUBJECTS=/cache/rhel-7.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-103-b309c26-rhel-7-3xzp9nbc/artifacts ANSIBLE_COLLECTIONS_PATHS=/tmp/tmpvzmns1ns:~/.ansible/collections:/usr/share/ansible/collections ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 --skip-tags=tests::cleanup,tests::nvme /tmp/tmpcx8fxgbp/_setup.yml /tmp/tmpcx8fxgbp/tests/tests_basic_self_signed.yml ansible-playbook [core 2.12.0.post0] config file = None configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.8/site-packages/ansible ansible collection location = /tmp/tmpvzmns1ns:/home/runner/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.8.8 (default, Aug 25 2021, 16:13:02) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] jinja version = 2.10.3 libyaml = True No config file found; using defaults Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 2 plays in /tmp/tmpcx8fxgbp/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpcx8fxgbp/_setup.yml:5 Monday 22 November 2021 16:47:16 +0000 (0:00:00.012) 0:00:00.012 ******* ok: [/cache/rhel-7.qcow2] => { "groups": { "all": [ "/cache/rhel-7.qcow2" ], "localhost": [ "/cache/rhel-7.qcow2" ], "subjects": [ "/cache/rhel-7.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:6 Monday 22 November 2021 16:47:16 +0000 (0:00:00.015) 0:00:00.028 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:13 Monday 22 November 2021 16:47:16 +0000 (0:00:00.022) 0:00:00.050 ******* changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 16:47:17 +0000 (0:00:01.368) 0:00:01.418 ******* =============================================================================== set up internal repositories -------------------------------------------- 1.37s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ fail -------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- PLAYBOOK: tests_basic_self_signed.yml ****************************************** 2 plays in /tmp/tmpcx8fxgbp/tests/tests_basic_self_signed.yml PLAY [Issue simple self-signed certificate] ************************************ TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_basic_self_signed.yml:2 Monday 22 November 2021 16:47:18 +0000 (0:00:00.013) 0:00:01.432 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpcx8fxgbp/tasks/main.yml:2 Monday 22 November 2021 16:47:18 +0000 (0:00:00.979) 0:00:02.411 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpcx8fxgbp/vars/RedHat_7.yml" ], "changed": false } TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:17 Monday 22 November 2021 16:47:19 +0000 (0:00:00.029) 0:00:02.441 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python-pyasn1", "python-cryptography" ] }, "rc": 0, "results": [ "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 rhel 503 k\n python2-pyasn1 noarch 0.1.9-7.el7 rhel 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 rhel 218 k\n python-enum34 noarch 1.0.4-1.el7 rhel 52 k\n python-idna noarch 2.4-1.el7 rhel 94 k\n python-ply noarch 3.4-11.el7 rhel 123 k\n python-pycparser noarch 2.14-1.el7 rhel 105 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 9.7 MB/s | 1.2 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n" ] } TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:34 Monday 22 November 2021 16:47:23 +0000 (0:00:04.956) 0:00:07.397 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": { "installed": [ "certmonger" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-14.el7 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository\n Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-14.el7 rhel 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 rhel 33 k\n libtevent x86_64 0.9.39-1.el7 rhel 41 k\n psmisc x86_64 22.20-17.el7 rhel 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 rhel 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 rhel 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 980 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 11 MB/s | 980 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-14.el7.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 2/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 3/6 \n Verifying : certmonger-0.78.4-14.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-14.el7 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n" ] } TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:45 Monday 22 November 2021 16:47:26 +0000 (0:00:02.140) 0:00:09.537 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:71 Monday 22 November 2021 16:47:26 +0000 (0:00:00.466) 0:00:10.003 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:100 Monday 22 November 2021 16:47:26 +0000 (0:00:00.324) 0:00:10.328 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "network.target dbus.service basic.target system.slice syslog.target systemd-journald.socket", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14968", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14968", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "system.slice basic.target", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0" } } TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpcx8fxgbp/tasks/main.yml:112 Monday 22 November 2021 16:47:27 +0000 (0:00:00.814) 0:00:11.143 ******* changed: [/cache/rhel-7.qcow2] => (item={'name': 'mycert', 'dns': 'www.example.com', 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.com", "name": "mycert" } } MSG: Certificate requested (new). META: role_complete for /cache/rhel-7.qcow2 META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_basic_self_signed.yml:13 Monday 22 November 2021 16:47:28 +0000 (0:00:00.743) 0:00:11.886 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_basic_self_signed.yml:27 Monday 22 November 2021 16:47:29 +0000 (0:00:00.673) 0:00:12.560 ******* included: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml for /cache/rhel-7.qcow2 => (item={'path': '/etc/pki/tls/certs/mycert.crt', 'key_path': '/etc/pki/tls/private/mycert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}]}) TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:2 Monday 22 November 2021 16:47:29 +0000 (0:00:00.029) 0:00:12.590 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:6 Monday 22 November 2021 16:47:29 +0000 (0:00:00.013) 0:00:12.604 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python3" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-17.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-17.el7 for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-17.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-17.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-17.el7 rhel 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-17.el7 rhel 6.9 M\n python3-pip noarch 9.0.3-8.el7 rhel 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 rhel 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 59 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Installing : python3-libs-3.6.8-17.el7.x86_64 2/4 \n Installing : python3-3.6.8-17.el7.x86_64 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 1/4 \n Verifying : python3-3.6.8-17.el7.x86_64 2/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Verifying : python3-libs-3.6.8-17.el7.x86_64 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-17.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-17.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:11 Monday 22 November 2021 16:47:33 +0000 (0:00:04.394) 0:00:16.998 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting pip Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB) Installing collected packages: pip Found existing installation: pip 9.0.3 Uninstalling pip-9.0.3: Successfully uninstalled pip-9.0.3 Successfully installed pip-21.3.1 TASK [Install certreader] ****************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:18 Monday 22 November 2021 16:47:38 +0000 (0:00:04.603) 0:00:21.601 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting cryptography<35 Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB) Collecting certreader>=0.1.1 Downloading certreader-0.1.1.tar.gz (4.4 kB) Preparing metadata (setup.py): started Preparing metadata (setup.py): finished with status 'done' Collecting cffi>=1.12 Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB) Collecting pyasn1 Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB) Collecting pyyaml Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB) Collecting pycparser Downloading pycparser-2.21-py2.py3-none-any.whl (118 kB) Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed. Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader Running setup.py install for certreader: started Running setup.py install for certreader: finished with status 'done' Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.21 pyyaml-6.0 TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:26 Monday 22 November 2021 16:47:41 +0000 (0:00:03.178) 0:00:24.780 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637599647.8973067, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "8ee51d3fafa99e6ad1a7a50d9778690e789d82a3", "ctime": 1637599647.8943067, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12584431, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637599647.8943067, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1310, "uid": 0, "version": "2066230826", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:31 Monday 22 November 2021 16:47:41 +0000 (0:00:00.436) 0:00:25.217 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:37 Monday 22 November 2021 16:47:41 +0000 (0:00:00.019) 0:00:25.236 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:49 Monday 22 November 2021 16:47:41 +0000 (0:00:00.034) 0:00:25.270 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:55 Monday 22 November 2021 16:47:41 +0000 (0:00:00.036) 0:00:25.306 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637599647.8553066, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "d2f6b327d40592b1e9e6eb72d3c1e1214bc47d97", "ctime": 1637599647.8943067, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12584430, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637599647.8943067, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "1854458284", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:60 Monday 22 November 2021 16:47:42 +0000 (0:00:00.313) 0:00:25.620 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:66 Monday 22 November 2021 16:47:42 +0000 (0:00:00.019) 0:00:25.640 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:78 Monday 22 November 2021 16:47:42 +0000 (0:00:00.033) 0:00:25.673 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt" ], "delta": "0:00:00.264599", "end": "2021-11-22 11:47:42.442696", "rc": 0, "start": "2021-11-22 11:47:42.178097" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.com" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "90:85:2E:6A:73:12:0A:6D:B1:BD:73:8C:5C:33:A0:76:C6:10:FE:C7", "critical": false }, "authorityKeyIdentifier": { "value": "01:39:54:D6:0D:D3:FF:FC:A7:A9:68:CE:58:04:D6:2F:9B:F0:72:F7", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "41:AA:66:E0:E3:6A:D0:AC:10:6F:40:3B:70:AC:1E:D8:FF:BA:70:3A:FB:BF:2F:81:D7:E6:2E:69:17:3B:FF:5B:12:59:B7:6B:BA:DD:5B:34:35:46:EA:B7:85:D2:F9:CA:0B:67:B8:82:20:B9:88:FE:E9:6F:88:69:50:EE:37:B5:B4:F2:5E:6D:D0:F4:E0:A2:76:90:11:89:73:9B:0B:58:1D:4C:B3:1F:9C:3F:7D:56:77:2A:9C:54:5F:1C:E6:B7:4A:BD:EE:37:45:F1:13:42:6B:40:E3:1B:8B:1A:15:8F:B4:81:23:17:2D:D3:C7:98:B2:0C:30:87:F4:33:61:03:DE:19:42:A1:06:96:0E:16:13:5D:C7:A0:AD:C1:BA:49:39:89:96:EA:ED:0D:3A:69:14:8F:B2:3F:ED:4C:1B:2E:F0:CF:80:88:60:F3:5B:44:44:21:8A:F4:03:C9:6C:DC:FC:FE:42:28:D3:B8:6F:E2:7E:A2:FB:84:35:EA:AB:95:07:44:2F:3F:3E:B6:95:CF:BC:E8:23:77:A7:35:60:A0:11:82:87:87:71:B2:D8:62:3C:B0:CC:14:43:9E:7D:0C:AB:0C:23:2C:10:B4:8A:23:BD:23:2B:10:88:B1:7F:92:5C:D3:61:08:21:1A:16:1C:5D:F4:11:F8:BF:2A:89:EF" }, "key_size": 2048, "validity": { "not_valid_after": "2022-11-22 16:47:27", "not_valid_before": "2021-11-22 16:47:27" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:83 Monday 22 November 2021 16:47:42 +0000 (0:00:00.698) 0:00:26.372 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "01:39:54:D6:0D:D3:FF:FC:A7:A9:68:CE:58:04:D6:2F:9B:F0:72:F7" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "90:85:2E:6A:73:12:0A:6D:B1:BD:73:8C:5C:33:A0:76:C6:10:FE:C7" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "41:AA:66:E0:E3:6A:D0:AC:10:6F:40:3B:70:AC:1E:D8:FF:BA:70:3A:FB:BF:2F:81:D7:E6:2E:69:17:3B:FF:5B:12:59:B7:6B:BA:DD:5B:34:35:46:EA:B7:85:D2:F9:CA:0B:67:B8:82:20:B9:88:FE:E9:6F:88:69:50:EE:37:B5:B4:F2:5E:6D:D0:F4:E0:A2:76:90:11:89:73:9B:0B:58:1D:4C:B3:1F:9C:3F:7D:56:77:2A:9C:54:5F:1C:E6:B7:4A:BD:EE:37:45:F1:13:42:6B:40:E3:1B:8B:1A:15:8F:B4:81:23:17:2D:D3:C7:98:B2:0C:30:87:F4:33:61:03:DE:19:42:A1:06:96:0E:16:13:5D:C7:A0:AD:C1:BA:49:39:89:96:EA:ED:0D:3A:69:14:8F:B2:3F:ED:4C:1B:2E:F0:CF:80:88:60:F3:5B:44:44:21:8A:F4:03:C9:6C:DC:FC:FE:42:28:D3:B8:6F:E2:7E:A2:FB:84:35:EA:AB:95:07:44:2F:3F:3E:B6:95:CF:BC:E8:23:77:A7:35:60:A0:11:82:87:87:71:B2:D8:62:3C:B0:CC:14:43:9E:7D:0C:AB:0C:23:2C:10:B4:8A:23:BD:23:2B:10:88:B1:7F:92:5C:D3:61:08:21:1A:16:1C:5D:F4:11:F8:BF:2A:89:EF" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "2022-11-22 16:47:27", "not_valid_before": "2021-11-22 16:47:27" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:87 Monday 22 November 2021 16:47:42 +0000 (0:00:00.033) 0:00:26.406 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:96 Monday 22 November 2021 16:47:43 +0000 (0:00:00.033) 0:00:26.440 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:105 Monday 22 November 2021 16:47:43 +0000 (0:00:00.019) 0:00:26.459 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:112 Monday 22 November 2021 16:47:43 +0000 (0:00:00.032) 0:00:26.492 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:125 Monday 22 November 2021 16:47:43 +0000 (0:00:00.032) 0:00:26.524 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:141 Monday 22 November 2021 16:47:43 +0000 (0:00:00.030) 0:00:26.555 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.043774", "end": "2021-11-22 11:47:42.978712", "rc": 0, "start": "2021-11-22 11:47:42.934938" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:150 Monday 22 November 2021 16:47:43 +0000 (0:00:00.354) 0:00:26.909 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=32 changed=10 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 16:47:43 +0000 (0:00:00.038) 0:00:26.948 ******* =============================================================================== linux-system-roles.certificate : Ensure certificate role dependencies are installed --- 4.96s /tmp/tmpcx8fxgbp/tasks/main.yml:17 -------------------------------------------- Install the package, force upgrade -------------------------------------- 4.60s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:11 ------------- Ensure python3 is installed --------------------------------------------- 4.39s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:6 -------------- Install certreader ------------------------------------------------------ 3.18s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:18 ------------- linux-system-roles.certificate : Ensure provider packages are installed --- 2.14s /tmp/tmpcx8fxgbp/tasks/main.yml:34 -------------------------------------------- set up internal repositories -------------------------------------------- 1.37s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ Gathering Facts --------------------------------------------------------- 0.98s /tmp/tmpcx8fxgbp/tests/tests_basic_self_signed.yml:2 -------------------------- linux-system-roles.certificate : Ensure provider service is running ----- 0.81s /tmp/tmpcx8fxgbp/tasks/main.yml:100 ------------------------------------------- linux-system-roles.certificate : Ensure certificate requests ------------ 0.74s /tmp/tmpcx8fxgbp/tasks/main.yml:112 ------------------------------------------- Parse certificate ------------------------------------------------------- 0.70s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:78 ------------- Gathering Facts --------------------------------------------------------- 0.67s /tmp/tmpcx8fxgbp/tests/tests_basic_self_signed.yml:13 ------------------------- linux-system-roles.certificate : Ensure pre-scripts hooks directory exists --- 0.47s /tmp/tmpcx8fxgbp/tasks/main.yml:45 -------------------------------------------- Retrieve certificate file stats ----------------------------------------- 0.44s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:26 ------------- Retrieve auto-renew flag ------------------------------------------------ 0.35s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:141 ------------ linux-system-roles.certificate : Ensure post-scripts hooks directory exists --- 0.33s /tmp/tmpcx8fxgbp/tasks/main.yml:71 -------------------------------------------- Retrieve key file stats ------------------------------------------------- 0.31s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:55 ------------- Verify certificate auto-renew flag -------------------------------------- 0.04s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:150 ------------ Verify certificate permissions ------------------------------------------ 0.04s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:49 ------------- Verify certificate file owner and group --------------------------------- 0.03s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:37 ------------- Verify key file owner and group ----------------------------------------- 0.03s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:66 ------------- + cd /tmp/tmpcx8fxgbp/tests; TEST_SSHD_USEDNS_NO=True TEST_SUBJECTS=/cache/rhel-7.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-103-b309c26-rhel-7-3xzp9nbc/artifacts ANSIBLE_COLLECTIONS_PATHS=/tmp/tmpvzmns1ns:~/.ansible/collections:/usr/share/ansible/collections ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 --skip-tags=tests::cleanup,tests::nvme /tmp/tmpcx8fxgbp/_setup.yml /tmp/tmpcx8fxgbp/tests/tests_default.yml ansible-playbook [core 2.12.0.post0] config file = None configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.8/site-packages/ansible ansible collection location = /tmp/tmpvzmns1ns:/home/runner/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.8.8 (default, Aug 25 2021, 16:13:02) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] jinja version = 2.10.3 libyaml = True No config file found; using defaults Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 2 plays in /tmp/tmpcx8fxgbp/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpcx8fxgbp/_setup.yml:5 Monday 22 November 2021 16:47:58 +0000 (0:00:00.010) 0:00:00.010 ******* ok: [/cache/rhel-7.qcow2] => { "groups": { "all": [ "/cache/rhel-7.qcow2" ], "localhost": [ "/cache/rhel-7.qcow2" ], "subjects": [ "/cache/rhel-7.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:6 Monday 22 November 2021 16:47:58 +0000 (0:00:00.017) 0:00:00.028 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:13 Monday 22 November 2021 16:47:58 +0000 (0:00:00.025) 0:00:00.054 ******* changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 16:48:00 +0000 (0:00:01.326) 0:00:01.380 ******* =============================================================================== set up internal repositories -------------------------------------------- 1.33s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ fail -------------------------------------------------------------------- 0.03s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- PLAYBOOK: tests_default.yml **************************************************** 1 plays in /tmp/tmpcx8fxgbp/tests/tests_default.yml PLAY [Ensure that the role runs with default parameters] *********************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_default.yml:3 Monday 22 November 2021 16:48:00 +0000 (0:00:00.012) 0:00:01.393 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpcx8fxgbp/tasks/main.yml:2 Monday 22 November 2021 16:48:01 +0000 (0:00:00.930) 0:00:02.324 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpcx8fxgbp/vars/RedHat_7.yml" ], "changed": false } TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:17 Monday 22 November 2021 16:48:01 +0000 (0:00:00.026) 0:00:02.350 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python-pyasn1", "python-cryptography" ] }, "rc": 0, "results": [ "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 rhel 503 k\n python2-pyasn1 noarch 0.1.9-7.el7 rhel 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 rhel 218 k\n python-enum34 noarch 1.0.4-1.el7 rhel 52 k\n python-idna noarch 2.4-1.el7 rhel 94 k\n python-ply noarch 3.4-11.el7 rhel 123 k\n python-pycparser noarch 2.14-1.el7 rhel 105 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 8.1 MB/s | 1.2 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n" ] } TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:34 Monday 22 November 2021 16:48:05 +0000 (0:00:04.759) 0:00:07.109 ******* TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:45 Monday 22 November 2021 16:48:06 +0000 (0:00:00.031) 0:00:07.140 ******* TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:71 Monday 22 November 2021 16:48:06 +0000 (0:00:00.030) 0:00:07.171 ******* TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:100 Monday 22 November 2021 16:48:06 +0000 (0:00:00.027) 0:00:07.198 ******* TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpcx8fxgbp/tasks/main.yml:112 Monday 22 November 2021 16:48:06 +0000 (0:00:00.027) 0:00:07.226 ******* META: role_complete for /cache/rhel-7.qcow2 META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=5 changed=2 unreachable=0 failed=0 skipped=6 rescued=0 ignored=0 Monday 22 November 2021 16:48:06 +0000 (0:00:00.021) 0:00:07.247 ******* =============================================================================== linux-system-roles.certificate : Ensure certificate role dependencies are installed --- 4.76s /tmp/tmpcx8fxgbp/tasks/main.yml:17 -------------------------------------------- set up internal repositories -------------------------------------------- 1.33s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ Gathering Facts --------------------------------------------------------- 0.93s /tmp/tmpcx8fxgbp/tests/tests_default.yml:3 ------------------------------------ linux-system-roles.certificate : Ensure provider packages are installed --- 0.03s /tmp/tmpcx8fxgbp/tasks/main.yml:34 -------------------------------------------- linux-system-roles.certificate : Ensure pre-scripts hooks directory exists --- 0.03s /tmp/tmpcx8fxgbp/tasks/main.yml:45 -------------------------------------------- linux-system-roles.certificate : Ensure post-scripts hooks directory exists --- 0.03s /tmp/tmpcx8fxgbp/tasks/main.yml:71 -------------------------------------------- linux-system-roles.certificate : Ensure provider service is running ----- 0.03s /tmp/tmpcx8fxgbp/tasks/main.yml:100 ------------------------------------------- linux-system-roles.certificate : Set version specific variables --------- 0.03s /tmp/tmpcx8fxgbp/tasks/main.yml:2 --------------------------------------------- fail -------------------------------------------------------------------- 0.03s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- linux-system-roles.certificate : Ensure certificate requests ------------ 0.02s /tmp/tmpcx8fxgbp/tasks/main.yml:112 ------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- + cd /tmp/tmpcx8fxgbp/tests; TEST_SSHD_USEDNS_NO=True TEST_SUBJECTS=/cache/rhel-7.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-103-b309c26-rhel-7-3xzp9nbc/artifacts ANSIBLE_COLLECTIONS_PATHS=/tmp/tmpvzmns1ns:~/.ansible/collections:/usr/share/ansible/collections ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 --skip-tags=tests::cleanup,tests::nvme /tmp/tmpcx8fxgbp/_setup.yml /tmp/tmpcx8fxgbp/tests/tests_dns_ip_email.yml ansible-playbook [core 2.12.0.post0] config file = None configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.8/site-packages/ansible ansible collection location = /tmp/tmpvzmns1ns:/home/runner/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.8.8 (default, Aug 25 2021, 16:13:02) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] jinja version = 2.10.3 libyaml = True No config file found; using defaults Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 2 plays in /tmp/tmpcx8fxgbp/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpcx8fxgbp/_setup.yml:5 Monday 22 November 2021 16:48:20 +0000 (0:00:00.012) 0:00:00.012 ******* ok: [/cache/rhel-7.qcow2] => { "groups": { "all": [ "/cache/rhel-7.qcow2" ], "localhost": [ "/cache/rhel-7.qcow2" ], "subjects": [ "/cache/rhel-7.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:6 Monday 22 November 2021 16:48:20 +0000 (0:00:00.018) 0:00:00.031 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:13 Monday 22 November 2021 16:48:20 +0000 (0:00:00.023) 0:00:00.055 ******* changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 16:48:22 +0000 (0:00:01.433) 0:00:01.488 ******* =============================================================================== set up internal repositories -------------------------------------------- 1.43s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ fail -------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- PLAYBOOK: tests_dns_ip_email.yml *********************************************** 2 plays in /tmp/tmpcx8fxgbp/tests/tests_dns_ip_email.yml PLAY [Issue certificate with dns, ip and email in SAN] ************************* TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_dns_ip_email.yml:2 Monday 22 November 2021 16:48:22 +0000 (0:00:00.023) 0:00:01.512 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpcx8fxgbp/tasks/main.yml:2 Monday 22 November 2021 16:48:23 +0000 (0:00:01.250) 0:00:02.762 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpcx8fxgbp/vars/RedHat_7.yml" ], "changed": false } TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:17 Monday 22 November 2021 16:48:23 +0000 (0:00:00.028) 0:00:02.791 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python-pyasn1", "python-cryptography" ] }, "rc": 0, "results": [ "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 rhel 503 k\n python2-pyasn1 noarch 0.1.9-7.el7 rhel 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 rhel 218 k\n python-enum34 noarch 1.0.4-1.el7 rhel 52 k\n python-idna noarch 2.4-1.el7 rhel 94 k\n python-ply noarch 3.4-11.el7 rhel 123 k\n python-pycparser noarch 2.14-1.el7 rhel 105 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 12 MB/s | 1.2 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n" ] } TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:34 Monday 22 November 2021 16:48:28 +0000 (0:00:04.864) 0:00:07.655 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": { "installed": [ "certmonger" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-14.el7 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository\n Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-14.el7 rhel 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 rhel 33 k\n libtevent x86_64 0.9.39-1.el7 rhel 41 k\n psmisc x86_64 22.20-17.el7 rhel 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 rhel 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 rhel 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 980 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 9.1 MB/s | 980 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-14.el7.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 2/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 3/6 \n Verifying : certmonger-0.78.4-14.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-14.el7 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n" ] } TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:45 Monday 22 November 2021 16:48:30 +0000 (0:00:02.280) 0:00:09.936 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:71 Monday 22 November 2021 16:48:31 +0000 (0:00:00.508) 0:00:10.444 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:100 Monday 22 November 2021 16:48:31 +0000 (0:00:00.371) 0:00:10.816 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "system.slice syslog.target dbus.service systemd-journald.socket network.target basic.target", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14968", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14968", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "basic.target system.slice", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0" } } TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpcx8fxgbp/tasks/main.yml:112 Monday 22 November 2021 16:48:32 +0000 (0:00:00.889) 0:00:11.705 ******* changed: [/cache/rhel-7.qcow2] => (item={'name': 'mycert', 'common_name': 'My Certificate with SAN', 'dns': ['sub1.example.com', 'www.example.com', 'sub2.example.com', 'sub3.example.com'], 'ip': ['192.0.2.12', '198.51.100.65', '2001:db8::2:1'], 'email': ['sysadmin@example.com', 'support@example.com'], 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "common_name": "My Certificate with SAN", "dns": [ "sub1.example.com", "www.example.com", "sub2.example.com", "sub3.example.com" ], "email": [ "sysadmin@example.com", "support@example.com" ], "ip": [ "192.0.2.12", "198.51.100.65", "2001:db8::2:1" ], "name": "mycert" } } MSG: Certificate requested (new). META: role_complete for /cache/rhel-7.qcow2 META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_dns_ip_email.yml:24 Monday 22 November 2021 16:48:33 +0000 (0:00:00.889) 0:00:12.594 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_dns_ip_email.yml:54 Monday 22 November 2021 16:48:34 +0000 (0:00:00.823) 0:00:13.418 ******* included: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml for /cache/rhel-7.qcow2 => (item={'path': '/etc/pki/tls/certs/mycert.crt', 'key_path': '/etc/pki/tls/private/mycert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'My Certificate with SAN'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'sub1.example.com'}, {'name': 'DNS', 'value': 'www.example.com'}, {'name': 'DNS', 'value': 'sub2.example.com'}, {'name': 'DNS', 'value': 'sub3.example.com'}, {'name': 'email', 'value': 'sysadmin@example.com'}, {'name': 'email', 'value': 'support@example.com'}, {'name': 'IP Address', 'value': '192.0.2.12'}, {'name': 'IP Address', 'value': '198.51.100.65'}, {'name': 'IP Address', 'value': '2001:db8::2:1'}]}) TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:2 Monday 22 November 2021 16:48:34 +0000 (0:00:00.031) 0:00:13.450 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:6 Monday 22 November 2021 16:48:34 +0000 (0:00:00.014) 0:00:13.465 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python3" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-17.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-17.el7 for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-17.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-17.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-17.el7 rhel 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-17.el7 rhel 6.9 M\n python3-pip noarch 9.0.3-8.el7 rhel 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 rhel 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 49 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Installing : python3-libs-3.6.8-17.el7.x86_64 2/4 \n Installing : python3-3.6.8-17.el7.x86_64 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 1/4 \n Verifying : python3-3.6.8-17.el7.x86_64 2/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Verifying : python3-libs-3.6.8-17.el7.x86_64 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-17.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-17.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:11 Monday 22 November 2021 16:48:38 +0000 (0:00:04.468) 0:00:17.933 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting pip Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB) Installing collected packages: pip Found existing installation: pip 9.0.3 Uninstalling pip-9.0.3: Successfully uninstalled pip-9.0.3 Successfully installed pip-21.3.1 TASK [Install certreader] ****************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:18 Monday 22 November 2021 16:48:43 +0000 (0:00:04.734) 0:00:22.667 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting cryptography<35 Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB) Collecting certreader>=0.1.1 Downloading certreader-0.1.1.tar.gz (4.4 kB) Preparing metadata (setup.py): started Preparing metadata (setup.py): finished with status 'done' Collecting cffi>=1.12 Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB) Collecting pyasn1 Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB) Collecting pyyaml Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB) Collecting pycparser Downloading pycparser-2.21-py2.py3-none-any.whl (118 kB) Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed. Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader Running setup.py install for certreader: started Running setup.py install for certreader: finished with status 'done' Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.21 pyyaml-6.0 TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:26 Monday 22 November 2021 16:48:46 +0000 (0:00:03.168) 0:00:25.836 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637599711.7090578, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "0c2388cf643d1ac63b51e7d90adad15cde443cd5", "ctime": 1637599711.7060578, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12986546, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637599711.7060578, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1501, "uid": 0, "version": "742786584", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:31 Monday 22 November 2021 16:48:46 +0000 (0:00:00.442) 0:00:26.278 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:37 Monday 22 November 2021 16:48:46 +0000 (0:00:00.023) 0:00:26.302 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:49 Monday 22 November 2021 16:48:46 +0000 (0:00:00.038) 0:00:26.341 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:55 Monday 22 November 2021 16:48:47 +0000 (0:00:00.034) 0:00:26.375 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637599711.6660576, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "6efeb24909a9a57df57a2977d1083354a0154028", "ctime": 1637599711.7060578, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12986545, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637599711.7060578, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1700, "uid": 0, "version": "1475298387", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:60 Monday 22 November 2021 16:48:47 +0000 (0:00:00.326) 0:00:26.702 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:66 Monday 22 November 2021 16:48:47 +0000 (0:00:00.022) 0:00:26.725 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:78 Monday 22 November 2021 16:48:47 +0000 (0:00:00.038) 0:00:26.764 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt" ], "delta": "0:00:00.274391", "end": "2021-11-22 11:48:46.744093", "rc": 0, "start": "2021-11-22 11:48:46.469702" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "My Certificate with SAN" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "sub1.example.com" }, { "name": "DNS", "value": "www.example.com" }, { "name": "DNS", "value": "sub2.example.com" }, { "name": "DNS", "value": "sub3.example.com" }, { "name": "email", "value": "sysadmin@example.com" }, { "name": "email", "value": "support@example.com" }, { "name": "IP Address", "value": "192.0.2.12" }, { "name": "IP Address", "value": "198.51.100.65" }, { "name": "IP Address", "value": "2001:db8::2:1" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "53:32:86:F2:2C:90:97:24:6F:94:28:A4:2C:01:A7:DE:97:B2:08:1E", "critical": false }, "authorityKeyIdentifier": { "value": "6A:36:2D:69:12:71:3F:58:74:D6:60:A6:24:62:2B:CB:FF:22:53:49", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "05:CF:9C:5B:5E:0C:6F:37:D2:97:1B:FD:F8:A5:26:E3:07:B8:93:44:08:32:70:39:C5:7B:B4:4F:68:F3:42:6C:C1:54:48:6E:21:4D:3B:A4:18:D7:75:56:FD:8F:EE:3B:64:88:28:3D:12:D9:10:08:51:65:D3:FD:63:32:0A:FC:1F:8A:0B:D5:4C:0D:84:0A:04:5B:EE:26:2D:0F:CE:51:69:03:72:99:C9:00:07:67:9A:49:DB:A0:C1:EB:B5:66:2E:F3:FB:E4:28:D9:42:3E:69:14:4E:87:49:DA:5B:EB:9B:FA:E1:79:5A:2E:BC:6C:16:D6:B0:1A:1F:F9:E7:97:BF:9F:6F:91:B2:FF:D9:84:A6:B0:DC:CB:C2:15:3C:94:BC:A8:A0:30:B1:E5:5B:3E:42:A3:12:6E:8A:D6:A3:53:91:0A:F3:ED:9D:DD:24:59:3F:B2:DD:8E:9E:D4:94:E6:42:E8:2A:8F:7B:13:39:13:7E:43:D5:EA:8B:91:F3:63:73:3D:80:36:4D:55:6E:6B:C1:69:49:B8:3A:18:BA:9E:99:27:4D:86:62:9E:37:34:1E:D0:BC:0E:4E:34:E9:0A:F5:F9:17:E3:4E:9F:34:1E:C9:F8:F0:11:0D:D3:13:79:20:43:8E:C4:B6:0A:D2:DA:8F:46:85:7C:11:61:F1:0C" }, "key_size": 2048, "validity": { "not_valid_after": "2022-11-22 16:48:31", "not_valid_before": "2021-11-22 16:48:31" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:83 Monday 22 November 2021 16:48:48 +0000 (0:00:00.716) 0:00:27.480 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "6A:36:2D:69:12:71:3F:58:74:D6:60:A6:24:62:2B:CB:FF:22:53:49" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "sub1.example.com" }, { "name": "DNS", "value": "www.example.com" }, { "name": "DNS", "value": "sub2.example.com" }, { "name": "DNS", "value": "sub3.example.com" }, { "name": "email", "value": "sysadmin@example.com" }, { "name": "email", "value": "support@example.com" }, { "name": "IP Address", "value": "192.0.2.12" }, { "name": "IP Address", "value": "198.51.100.65" }, { "name": "IP Address", "value": "2001:db8::2:1" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "53:32:86:F2:2C:90:97:24:6F:94:28:A4:2C:01:A7:DE:97:B2:08:1E" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "05:CF:9C:5B:5E:0C:6F:37:D2:97:1B:FD:F8:A5:26:E3:07:B8:93:44:08:32:70:39:C5:7B:B4:4F:68:F3:42:6C:C1:54:48:6E:21:4D:3B:A4:18:D7:75:56:FD:8F:EE:3B:64:88:28:3D:12:D9:10:08:51:65:D3:FD:63:32:0A:FC:1F:8A:0B:D5:4C:0D:84:0A:04:5B:EE:26:2D:0F:CE:51:69:03:72:99:C9:00:07:67:9A:49:DB:A0:C1:EB:B5:66:2E:F3:FB:E4:28:D9:42:3E:69:14:4E:87:49:DA:5B:EB:9B:FA:E1:79:5A:2E:BC:6C:16:D6:B0:1A:1F:F9:E7:97:BF:9F:6F:91:B2:FF:D9:84:A6:B0:DC:CB:C2:15:3C:94:BC:A8:A0:30:B1:E5:5B:3E:42:A3:12:6E:8A:D6:A3:53:91:0A:F3:ED:9D:DD:24:59:3F:B2:DD:8E:9E:D4:94:E6:42:E8:2A:8F:7B:13:39:13:7E:43:D5:EA:8B:91:F3:63:73:3D:80:36:4D:55:6E:6B:C1:69:49:B8:3A:18:BA:9E:99:27:4D:86:62:9E:37:34:1E:D0:BC:0E:4E:34:E9:0A:F5:F9:17:E3:4E:9F:34:1E:C9:F8:F0:11:0D:D3:13:79:20:43:8E:C4:B6:0A:D2:DA:8F:46:85:7C:11:61:F1:0C" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "My Certificate with SAN" } ], "validity": { "not_valid_after": "2022-11-22 16:48:31", "not_valid_before": "2021-11-22 16:48:31" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:87 Monday 22 November 2021 16:48:48 +0000 (0:00:00.034) 0:00:27.515 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:96 Monday 22 November 2021 16:48:48 +0000 (0:00:00.035) 0:00:27.551 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:105 Monday 22 November 2021 16:48:48 +0000 (0:00:00.022) 0:00:27.573 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:112 Monday 22 November 2021 16:48:48 +0000 (0:00:00.033) 0:00:27.606 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:125 Monday 22 November 2021 16:48:48 +0000 (0:00:00.035) 0:00:27.642 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:141 Monday 22 November 2021 16:48:48 +0000 (0:00:00.036) 0:00:27.678 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.041692", "end": "2021-11-22 11:48:47.311893", "rc": 0, "start": "2021-11-22 11:48:47.270201" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:150 Monday 22 November 2021 16:48:48 +0000 (0:00:00.374) 0:00:28.053 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=32 changed=10 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 16:48:48 +0000 (0:00:00.049) 0:00:28.102 ******* =============================================================================== linux-system-roles.certificate : Ensure certificate role dependencies are installed --- 4.86s /tmp/tmpcx8fxgbp/tasks/main.yml:17 -------------------------------------------- Install the package, force upgrade -------------------------------------- 4.73s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:11 ------------- Ensure python3 is installed --------------------------------------------- 4.47s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:6 -------------- Install certreader ------------------------------------------------------ 3.17s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:18 ------------- linux-system-roles.certificate : Ensure provider packages are installed --- 2.28s /tmp/tmpcx8fxgbp/tasks/main.yml:34 -------------------------------------------- set up internal repositories -------------------------------------------- 1.43s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ Gathering Facts --------------------------------------------------------- 1.25s /tmp/tmpcx8fxgbp/tests/tests_dns_ip_email.yml:2 ------------------------------- linux-system-roles.certificate : Ensure certificate requests ------------ 0.89s /tmp/tmpcx8fxgbp/tasks/main.yml:112 ------------------------------------------- linux-system-roles.certificate : Ensure provider service is running ----- 0.89s /tmp/tmpcx8fxgbp/tasks/main.yml:100 ------------------------------------------- Gathering Facts --------------------------------------------------------- 0.82s /tmp/tmpcx8fxgbp/tests/tests_dns_ip_email.yml:24 ------------------------------ Parse certificate ------------------------------------------------------- 0.72s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:78 ------------- linux-system-roles.certificate : Ensure pre-scripts hooks directory exists --- 0.51s /tmp/tmpcx8fxgbp/tasks/main.yml:45 -------------------------------------------- Retrieve certificate file stats ----------------------------------------- 0.44s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:26 ------------- Retrieve auto-renew flag ------------------------------------------------ 0.37s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:141 ------------ linux-system-roles.certificate : Ensure post-scripts hooks directory exists --- 0.37s /tmp/tmpcx8fxgbp/tasks/main.yml:71 -------------------------------------------- Retrieve key file stats ------------------------------------------------- 0.33s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:55 ------------- Verify certificate auto-renew flag -------------------------------------- 0.05s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:150 ------------ Verify key file owner and group ----------------------------------------- 0.04s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:66 ------------- Verify certificate file owner and group --------------------------------- 0.04s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:37 ------------- Verify certificate Extended Key Usage ----------------------------------- 0.04s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:125 ------------ + cd /tmp/tmpcx8fxgbp/tests; TEST_SSHD_USEDNS_NO=True TEST_SUBJECTS=/cache/rhel-7.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-103-b309c26-rhel-7-3xzp9nbc/artifacts ANSIBLE_COLLECTIONS_PATHS=/tmp/tmpvzmns1ns:~/.ansible/collections:/usr/share/ansible/collections ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 --skip-tags=tests::cleanup,tests::nvme /tmp/tmpcx8fxgbp/_setup.yml /tmp/tmpcx8fxgbp/tests/tests_fs_attrs.yml ansible-playbook [core 2.12.0.post0] config file = None configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.8/site-packages/ansible ansible collection location = /tmp/tmpvzmns1ns:/home/runner/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.8.8 (default, Aug 25 2021, 16:13:02) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] jinja version = 2.10.3 libyaml = True No config file found; using defaults Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 2 plays in /tmp/tmpcx8fxgbp/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpcx8fxgbp/_setup.yml:5 Monday 22 November 2021 16:49:03 +0000 (0:00:00.011) 0:00:00.011 ******* ok: [/cache/rhel-7.qcow2] => { "groups": { "all": [ "/cache/rhel-7.qcow2" ], "localhost": [ "/cache/rhel-7.qcow2" ], "subjects": [ "/cache/rhel-7.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:6 Monday 22 November 2021 16:49:03 +0000 (0:00:00.016) 0:00:00.028 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:13 Monday 22 November 2021 16:49:03 +0000 (0:00:00.022) 0:00:00.050 ******* changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 16:49:05 +0000 (0:00:01.402) 0:00:01.453 ******* =============================================================================== set up internal repositories -------------------------------------------- 1.40s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ fail -------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- PLAYBOOK: tests_fs_attrs.yml *************************************************** 3 plays in /tmp/tmpcx8fxgbp/tests/tests_fs_attrs.yml PLAY [Ensure UID and GID exists] *********************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_fs_attrs.yml:2 Monday 22 November 2021 16:49:05 +0000 (0:00:00.014) 0:00:01.467 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [Ensure user exists] ****************************************************** task path: /tmp/tmpcx8fxgbp/tests/tests_fs_attrs.yml:5 Monday 22 November 2021 16:49:07 +0000 (0:00:01.997) 0:00:03.465 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "comment": "", "create_home": true, "group": 1040, "home": "/home/user1", "name": "user1", "shell": "/bin/bash", "state": "present", "system": false, "uid": 1040 } TASK [Ensure group "somegroup" exists] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tests_fs_attrs.yml:9 Monday 22 November 2021 16:49:07 +0000 (0:00:00.567) 0:00:04.032 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "gid": 1041, "name": "somegroup", "state": "present", "system": false } META: ran handlers META: ran handlers PLAY [Issue certificate setting user/group] ************************************ TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_fs_attrs.yml:13 Monday 22 November 2021 16:49:08 +0000 (0:00:00.469) 0:00:04.501 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpcx8fxgbp/tasks/main.yml:2 Monday 22 November 2021 16:49:08 +0000 (0:00:00.692) 0:00:05.194 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpcx8fxgbp/vars/RedHat_7.yml" ], "changed": false } TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:17 Monday 22 November 2021 16:49:08 +0000 (0:00:00.027) 0:00:05.221 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python-pyasn1", "python-cryptography" ] }, "rc": 0, "results": [ "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 rhel 503 k\n python2-pyasn1 noarch 0.1.9-7.el7 rhel 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 rhel 218 k\n python-enum34 noarch 1.0.4-1.el7 rhel 52 k\n python-idna noarch 2.4-1.el7 rhel 94 k\n python-ply noarch 3.4-11.el7 rhel 123 k\n python-pycparser noarch 2.14-1.el7 rhel 105 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 8.2 MB/s | 1.2 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n" ] } TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:34 Monday 22 November 2021 16:49:13 +0000 (0:00:04.889) 0:00:10.111 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": { "installed": [ "certmonger" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-14.el7 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository\n Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-14.el7 rhel 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 rhel 33 k\n libtevent x86_64 0.9.39-1.el7 rhel 41 k\n psmisc x86_64 22.20-17.el7 rhel 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 rhel 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 rhel 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 980 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 13 MB/s | 980 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-14.el7.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 2/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 3/6 \n Verifying : certmonger-0.78.4-14.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-14.el7 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n" ] } TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:45 Monday 22 November 2021 16:49:15 +0000 (0:00:02.168) 0:00:12.280 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:71 Monday 22 November 2021 16:49:16 +0000 (0:00:00.524) 0:00:12.805 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:100 Monday 22 November 2021 16:49:16 +0000 (0:00:00.357) 0:00:13.162 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "syslog.target basic.target system.slice dbus.service network.target systemd-journald.socket", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14968", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14968", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "basic.target system.slice", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0" } } TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpcx8fxgbp/tasks/main.yml:112 Monday 22 November 2021 16:49:17 +0000 (0:00:00.883) 0:00:14.045 ******* changed: [/cache/rhel-7.qcow2] => (item={'name': 'mycert', 'dns': 'www.example.com', 'owner': 'ftp', 'group': 'ftp', 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.com", "group": "ftp", "name": "mycert", "owner": "ftp" } } MSG: Certificate requested (new). File attributes updated. changed: [/cache/rhel-7.qcow2] => (item={'name': 'certid', 'dns': 'www.example.com', 'owner': 1040, 'group': 1041, 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.com", "group": 1041, "name": "certid", "owner": 1040 } } MSG: Certificate requested (new). File attributes updated. META: role_complete for /cache/rhel-7.qcow2 META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_fs_attrs.yml:31 Monday 22 November 2021 16:49:18 +0000 (0:00:01.344) 0:00:15.390 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_fs_attrs.yml:60 Monday 22 November 2021 16:49:19 +0000 (0:00:00.730) 0:00:16.120 ******* included: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml for /cache/rhel-7.qcow2 => (item={'path': '/etc/pki/tls/certs/mycert.crt', 'key_path': '/etc/pki/tls/private/mycert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}], 'owner': 'ftp', 'group': 'ftp', 'mode': '0640'}) included: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml for /cache/rhel-7.qcow2 => (item={'path': '/etc/pki/tls/certs/certid.crt', 'key_path': '/etc/pki/tls/private/certid.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}], 'owner': 1040, 'group': 1041, 'mode': '0640'}) TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:2 Monday 22 November 2021 16:49:19 +0000 (0:00:00.041) 0:00:16.162 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:6 Monday 22 November 2021 16:49:19 +0000 (0:00:00.015) 0:00:16.178 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python3" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-17.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-17.el7 for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-17.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-17.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-17.el7 rhel 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-17.el7 rhel 6.9 M\n python3-pip noarch 9.0.3-8.el7 rhel 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 rhel 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 59 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Installing : python3-libs-3.6.8-17.el7.x86_64 2/4 \n Installing : python3-3.6.8-17.el7.x86_64 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 1/4 \n Verifying : python3-3.6.8-17.el7.x86_64 2/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Verifying : python3-libs-3.6.8-17.el7.x86_64 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-17.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-17.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:11 Monday 22 November 2021 16:49:24 +0000 (0:00:04.440) 0:00:20.619 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting pip Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB) Installing collected packages: pip Found existing installation: pip 9.0.3 Uninstalling pip-9.0.3: Successfully uninstalled pip-9.0.3 Successfully installed pip-21.3.1 TASK [Install certreader] ****************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:18 Monday 22 November 2021 16:49:28 +0000 (0:00:04.697) 0:00:25.316 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting cryptography<35 Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB) Collecting certreader>=0.1.1 Downloading certreader-0.1.1.tar.gz (4.4 kB) Preparing metadata (setup.py): started Preparing metadata (setup.py): finished with status 'done' Collecting cffi>=1.12 Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB) Collecting pyasn1 Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB) Collecting pyyaml Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB) Collecting pycparser Downloading pycparser-2.21-py2.py3-none-any.whl (118 kB) Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed. Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader Running setup.py install for certreader: started Running setup.py install for certreader: finished with status 'done' Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.21 pyyaml-6.0 TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:26 Monday 22 November 2021 16:49:32 +0000 (0:00:03.283) 0:00:28.600 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637599758.043208, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "056c6f020e044f77123269a62757287e29ba686a", "ctime": 1637599758.104208, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 50, "gr_name": "ftp", "inode": 12583831, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0640", "mtime": 1637599758.041208, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "ftp", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 1310, "uid": 14, "version": "18446744073418138556", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:31 Monday 22 November 2021 16:49:32 +0000 (0:00:00.467) 0:00:29.067 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:37 Monday 22 November 2021 16:49:32 +0000 (0:00:00.022) 0:00:29.090 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:49 Monday 22 November 2021 16:49:32 +0000 (0:00:00.035) 0:00:29.125 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:55 Monday 22 November 2021 16:49:32 +0000 (0:00:00.091) 0:00:29.217 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637599758.000208, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "d956fa858cc14b7c06380f80f84225eae55f348e", "ctime": 1637599758.105208, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 50, "gr_name": "ftp", "inode": 12583830, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0640", "mtime": 1637599758.041208, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "ftp", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 1704, "uid": 14, "version": "18446744072061148479", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:60 Monday 22 November 2021 16:49:33 +0000 (0:00:00.339) 0:00:29.557 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:66 Monday 22 November 2021 16:49:33 +0000 (0:00:00.021) 0:00:29.579 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:78 Monday 22 November 2021 16:49:33 +0000 (0:00:00.036) 0:00:29.615 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt" ], "delta": "0:00:00.278659", "end": "2021-11-22 11:49:33.637526", "rc": 0, "start": "2021-11-22 11:49:33.358867" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.com" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "83:94:B7:53:A9:A6:89:BE:3B:0B:B3:11:AF:DF:51:75:61:42:67:13", "critical": false }, "authorityKeyIdentifier": { "value": "CD:23:4A:08:36:4C:31:2C:43:2D:72:15:29:91:67:CB:2F:2C:00:8A", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "5F:FC:B6:36:AB:C3:87:91:39:51:CD:BA:75:70:0C:2F:94:23:23:9A:75:A2:ED:A4:47:09:71:B9:5A:8F:03:7B:F5:EC:42:88:8B:35:26:06:16:E6:02:33:CE:37:FE:66:9F:D6:E1:31:EA:15:CD:FF:79:70:BB:2D:A4:85:12:6B:0F:41:A6:27:D7:C2:DA:24:D4:21:AE:95:8C:01:A7:31:9B:EC:43:D5:3F:01:49:87:12:44:28:F7:46:6E:F3:1A:A9:54:A8:C7:F9:87:F3:5A:04:31:49:A2:3D:74:65:53:17:67:81:C4:AA:D8:60:A1:E9:A1:90:F2:59:3A:04:1A:FE:83:2F:7B:D0:7C:E5:81:CA:99:6D:78:A3:44:6D:60:59:7C:41:77:06:8B:E3:52:FE:0C:40:03:90:A3:E7:2B:87:96:C5:35:63:9B:72:53:90:93:EC:58:38:FB:B6:00:26:B3:1B:A3:A6:70:20:FF:45:4E:C7:61:67:9E:1D:89:CE:98:B1:DF:7E:83:A6:54:09:E5:39:14:CD:B7:C7:19:39:2C:29:C0:D8:0C:6F:9E:F6:10:00:40:9E:7B:44:93:F7:CD:FA:D3:18:4C:AA:B9:D1:33:E1:EA:A7:33:15:EE:1D:10:0A:44:A0:19:26:90:2F:FD:4A:F5:6B:0F:C7:41" }, "key_size": 2048, "validity": { "not_valid_after": "2022-11-22 16:49:17", "not_valid_before": "2021-11-22 16:49:18" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:83 Monday 22 November 2021 16:49:33 +0000 (0:00:00.727) 0:00:30.342 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "CD:23:4A:08:36:4C:31:2C:43:2D:72:15:29:91:67:CB:2F:2C:00:8A" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "83:94:B7:53:A9:A6:89:BE:3B:0B:B3:11:AF:DF:51:75:61:42:67:13" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "5F:FC:B6:36:AB:C3:87:91:39:51:CD:BA:75:70:0C:2F:94:23:23:9A:75:A2:ED:A4:47:09:71:B9:5A:8F:03:7B:F5:EC:42:88:8B:35:26:06:16:E6:02:33:CE:37:FE:66:9F:D6:E1:31:EA:15:CD:FF:79:70:BB:2D:A4:85:12:6B:0F:41:A6:27:D7:C2:DA:24:D4:21:AE:95:8C:01:A7:31:9B:EC:43:D5:3F:01:49:87:12:44:28:F7:46:6E:F3:1A:A9:54:A8:C7:F9:87:F3:5A:04:31:49:A2:3D:74:65:53:17:67:81:C4:AA:D8:60:A1:E9:A1:90:F2:59:3A:04:1A:FE:83:2F:7B:D0:7C:E5:81:CA:99:6D:78:A3:44:6D:60:59:7C:41:77:06:8B:E3:52:FE:0C:40:03:90:A3:E7:2B:87:96:C5:35:63:9B:72:53:90:93:EC:58:38:FB:B6:00:26:B3:1B:A3:A6:70:20:FF:45:4E:C7:61:67:9E:1D:89:CE:98:B1:DF:7E:83:A6:54:09:E5:39:14:CD:B7:C7:19:39:2C:29:C0:D8:0C:6F:9E:F6:10:00:40:9E:7B:44:93:F7:CD:FA:D3:18:4C:AA:B9:D1:33:E1:EA:A7:33:15:EE:1D:10:0A:44:A0:19:26:90:2F:FD:4A:F5:6B:0F:C7:41" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "2022-11-22 16:49:17", "not_valid_before": "2021-11-22 16:49:18" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:87 Monday 22 November 2021 16:49:33 +0000 (0:00:00.035) 0:00:30.377 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:96 Monday 22 November 2021 16:49:33 +0000 (0:00:00.036) 0:00:30.414 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:105 Monday 22 November 2021 16:49:34 +0000 (0:00:00.026) 0:00:30.440 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:112 Monday 22 November 2021 16:49:34 +0000 (0:00:00.041) 0:00:30.481 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:125 Monday 22 November 2021 16:49:34 +0000 (0:00:00.048) 0:00:30.530 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:141 Monday 22 November 2021 16:49:34 +0000 (0:00:00.036) 0:00:30.566 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.040745", "end": "2021-11-22 11:49:34.223537", "rc": 0, "start": "2021-11-22 11:49:34.182792" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:150 Monday 22 November 2021 16:49:34 +0000 (0:00:00.367) 0:00:30.933 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:2 Monday 22 November 2021 16:49:34 +0000 (0:00:00.035) 0:00:30.968 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:6 Monday 22 November 2021 16:49:34 +0000 (0:00:00.016) 0:00:30.985 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0, "results": [ "python3-3.6.8-17.el7.x86_64 providing python3 is already installed" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:11 Monday 22 November 2021 16:49:35 +0000 (0:00:00.590) 0:00:31.575 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1) TASK [Install certreader] ****************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:18 Monday 22 November 2021 16:49:36 +0000 (0:00:00.997) 0:00:32.572 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8) Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1) Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.0) Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8) Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0) Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21) TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:26 Monday 22 November 2021 16:49:36 +0000 (0:00:00.842) 0:00:33.415 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637599758.638208, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "7fdb13c2cf4b83079681a5b5c815474cf62ca53a", "ctime": 1637599758.664208, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 1041, "gr_name": "somegroup", "inode": 12583835, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0640", "mtime": 1637599758.635208, "nlink": 1, "path": "/etc/pki/tls/certs/certid.crt", "pw_name": "user1", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 1310, "uid": 1040, "version": "18446744072662315168", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:31 Monday 22 November 2021 16:49:37 +0000 (0:00:00.323) 0:00:33.739 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:37 Monday 22 November 2021 16:49:37 +0000 (0:00:00.022) 0:00:33.761 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:49 Monday 22 November 2021 16:49:37 +0000 (0:00:00.037) 0:00:33.798 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:55 Monday 22 November 2021 16:49:37 +0000 (0:00:00.038) 0:00:33.836 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637599758.5962079, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "8cb62de9e939ed947fa58fe52991a3a628a86f8d", "ctime": 1637599758.664208, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 1041, "gr_name": "somegroup", "inode": 12583834, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0640", "mtime": 1637599758.635208, "nlink": 1, "path": "/etc/pki/tls/private/certid.key", "pw_name": "user1", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 1704, "uid": 1040, "version": "1666675773", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:60 Monday 22 November 2021 16:49:37 +0000 (0:00:00.329) 0:00:34.166 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:66 Monday 22 November 2021 16:49:37 +0000 (0:00:00.021) 0:00:34.187 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:78 Monday 22 November 2021 16:49:37 +0000 (0:00:00.036) 0:00:34.223 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/certid.crt" ], "delta": "0:00:00.274713", "end": "2021-11-22 11:49:38.122038", "rc": 0, "start": "2021-11-22 11:49:37.847325" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.com" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "34:0F:16:8C:D5:EC:33:23:23:4A:64:11:3D:EF:EF:97:AD:FF:71:EC", "critical": false }, "authorityKeyIdentifier": { "value": "CD:23:4A:08:36:4C:31:2C:43:2D:72:15:29:91:67:CB:2F:2C:00:8A", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "08:AF:E5:47:7B:A0:A3:16:F3:EA:0C:3B:65:79:9C:88:9B:76:31:FD:4E:FD:F5:39:BA:BE:D6:0B:80:B3:B1:31:30:5D:FD:F1:0B:62:71:B2:98:60:C5:48:32:5F:E6:4B:73:29:95:1D:07:20:95:E1:CC:93:74:4B:E8:DB:07:37:FA:88:68:26:C7:3F:C6:36:B6:91:85:F0:AE:A4:68:BD:17:2C:D0:16:89:C2:2B:97:AC:16:E8:C7:5B:08:C0:A2:50:04:A1:E8:23:7F:DE:4D:93:48:0A:81:3E:B7:BF:66:72:04:A6:82:5F:3E:40:23:87:8A:15:88:6A:55:2B:7D:71:15:AA:C9:C0:33:79:DF:14:D3:A0:74:4B:C2:F0:9D:E9:1C:0E:77:8C:CD:1E:C2:BC:98:1B:4F:B5:AB:52:3F:43:D4:DB:16:C5:51:29:1A:82:2B:5B:12:B2:D6:E4:E8:87:5C:97:F2:81:BC:48:87:92:29:F5:E7:C3:4D:C0:D5:4E:F5:51:1C:39:94:AC:89:EC:35:76:FA:2E:3F:45:B3:AD:E5:17:8E:2C:7B:0D:53:AA:65:FA:09:D4:E4:E4:AF:A9:37:17:95:82:21:C4:E4:E9:B1:AA:BA:B6:DA:61:EB:BE:C7:CB:17:41:1B:35:7F:36:60:19:7E:DC:C8:87:26" }, "key_size": 2048, "validity": { "not_valid_after": "2022-11-22 16:49:17", "not_valid_before": "2021-11-22 16:49:18" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:83 Monday 22 November 2021 16:49:38 +0000 (0:00:00.601) 0:00:34.825 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "CD:23:4A:08:36:4C:31:2C:43:2D:72:15:29:91:67:CB:2F:2C:00:8A" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "34:0F:16:8C:D5:EC:33:23:23:4A:64:11:3D:EF:EF:97:AD:FF:71:EC" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "08:AF:E5:47:7B:A0:A3:16:F3:EA:0C:3B:65:79:9C:88:9B:76:31:FD:4E:FD:F5:39:BA:BE:D6:0B:80:B3:B1:31:30:5D:FD:F1:0B:62:71:B2:98:60:C5:48:32:5F:E6:4B:73:29:95:1D:07:20:95:E1:CC:93:74:4B:E8:DB:07:37:FA:88:68:26:C7:3F:C6:36:B6:91:85:F0:AE:A4:68:BD:17:2C:D0:16:89:C2:2B:97:AC:16:E8:C7:5B:08:C0:A2:50:04:A1:E8:23:7F:DE:4D:93:48:0A:81:3E:B7:BF:66:72:04:A6:82:5F:3E:40:23:87:8A:15:88:6A:55:2B:7D:71:15:AA:C9:C0:33:79:DF:14:D3:A0:74:4B:C2:F0:9D:E9:1C:0E:77:8C:CD:1E:C2:BC:98:1B:4F:B5:AB:52:3F:43:D4:DB:16:C5:51:29:1A:82:2B:5B:12:B2:D6:E4:E8:87:5C:97:F2:81:BC:48:87:92:29:F5:E7:C3:4D:C0:D5:4E:F5:51:1C:39:94:AC:89:EC:35:76:FA:2E:3F:45:B3:AD:E5:17:8E:2C:7B:0D:53:AA:65:FA:09:D4:E4:E4:AF:A9:37:17:95:82:21:C4:E4:E9:B1:AA:BA:B6:DA:61:EB:BE:C7:CB:17:41:1B:35:7F:36:60:19:7E:DC:C8:87:26" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "2022-11-22 16:49:17", "not_valid_before": "2021-11-22 16:49:18" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:87 Monday 22 November 2021 16:49:38 +0000 (0:00:00.036) 0:00:34.861 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:96 Monday 22 November 2021 16:49:38 +0000 (0:00:00.037) 0:00:34.899 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:105 Monday 22 November 2021 16:49:38 +0000 (0:00:00.027) 0:00:34.926 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:112 Monday 22 November 2021 16:49:38 +0000 (0:00:00.039) 0:00:34.966 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:125 Monday 22 November 2021 16:49:38 +0000 (0:00:00.035) 0:00:35.002 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:141 Monday 22 November 2021 16:49:38 +0000 (0:00:00.035) 0:00:35.038 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/certid.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.039995", "end": "2021-11-22 11:49:38.694622", "rc": 0, "start": "2021-11-22 11:49:38.654627" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:150 Monday 22 November 2021 16:49:38 +0000 (0:00:00.359) 0:00:35.397 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=56 changed=12 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 16:49:39 +0000 (0:00:00.041) 0:00:35.439 ******* =============================================================================== linux-system-roles.certificate : Ensure certificate role dependencies are installed --- 4.89s /tmp/tmpcx8fxgbp/tasks/main.yml:17 -------------------------------------------- Install the package, force upgrade -------------------------------------- 4.70s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:11 ------------- Ensure python3 is installed --------------------------------------------- 4.44s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:6 -------------- Install certreader ------------------------------------------------------ 3.28s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:18 ------------- linux-system-roles.certificate : Ensure provider packages are installed --- 2.17s /tmp/tmpcx8fxgbp/tasks/main.yml:34 -------------------------------------------- Gathering Facts --------------------------------------------------------- 2.00s /tmp/tmpcx8fxgbp/tests/tests_fs_attrs.yml:2 ----------------------------------- set up internal repositories -------------------------------------------- 1.40s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ linux-system-roles.certificate : Ensure certificate requests ------------ 1.34s /tmp/tmpcx8fxgbp/tasks/main.yml:112 ------------------------------------------- Install the package, force upgrade -------------------------------------- 1.00s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:11 ------------- linux-system-roles.certificate : Ensure provider service is running ----- 0.88s /tmp/tmpcx8fxgbp/tasks/main.yml:100 ------------------------------------------- Install certreader ------------------------------------------------------ 0.84s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:18 ------------- Gathering Facts --------------------------------------------------------- 0.73s /tmp/tmpcx8fxgbp/tests/tests_fs_attrs.yml:31 ---------------------------------- Parse certificate ------------------------------------------------------- 0.73s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:78 ------------- Gathering Facts --------------------------------------------------------- 0.69s /tmp/tmpcx8fxgbp/tests/tests_fs_attrs.yml:13 ---------------------------------- Parse certificate ------------------------------------------------------- 0.60s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:78 ------------- Ensure python3 is installed --------------------------------------------- 0.59s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:6 -------------- Ensure user exists ------------------------------------------------------ 0.57s /tmp/tmpcx8fxgbp/tests/tests_fs_attrs.yml:5 ----------------------------------- linux-system-roles.certificate : Ensure pre-scripts hooks directory exists --- 0.52s /tmp/tmpcx8fxgbp/tasks/main.yml:45 -------------------------------------------- Ensure group "somegroup" exists ----------------------------------------- 0.47s /tmp/tmpcx8fxgbp/tests/tests_fs_attrs.yml:9 ----------------------------------- Retrieve certificate file stats ----------------------------------------- 0.47s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:26 ------------- + cd /tmp/tmpcx8fxgbp/tests; TEST_SSHD_USEDNS_NO=True TEST_SUBJECTS=/cache/rhel-7.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-103-b309c26-rhel-7-3xzp9nbc/artifacts ANSIBLE_COLLECTIONS_PATHS=/tmp/tmpvzmns1ns:~/.ansible/collections:/usr/share/ansible/collections ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 --skip-tags=tests::cleanup,tests::nvme /tmp/tmpcx8fxgbp/_setup.yml /tmp/tmpcx8fxgbp/tests/tests_include_vars_from_parent.yml ansible-playbook [core 2.12.0.post0] config file = None configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.8/site-packages/ansible ansible collection location = /tmp/tmpvzmns1ns:/home/runner/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.8.8 (default, Aug 25 2021, 16:13:02) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] jinja version = 2.10.3 libyaml = True No config file found; using defaults Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 2 plays in /tmp/tmpcx8fxgbp/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpcx8fxgbp/_setup.yml:5 Monday 22 November 2021 16:49:53 +0000 (0:00:00.011) 0:00:00.011 ******* ok: [/cache/rhel-7.qcow2] => { "groups": { "all": [ "/cache/rhel-7.qcow2" ], "localhost": [ "/cache/rhel-7.qcow2" ], "subjects": [ "/cache/rhel-7.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:6 Monday 22 November 2021 16:49:53 +0000 (0:00:00.017) 0:00:00.029 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:13 Monday 22 November 2021 16:49:53 +0000 (0:00:00.023) 0:00:00.053 ******* changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 16:49:54 +0000 (0:00:01.377) 0:00:01.431 ******* =============================================================================== set up internal repositories -------------------------------------------- 1.38s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ fail -------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- PLAYBOOK: tests_include_vars_from_parent.yml *********************************** 1 plays in /tmp/tmpcx8fxgbp/tests/tests_include_vars_from_parent.yml PLAY [all] ********************************************************************* TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_include_vars_from_parent.yml:1 Monday 22 November 2021 16:49:54 +0000 (0:00:00.008) 0:00:01.439 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [create var file in caller that can override the one in called role] ****** task path: /tmp/tmpcx8fxgbp/tests/tests_include_vars_from_parent.yml:3 Monday 22 November 2021 16:49:55 +0000 (0:00:01.011) 0:00:02.451 ******* changed: [/cache/rhel-7.qcow2 -> localhost] => (item=RedHat-7.9) => { "ansible_loop_var": "item", "changed": true, "checksum": "870b2314d3f4184a363b31373f07abb444f26444", "dest": "/tmp/tmpcx8fxgbp/tests/roles/caller/vars/RedHat-7.9.yml", "gid": 0, "group": "root", "item": "RedHat-7.9", "md5sum": "5a57da448a1d752b982858b38aab344d", "mode": "0600", "owner": "root", "size": 23, "src": "/root/.ansible/tmp/ansible-tmp-1637599795.7172189-20562-103902645718432/source", "state": "file", "uid": 0 } changed: [/cache/rhel-7.qcow2 -> localhost] => (item=RedHat-7) => { "ansible_loop_var": "item", "changed": true, "checksum": "870b2314d3f4184a363b31373f07abb444f26444", "dest": "/tmp/tmpcx8fxgbp/tests/roles/caller/vars/RedHat-7.yml", "gid": 0, "group": "root", "item": "RedHat-7", "md5sum": "5a57da448a1d752b982858b38aab344d", "mode": "0600", "owner": "root", "size": 23, "src": "/root/.ansible/tmp/ansible-tmp-1637599796.3078752-20562-249814917658291/source", "state": "file", "uid": 0 } changed: [/cache/rhel-7.qcow2 -> localhost] => (item=RedHat_7.9) => { "ansible_loop_var": "item", "changed": true, "checksum": "870b2314d3f4184a363b31373f07abb444f26444", "dest": "/tmp/tmpcx8fxgbp/tests/roles/caller/vars/RedHat_7.9.yml", "gid": 0, "group": "root", "item": "RedHat_7.9", "md5sum": "5a57da448a1d752b982858b38aab344d", "mode": "0600", "owner": "root", "size": 23, "src": "/root/.ansible/tmp/ansible-tmp-1637599796.6669302-20562-45130555920923/source", "state": "file", "uid": 0 } changed: [/cache/rhel-7.qcow2 -> localhost] => (item=RedHat_7) => { "ansible_loop_var": "item", "changed": true, "checksum": "870b2314d3f4184a363b31373f07abb444f26444", "dest": "/tmp/tmpcx8fxgbp/tests/roles/caller/vars/RedHat_7.yml", "gid": 0, "group": "root", "item": "RedHat_7", "md5sum": "5a57da448a1d752b982858b38aab344d", "mode": "0600", "owner": "root", "size": 23, "src": "/root/.ansible/tmp/ansible-tmp-1637599797.0181541-20562-56545776660266/source", "state": "file", "uid": 0 } changed: [/cache/rhel-7.qcow2 -> localhost] => (item=RedHat) => { "ansible_loop_var": "item", "changed": true, "checksum": "870b2314d3f4184a363b31373f07abb444f26444", "dest": "/tmp/tmpcx8fxgbp/tests/roles/caller/vars/RedHat.yml", "gid": 0, "group": "root", "item": "RedHat", "md5sum": "5a57da448a1d752b982858b38aab344d", "mode": "0600", "owner": "root", "size": 23, "src": "/root/.ansible/tmp/ansible-tmp-1637599797.3767989-20562-4583338605219/source", "state": "file", "uid": 0 } TASK [include_role : {{ roletoinclude }}] ************************************** task path: /tmp/tmpcx8fxgbp/tests/roles/caller/tasks/main.yml:4 Monday 22 November 2021 16:49:57 +0000 (0:00:02.041) 0:00:04.492 ******* TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpcx8fxgbp/tasks/main.yml:2 Monday 22 November 2021 16:49:57 +0000 (0:00:00.029) 0:00:04.522 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpcx8fxgbp/vars/RedHat_7.yml" ], "changed": false } TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:17 Monday 22 November 2021 16:49:57 +0000 (0:00:00.024) 0:00:04.547 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python-pyasn1", "python-cryptography" ] }, "rc": 0, "results": [ "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 rhel 503 k\n python2-pyasn1 noarch 0.1.9-7.el7 rhel 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 rhel 218 k\n python-enum34 noarch 1.0.4-1.el7 rhel 52 k\n python-idna noarch 2.4-1.el7 rhel 94 k\n python-ply noarch 3.4-11.el7 rhel 123 k\n python-pycparser noarch 2.14-1.el7 rhel 105 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 10 MB/s | 1.2 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n" ] } TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:34 Monday 22 November 2021 16:50:02 +0000 (0:00:04.856) 0:00:09.403 ******* TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:45 Monday 22 November 2021 16:50:02 +0000 (0:00:00.020) 0:00:09.424 ******* TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:71 Monday 22 November 2021 16:50:02 +0000 (0:00:00.015) 0:00:09.439 ******* TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:100 Monday 22 November 2021 16:50:02 +0000 (0:00:00.019) 0:00:09.459 ******* TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpcx8fxgbp/tasks/main.yml:112 Monday 22 November 2021 16:50:02 +0000 (0:00:00.016) 0:00:09.476 ******* META: role_complete for /cache/rhel-7.qcow2 TASK [caller : assert] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/roles/caller/tasks/main.yml:7 Monday 22 November 2021 16:50:02 +0000 (0:00:00.019) 0:00:09.496 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed META: role_complete for /cache/rhel-7.qcow2 META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=7 changed=3 unreachable=0 failed=0 skipped=6 rescued=0 ignored=0 Monday 22 November 2021 16:50:02 +0000 (0:00:00.029) 0:00:09.525 ******* =============================================================================== linux-system-roles.certificate : Ensure certificate role dependencies are installed --- 4.86s /tmp/tmpcx8fxgbp/tasks/main.yml:17 -------------------------------------------- create var file in caller that can override the one in called role ------ 2.04s /tmp/tmpcx8fxgbp/tests/tests_include_vars_from_parent.yml:3 ------------------- set up internal repositories -------------------------------------------- 1.38s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ Gathering Facts --------------------------------------------------------- 1.01s /tmp/tmpcx8fxgbp/tests/tests_include_vars_from_parent.yml:1 ------------------- caller : assert --------------------------------------------------------- 0.03s /tmp/tmpcx8fxgbp/tests/roles/caller/tasks/main.yml:7 -------------------------- include_role : {{ roletoinclude }} -------------------------------------- 0.03s /tmp/tmpcx8fxgbp/tests/roles/caller/tasks/main.yml:4 -------------------------- linux-system-roles.certificate : Set version specific variables --------- 0.02s /tmp/tmpcx8fxgbp/tasks/main.yml:2 --------------------------------------------- fail -------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- linux-system-roles.certificate : Ensure provider packages are installed --- 0.02s /tmp/tmpcx8fxgbp/tasks/main.yml:34 -------------------------------------------- linux-system-roles.certificate : Ensure post-scripts hooks directory exists --- 0.02s /tmp/tmpcx8fxgbp/tasks/main.yml:71 -------------------------------------------- linux-system-roles.certificate : Ensure certificate requests ------------ 0.02s /tmp/tmpcx8fxgbp/tasks/main.yml:112 ------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- linux-system-roles.certificate : Ensure provider service is running ----- 0.02s /tmp/tmpcx8fxgbp/tasks/main.yml:100 ------------------------------------------- linux-system-roles.certificate : Ensure pre-scripts hooks directory exists --- 0.02s /tmp/tmpcx8fxgbp/tasks/main.yml:45 -------------------------------------------- + cd /tmp/tmpcx8fxgbp/tests; TEST_SSHD_USEDNS_NO=True TEST_SUBJECTS=/cache/rhel-7.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-103-b309c26-rhel-7-3xzp9nbc/artifacts ANSIBLE_COLLECTIONS_PATHS=/tmp/tmpvzmns1ns:~/.ansible/collections:/usr/share/ansible/collections ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 --skip-tags=tests::cleanup,tests::nvme /tmp/tmpcx8fxgbp/_setup.yml /tmp/tmpcx8fxgbp/tests/tests_key_size.yml ansible-playbook [core 2.12.0.post0] config file = None configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.8/site-packages/ansible ansible collection location = /tmp/tmpvzmns1ns:/home/runner/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.8.8 (default, Aug 25 2021, 16:13:02) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] jinja version = 2.10.3 libyaml = True No config file found; using defaults Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 2 plays in /tmp/tmpcx8fxgbp/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpcx8fxgbp/_setup.yml:5 Monday 22 November 2021 16:50:17 +0000 (0:00:00.011) 0:00:00.011 ******* ok: [/cache/rhel-7.qcow2] => { "groups": { "all": [ "/cache/rhel-7.qcow2" ], "localhost": [ "/cache/rhel-7.qcow2" ], "subjects": [ "/cache/rhel-7.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:6 Monday 22 November 2021 16:50:17 +0000 (0:00:00.019) 0:00:00.030 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:13 Monday 22 November 2021 16:50:17 +0000 (0:00:00.024) 0:00:00.055 ******* changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 16:50:18 +0000 (0:00:01.362) 0:00:01.417 ******* =============================================================================== set up internal repositories -------------------------------------------- 1.36s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ fail -------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- PLAYBOOK: tests_key_size.yml *************************************************** 2 plays in /tmp/tmpcx8fxgbp/tests/tests_key_size.yml PLAY [Issue simple self-signed certificate] ************************************ TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_key_size.yml:2 Monday 22 November 2021 16:50:18 +0000 (0:00:00.013) 0:00:01.431 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpcx8fxgbp/tasks/main.yml:2 Monday 22 November 2021 16:50:19 +0000 (0:00:00.952) 0:00:02.384 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpcx8fxgbp/vars/RedHat_7.yml" ], "changed": false } TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:17 Monday 22 November 2021 16:50:19 +0000 (0:00:00.027) 0:00:02.411 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python-pyasn1", "python-cryptography" ] }, "rc": 0, "results": [ "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 rhel 503 k\n python2-pyasn1 noarch 0.1.9-7.el7 rhel 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 rhel 218 k\n python-enum34 noarch 1.0.4-1.el7 rhel 52 k\n python-idna noarch 2.4-1.el7 rhel 94 k\n python-ply noarch 3.4-11.el7 rhel 123 k\n python-pycparser noarch 2.14-1.el7 rhel 105 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 16 MB/s | 1.2 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n" ] } TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:34 Monday 22 November 2021 16:50:24 +0000 (0:00:04.669) 0:00:07.080 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": { "installed": [ "certmonger" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-14.el7 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository\n Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-14.el7 rhel 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 rhel 33 k\n libtevent x86_64 0.9.39-1.el7 rhel 41 k\n psmisc x86_64 22.20-17.el7 rhel 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 rhel 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 rhel 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 980 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 9.8 MB/s | 980 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-14.el7.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 2/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 3/6 \n Verifying : certmonger-0.78.4-14.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-14.el7 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n" ] } TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:45 Monday 22 November 2021 16:50:26 +0000 (0:00:02.145) 0:00:09.225 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:71 Monday 22 November 2021 16:50:26 +0000 (0:00:00.494) 0:00:09.720 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:100 Monday 22 November 2021 16:50:27 +0000 (0:00:00.339) 0:00:10.060 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "network.target basic.target system.slice dbus.service systemd-journald.socket syslog.target", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14968", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14968", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "basic.target system.slice", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0" } } TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpcx8fxgbp/tasks/main.yml:112 Monday 22 November 2021 16:50:27 +0000 (0:00:00.823) 0:00:10.883 ******* changed: [/cache/rhel-7.qcow2] => (item={'name': 'mycert', 'dns': 'www.example.com', 'ca': 'self-sign', 'key_size': 4096}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.com", "key_size": 4096, "name": "mycert" } } MSG: Certificate requested (new). META: role_complete for /cache/rhel-7.qcow2 META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_key_size.yml:14 Monday 22 November 2021 16:50:29 +0000 (0:00:01.359) 0:00:12.243 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_key_size.yml:29 Monday 22 November 2021 16:50:30 +0000 (0:00:00.700) 0:00:12.943 ******* included: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml for /cache/rhel-7.qcow2 => (item={'path': '/etc/pki/tls/certs/mycert.crt', 'key_path': '/etc/pki/tls/private/mycert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}], 'key_size': 4096}) TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:2 Monday 22 November 2021 16:50:30 +0000 (0:00:00.033) 0:00:12.976 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:6 Monday 22 November 2021 16:50:30 +0000 (0:00:00.017) 0:00:12.994 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python3" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-17.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-17.el7 for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-17.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-17.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-17.el7 rhel 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-17.el7 rhel 6.9 M\n python3-pip noarch 9.0.3-8.el7 rhel 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 rhel 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 65 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Installing : python3-libs-3.6.8-17.el7.x86_64 2/4 \n Installing : python3-3.6.8-17.el7.x86_64 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 1/4 \n Verifying : python3-3.6.8-17.el7.x86_64 2/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Verifying : python3-libs-3.6.8-17.el7.x86_64 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-17.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-17.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:11 Monday 22 November 2021 16:50:34 +0000 (0:00:04.369) 0:00:17.363 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting pip Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB) Installing collected packages: pip Found existing installation: pip 9.0.3 Uninstalling pip-9.0.3: Successfully uninstalled pip-9.0.3 Successfully installed pip-21.3.1 TASK [Install certreader] ****************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:18 Monday 22 November 2021 16:50:38 +0000 (0:00:04.553) 0:00:21.916 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting cryptography<35 Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB) Collecting certreader>=0.1.1 Downloading certreader-0.1.1.tar.gz (4.4 kB) Preparing metadata (setup.py): started Preparing metadata (setup.py): finished with status 'done' Collecting cffi>=1.12 Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB) Collecting pyasn1 Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB) Collecting pyyaml Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB) Collecting pycparser Downloading pycparser-2.21-py2.py3-none-any.whl (118 kB) Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed. Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader Running setup.py install for certreader: started Running setup.py install for certreader: finished with status 'done' Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.21 pyyaml-6.0 TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:26 Monday 22 November 2021 16:50:42 +0000 (0:00:03.157) 0:00:25.074 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637599828.2147293, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "9e86956739645f0a31cdb81cbcbbeec49295d2d3", "ctime": 1637599828.2117293, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12986548, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637599828.2117293, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1659, "uid": 0, "version": "1381164224", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:31 Monday 22 November 2021 16:50:42 +0000 (0:00:00.435) 0:00:25.509 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:37 Monday 22 November 2021 16:50:42 +0000 (0:00:00.020) 0:00:25.530 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:49 Monday 22 November 2021 16:50:42 +0000 (0:00:00.035) 0:00:25.565 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:55 Monday 22 November 2021 16:50:42 +0000 (0:00:00.033) 0:00:25.598 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637599828.1597295, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "3f884e80e926404b8ebe18fee0dad083e1facff7", "ctime": 1637599828.2117293, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12986547, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637599828.2117293, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 3268, "uid": 0, "version": "248257673", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:60 Monday 22 November 2021 16:50:42 +0000 (0:00:00.308) 0:00:25.907 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:66 Monday 22 November 2021 16:50:42 +0000 (0:00:00.020) 0:00:25.927 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:78 Monday 22 November 2021 16:50:43 +0000 (0:00:00.034) 0:00:25.961 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt" ], "delta": "0:00:00.260256", "end": "2021-11-22 11:50:42.733935", "rc": 0, "start": "2021-11-22 11:50:42.473679" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.com" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "1F:17:AF:DD:1A:C6:E5:B1:84:11:80:12:F0:F5:6F:D5:B9:3F:0D:DD", "critical": false }, "authorityKeyIdentifier": { "value": "4F:56:1C:3D:AC:52:0A:75:7A:4B:AC:AB:02:25:7F:49:1F:7E:97:60", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "99:9E:F4:7F:8E:88:2B:81:C8:D5:96:69:32:CC:B4:F8:48:C7:85:55:83:94:88:EA:DF:1E:B7:76:56:C0:AE:80:43:AB:E4:9C:0E:10:F7:2A:46:3A:EE:29:15:51:6D:0E:A5:D8:2C:9B:A7:47:19:8D:67:D8:13:94:ED:01:CC:11:00:1B:9E:59:ED:8C:50:81:3A:41:6A:FC:52:CA:3F:2A:99:57:49:FD:40:05:F3:77:92:6D:60:7D:2D:35:48:02:92:FE:72:24:EB:16:E6:19:FA:5C:5D:8C:48:76:33:21:EE:DE:3E:21:5A:FF:FB:50:65:D8:BB:43:D9:F4:3B:3D:87:08:AD:4E:AF:66:A0:EA:60:28:50:3F:6E:28:4A:AD:5C:A6:F9:0F:17:6C:39:9C:C2:0A:11:86:D6:01:75:1C:41:7E:D6:A0:55:23:3F:67:71:B6:0C:F6:0C:80:FF:BB:83:0B:32:50:44:35:FC:4A:40:F5:A2:4E:93:A1:8C:28:3D:B2:F6:38:8F:BD:12:1B:DB:8C:BB:4E:00:57:C0:79:97:EA:5D:29:D9:72:3C:D4:56:E4:82:60:08:06:15:20:41:36:EC:6D:94:89:5A:9C:3E:4F:E5:61:73:F4:9A:8C:DF:9C:E5:BA:45:96:FE:02:03:95:2F:99:F0:CA:C6:74" }, "key_size": 4096, "validity": { "not_valid_after": "2022-11-22 16:50:27", "not_valid_before": "2021-11-22 16:50:28" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:83 Monday 22 November 2021 16:50:43 +0000 (0:00:00.682) 0:00:26.643 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "4F:56:1C:3D:AC:52:0A:75:7A:4B:AC:AB:02:25:7F:49:1F:7E:97:60" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "1F:17:AF:DD:1A:C6:E5:B1:84:11:80:12:F0:F5:6F:D5:B9:3F:0D:DD" } }, "key_size": 4096, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "99:9E:F4:7F:8E:88:2B:81:C8:D5:96:69:32:CC:B4:F8:48:C7:85:55:83:94:88:EA:DF:1E:B7:76:56:C0:AE:80:43:AB:E4:9C:0E:10:F7:2A:46:3A:EE:29:15:51:6D:0E:A5:D8:2C:9B:A7:47:19:8D:67:D8:13:94:ED:01:CC:11:00:1B:9E:59:ED:8C:50:81:3A:41:6A:FC:52:CA:3F:2A:99:57:49:FD:40:05:F3:77:92:6D:60:7D:2D:35:48:02:92:FE:72:24:EB:16:E6:19:FA:5C:5D:8C:48:76:33:21:EE:DE:3E:21:5A:FF:FB:50:65:D8:BB:43:D9:F4:3B:3D:87:08:AD:4E:AF:66:A0:EA:60:28:50:3F:6E:28:4A:AD:5C:A6:F9:0F:17:6C:39:9C:C2:0A:11:86:D6:01:75:1C:41:7E:D6:A0:55:23:3F:67:71:B6:0C:F6:0C:80:FF:BB:83:0B:32:50:44:35:FC:4A:40:F5:A2:4E:93:A1:8C:28:3D:B2:F6:38:8F:BD:12:1B:DB:8C:BB:4E:00:57:C0:79:97:EA:5D:29:D9:72:3C:D4:56:E4:82:60:08:06:15:20:41:36:EC:6D:94:89:5A:9C:3E:4F:E5:61:73:F4:9A:8C:DF:9C:E5:BA:45:96:FE:02:03:95:2F:99:F0:CA:C6:74" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "2022-11-22 16:50:27", "not_valid_before": "2021-11-22 16:50:28" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:87 Monday 22 November 2021 16:50:43 +0000 (0:00:00.031) 0:00:26.675 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:96 Monday 22 November 2021 16:50:43 +0000 (0:00:00.031) 0:00:26.707 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:105 Monday 22 November 2021 16:50:43 +0000 (0:00:00.019) 0:00:26.726 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:112 Monday 22 November 2021 16:50:43 +0000 (0:00:00.030) 0:00:26.757 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:125 Monday 22 November 2021 16:50:43 +0000 (0:00:00.030) 0:00:26.787 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:141 Monday 22 November 2021 16:50:43 +0000 (0:00:00.030) 0:00:26.818 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.038495", "end": "2021-11-22 11:50:43.242093", "rc": 0, "start": "2021-11-22 11:50:43.203598" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:150 Monday 22 November 2021 16:50:44 +0000 (0:00:00.336) 0:00:27.155 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=32 changed=10 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 16:50:44 +0000 (0:00:00.038) 0:00:27.193 ******* =============================================================================== linux-system-roles.certificate : Ensure certificate role dependencies are installed --- 4.67s /tmp/tmpcx8fxgbp/tasks/main.yml:17 -------------------------------------------- Install the package, force upgrade -------------------------------------- 4.55s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:11 ------------- Ensure python3 is installed --------------------------------------------- 4.37s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:6 -------------- Install certreader ------------------------------------------------------ 3.16s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:18 ------------- linux-system-roles.certificate : Ensure provider packages are installed --- 2.15s /tmp/tmpcx8fxgbp/tasks/main.yml:34 -------------------------------------------- set up internal repositories -------------------------------------------- 1.36s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ linux-system-roles.certificate : Ensure certificate requests ------------ 1.36s /tmp/tmpcx8fxgbp/tasks/main.yml:112 ------------------------------------------- Gathering Facts --------------------------------------------------------- 0.95s /tmp/tmpcx8fxgbp/tests/tests_key_size.yml:2 ----------------------------------- linux-system-roles.certificate : Ensure provider service is running ----- 0.82s /tmp/tmpcx8fxgbp/tasks/main.yml:100 ------------------------------------------- Gathering Facts --------------------------------------------------------- 0.70s /tmp/tmpcx8fxgbp/tests/tests_key_size.yml:14 ---------------------------------- Parse certificate ------------------------------------------------------- 0.68s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:78 ------------- linux-system-roles.certificate : Ensure pre-scripts hooks directory exists --- 0.49s /tmp/tmpcx8fxgbp/tasks/main.yml:45 -------------------------------------------- Retrieve certificate file stats ----------------------------------------- 0.44s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:26 ------------- linux-system-roles.certificate : Ensure post-scripts hooks directory exists --- 0.34s /tmp/tmpcx8fxgbp/tasks/main.yml:71 -------------------------------------------- Retrieve auto-renew flag ------------------------------------------------ 0.34s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:141 ------------ Retrieve key file stats ------------------------------------------------- 0.31s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:55 ------------- Verify certificate auto-renew flag -------------------------------------- 0.04s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:150 ------------ Verify certificate file owner and group --------------------------------- 0.04s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:37 ------------- Verify key file owner and group ----------------------------------------- 0.03s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:66 ------------- Verify certificate permissions ------------------------------------------ 0.03s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:49 ------------- + cd /tmp/tmpcx8fxgbp/tests; TEST_SSHD_USEDNS_NO=True TEST_SUBJECTS=/cache/rhel-7.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-103-b309c26-rhel-7-3xzp9nbc/artifacts ANSIBLE_COLLECTIONS_PATHS=/tmp/tmpvzmns1ns:~/.ansible/collections:/usr/share/ansible/collections ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 --skip-tags=tests::cleanup,tests::nvme /tmp/tmpcx8fxgbp/_setup.yml /tmp/tmpcx8fxgbp/tests/tests_key_usage_and_extended_key_usage.yml ansible-playbook [core 2.12.0.post0] config file = None configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.8/site-packages/ansible ansible collection location = /tmp/tmpvzmns1ns:/home/runner/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.8.8 (default, Aug 25 2021, 16:13:02) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] jinja version = 2.10.3 libyaml = True No config file found; using defaults Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 2 plays in /tmp/tmpcx8fxgbp/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpcx8fxgbp/_setup.yml:5 Monday 22 November 2021 16:51:00 +0000 (0:00:00.011) 0:00:00.011 ******* ok: [/cache/rhel-7.qcow2] => { "groups": { "all": [ "/cache/rhel-7.qcow2" ], "localhost": [ "/cache/rhel-7.qcow2" ], "subjects": [ "/cache/rhel-7.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:6 Monday 22 November 2021 16:51:00 +0000 (0:00:00.015) 0:00:00.027 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:13 Monday 22 November 2021 16:51:00 +0000 (0:00:00.023) 0:00:00.050 ******* changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 16:51:01 +0000 (0:00:01.336) 0:00:01.387 ******* =============================================================================== set up internal repositories -------------------------------------------- 1.34s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ fail -------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- PLAYBOOK: tests_key_usage_and_extended_key_usage.yml *************************** 2 plays in /tmp/tmpcx8fxgbp/tests/tests_key_usage_and_extended_key_usage.yml PLAY [Issue simple self-signed certificate] ************************************ TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_key_usage_and_extended_key_usage.yml:2 Monday 22 November 2021 16:51:01 +0000 (0:00:00.014) 0:00:01.401 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpcx8fxgbp/tasks/main.yml:2 Monday 22 November 2021 16:51:02 +0000 (0:00:01.012) 0:00:02.413 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpcx8fxgbp/vars/RedHat_7.yml" ], "changed": false } TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:17 Monday 22 November 2021 16:51:02 +0000 (0:00:00.027) 0:00:02.440 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python-pyasn1", "python-cryptography" ] }, "rc": 0, "results": [ "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 rhel 503 k\n python2-pyasn1 noarch 0.1.9-7.el7 rhel 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 rhel 218 k\n python-enum34 noarch 1.0.4-1.el7 rhel 52 k\n python-idna noarch 2.4-1.el7 rhel 94 k\n python-ply noarch 3.4-11.el7 rhel 123 k\n python-pycparser noarch 2.14-1.el7 rhel 105 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 15 MB/s | 1.2 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n" ] } TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:34 Monday 22 November 2021 16:51:07 +0000 (0:00:04.829) 0:00:07.270 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": { "installed": [ "certmonger" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-14.el7 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository\n Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-14.el7 rhel 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 rhel 33 k\n libtevent x86_64 0.9.39-1.el7 rhel 41 k\n psmisc x86_64 22.20-17.el7 rhel 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 rhel 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 rhel 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 980 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 13 MB/s | 980 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-14.el7.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 2/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 3/6 \n Verifying : certmonger-0.78.4-14.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-14.el7 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n" ] } TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:45 Monday 22 November 2021 16:51:09 +0000 (0:00:02.108) 0:00:09.378 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:71 Monday 22 November 2021 16:51:10 +0000 (0:00:00.491) 0:00:09.869 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:100 Monday 22 November 2021 16:51:10 +0000 (0:00:00.344) 0:00:10.214 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "network.target dbus.service system.slice systemd-journald.socket syslog.target basic.target", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14968", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14968", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "system.slice basic.target", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0" } } TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpcx8fxgbp/tasks/main.yml:112 Monday 22 November 2021 16:51:11 +0000 (0:00:00.837) 0:00:11.052 ******* changed: [/cache/rhel-7.qcow2] => (item={'name': 'mycert', 'dns': 'www.example.com', 'key_usage': ['digitalSignature', 'nonRepudiation', 'keyEncipherment'], 'extended_key_usage': ['id-kp-clientAuth', 'id-kp-serverAuth', 'id-kp-ipsecTunnel', '1.3.6.1.5.2.3.5'], 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.com", "extended_key_usage": [ "id-kp-clientAuth", "id-kp-serverAuth", "id-kp-ipsecTunnel", "1.3.6.1.5.2.3.5" ], "key_usage": [ "digitalSignature", "nonRepudiation", "keyEncipherment" ], "name": "mycert" } } MSG: Certificate requested (new). META: role_complete for /cache/rhel-7.qcow2 META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_key_usage_and_extended_key_usage.yml:22 Monday 22 November 2021 16:51:12 +0000 (0:00:00.748) 0:00:11.801 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_key_usage_and_extended_key_usage.yml:49 Monday 22 November 2021 16:51:12 +0000 (0:00:00.709) 0:00:12.511 ******* included: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml for /cache/rhel-7.qcow2 => (item={'path': '/etc/pki/tls/certs/mycert.crt', 'key_path': '/etc/pki/tls/private/mycert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}], 'key_usage': ['digital_signature', 'content_commitment', 'key_encipherment'], 'extended_key_usage': [{'name': 'id-kp-clientAuth', 'oid': '1.3.6.1.5.5.7.3.2'}, {'name': 'id-kp-serverAuth', 'oid': '1.3.6.1.5.5.7.3.1'}, {'name': 'id-kp-ipsecTunnel', 'oid': '1.3.6.1.5.5.7.3.6'}, {'name': None, 'oid': '1.3.6.1.5.2.3.5'}]}) TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:2 Monday 22 November 2021 16:51:12 +0000 (0:00:00.030) 0:00:12.541 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:6 Monday 22 November 2021 16:51:12 +0000 (0:00:00.013) 0:00:12.555 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python3" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-17.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-17.el7 for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-17.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-17.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-17.el7 rhel 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-17.el7 rhel 6.9 M\n python3-pip noarch 9.0.3-8.el7 rhel 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 rhel 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 66 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Installing : python3-libs-3.6.8-17.el7.x86_64 2/4 \n Installing : python3-3.6.8-17.el7.x86_64 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 1/4 \n Verifying : python3-3.6.8-17.el7.x86_64 2/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Verifying : python3-libs-3.6.8-17.el7.x86_64 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-17.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-17.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:11 Monday 22 November 2021 16:51:17 +0000 (0:00:04.403) 0:00:16.958 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting pip Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB) Installing collected packages: pip Found existing installation: pip 9.0.3 Uninstalling pip-9.0.3: Successfully uninstalled pip-9.0.3 Successfully installed pip-21.3.1 TASK [Install certreader] ****************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:18 Monday 22 November 2021 16:51:21 +0000 (0:00:04.660) 0:00:21.619 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting cryptography<35 Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB) Collecting certreader>=0.1.1 Downloading certreader-0.1.1.tar.gz (4.4 kB) Preparing metadata (setup.py): started Preparing metadata (setup.py): finished with status 'done' Collecting cffi>=1.12 Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB) Collecting pyasn1 Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB) Collecting pyyaml Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB) Collecting pycparser Downloading pycparser-2.21-py2.py3-none-any.whl (118 kB) Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed. Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader Running setup.py install for certreader: started Running setup.py install for certreader: finished with status 'done' Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.21 pyyaml-6.0 TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:26 Monday 22 November 2021 16:51:25 +0000 (0:00:03.709) 0:00:25.328 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637599871.065538, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "7f8a7a9aafeb119dbe6fcf020c6e75baf3a7cca6", "ctime": 1637599871.062538, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12986548, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637599871.062538, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1338, "uid": 0, "version": "1311358933", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:31 Monday 22 November 2021 16:51:26 +0000 (0:00:00.443) 0:00:25.772 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:37 Monday 22 November 2021 16:51:26 +0000 (0:00:00.022) 0:00:25.794 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:49 Monday 22 November 2021 16:51:26 +0000 (0:00:00.036) 0:00:25.831 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:55 Monday 22 November 2021 16:51:26 +0000 (0:00:00.034) 0:00:25.866 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637599871.0225377, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "9e15e76d25dbb9ca01fa51120271ff9451496cb4", "ctime": 1637599871.062538, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12986547, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637599871.062538, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1708, "uid": 0, "version": "1580995602", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:60 Monday 22 November 2021 16:51:26 +0000 (0:00:00.318) 0:00:26.184 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:66 Monday 22 November 2021 16:51:26 +0000 (0:00:00.021) 0:00:26.206 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:78 Monday 22 November 2021 16:51:26 +0000 (0:00:00.035) 0:00:26.242 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt" ], "delta": "0:00:00.269142", "end": "2021-11-22 11:51:26.272705", "rc": 0, "start": "2021-11-22 11:51:26.003563" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "content_commitment", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.com" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" }, { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-ipsecTunnel", "oid": "1.3.6.1.5.5.7.3.6" }, { "name": null, "oid": "1.3.6.1.5.2.3.5" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "94:6A:7A:DE:87:EF:0F:72:71:FB:CF:80:7A:DF:F9:30:C0:E3:A4:9B", "critical": false }, "authorityKeyIdentifier": { "value": "68:6A:B8:7F:DF:AF:A4:8B:C2:FC:8F:7A:F6:42:AF:D2:9F:03:57:EC", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "43:A7:CF:6D:F7:DD:92:E7:BA:89:10:EA:97:6E:42:F5:44:CD:F2:57:9B:38:ED:6B:CB:F6:B6:7C:AE:AF:A7:F8:09:A5:1B:C0:6B:12:3E:D5:63:53:4C:4D:FC:8D:46:69:33:80:32:AE:40:83:BE:2D:82:4C:07:5A:BF:09:00:8A:66:87:EF:16:9F:B2:40:F2:6E:C7:1D:17:E9:BC:67:8D:8C:2E:C9:0D:B9:91:6E:32:63:76:3A:18:BB:6B:48:C7:5E:B5:F7:3A:A0:92:E2:A0:D4:6F:B8:94:36:47:D0:C0:E4:10:2A:8E:94:FF:50:1A:CF:71:F1:33:C7:AC:21:23:F0:2B:2B:01:D9:22:EF:05:92:C9:EA:B4:A9:47:DD:7A:71:FE:96:CE:84:DE:F3:94:12:F8:45:96:30:01:A0:FC:D1:B3:7E:3F:8E:AC:B8:8D:C3:36:D5:DF:E0:61:3B:A5:91:93:00:56:76:11:39:9A:08:CA:CF:A5:1C:C1:B9:0F:C3:85:9B:03:9F:56:B0:48:42:B0:69:07:79:9B:D6:FA:1B:52:CA:36:9A:88:BC:CC:77:31:74:57:2B:13:BB:5E:85:79:CF:35:21:8B:D5:81:5A:FB:68:78:A3:A5:FD:D5:A0:BA:4D:61:26:85:69:05:1B:69:44:6F:68:D8:57:82" }, "key_size": 2048, "validity": { "not_valid_after": "2022-11-22 16:51:10", "not_valid_before": "2021-11-22 16:51:11" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:83 Monday 22 November 2021 16:51:27 +0000 (0:00:00.702) 0:00:26.944 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "68:6A:B8:7F:DF:AF:A4:8B:C2:FC:8F:7A:F6:42:AF:D2:9F:03:57:EC" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" }, { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-ipsecTunnel", "oid": "1.3.6.1.5.5.7.3.6" }, { "name": null, "oid": "1.3.6.1.5.2.3.5" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "content_commitment", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "94:6A:7A:DE:87:EF:0F:72:71:FB:CF:80:7A:DF:F9:30:C0:E3:A4:9B" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "43:A7:CF:6D:F7:DD:92:E7:BA:89:10:EA:97:6E:42:F5:44:CD:F2:57:9B:38:ED:6B:CB:F6:B6:7C:AE:AF:A7:F8:09:A5:1B:C0:6B:12:3E:D5:63:53:4C:4D:FC:8D:46:69:33:80:32:AE:40:83:BE:2D:82:4C:07:5A:BF:09:00:8A:66:87:EF:16:9F:B2:40:F2:6E:C7:1D:17:E9:BC:67:8D:8C:2E:C9:0D:B9:91:6E:32:63:76:3A:18:BB:6B:48:C7:5E:B5:F7:3A:A0:92:E2:A0:D4:6F:B8:94:36:47:D0:C0:E4:10:2A:8E:94:FF:50:1A:CF:71:F1:33:C7:AC:21:23:F0:2B:2B:01:D9:22:EF:05:92:C9:EA:B4:A9:47:DD:7A:71:FE:96:CE:84:DE:F3:94:12:F8:45:96:30:01:A0:FC:D1:B3:7E:3F:8E:AC:B8:8D:C3:36:D5:DF:E0:61:3B:A5:91:93:00:56:76:11:39:9A:08:CA:CF:A5:1C:C1:B9:0F:C3:85:9B:03:9F:56:B0:48:42:B0:69:07:79:9B:D6:FA:1B:52:CA:36:9A:88:BC:CC:77:31:74:57:2B:13:BB:5E:85:79:CF:35:21:8B:D5:81:5A:FB:68:78:A3:A5:FD:D5:A0:BA:4D:61:26:85:69:05:1B:69:44:6F:68:D8:57:82" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "2022-11-22 16:51:10", "not_valid_before": "2021-11-22 16:51:11" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:87 Monday 22 November 2021 16:51:27 +0000 (0:00:00.032) 0:00:26.976 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:96 Monday 22 November 2021 16:51:27 +0000 (0:00:00.033) 0:00:27.010 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:105 Monday 22 November 2021 16:51:27 +0000 (0:00:00.019) 0:00:27.029 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:112 Monday 22 November 2021 16:51:27 +0000 (0:00:00.030) 0:00:27.060 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:125 Monday 22 November 2021 16:51:27 +0000 (0:00:00.031) 0:00:27.091 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:141 Monday 22 November 2021 16:51:27 +0000 (0:00:00.031) 0:00:27.122 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.039263", "end": "2021-11-22 11:51:26.794686", "rc": 0, "start": "2021-11-22 11:51:26.755423" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:150 Monday 22 November 2021 16:51:27 +0000 (0:00:00.341) 0:00:27.464 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=32 changed=10 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 16:51:27 +0000 (0:00:00.037) 0:00:27.502 ******* =============================================================================== linux-system-roles.certificate : Ensure certificate role dependencies are installed --- 4.83s /tmp/tmpcx8fxgbp/tasks/main.yml:17 -------------------------------------------- Install the package, force upgrade -------------------------------------- 4.66s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:11 ------------- Ensure python3 is installed --------------------------------------------- 4.40s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:6 -------------- Install certreader ------------------------------------------------------ 3.71s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:18 ------------- linux-system-roles.certificate : Ensure provider packages are installed --- 2.11s /tmp/tmpcx8fxgbp/tasks/main.yml:34 -------------------------------------------- set up internal repositories -------------------------------------------- 1.34s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ Gathering Facts --------------------------------------------------------- 1.01s /tmp/tmpcx8fxgbp/tests/tests_key_usage_and_extended_key_usage.yml:2 ----------- linux-system-roles.certificate : Ensure provider service is running ----- 0.84s /tmp/tmpcx8fxgbp/tasks/main.yml:100 ------------------------------------------- linux-system-roles.certificate : Ensure certificate requests ------------ 0.75s /tmp/tmpcx8fxgbp/tasks/main.yml:112 ------------------------------------------- Gathering Facts --------------------------------------------------------- 0.71s /tmp/tmpcx8fxgbp/tests/tests_key_usage_and_extended_key_usage.yml:22 ---------- Parse certificate ------------------------------------------------------- 0.70s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:78 ------------- linux-system-roles.certificate : Ensure pre-scripts hooks directory exists --- 0.49s /tmp/tmpcx8fxgbp/tasks/main.yml:45 -------------------------------------------- Retrieve certificate file stats ----------------------------------------- 0.44s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:26 ------------- linux-system-roles.certificate : Ensure post-scripts hooks directory exists --- 0.34s /tmp/tmpcx8fxgbp/tasks/main.yml:71 -------------------------------------------- Retrieve auto-renew flag ------------------------------------------------ 0.34s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:141 ------------ Retrieve key file stats ------------------------------------------------- 0.32s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:55 ------------- Verify certificate auto-renew flag -------------------------------------- 0.04s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:150 ------------ Verify certificate file owner and group --------------------------------- 0.04s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:37 ------------- Verify key file owner and group ----------------------------------------- 0.04s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:66 ------------- Verify certificate permissions ------------------------------------------ 0.03s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:49 ------------- + cd /tmp/tmpcx8fxgbp/tests; TEST_SSHD_USEDNS_NO=True TEST_SUBJECTS=/cache/rhel-7.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-103-b309c26-rhel-7-3xzp9nbc/artifacts ANSIBLE_COLLECTIONS_PATHS=/tmp/tmpvzmns1ns:~/.ansible/collections:/usr/share/ansible/collections ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 --skip-tags=tests::cleanup,tests::nvme /tmp/tmpcx8fxgbp/_setup.yml /tmp/tmpcx8fxgbp/tests/tests_many_self_signed.yml ansible-playbook [core 2.12.0.post0] config file = None configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.8/site-packages/ansible ansible collection location = /tmp/tmpvzmns1ns:/home/runner/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.8.8 (default, Aug 25 2021, 16:13:02) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] jinja version = 2.10.3 libyaml = True No config file found; using defaults Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 2 plays in /tmp/tmpcx8fxgbp/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpcx8fxgbp/_setup.yml:5 Monday 22 November 2021 16:51:42 +0000 (0:00:00.011) 0:00:00.011 ******* ok: [/cache/rhel-7.qcow2] => { "groups": { "all": [ "/cache/rhel-7.qcow2" ], "localhost": [ "/cache/rhel-7.qcow2" ], "subjects": [ "/cache/rhel-7.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:6 Monday 22 November 2021 16:51:42 +0000 (0:00:00.015) 0:00:00.026 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:13 Monday 22 November 2021 16:51:43 +0000 (0:00:00.021) 0:00:00.047 ******* changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 16:51:44 +0000 (0:00:01.397) 0:00:01.445 ******* =============================================================================== set up internal repositories -------------------------------------------- 1.40s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ fail -------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- PLAYBOOK: tests_many_self_signed.yml ******************************************* 2 plays in /tmp/tmpcx8fxgbp/tests/tests_many_self_signed.yml PLAY [Issue many self-signed certificates] ************************************* TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_many_self_signed.yml:2 Monday 22 November 2021 16:51:44 +0000 (0:00:00.014) 0:00:01.460 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpcx8fxgbp/tasks/main.yml:2 Monday 22 November 2021 16:51:45 +0000 (0:00:01.006) 0:00:02.466 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpcx8fxgbp/vars/RedHat_7.yml" ], "changed": false } TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:17 Monday 22 November 2021 16:51:45 +0000 (0:00:00.027) 0:00:02.493 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python-pyasn1", "python-cryptography" ] }, "rc": 0, "results": [ "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 rhel 503 k\n python2-pyasn1 noarch 0.1.9-7.el7 rhel 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 rhel 218 k\n python-enum34 noarch 1.0.4-1.el7 rhel 52 k\n python-idna noarch 2.4-1.el7 rhel 94 k\n python-ply noarch 3.4-11.el7 rhel 123 k\n python-pycparser noarch 2.14-1.el7 rhel 105 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 15 MB/s | 1.2 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n" ] } TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:34 Monday 22 November 2021 16:51:50 +0000 (0:00:04.960) 0:00:07.454 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": { "installed": [ "certmonger" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-14.el7 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository\n Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-14.el7 rhel 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 rhel 33 k\n libtevent x86_64 0.9.39-1.el7 rhel 41 k\n psmisc x86_64 22.20-17.el7 rhel 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 rhel 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 rhel 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 980 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 12 MB/s | 980 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-14.el7.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 2/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 3/6 \n Verifying : certmonger-0.78.4-14.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-14.el7 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n" ] } TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:45 Monday 22 November 2021 16:51:52 +0000 (0:00:02.250) 0:00:09.704 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:71 Monday 22 November 2021 16:51:53 +0000 (0:00:00.459) 0:00:10.163 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:100 Monday 22 November 2021 16:51:53 +0000 (0:00:00.316) 0:00:10.480 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "basic.target systemd-journald.socket system.slice network.target syslog.target dbus.service", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14968", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14968", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "system.slice basic.target", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0" } } TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpcx8fxgbp/tasks/main.yml:112 Monday 22 November 2021 16:51:54 +0000 (0:00:00.824) 0:00:11.305 ******* changed: [/cache/rhel-7.qcow2] => (item={'name': 'mycert', 'dns': 'www.example.com', 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.com", "name": "mycert" } } MSG: Certificate requested (new). changed: [/cache/rhel-7.qcow2] => (item={'name': 'other-cert', 'dns': 'www.example.org', 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.org", "name": "other-cert" } } MSG: Certificate requested (new). changed: [/cache/rhel-7.qcow2] => (item={'name': 'another-cert', 'dns': 'www.example.net', 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.net", "name": "another-cert" } } MSG: Certificate requested (new). META: role_complete for /cache/rhel-7.qcow2 META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_many_self_signed.yml:18 Monday 22 November 2021 16:51:56 +0000 (0:00:02.375) 0:00:13.680 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_many_self_signed.yml:50 Monday 22 November 2021 16:51:57 +0000 (0:00:00.718) 0:00:14.399 ******* included: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml for /cache/rhel-7.qcow2 => (item={'path': '/etc/pki/tls/certs/mycert.crt', 'key_path': '/etc/pki/tls/private/mycert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}]}) included: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml for /cache/rhel-7.qcow2 => (item={'path': '/etc/pki/tls/certs/other-cert.crt', 'key_path': '/etc/pki/tls/private/other-cert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.org'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.org'}]}) included: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml for /cache/rhel-7.qcow2 => (item={'path': '/etc/pki/tls/certs/another-cert.crt', 'key_path': '/etc/pki/tls/private/another-cert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.net'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.net'}]}) TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:2 Monday 22 November 2021 16:51:57 +0000 (0:00:00.044) 0:00:14.443 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:6 Monday 22 November 2021 16:51:57 +0000 (0:00:00.016) 0:00:14.460 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python3" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-17.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-17.el7 for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-17.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-17.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-17.el7 rhel 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-17.el7 rhel 6.9 M\n python3-pip noarch 9.0.3-8.el7 rhel 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 rhel 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 65 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Installing : python3-libs-3.6.8-17.el7.x86_64 2/4 \n Installing : python3-3.6.8-17.el7.x86_64 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 1/4 \n Verifying : python3-3.6.8-17.el7.x86_64 2/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Verifying : python3-libs-3.6.8-17.el7.x86_64 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-17.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-17.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:11 Monday 22 November 2021 16:52:01 +0000 (0:00:04.441) 0:00:18.902 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting pip Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB) Installing collected packages: pip Found existing installation: pip 9.0.3 Uninstalling pip-9.0.3: Successfully uninstalled pip-9.0.3 Successfully installed pip-21.3.1 TASK [Install certreader] ****************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:18 Monday 22 November 2021 16:52:06 +0000 (0:00:04.650) 0:00:23.553 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting cryptography<35 Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB) Collecting certreader>=0.1.1 Downloading certreader-0.1.1.tar.gz (4.4 kB) Preparing metadata (setup.py): started Preparing metadata (setup.py): finished with status 'done' Collecting cffi>=1.12 Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB) Collecting pyasn1 Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB) Collecting pyyaml Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB) Collecting pycparser Downloading pycparser-2.21-py2.py3-none-any.whl (118 kB) Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed. Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader Running setup.py install for certreader: started Running setup.py install for certreader: finished with status 'done' Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.21 pyyaml-6.0 TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:26 Monday 22 November 2021 16:52:09 +0000 (0:00:03.095) 0:00:26.648 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637599913.5826242, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "ac1d084ab6258ac22439e148ae19951fce6e79d5", "ctime": 1637599913.5796242, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12986540, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637599913.5796242, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1310, "uid": 0, "version": "169899834", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:31 Monday 22 November 2021 16:52:10 +0000 (0:00:00.455) 0:00:27.104 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:37 Monday 22 November 2021 16:52:10 +0000 (0:00:00.020) 0:00:27.125 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:49 Monday 22 November 2021 16:52:10 +0000 (0:00:00.035) 0:00:27.160 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:55 Monday 22 November 2021 16:52:10 +0000 (0:00:00.033) 0:00:27.194 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637599913.5396242, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "7a2ef48e26eab0751829c0b53b59a84cb654d3a9", "ctime": 1637599913.5796242, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12986539, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637599913.5796242, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "445558371", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:60 Monday 22 November 2021 16:52:10 +0000 (0:00:00.295) 0:00:27.489 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:66 Monday 22 November 2021 16:52:10 +0000 (0:00:00.021) 0:00:27.510 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:78 Monday 22 November 2021 16:52:10 +0000 (0:00:00.036) 0:00:27.547 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt" ], "delta": "0:00:00.257928", "end": "2021-11-22 11:52:09.801632", "rc": 0, "start": "2021-11-22 11:52:09.543704" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.com" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "DB:C6:B2:37:28:AD:7D:E5:DC:EA:F2:66:54:AE:FE:5E:D1:2F:4B:3C", "critical": false }, "authorityKeyIdentifier": { "value": "3B:93:17:81:0B:5C:BA:A4:84:BF:FB:7E:57:EF:84:66:35:30:67:0B", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "CA:C8:43:60:0E:6B:60:C3:D6:BC:94:6A:10:73:21:CB:61:5D:A8:D7:B5:EF:DB:37:8C:91:E8:F5:49:B4:9E:87:AF:98:27:62:E7:43:48:70:DA:4D:C8:FE:15:06:58:E2:0E:8C:E0:09:6A:26:66:30:9F:AB:15:3B:AF:5A:CD:F9:A4:15:5E:A7:27:86:BB:9C:00:7A:90:84:0A:FD:E8:40:41:0C:E9:67:55:2A:FA:B3:E8:3A:3C:A8:CB:C2:DA:EA:51:51:57:2B:C5:2F:0A:A8:C4:57:78:87:F9:76:63:63:2B:DB:75:D2:CE:5C:32:56:DE:5B:DB:CF:C0:72:33:F9:DE:54:6C:2C:0A:DD:DA:B8:53:70:CB:C7:EF:A2:E6:9A:90:93:59:43:17:1C:B6:83:42:05:EF:84:87:06:21:B0:FA:83:59:BD:AB:E7:EE:0F:59:88:3D:C2:33:31:48:0A:F1:47:01:09:D1:09:E1:32:25:75:07:80:FA:D0:77:55:82:27:26:AD:7C:1B:16:83:26:06:0A:42:87:DD:DF:60:4E:16:B2:73:84:9B:25:95:27:B5:15:87:06:F4:46:01:4F:19:9B:62:0F:E3:CC:31:F4:03:99:98:E6:E8:F2:F3:F7:6B:06:CB:A8:A1:B0:77:91:B2:A4:BD:DF:F9:CE:F4" }, "key_size": 2048, "validity": { "not_valid_after": "2022-11-22 16:51:52", "not_valid_before": "2021-11-22 16:51:53" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:83 Monday 22 November 2021 16:52:11 +0000 (0:00:00.697) 0:00:28.244 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "3B:93:17:81:0B:5C:BA:A4:84:BF:FB:7E:57:EF:84:66:35:30:67:0B" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "DB:C6:B2:37:28:AD:7D:E5:DC:EA:F2:66:54:AE:FE:5E:D1:2F:4B:3C" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "CA:C8:43:60:0E:6B:60:C3:D6:BC:94:6A:10:73:21:CB:61:5D:A8:D7:B5:EF:DB:37:8C:91:E8:F5:49:B4:9E:87:AF:98:27:62:E7:43:48:70:DA:4D:C8:FE:15:06:58:E2:0E:8C:E0:09:6A:26:66:30:9F:AB:15:3B:AF:5A:CD:F9:A4:15:5E:A7:27:86:BB:9C:00:7A:90:84:0A:FD:E8:40:41:0C:E9:67:55:2A:FA:B3:E8:3A:3C:A8:CB:C2:DA:EA:51:51:57:2B:C5:2F:0A:A8:C4:57:78:87:F9:76:63:63:2B:DB:75:D2:CE:5C:32:56:DE:5B:DB:CF:C0:72:33:F9:DE:54:6C:2C:0A:DD:DA:B8:53:70:CB:C7:EF:A2:E6:9A:90:93:59:43:17:1C:B6:83:42:05:EF:84:87:06:21:B0:FA:83:59:BD:AB:E7:EE:0F:59:88:3D:C2:33:31:48:0A:F1:47:01:09:D1:09:E1:32:25:75:07:80:FA:D0:77:55:82:27:26:AD:7C:1B:16:83:26:06:0A:42:87:DD:DF:60:4E:16:B2:73:84:9B:25:95:27:B5:15:87:06:F4:46:01:4F:19:9B:62:0F:E3:CC:31:F4:03:99:98:E6:E8:F2:F3:F7:6B:06:CB:A8:A1:B0:77:91:B2:A4:BD:DF:F9:CE:F4" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "2022-11-22 16:51:52", "not_valid_before": "2021-11-22 16:51:53" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:87 Monday 22 November 2021 16:52:11 +0000 (0:00:00.034) 0:00:28.279 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:96 Monday 22 November 2021 16:52:11 +0000 (0:00:00.032) 0:00:28.311 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:105 Monday 22 November 2021 16:52:11 +0000 (0:00:00.020) 0:00:28.332 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:112 Monday 22 November 2021 16:52:11 +0000 (0:00:00.032) 0:00:28.365 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:125 Monday 22 November 2021 16:52:11 +0000 (0:00:00.036) 0:00:28.401 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:141 Monday 22 November 2021 16:52:11 +0000 (0:00:00.032) 0:00:28.434 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.039058", "end": "2021-11-22 11:52:10.316484", "rc": 0, "start": "2021-11-22 11:52:10.277426" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:150 Monday 22 November 2021 16:52:11 +0000 (0:00:00.322) 0:00:28.756 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:2 Monday 22 November 2021 16:52:11 +0000 (0:00:00.033) 0:00:28.790 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:6 Monday 22 November 2021 16:52:11 +0000 (0:00:00.014) 0:00:28.804 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0, "results": [ "python3-3.6.8-17.el7.x86_64 providing python3 is already installed" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:11 Monday 22 November 2021 16:52:12 +0000 (0:00:00.510) 0:00:29.314 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1) TASK [Install certreader] ****************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:18 Monday 22 November 2021 16:52:13 +0000 (0:00:00.930) 0:00:30.245 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8) Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1) Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.0) Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8) Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0) Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21) TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:26 Monday 22 November 2021 16:52:14 +0000 (0:00:00.819) 0:00:31.064 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637599914.1986244, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "4e3a1caca8e75febc3982e8a24728f8de7e3449c", "ctime": 1637599914.1956244, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12986544, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637599914.1956244, "nlink": 1, "path": "/etc/pki/tls/certs/other-cert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1310, "uid": 0, "version": "607544857", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:31 Monday 22 November 2021 16:52:14 +0000 (0:00:00.322) 0:00:31.387 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:37 Monday 22 November 2021 16:52:14 +0000 (0:00:00.021) 0:00:31.409 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:49 Monday 22 November 2021 16:52:14 +0000 (0:00:00.037) 0:00:31.447 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:55 Monday 22 November 2021 16:52:14 +0000 (0:00:00.033) 0:00:31.481 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637599914.1556244, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "32d92bb580101b05beb53f7c34d8794cfc99da32", "ctime": 1637599914.1956244, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12986543, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637599914.1956244, "nlink": 1, "path": "/etc/pki/tls/private/other-cert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "18446744072309682365", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:60 Monday 22 November 2021 16:52:14 +0000 (0:00:00.318) 0:00:31.799 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:66 Monday 22 November 2021 16:52:14 +0000 (0:00:00.018) 0:00:31.818 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:78 Monday 22 November 2021 16:52:14 +0000 (0:00:00.033) 0:00:31.852 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/other-cert.crt" ], "delta": "0:00:00.269357", "end": "2021-11-22 11:52:13.991809", "rc": 0, "start": "2021-11-22 11:52:13.722452" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.org" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.org" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "18:94:D4:C5:4D:9D:FB:0E:0B:29:78:A1:46:69:48:B1:35:9F:0D:6E", "critical": false }, "authorityKeyIdentifier": { "value": "3B:93:17:81:0B:5C:BA:A4:84:BF:FB:7E:57:EF:84:66:35:30:67:0B", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "AE:C5:F7:4A:59:31:B5:71:8C:99:01:31:F2:B8:6D:6F:32:EB:F4:0C:AB:33:8A:FD:B5:E6:BD:13:CD:F0:F2:7F:2D:CC:A0:4B:2A:01:A3:9B:F5:FA:6C:54:B8:76:6D:EE:95:1C:76:6F:F7:A9:1E:1A:D8:AE:72:2C:1D:5D:13:E9:34:08:3D:52:C5:06:25:3B:8F:9D:0A:D6:6B:41:87:01:9C:99:94:FE:28:DB:2E:07:5E:35:6B:06:78:02:27:1F:A1:94:3F:5A:1D:FE:53:69:7F:DE:64:33:0E:B5:91:CD:7E:FB:C9:A2:6F:72:8F:06:A7:45:52:0C:9E:5A:2A:F0:37:DB:B9:1F:2C:97:76:D5:06:5D:21:A8:6A:A6:71:40:D3:22:D9:C9:DF:35:9D:61:64:82:BC:94:C7:C6:40:34:44:FE:F2:34:AD:32:71:E7:7E:E1:61:4B:AD:F8:92:57:EB:4D:ED:3D:02:AB:5B:89:18:28:73:6F:BC:75:21:45:3B:F0:17:C6:1D:13:2B:D3:A0:E2:A7:6A:2D:7D:C4:22:02:3A:9A:F8:DE:F9:20:A4:D0:80:18:CE:36:5B:82:FC:92:FA:77:91:23:02:85:05:A8:A3:4F:D5:48:CE:FD:6B:F5:72:EC:4E:76:08:0A:64:63:FD:2F:CF:7B:EA:E8:D7" }, "key_size": 2048, "validity": { "not_valid_after": "2022-11-22 16:51:52", "not_valid_before": "2021-11-22 16:51:54" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:83 Monday 22 November 2021 16:52:15 +0000 (0:00:00.588) 0:00:32.440 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "3B:93:17:81:0B:5C:BA:A4:84:BF:FB:7E:57:EF:84:66:35:30:67:0B" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.org" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "18:94:D4:C5:4D:9D:FB:0E:0B:29:78:A1:46:69:48:B1:35:9F:0D:6E" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "AE:C5:F7:4A:59:31:B5:71:8C:99:01:31:F2:B8:6D:6F:32:EB:F4:0C:AB:33:8A:FD:B5:E6:BD:13:CD:F0:F2:7F:2D:CC:A0:4B:2A:01:A3:9B:F5:FA:6C:54:B8:76:6D:EE:95:1C:76:6F:F7:A9:1E:1A:D8:AE:72:2C:1D:5D:13:E9:34:08:3D:52:C5:06:25:3B:8F:9D:0A:D6:6B:41:87:01:9C:99:94:FE:28:DB:2E:07:5E:35:6B:06:78:02:27:1F:A1:94:3F:5A:1D:FE:53:69:7F:DE:64:33:0E:B5:91:CD:7E:FB:C9:A2:6F:72:8F:06:A7:45:52:0C:9E:5A:2A:F0:37:DB:B9:1F:2C:97:76:D5:06:5D:21:A8:6A:A6:71:40:D3:22:D9:C9:DF:35:9D:61:64:82:BC:94:C7:C6:40:34:44:FE:F2:34:AD:32:71:E7:7E:E1:61:4B:AD:F8:92:57:EB:4D:ED:3D:02:AB:5B:89:18:28:73:6F:BC:75:21:45:3B:F0:17:C6:1D:13:2B:D3:A0:E2:A7:6A:2D:7D:C4:22:02:3A:9A:F8:DE:F9:20:A4:D0:80:18:CE:36:5B:82:FC:92:FA:77:91:23:02:85:05:A8:A3:4F:D5:48:CE:FD:6B:F5:72:EC:4E:76:08:0A:64:63:FD:2F:CF:7B:EA:E8:D7" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.org" } ], "validity": { "not_valid_after": "2022-11-22 16:51:52", "not_valid_before": "2021-11-22 16:51:54" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:87 Monday 22 November 2021 16:52:15 +0000 (0:00:00.030) 0:00:32.471 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:96 Monday 22 November 2021 16:52:15 +0000 (0:00:00.031) 0:00:32.502 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:105 Monday 22 November 2021 16:52:15 +0000 (0:00:00.019) 0:00:32.521 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:112 Monday 22 November 2021 16:52:15 +0000 (0:00:00.031) 0:00:32.552 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:125 Monday 22 November 2021 16:52:15 +0000 (0:00:00.031) 0:00:32.584 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:141 Monday 22 November 2021 16:52:15 +0000 (0:00:00.030) 0:00:32.614 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/other-cert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.041620", "end": "2021-11-22 11:52:14.517444", "rc": 0, "start": "2021-11-22 11:52:14.475824" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:150 Monday 22 November 2021 16:52:15 +0000 (0:00:00.348) 0:00:32.963 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:2 Monday 22 November 2021 16:52:15 +0000 (0:00:00.031) 0:00:32.994 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:6 Monday 22 November 2021 16:52:15 +0000 (0:00:00.014) 0:00:33.009 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0, "results": [ "python3-3.6.8-17.el7.x86_64 providing python3 is already installed" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:11 Monday 22 November 2021 16:52:16 +0000 (0:00:00.520) 0:00:33.530 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1) TASK [Install certreader] ****************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:18 Monday 22 November 2021 16:52:17 +0000 (0:00:00.931) 0:00:34.461 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8) Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1) Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.0) Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8) Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0) Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21) TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:26 Monday 22 November 2021 16:52:18 +0000 (0:00:00.807) 0:00:35.268 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637599915.1656244, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "3257222feef9bcfb5fe47b6368078a16de640b9b", "ctime": 1637599915.1626244, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12986542, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637599915.1626244, "nlink": 1, "path": "/etc/pki/tls/certs/another-cert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1310, "uid": 0, "version": "343851370", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:31 Monday 22 November 2021 16:52:18 +0000 (0:00:00.310) 0:00:35.579 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:37 Monday 22 November 2021 16:52:18 +0000 (0:00:00.018) 0:00:35.598 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:49 Monday 22 November 2021 16:52:18 +0000 (0:00:00.033) 0:00:35.631 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:55 Monday 22 November 2021 16:52:18 +0000 (0:00:00.031) 0:00:35.662 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637599915.1246243, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "297f1d28ee5ae8558434a2dc881f0b7c70d4d1e0", "ctime": 1637599915.1626244, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12986541, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637599915.1626244, "nlink": 1, "path": "/etc/pki/tls/private/another-cert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "18446744072329987189", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:60 Monday 22 November 2021 16:52:18 +0000 (0:00:00.319) 0:00:35.982 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:66 Monday 22 November 2021 16:52:18 +0000 (0:00:00.018) 0:00:36.000 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:78 Monday 22 November 2021 16:52:19 +0000 (0:00:00.033) 0:00:36.034 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/another-cert.crt" ], "delta": "0:00:00.312338", "end": "2021-11-22 11:52:18.206383", "rc": 0, "start": "2021-11-22 11:52:17.894045" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.net" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.net" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "7F:96:C4:19:28:E0:43:3F:5D:EA:FE:0E:80:F3:D6:8A:F3:DE:01:57", "critical": false }, "authorityKeyIdentifier": { "value": "3B:93:17:81:0B:5C:BA:A4:84:BF:FB:7E:57:EF:84:66:35:30:67:0B", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "8C:2C:09:11:96:94:AC:20:B0:BA:B3:88:C1:F3:53:B5:B6:55:85:7A:B2:88:AE:1A:C0:88:CA:D6:D3:C8:28:6C:9E:21:E9:33:5E:B4:7F:0E:CC:07:E1:72:B8:CE:1D:41:70:18:2C:5A:8E:B5:4E:B8:83:11:A2:C7:D8:9C:59:11:15:E2:AB:81:25:F6:22:7B:7B:F4:95:65:15:FF:88:E1:C0:44:62:AD:59:92:5B:06:66:6D:03:7F:A6:3C:56:B5:44:58:8C:B4:F2:84:5A:17:38:44:AD:64:49:35:38:7D:50:35:7F:D3:2B:D7:91:D6:BD:DE:05:59:E6:94:BD:02:DD:A6:D2:01:C7:27:C2:89:66:78:B4:BB:39:3E:8C:35:8D:88:DB:DC:F2:AF:AE:4D:C4:F8:94:DC:D4:FA:01:A8:99:3D:70:61:FD:7B:31:C5:4D:58:7B:78:5A:9A:3A:3E:A5:D4:AB:D0:11:CB:4A:35:C1:72:D7:57:C0:1E:2F:20:D6:21:DD:FF:A8:7F:ED:44:2A:42:59:75:CD:10:5F:18:E8:58:38:A7:F4:B8:88:81:98:B3:CE:ED:34:7D:F6:02:07:2F:69:E1:D3:2F:A7:22:8F:E9:DD:32:17:93:B7:18:2B:BF:37:FC:17:07:9C:0D:37:A4:72:7D:5B:38:8C:24" }, "key_size": 2048, "validity": { "not_valid_after": "2022-11-22 16:51:52", "not_valid_before": "2021-11-22 16:51:55" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:83 Monday 22 November 2021 16:52:19 +0000 (0:00:00.618) 0:00:36.653 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "3B:93:17:81:0B:5C:BA:A4:84:BF:FB:7E:57:EF:84:66:35:30:67:0B" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.net" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "7F:96:C4:19:28:E0:43:3F:5D:EA:FE:0E:80:F3:D6:8A:F3:DE:01:57" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "8C:2C:09:11:96:94:AC:20:B0:BA:B3:88:C1:F3:53:B5:B6:55:85:7A:B2:88:AE:1A:C0:88:CA:D6:D3:C8:28:6C:9E:21:E9:33:5E:B4:7F:0E:CC:07:E1:72:B8:CE:1D:41:70:18:2C:5A:8E:B5:4E:B8:83:11:A2:C7:D8:9C:59:11:15:E2:AB:81:25:F6:22:7B:7B:F4:95:65:15:FF:88:E1:C0:44:62:AD:59:92:5B:06:66:6D:03:7F:A6:3C:56:B5:44:58:8C:B4:F2:84:5A:17:38:44:AD:64:49:35:38:7D:50:35:7F:D3:2B:D7:91:D6:BD:DE:05:59:E6:94:BD:02:DD:A6:D2:01:C7:27:C2:89:66:78:B4:BB:39:3E:8C:35:8D:88:DB:DC:F2:AF:AE:4D:C4:F8:94:DC:D4:FA:01:A8:99:3D:70:61:FD:7B:31:C5:4D:58:7B:78:5A:9A:3A:3E:A5:D4:AB:D0:11:CB:4A:35:C1:72:D7:57:C0:1E:2F:20:D6:21:DD:FF:A8:7F:ED:44:2A:42:59:75:CD:10:5F:18:E8:58:38:A7:F4:B8:88:81:98:B3:CE:ED:34:7D:F6:02:07:2F:69:E1:D3:2F:A7:22:8F:E9:DD:32:17:93:B7:18:2B:BF:37:FC:17:07:9C:0D:37:A4:72:7D:5B:38:8C:24" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.net" } ], "validity": { "not_valid_after": "2022-11-22 16:51:52", "not_valid_before": "2021-11-22 16:51:55" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:87 Monday 22 November 2021 16:52:19 +0000 (0:00:00.029) 0:00:36.682 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:96 Monday 22 November 2021 16:52:19 +0000 (0:00:00.030) 0:00:36.713 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:105 Monday 22 November 2021 16:52:19 +0000 (0:00:00.018) 0:00:36.731 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:112 Monday 22 November 2021 16:52:19 +0000 (0:00:00.029) 0:00:36.760 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:125 Monday 22 November 2021 16:52:19 +0000 (0:00:00.030) 0:00:36.791 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:141 Monday 22 November 2021 16:52:19 +0000 (0:00:00.030) 0:00:36.821 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/another-cert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.043691", "end": "2021-11-22 11:52:18.715233", "rc": 0, "start": "2021-11-22 11:52:18.671542" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:150 Monday 22 November 2021 16:52:20 +0000 (0:00:00.337) 0:00:37.159 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=74 changed=10 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 16:52:20 +0000 (0:00:00.039) 0:00:37.198 ******* =============================================================================== linux-system-roles.certificate : Ensure certificate role dependencies are installed --- 4.96s /tmp/tmpcx8fxgbp/tasks/main.yml:17 -------------------------------------------- Install the package, force upgrade -------------------------------------- 4.65s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:11 ------------- Ensure python3 is installed --------------------------------------------- 4.44s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:6 -------------- Install certreader ------------------------------------------------------ 3.10s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:18 ------------- linux-system-roles.certificate : Ensure certificate requests ------------ 2.38s /tmp/tmpcx8fxgbp/tasks/main.yml:112 ------------------------------------------- linux-system-roles.certificate : Ensure provider packages are installed --- 2.25s /tmp/tmpcx8fxgbp/tasks/main.yml:34 -------------------------------------------- set up internal repositories -------------------------------------------- 1.40s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ Gathering Facts --------------------------------------------------------- 1.01s /tmp/tmpcx8fxgbp/tests/tests_many_self_signed.yml:2 --------------------------- Install the package, force upgrade -------------------------------------- 0.93s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:11 ------------- Install the package, force upgrade -------------------------------------- 0.93s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:11 ------------- linux-system-roles.certificate : Ensure provider service is running ----- 0.82s /tmp/tmpcx8fxgbp/tasks/main.yml:100 ------------------------------------------- Install certreader ------------------------------------------------------ 0.82s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:18 ------------- Install certreader ------------------------------------------------------ 0.81s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:18 ------------- Gathering Facts --------------------------------------------------------- 0.72s /tmp/tmpcx8fxgbp/tests/tests_many_self_signed.yml:18 -------------------------- Parse certificate ------------------------------------------------------- 0.70s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:78 ------------- Parse certificate ------------------------------------------------------- 0.62s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:78 ------------- Parse certificate ------------------------------------------------------- 0.59s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:78 ------------- Ensure python3 is installed --------------------------------------------- 0.52s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:6 -------------- Ensure python3 is installed --------------------------------------------- 0.51s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:6 -------------- linux-system-roles.certificate : Ensure pre-scripts hooks directory exists --- 0.46s /tmp/tmpcx8fxgbp/tasks/main.yml:45 -------------------------------------------- + cd /tmp/tmpcx8fxgbp/tests; TEST_SSHD_USEDNS_NO=True TEST_SUBJECTS=/cache/rhel-7.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-103-b309c26-rhel-7-3xzp9nbc/artifacts ANSIBLE_COLLECTIONS_PATHS=/tmp/tmpvzmns1ns:~/.ansible/collections:/usr/share/ansible/collections ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 --skip-tags=tests::cleanup,tests::nvme /tmp/tmpcx8fxgbp/_setup.yml /tmp/tmpcx8fxgbp/tests/tests_no_auto_renew.yml ansible-playbook [core 2.12.0.post0] config file = None configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.8/site-packages/ansible ansible collection location = /tmp/tmpvzmns1ns:/home/runner/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.8.8 (default, Aug 25 2021, 16:13:02) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] jinja version = 2.10.3 libyaml = True No config file found; using defaults Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 2 plays in /tmp/tmpcx8fxgbp/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpcx8fxgbp/_setup.yml:5 Monday 22 November 2021 16:52:34 +0000 (0:00:00.011) 0:00:00.011 ******* ok: [/cache/rhel-7.qcow2] => { "groups": { "all": [ "/cache/rhel-7.qcow2" ], "localhost": [ "/cache/rhel-7.qcow2" ], "subjects": [ "/cache/rhel-7.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:6 Monday 22 November 2021 16:52:34 +0000 (0:00:00.019) 0:00:00.030 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:13 Monday 22 November 2021 16:52:34 +0000 (0:00:00.024) 0:00:00.055 ******* changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 16:52:35 +0000 (0:00:01.376) 0:00:01.431 ******* =============================================================================== set up internal repositories -------------------------------------------- 1.38s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ fail -------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- PLAYBOOK: tests_no_auto_renew.yml ********************************************** 2 plays in /tmp/tmpcx8fxgbp/tests/tests_no_auto_renew.yml PLAY [Issue simple self-signed certificate] ************************************ TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_no_auto_renew.yml:2 Monday 22 November 2021 16:52:35 +0000 (0:00:00.014) 0:00:01.445 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpcx8fxgbp/tasks/main.yml:2 Monday 22 November 2021 16:52:36 +0000 (0:00:00.986) 0:00:02.432 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpcx8fxgbp/vars/RedHat_7.yml" ], "changed": false } TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:17 Monday 22 November 2021 16:52:36 +0000 (0:00:00.028) 0:00:02.461 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python-pyasn1", "python-cryptography" ] }, "rc": 0, "results": [ "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 rhel 503 k\n python2-pyasn1 noarch 0.1.9-7.el7 rhel 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 rhel 218 k\n python-enum34 noarch 1.0.4-1.el7 rhel 52 k\n python-idna noarch 2.4-1.el7 rhel 94 k\n python-ply noarch 3.4-11.el7 rhel 123 k\n python-pycparser noarch 2.14-1.el7 rhel 105 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 14 MB/s | 1.2 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n" ] } TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:34 Monday 22 November 2021 16:52:41 +0000 (0:00:04.871) 0:00:07.332 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": { "installed": [ "certmonger" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-14.el7 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository\n Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-14.el7 rhel 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 rhel 33 k\n libtevent x86_64 0.9.39-1.el7 rhel 41 k\n psmisc x86_64 22.20-17.el7 rhel 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 rhel 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 rhel 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 980 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 13 MB/s | 980 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-14.el7.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 2/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 3/6 \n Verifying : certmonger-0.78.4-14.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-14.el7 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n" ] } TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:45 Monday 22 November 2021 16:52:44 +0000 (0:00:02.211) 0:00:09.543 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:71 Monday 22 November 2021 16:52:44 +0000 (0:00:00.481) 0:00:10.025 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:100 Monday 22 November 2021 16:52:44 +0000 (0:00:00.323) 0:00:10.349 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "dbus.service systemd-journald.socket network.target system.slice basic.target syslog.target", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14968", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14968", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "basic.target system.slice", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0" } } TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpcx8fxgbp/tasks/main.yml:112 Monday 22 November 2021 16:52:45 +0000 (0:00:00.828) 0:00:11.177 ******* changed: [/cache/rhel-7.qcow2] => (item={'name': 'mycert', 'dns': 'www.example.com', 'ca': 'self-sign', 'auto_renew': False}) => { "ansible_loop_var": "item", "changed": true, "item": { "auto_renew": false, "ca": "self-sign", "dns": "www.example.com", "name": "mycert" } } MSG: Certificate requested (new). changed: [/cache/rhel-7.qcow2] => (item={'name': 'defaultcert', 'dns': 'www.example.com', 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.com", "name": "defaultcert" } } MSG: Certificate requested (new). META: role_complete for /cache/rhel-7.qcow2 META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_no_auto_renew.yml:17 Monday 22 November 2021 16:52:47 +0000 (0:00:01.415) 0:00:12.592 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_no_auto_renew.yml:42 Monday 22 November 2021 16:52:47 +0000 (0:00:00.734) 0:00:13.327 ******* included: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml for /cache/rhel-7.qcow2 => (item={'path': '/etc/pki/tls/certs/mycert.crt', 'key_path': '/etc/pki/tls/private/mycert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}], 'auto_renew': False}) included: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml for /cache/rhel-7.qcow2 => (item={'path': '/etc/pki/tls/certs/defaultcert.crt', 'key_path': '/etc/pki/tls/private/defaultcert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}], 'auto_renew': True}) TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:2 Monday 22 November 2021 16:52:47 +0000 (0:00:00.035) 0:00:13.363 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:6 Monday 22 November 2021 16:52:47 +0000 (0:00:00.014) 0:00:13.377 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python3" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-17.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-17.el7 for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-17.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-17.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-17.el7 rhel 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-17.el7 rhel 6.9 M\n python3-pip noarch 9.0.3-8.el7 rhel 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 rhel 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 61 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Installing : python3-libs-3.6.8-17.el7.x86_64 2/4 \n Installing : python3-3.6.8-17.el7.x86_64 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 1/4 \n Verifying : python3-3.6.8-17.el7.x86_64 2/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Verifying : python3-libs-3.6.8-17.el7.x86_64 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-17.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-17.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:11 Monday 22 November 2021 16:52:52 +0000 (0:00:04.419) 0:00:17.797 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting pip Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB) Installing collected packages: pip Found existing installation: pip 9.0.3 Uninstalling pip-9.0.3: Successfully uninstalled pip-9.0.3 Successfully installed pip-21.3.1 TASK [Install certreader] ****************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:18 Monday 22 November 2021 16:52:56 +0000 (0:00:04.649) 0:00:22.447 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting cryptography<35 Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB) Collecting certreader>=0.1.1 Downloading certreader-0.1.1.tar.gz (4.4 kB) Preparing metadata (setup.py): started Preparing metadata (setup.py): finished with status 'done' Collecting cffi>=1.12 Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB) Collecting pyasn1 Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB) Collecting pyyaml Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB) Collecting pycparser Downloading pycparser-2.21-py2.py3-none-any.whl (118 kB) Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed. Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader Running setup.py install for certreader: started Running setup.py install for certreader: finished with status 'done' Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.21 pyyaml-6.0 TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:26 Monday 22 November 2021 16:53:00 +0000 (0:00:03.184) 0:00:25.632 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637599965.0249932, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "4707525120f8580a0bdc3a05547e5ef637aaa503", "ctime": 1637599965.0219932, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12584335, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637599965.0219932, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1310, "uid": 0, "version": "652340779", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:31 Monday 22 November 2021 16:53:00 +0000 (0:00:00.466) 0:00:26.098 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:37 Monday 22 November 2021 16:53:00 +0000 (0:00:00.022) 0:00:26.121 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:49 Monday 22 November 2021 16:53:00 +0000 (0:00:00.037) 0:00:26.159 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:55 Monday 22 November 2021 16:53:00 +0000 (0:00:00.035) 0:00:26.195 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637599964.980993, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "60263701accc2c08b33f8fc5f13867d2c76f3bbb", "ctime": 1637599965.0219932, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12584334, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637599965.0219932, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "895682884", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:60 Monday 22 November 2021 16:53:01 +0000 (0:00:00.337) 0:00:26.532 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:66 Monday 22 November 2021 16:53:01 +0000 (0:00:00.021) 0:00:26.553 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:78 Monday 22 November 2021 16:53:01 +0000 (0:00:00.038) 0:00:26.591 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt" ], "delta": "0:00:00.286283", "end": "2021-11-22 11:53:00.500447", "rc": 0, "start": "2021-11-22 11:53:00.214164" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.com" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "87:0C:A4:54:A6:7A:FC:03:17:C7:FC:FC:91:C6:C8:A9:AC:00:34:89", "critical": false }, "authorityKeyIdentifier": { "value": "9B:B5:44:21:D1:0E:7B:83:F1:EF:04:EF:A1:85:60:58:DD:D0:D3:1F", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "03:D3:F4:1C:9F:50:75:BC:99:89:F7:C6:27:D7:58:63:D6:9C:72:FA:95:F7:BA:E4:52:73:98:6E:E5:49:19:B2:4D:5F:C3:58:BC:FA:0F:8F:E9:EA:BA:1F:8E:33:EB:76:C1:95:74:A9:97:8F:13:3A:C8:AE:AC:59:81:5D:8F:33:48:C3:43:29:FD:42:C5:1B:60:AE:F5:A8:11:EF:08:29:5A:A4:C4:2A:5C:FD:17:CF:46:0D:D2:93:0A:0A:D5:FE:EE:34:F9:89:82:44:D7:D0:7F:A0:32:B7:E0:37:8E:92:8C:77:B0:5E:D0:D4:EB:68:90:B3:2B:0F:C9:50:22:11:81:AA:3B:92:BB:48:87:24:0C:BC:A9:88:D8:30:3B:02:3C:18:E1:B5:30:14:52:F5:2F:0E:6A:69:81:10:15:B1:70:B3:AD:8B:BA:DF:AA:37:DE:D9:82:99:E1:EF:99:88:FE:E8:9E:54:E7:9A:4D:BF:00:39:82:91:7E:5E:8F:91:C9:79:69:65:28:A0:7F:19:19:5F:78:11:A0:69:37:2D:2A:D7:29:7F:EA:63:89:65:9B:C1:A0:6B:E8:C0:BC:46:9C:AE:0B:5D:AA:D6:29:06:93:14:48:B2:E1:61:41:AC:9F:2A:20:1F:D4:62:FD:1C:CE:49:81:5D:E0:C2:17:23" }, "key_size": 2048, "validity": { "not_valid_after": "2022-11-22 16:52:44", "not_valid_before": "2021-11-22 16:52:45" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:83 Monday 22 November 2021 16:53:01 +0000 (0:00:00.745) 0:00:27.337 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "9B:B5:44:21:D1:0E:7B:83:F1:EF:04:EF:A1:85:60:58:DD:D0:D3:1F" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "87:0C:A4:54:A6:7A:FC:03:17:C7:FC:FC:91:C6:C8:A9:AC:00:34:89" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "03:D3:F4:1C:9F:50:75:BC:99:89:F7:C6:27:D7:58:63:D6:9C:72:FA:95:F7:BA:E4:52:73:98:6E:E5:49:19:B2:4D:5F:C3:58:BC:FA:0F:8F:E9:EA:BA:1F:8E:33:EB:76:C1:95:74:A9:97:8F:13:3A:C8:AE:AC:59:81:5D:8F:33:48:C3:43:29:FD:42:C5:1B:60:AE:F5:A8:11:EF:08:29:5A:A4:C4:2A:5C:FD:17:CF:46:0D:D2:93:0A:0A:D5:FE:EE:34:F9:89:82:44:D7:D0:7F:A0:32:B7:E0:37:8E:92:8C:77:B0:5E:D0:D4:EB:68:90:B3:2B:0F:C9:50:22:11:81:AA:3B:92:BB:48:87:24:0C:BC:A9:88:D8:30:3B:02:3C:18:E1:B5:30:14:52:F5:2F:0E:6A:69:81:10:15:B1:70:B3:AD:8B:BA:DF:AA:37:DE:D9:82:99:E1:EF:99:88:FE:E8:9E:54:E7:9A:4D:BF:00:39:82:91:7E:5E:8F:91:C9:79:69:65:28:A0:7F:19:19:5F:78:11:A0:69:37:2D:2A:D7:29:7F:EA:63:89:65:9B:C1:A0:6B:E8:C0:BC:46:9C:AE:0B:5D:AA:D6:29:06:93:14:48:B2:E1:61:41:AC:9F:2A:20:1F:D4:62:FD:1C:CE:49:81:5D:E0:C2:17:23" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "2022-11-22 16:52:44", "not_valid_before": "2021-11-22 16:52:45" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:87 Monday 22 November 2021 16:53:01 +0000 (0:00:00.040) 0:00:27.377 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:96 Monday 22 November 2021 16:53:01 +0000 (0:00:00.038) 0:00:27.415 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:105 Monday 22 November 2021 16:53:01 +0000 (0:00:00.022) 0:00:27.438 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:112 Monday 22 November 2021 16:53:02 +0000 (0:00:00.035) 0:00:27.474 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:125 Monday 22 November 2021 16:53:02 +0000 (0:00:00.037) 0:00:27.512 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:141 Monday 22 November 2021 16:53:02 +0000 (0:00:00.037) 0:00:27.549 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.040629", "end": "2021-11-22 11:53:01.082400", "rc": 0, "start": "2021-11-22 11:53:01.041771" } STDOUT: no TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:150 Monday 22 November 2021 16:53:02 +0000 (0:00:00.367) 0:00:27.916 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:2 Monday 22 November 2021 16:53:02 +0000 (0:00:00.039) 0:00:27.955 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:6 Monday 22 November 2021 16:53:02 +0000 (0:00:00.020) 0:00:27.976 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0, "results": [ "python3-3.6.8-17.el7.x86_64 providing python3 is already installed" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:11 Monday 22 November 2021 16:53:03 +0000 (0:00:00.566) 0:00:28.543 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1) TASK [Install certreader] ****************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:18 Monday 22 November 2021 16:53:04 +0000 (0:00:01.004) 0:00:29.547 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8) Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1) Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.0) Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8) Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0) Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21) TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:26 Monday 22 November 2021 16:53:04 +0000 (0:00:00.873) 0:00:30.421 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637599965.627993, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "44a905dceadff18e3641c89105bfdaf79bf0c052", "ctime": 1637599965.624993, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12584339, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637599965.624993, "nlink": 1, "path": "/etc/pki/tls/certs/defaultcert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1310, "uid": 0, "version": "348868592", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:31 Monday 22 November 2021 16:53:05 +0000 (0:00:00.333) 0:00:30.755 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:37 Monday 22 November 2021 16:53:05 +0000 (0:00:00.022) 0:00:30.777 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:49 Monday 22 November 2021 16:53:05 +0000 (0:00:00.043) 0:00:30.820 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:55 Monday 22 November 2021 16:53:05 +0000 (0:00:00.035) 0:00:30.856 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637599965.581993, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "b77d34c5c8814b0b710f3df10c9b317c96c8743c", "ctime": 1637599965.6239932, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12584338, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637599965.6239932, "nlink": 1, "path": "/etc/pki/tls/private/defaultcert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "994779668", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:60 Monday 22 November 2021 16:53:05 +0000 (0:00:00.326) 0:00:31.182 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:66 Monday 22 November 2021 16:53:05 +0000 (0:00:00.021) 0:00:31.204 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:78 Monday 22 November 2021 16:53:05 +0000 (0:00:00.037) 0:00:31.241 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/defaultcert.crt" ], "delta": "0:00:00.267487", "end": "2021-11-22 11:53:04.996124", "rc": 0, "start": "2021-11-22 11:53:04.728637" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.com" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "D7:E3:97:E6:A6:24:99:AB:2D:70:6D:41:51:B5:54:0B:37:23:CD:EC", "critical": false }, "authorityKeyIdentifier": { "value": "9B:B5:44:21:D1:0E:7B:83:F1:EF:04:EF:A1:85:60:58:DD:D0:D3:1F", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "21:0F:6A:7A:12:E1:AD:00:01:E7:64:7F:AD:CD:37:1C:F8:DA:17:42:F1:0B:E5:A4:FC:83:A8:E1:85:CC:19:56:5E:F1:0A:CC:A6:78:C4:1E:DB:41:F9:93:1C:A9:26:64:62:AA:8D:DE:D8:DF:A3:BE:B6:2D:62:55:90:21:BB:76:EA:D5:CE:EA:50:81:16:16:81:EB:5E:E5:EA:C7:01:44:FB:18:32:75:CA:8A:92:29:1D:6A:45:B2:CD:E5:9B:AF:EB:AE:13:5D:9F:B8:48:5C:CA:BD:C3:18:D7:5C:55:3B:10:92:4B:FE:01:F4:5E:89:5B:65:31:07:07:BC:32:36:F5:2A:0B:83:B4:1F:EE:CE:F0:48:0F:8B:B5:E8:F8:39:81:BD:4F:61:EE:87:E7:5B:2A:01:74:E6:35:51:6A:D9:B2:F1:0D:F1:49:43:DF:14:05:83:4F:41:C7:2F:84:B9:7D:AB:02:E3:2D:56:74:00:86:F9:61:EB:61:6C:CE:32:58:2B:9D:B5:6B:A0:9A:8E:E9:29:3A:06:9E:8E:E4:05:2A:3B:99:A9:EE:DB:79:BE:3E:46:04:1D:E6:73:37:94:27:E2:E5:8E:F6:1E:D5:9B:37:CB:E8:0F:23:CC:DF:18:85:7C:28:5E:0E:63:03:AE:E2:4E:05:A3:74:7C:FE:3C" }, "key_size": 2048, "validity": { "not_valid_after": "2022-11-22 16:52:44", "not_valid_before": "2021-11-22 16:52:45" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:83 Monday 22 November 2021 16:53:06 +0000 (0:00:00.586) 0:00:31.828 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "9B:B5:44:21:D1:0E:7B:83:F1:EF:04:EF:A1:85:60:58:DD:D0:D3:1F" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "D7:E3:97:E6:A6:24:99:AB:2D:70:6D:41:51:B5:54:0B:37:23:CD:EC" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "21:0F:6A:7A:12:E1:AD:00:01:E7:64:7F:AD:CD:37:1C:F8:DA:17:42:F1:0B:E5:A4:FC:83:A8:E1:85:CC:19:56:5E:F1:0A:CC:A6:78:C4:1E:DB:41:F9:93:1C:A9:26:64:62:AA:8D:DE:D8:DF:A3:BE:B6:2D:62:55:90:21:BB:76:EA:D5:CE:EA:50:81:16:16:81:EB:5E:E5:EA:C7:01:44:FB:18:32:75:CA:8A:92:29:1D:6A:45:B2:CD:E5:9B:AF:EB:AE:13:5D:9F:B8:48:5C:CA:BD:C3:18:D7:5C:55:3B:10:92:4B:FE:01:F4:5E:89:5B:65:31:07:07:BC:32:36:F5:2A:0B:83:B4:1F:EE:CE:F0:48:0F:8B:B5:E8:F8:39:81:BD:4F:61:EE:87:E7:5B:2A:01:74:E6:35:51:6A:D9:B2:F1:0D:F1:49:43:DF:14:05:83:4F:41:C7:2F:84:B9:7D:AB:02:E3:2D:56:74:00:86:F9:61:EB:61:6C:CE:32:58:2B:9D:B5:6B:A0:9A:8E:E9:29:3A:06:9E:8E:E4:05:2A:3B:99:A9:EE:DB:79:BE:3E:46:04:1D:E6:73:37:94:27:E2:E5:8E:F6:1E:D5:9B:37:CB:E8:0F:23:CC:DF:18:85:7C:28:5E:0E:63:03:AE:E2:4E:05:A3:74:7C:FE:3C" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "2022-11-22 16:52:44", "not_valid_before": "2021-11-22 16:52:45" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:87 Monday 22 November 2021 16:53:06 +0000 (0:00:00.032) 0:00:31.861 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:96 Monday 22 November 2021 16:53:06 +0000 (0:00:00.033) 0:00:31.894 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:105 Monday 22 November 2021 16:53:06 +0000 (0:00:00.021) 0:00:31.915 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:112 Monday 22 November 2021 16:53:06 +0000 (0:00:00.033) 0:00:31.949 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:125 Monday 22 November 2021 16:53:06 +0000 (0:00:00.036) 0:00:31.985 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:141 Monday 22 November 2021 16:53:06 +0000 (0:00:00.093) 0:00:32.079 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/defaultcert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.043711", "end": "2021-11-22 11:53:05.620659", "rc": 0, "start": "2021-11-22 11:53:05.576948" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:150 Monday 22 November 2021 16:53:06 +0000 (0:00:00.372) 0:00:32.452 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=53 changed=10 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 16:53:07 +0000 (0:00:00.039) 0:00:32.491 ******* =============================================================================== linux-system-roles.certificate : Ensure certificate role dependencies are installed --- 4.87s /tmp/tmpcx8fxgbp/tasks/main.yml:17 -------------------------------------------- Install the package, force upgrade -------------------------------------- 4.65s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:11 ------------- Ensure python3 is installed --------------------------------------------- 4.42s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:6 -------------- Install certreader ------------------------------------------------------ 3.18s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:18 ------------- linux-system-roles.certificate : Ensure provider packages are installed --- 2.21s /tmp/tmpcx8fxgbp/tasks/main.yml:34 -------------------------------------------- linux-system-roles.certificate : Ensure certificate requests ------------ 1.42s /tmp/tmpcx8fxgbp/tasks/main.yml:112 ------------------------------------------- set up internal repositories -------------------------------------------- 1.38s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ Install the package, force upgrade -------------------------------------- 1.00s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:11 ------------- Gathering Facts --------------------------------------------------------- 0.99s /tmp/tmpcx8fxgbp/tests/tests_no_auto_renew.yml:2 ------------------------------ Install certreader ------------------------------------------------------ 0.87s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:18 ------------- linux-system-roles.certificate : Ensure provider service is running ----- 0.83s /tmp/tmpcx8fxgbp/tasks/main.yml:100 ------------------------------------------- Parse certificate ------------------------------------------------------- 0.75s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:78 ------------- Gathering Facts --------------------------------------------------------- 0.73s /tmp/tmpcx8fxgbp/tests/tests_no_auto_renew.yml:17 ----------------------------- Parse certificate ------------------------------------------------------- 0.59s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:78 ------------- Ensure python3 is installed --------------------------------------------- 0.57s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:6 -------------- linux-system-roles.certificate : Ensure pre-scripts hooks directory exists --- 0.48s /tmp/tmpcx8fxgbp/tasks/main.yml:45 -------------------------------------------- Retrieve certificate file stats ----------------------------------------- 0.47s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:26 ------------- Retrieve auto-renew flag ------------------------------------------------ 0.37s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:141 ------------ Retrieve auto-renew flag ------------------------------------------------ 0.37s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:141 ------------ Retrieve key file stats ------------------------------------------------- 0.34s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:55 ------------- + cd /tmp/tmpcx8fxgbp/tests; TEST_SSHD_USEDNS_NO=True TEST_SUBJECTS=/cache/rhel-7.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-103-b309c26-rhel-7-3xzp9nbc/artifacts ANSIBLE_COLLECTIONS_PATHS=/tmp/tmpvzmns1ns:~/.ansible/collections:/usr/share/ansible/collections ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 --skip-tags=tests::cleanup,tests::nvme /tmp/tmpcx8fxgbp/_setup.yml /tmp/tmpcx8fxgbp/tests/tests_not_wait_for_cert.yml ansible-playbook [core 2.12.0.post0] config file = None configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.8/site-packages/ansible ansible collection location = /tmp/tmpvzmns1ns:/home/runner/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.8.8 (default, Aug 25 2021, 16:13:02) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] jinja version = 2.10.3 libyaml = True No config file found; using defaults Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 2 plays in /tmp/tmpcx8fxgbp/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpcx8fxgbp/_setup.yml:5 Monday 22 November 2021 16:53:21 +0000 (0:00:00.011) 0:00:00.011 ******* ok: [/cache/rhel-7.qcow2] => { "groups": { "all": [ "/cache/rhel-7.qcow2" ], "localhost": [ "/cache/rhel-7.qcow2" ], "subjects": [ "/cache/rhel-7.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:6 Monday 22 November 2021 16:53:21 +0000 (0:00:00.015) 0:00:00.026 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:13 Monday 22 November 2021 16:53:21 +0000 (0:00:00.022) 0:00:00.049 ******* changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 16:53:23 +0000 (0:00:01.342) 0:00:01.391 ******* =============================================================================== set up internal repositories -------------------------------------------- 1.34s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ fail -------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- PLAYBOOK: tests_not_wait_for_cert.yml ****************************************** 2 plays in /tmp/tmpcx8fxgbp/tests/tests_not_wait_for_cert.yml PLAY [Issue simple self-signed certificate] ************************************ TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_not_wait_for_cert.yml:2 Monday 22 November 2021 16:53:23 +0000 (0:00:00.014) 0:00:01.405 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpcx8fxgbp/tasks/main.yml:2 Monday 22 November 2021 16:53:24 +0000 (0:00:00.952) 0:00:02.358 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpcx8fxgbp/vars/RedHat_7.yml" ], "changed": false } TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:17 Monday 22 November 2021 16:53:24 +0000 (0:00:00.026) 0:00:02.385 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python-pyasn1", "python-cryptography" ] }, "rc": 0, "results": [ "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 rhel 503 k\n python2-pyasn1 noarch 0.1.9-7.el7 rhel 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 rhel 218 k\n python-enum34 noarch 1.0.4-1.el7 rhel 52 k\n python-idna noarch 2.4-1.el7 rhel 94 k\n python-ply noarch 3.4-11.el7 rhel 123 k\n python-pycparser noarch 2.14-1.el7 rhel 105 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 14 MB/s | 1.2 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n" ] } TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:34 Monday 22 November 2021 16:53:28 +0000 (0:00:04.803) 0:00:07.188 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": { "installed": [ "certmonger" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-14.el7 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository\n Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-14.el7 rhel 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 rhel 33 k\n libtevent x86_64 0.9.39-1.el7 rhel 41 k\n psmisc x86_64 22.20-17.el7 rhel 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 rhel 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 rhel 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 980 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 13 MB/s | 980 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-14.el7.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 2/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 3/6 \n Verifying : certmonger-0.78.4-14.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-14.el7 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n" ] } TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:45 Monday 22 November 2021 16:53:31 +0000 (0:00:02.140) 0:00:09.329 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:71 Monday 22 November 2021 16:53:31 +0000 (0:00:00.513) 0:00:09.842 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:100 Monday 22 November 2021 16:53:31 +0000 (0:00:00.340) 0:00:10.182 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "systemd-journald.socket system.slice dbus.service basic.target network.target syslog.target", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14968", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14968", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "system.slice basic.target", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0" } } TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpcx8fxgbp/tasks/main.yml:112 Monday 22 November 2021 16:53:32 +0000 (0:00:00.829) 0:00:11.012 ******* changed: [/cache/rhel-7.qcow2] => (item={'name': 'mycert', 'dns': 'www.example.com', 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.com", "name": "mycert" } } MSG: Certificate requested (new). META: role_complete for /cache/rhel-7.qcow2 META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_not_wait_for_cert.yml:14 Monday 22 November 2021 16:53:33 +0000 (0:00:00.602) 0:00:11.615 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [Wait for certificate] **************************************************** task path: /tmp/tmpcx8fxgbp/tests/tests_not_wait_for_cert.yml:28 Monday 22 November 2021 16:53:34 +0000 (0:00:00.696) 0:00:12.312 ******* ok: [/cache/rhel-7.qcow2] => (item={'path': '/etc/pki/tls/certs/mycert.crt', 'key_path': '/etc/pki/tls/private/mycert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}]}) => { "ansible_loop_var": "item", "changed": false, "elapsed": 0, "gid": 0, "group": "root", "item": { "key_path": "/etc/pki/tls/private/mycert.key", "path": "/etc/pki/tls/certs/mycert.crt", "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "subject_alt_name": [ { "name": "DNS", "value": "www.example.com" } ] }, "match_groupdict": {}, "match_groups": [], "mode": "0600", "owner": "root", "path": "/etc/pki/tls/certs/mycert.crt", "port": null, "search_regex": null, "secontext": "system_u:object_r:cert_t:s0", "size": 1310, "state": "file", "uid": 0 } TASK [Verify each certificate] ************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_not_wait_for_cert.yml:34 Monday 22 November 2021 16:53:34 +0000 (0:00:00.464) 0:00:12.776 ******* included: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml for /cache/rhel-7.qcow2 => (item={'path': '/etc/pki/tls/certs/mycert.crt', 'key_path': '/etc/pki/tls/private/mycert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}]}) TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:2 Monday 22 November 2021 16:53:34 +0000 (0:00:00.031) 0:00:12.808 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:6 Monday 22 November 2021 16:53:34 +0000 (0:00:00.014) 0:00:12.822 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python3" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-17.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-17.el7 for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-17.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-17.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-17.el7 rhel 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-17.el7 rhel 6.9 M\n python3-pip noarch 9.0.3-8.el7 rhel 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 rhel 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 57 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Installing : python3-libs-3.6.8-17.el7.x86_64 2/4 \n Installing : python3-3.6.8-17.el7.x86_64 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 1/4 \n Verifying : python3-3.6.8-17.el7.x86_64 2/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Verifying : python3-libs-3.6.8-17.el7.x86_64 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-17.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-17.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:11 Monday 22 November 2021 16:53:39 +0000 (0:00:04.386) 0:00:17.209 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting pip Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB) Installing collected packages: pip Found existing installation: pip 9.0.3 Uninstalling pip-9.0.3: Successfully uninstalled pip-9.0.3 Successfully installed pip-21.3.1 TASK [Install certreader] ****************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:18 Monday 22 November 2021 16:53:43 +0000 (0:00:04.839) 0:00:22.048 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting cryptography<35 Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB) Collecting certreader>=0.1.1 Downloading certreader-0.1.1.tar.gz (4.4 kB) Preparing metadata (setup.py): started Preparing metadata (setup.py): finished with status 'done' Collecting cffi>=1.12 Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB) Collecting pyasn1 Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB) Collecting pyyaml Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB) Collecting pycparser Downloading pycparser-2.21-py2.py3-none-any.whl (118 kB) Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed. Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader Running setup.py install for certreader: started Running setup.py install for certreader: finished with status 'done' Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.21 pyyaml-6.0 TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:26 Monday 22 November 2021 16:53:47 +0000 (0:00:03.171) 0:00:25.220 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600012.2642834, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "96b67622aad38dc1947afba57644323a50204e1f", "ctime": 1637600012.2612834, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12583750, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637600012.2612834, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1310, "uid": 0, "version": "18446744072205145377", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:31 Monday 22 November 2021 16:53:47 +0000 (0:00:00.452) 0:00:25.672 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:37 Monday 22 November 2021 16:53:47 +0000 (0:00:00.022) 0:00:25.694 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:49 Monday 22 November 2021 16:53:47 +0000 (0:00:00.038) 0:00:25.733 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:55 Monday 22 November 2021 16:53:47 +0000 (0:00:00.035) 0:00:25.768 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600012.2222834, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "c98a6003009c8ebe597dce50e8092efd930ca349", "ctime": 1637600012.2612834, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12583749, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637600012.2612834, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "2051604676", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:60 Monday 22 November 2021 16:53:47 +0000 (0:00:00.328) 0:00:26.097 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:66 Monday 22 November 2021 16:53:47 +0000 (0:00:00.025) 0:00:26.123 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:78 Monday 22 November 2021 16:53:47 +0000 (0:00:00.044) 0:00:26.168 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt" ], "delta": "0:00:00.261126", "end": "2021-11-22 11:53:47.423100", "rc": 0, "start": "2021-11-22 11:53:47.161974" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.com" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "73:3B:83:BF:CE:3E:76:C7:C6:56:B0:50:3B:AD:86:DE:E3:31:97:0F", "critical": false }, "authorityKeyIdentifier": { "value": "ED:10:47:96:B0:E4:21:1D:15:1A:43:4A:45:BA:0D:A6:BE:83:62:DF", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "3E:3F:94:61:88:5B:9D:DC:45:FD:E4:BC:2E:79:CF:CE:C7:41:05:19:41:40:FC:D1:82:43:82:50:B1:5C:67:7F:D1:0F:4A:13:03:F9:53:1F:50:22:7C:38:02:22:A6:A1:50:F5:55:07:07:B2:89:E0:F5:2E:2A:EE:4B:2A:84:A6:6E:8F:28:F4:0D:06:CF:9D:0D:98:35:2C:27:98:B5:DE:1B:D8:20:A5:DD:F4:87:ED:E4:5D:04:62:F6:24:39:CB:58:E3:E2:43:3F:E5:A7:81:52:61:DE:CC:3A:7F:39:E5:89:07:3C:26:EA:BD:65:F8:A4:0A:BF:8F:D1:E9:54:A6:E2:01:AA:47:29:F0:1B:BB:8B:3C:77:31:35:CF:D8:54:34:D9:73:FA:99:F5:4B:FF:4F:3F:60:58:71:1C:BE:F9:20:E4:B8:35:F6:5B:74:99:0A:96:3F:61:E8:BE:B1:D0:6F:A5:BB:0C:32:98:71:72:F2:0C:36:67:2A:A8:2C:58:EB:BF:C1:9E:BE:3E:B2:AC:C4:AA:66:84:3B:1B:99:25:84:8D:EC:2D:21:27:88:2A:00:36:47:49:6E:4D:16:C0:54:B6:B4:F5:6F:2C:EF:A0:96:40:07:79:64:45:0C:37:19:4D:A0:02:4F:E5:B5:12:63:2E:94:E0:07:40:B6:C7" }, "key_size": 2048, "validity": { "not_valid_after": "2022-11-22 16:53:31", "not_valid_before": "2021-11-22 16:53:32" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:83 Monday 22 November 2021 16:53:48 +0000 (0:00:00.741) 0:00:26.909 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "ED:10:47:96:B0:E4:21:1D:15:1A:43:4A:45:BA:0D:A6:BE:83:62:DF" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "73:3B:83:BF:CE:3E:76:C7:C6:56:B0:50:3B:AD:86:DE:E3:31:97:0F" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "3E:3F:94:61:88:5B:9D:DC:45:FD:E4:BC:2E:79:CF:CE:C7:41:05:19:41:40:FC:D1:82:43:82:50:B1:5C:67:7F:D1:0F:4A:13:03:F9:53:1F:50:22:7C:38:02:22:A6:A1:50:F5:55:07:07:B2:89:E0:F5:2E:2A:EE:4B:2A:84:A6:6E:8F:28:F4:0D:06:CF:9D:0D:98:35:2C:27:98:B5:DE:1B:D8:20:A5:DD:F4:87:ED:E4:5D:04:62:F6:24:39:CB:58:E3:E2:43:3F:E5:A7:81:52:61:DE:CC:3A:7F:39:E5:89:07:3C:26:EA:BD:65:F8:A4:0A:BF:8F:D1:E9:54:A6:E2:01:AA:47:29:F0:1B:BB:8B:3C:77:31:35:CF:D8:54:34:D9:73:FA:99:F5:4B:FF:4F:3F:60:58:71:1C:BE:F9:20:E4:B8:35:F6:5B:74:99:0A:96:3F:61:E8:BE:B1:D0:6F:A5:BB:0C:32:98:71:72:F2:0C:36:67:2A:A8:2C:58:EB:BF:C1:9E:BE:3E:B2:AC:C4:AA:66:84:3B:1B:99:25:84:8D:EC:2D:21:27:88:2A:00:36:47:49:6E:4D:16:C0:54:B6:B4:F5:6F:2C:EF:A0:96:40:07:79:64:45:0C:37:19:4D:A0:02:4F:E5:B5:12:63:2E:94:E0:07:40:B6:C7" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "2022-11-22 16:53:31", "not_valid_before": "2021-11-22 16:53:32" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:87 Monday 22 November 2021 16:53:48 +0000 (0:00:00.035) 0:00:26.945 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:96 Monday 22 November 2021 16:53:48 +0000 (0:00:00.036) 0:00:26.982 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:105 Monday 22 November 2021 16:53:48 +0000 (0:00:00.023) 0:00:27.005 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:112 Monday 22 November 2021 16:53:48 +0000 (0:00:00.038) 0:00:27.044 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:125 Monday 22 November 2021 16:53:48 +0000 (0:00:00.037) 0:00:27.081 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:141 Monday 22 November 2021 16:53:48 +0000 (0:00:00.035) 0:00:27.117 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.040797", "end": "2021-11-22 11:53:47.986522", "rc": 0, "start": "2021-11-22 11:53:47.945725" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:150 Monday 22 November 2021 16:53:49 +0000 (0:00:00.355) 0:00:27.473 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=33 changed=10 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 16:53:49 +0000 (0:00:00.040) 0:00:27.513 ******* =============================================================================== Install the package, force upgrade -------------------------------------- 4.84s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:11 ------------- linux-system-roles.certificate : Ensure certificate role dependencies are installed --- 4.80s /tmp/tmpcx8fxgbp/tasks/main.yml:17 -------------------------------------------- Ensure python3 is installed --------------------------------------------- 4.39s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:6 -------------- Install certreader ------------------------------------------------------ 3.17s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:18 ------------- linux-system-roles.certificate : Ensure provider packages are installed --- 2.14s /tmp/tmpcx8fxgbp/tasks/main.yml:34 -------------------------------------------- set up internal repositories -------------------------------------------- 1.34s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ Gathering Facts --------------------------------------------------------- 0.95s /tmp/tmpcx8fxgbp/tests/tests_not_wait_for_cert.yml:2 -------------------------- linux-system-roles.certificate : Ensure provider service is running ----- 0.83s /tmp/tmpcx8fxgbp/tasks/main.yml:100 ------------------------------------------- Parse certificate ------------------------------------------------------- 0.74s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:78 ------------- Gathering Facts --------------------------------------------------------- 0.70s /tmp/tmpcx8fxgbp/tests/tests_not_wait_for_cert.yml:14 ------------------------- linux-system-roles.certificate : Ensure certificate requests ------------ 0.60s /tmp/tmpcx8fxgbp/tasks/main.yml:112 ------------------------------------------- linux-system-roles.certificate : Ensure pre-scripts hooks directory exists --- 0.51s /tmp/tmpcx8fxgbp/tasks/main.yml:45 -------------------------------------------- Wait for certificate ---------------------------------------------------- 0.46s /tmp/tmpcx8fxgbp/tests/tests_not_wait_for_cert.yml:28 ------------------------- Retrieve certificate file stats ----------------------------------------- 0.45s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:26 ------------- Retrieve auto-renew flag ------------------------------------------------ 0.36s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:141 ------------ linux-system-roles.certificate : Ensure post-scripts hooks directory exists --- 0.34s /tmp/tmpcx8fxgbp/tasks/main.yml:71 -------------------------------------------- Retrieve key file stats ------------------------------------------------- 0.33s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:55 ------------- Verify key file owner and group ----------------------------------------- 0.04s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:66 ------------- Verify certificate auto-renew flag -------------------------------------- 0.04s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:150 ------------ Verify key size --------------------------------------------------------- 0.04s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:105 ------------ + cd /tmp/tmpcx8fxgbp/tests; TEST_SSHD_USEDNS_NO=True TEST_SUBJECTS=/cache/rhel-7.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-103-b309c26-rhel-7-3xzp9nbc/artifacts ANSIBLE_COLLECTIONS_PATHS=/tmp/tmpvzmns1ns:~/.ansible/collections:/usr/share/ansible/collections ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 --skip-tags=tests::cleanup,tests::nvme /tmp/tmpcx8fxgbp/_setup.yml /tmp/tmpcx8fxgbp/tests/tests_principal.yml ansible-playbook [core 2.12.0.post0] config file = None configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.8/site-packages/ansible ansible collection location = /tmp/tmpvzmns1ns:/home/runner/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.8.8 (default, Aug 25 2021, 16:13:02) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] jinja version = 2.10.3 libyaml = True No config file found; using defaults Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 2 plays in /tmp/tmpcx8fxgbp/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpcx8fxgbp/_setup.yml:5 Monday 22 November 2021 16:54:03 +0000 (0:00:00.011) 0:00:00.011 ******* ok: [/cache/rhel-7.qcow2] => { "groups": { "all": [ "/cache/rhel-7.qcow2" ], "localhost": [ "/cache/rhel-7.qcow2" ], "subjects": [ "/cache/rhel-7.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:6 Monday 22 November 2021 16:54:03 +0000 (0:00:00.016) 0:00:00.028 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:13 Monday 22 November 2021 16:54:03 +0000 (0:00:00.025) 0:00:00.053 ******* changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 16:54:05 +0000 (0:00:01.393) 0:00:01.446 ******* =============================================================================== set up internal repositories -------------------------------------------- 1.39s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ fail -------------------------------------------------------------------- 0.03s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- PLAYBOOK: tests_principal.yml ************************************************** 3 plays in /tmp/tmpcx8fxgbp/tests/tests_principal.yml PLAY [Test issuing certificate with principal.] ******************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_principal.yml:2 Monday 22 November 2021 16:54:05 +0000 (0:00:00.021) 0:00:01.468 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpcx8fxgbp/tasks/main.yml:2 Monday 22 November 2021 16:54:06 +0000 (0:00:01.007) 0:00:02.476 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpcx8fxgbp/vars/RedHat_7.yml" ], "changed": false } TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:17 Monday 22 November 2021 16:54:06 +0000 (0:00:00.029) 0:00:02.505 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python-pyasn1", "python-cryptography" ] }, "rc": 0, "results": [ "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 rhel 503 k\n python2-pyasn1 noarch 0.1.9-7.el7 rhel 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 rhel 218 k\n python-enum34 noarch 1.0.4-1.el7 rhel 52 k\n python-idna noarch 2.4-1.el7 rhel 94 k\n python-ply noarch 3.4-11.el7 rhel 123 k\n python-pycparser noarch 2.14-1.el7 rhel 105 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 16 MB/s | 1.2 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n" ] } TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:34 Monday 22 November 2021 16:54:11 +0000 (0:00:05.624) 0:00:08.130 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": { "installed": [ "certmonger" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-14.el7 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository\n Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-14.el7 rhel 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 rhel 33 k\n libtevent x86_64 0.9.39-1.el7 rhel 41 k\n psmisc x86_64 22.20-17.el7 rhel 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 rhel 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 rhel 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 980 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 13 MB/s | 980 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-14.el7.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 2/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 3/6 \n Verifying : certmonger-0.78.4-14.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-14.el7 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n" ] } TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:45 Monday 22 November 2021 16:54:15 +0000 (0:00:03.523) 0:00:11.653 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:71 Monday 22 November 2021 16:54:15 +0000 (0:00:00.507) 0:00:12.161 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:100 Monday 22 November 2021 16:54:16 +0000 (0:00:00.333) 0:00:12.494 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "network.target system.slice syslog.target systemd-journald.socket dbus.service basic.target", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14968", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14968", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "system.slice basic.target", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0" } } TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpcx8fxgbp/tasks/main.yml:112 Monday 22 November 2021 16:54:17 +0000 (0:00:00.831) 0:00:13.325 ******* changed: [/cache/rhel-7.qcow2] => (item={'name': 'mycert', 'dns': 'www.example.com', 'principal': 'HTTP/www.example.com@EXAMPLE.COM', 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.com", "name": "mycert", "principal": "HTTP/www.example.com@EXAMPLE.COM" } } MSG: Certificate requested (new). META: role_complete for /cache/rhel-7.qcow2 META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_principal.yml:13 Monday 22 November 2021 16:54:17 +0000 (0:00:00.737) 0:00:14.063 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_principal.yml:33 Monday 22 November 2021 16:54:18 +0000 (0:00:00.714) 0:00:14.777 ******* included: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml for /cache/rhel-7.qcow2 => (item={'path': '/etc/pki/tls/certs/mycert.crt', 'key_path': '/etc/pki/tls/private/mycert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}, {'name': 'Universal Principal Name (UPN)', 'value': 'HTTP/www.example.com@EXAMPLE.COM', 'oid': '1.3.6.1.4.1.311.20.2.3'}, {'name': 'Kerberos principalname', 'value': 'HTTP/www.example.com@EXAMPLE.COM', 'oid': '1.3.6.1.5.2.2'}]}) TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:2 Monday 22 November 2021 16:54:18 +0000 (0:00:00.031) 0:00:14.809 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:6 Monday 22 November 2021 16:54:18 +0000 (0:00:00.016) 0:00:14.826 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python3" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-17.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-17.el7 for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-17.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-17.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-17.el7 rhel 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-17.el7 rhel 6.9 M\n python3-pip noarch 9.0.3-8.el7 rhel 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 rhel 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 65 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Installing : python3-libs-3.6.8-17.el7.x86_64 2/4 \n Installing : python3-3.6.8-17.el7.x86_64 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 1/4 \n Verifying : python3-3.6.8-17.el7.x86_64 2/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Verifying : python3-libs-3.6.8-17.el7.x86_64 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-17.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-17.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:11 Monday 22 November 2021 16:54:22 +0000 (0:00:04.414) 0:00:19.240 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting pip Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB) Installing collected packages: pip Found existing installation: pip 9.0.3 Uninstalling pip-9.0.3: Successfully uninstalled pip-9.0.3 Successfully installed pip-21.3.1 TASK [Install certreader] ****************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:18 Monday 22 November 2021 16:54:27 +0000 (0:00:04.589) 0:00:23.830 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting cryptography<35 Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB) Collecting certreader>=0.1.1 Downloading certreader-0.1.1.tar.gz (4.4 kB) Preparing metadata (setup.py): started Preparing metadata (setup.py): finished with status 'done' Collecting cffi>=1.12 Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB) Collecting pyasn1 Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB) Collecting pyyaml Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB) Collecting pycparser Downloading pycparser-2.21-py2.py3-none-any.whl (118 kB) Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed. Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader Running setup.py install for certreader: started Running setup.py install for certreader: finished with status 'done' Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.21 pyyaml-6.0 TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:26 Monday 22 November 2021 16:54:30 +0000 (0:00:03.098) 0:00:26.928 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600057.0625608, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "02d05efd213fb462215461837532fbeb4f06db68", "ctime": 1637600057.0595608, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12584429, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637600057.0595608, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1472, "uid": 0, "version": "1382085777", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:31 Monday 22 November 2021 16:54:31 +0000 (0:00:00.463) 0:00:27.392 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:37 Monday 22 November 2021 16:54:31 +0000 (0:00:00.022) 0:00:27.415 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:49 Monday 22 November 2021 16:54:31 +0000 (0:00:00.037) 0:00:27.452 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:55 Monday 22 November 2021 16:54:31 +0000 (0:00:00.033) 0:00:27.486 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600057.0195608, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "5c93fb726e4035dcd7d71efc261a76d159719497", "ctime": 1637600057.0595608, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12584428, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637600057.0595608, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "318400181", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:60 Monday 22 November 2021 16:54:31 +0000 (0:00:00.323) 0:00:27.810 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:66 Monday 22 November 2021 16:54:31 +0000 (0:00:00.021) 0:00:27.831 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:78 Monday 22 November 2021 16:54:31 +0000 (0:00:00.038) 0:00:27.869 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt" ], "delta": "0:00:00.268891", "end": "2021-11-22 11:54:31.649469", "rc": 0, "start": "2021-11-22 11:54:31.380578" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.com" }, { "name": "Universal Principal Name (UPN)", "value": "HTTP/www.example.com@EXAMPLE.COM", "oid": "1.3.6.1.4.1.311.20.2.3" }, { "name": "Kerberos principalname", "value": "HTTP/www.example.com@EXAMPLE.COM", "oid": "1.3.6.1.5.2.2" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "CF:B7:25:60:E0:35:DE:1D:B3:09:B8:87:9C:B7:C8:00:1B:82:A6:A8", "critical": false }, "authorityKeyIdentifier": { "value": "74:0A:06:06:2B:08:2A:4B:45:E5:5D:70:8F:EE:B3:9D:E0:E7:D9:AE", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "34:F3:EF:4F:22:B7:90:70:BB:7C:DE:19:98:E0:15:5C:5C:3B:82:63:01:D1:AE:7D:53:6C:50:17:11:0C:7A:A8:14:1E:41:A7:38:A3:1A:D2:C0:DD:A2:8A:69:9E:4C:24:83:F6:47:FB:53:93:EF:DB:81:B6:28:93:39:5D:B6:3E:07:3E:64:88:95:49:FA:E5:4B:F5:69:60:87:05:89:CB:85:AF:85:1A:A7:61:31:4B:5D:F1:3E:22:04:26:B3:4D:AC:A2:AA:53:5D:13:4A:1E:0C:92:18:A9:E5:B7:9F:A4:70:7F:17:C7:50:DA:65:29:45:37:E9:2A:A6:83:ED:3C:D5:FF:D2:11:20:CD:4F:F3:87:9F:FA:1C:65:3F:06:48:5E:92:90:F7:E9:46:BE:46:79:40:D5:1B:5F:8C:D8:05:04:9C:84:A0:78:47:F8:32:17:68:7E:8A:B0:44:9B:10:14:71:BD:34:07:45:D0:48:96:F1:BE:23:FD:E9:FB:16:5E:5C:8F:5A:00:3A:83:D5:0F:27:4A:74:93:6E:B0:5E:F4:D7:D5:D4:50:73:AA:FA:A0:E6:CD:66:D1:B6:FD:76:A0:EE:0F:E7:0C:05:F7:FE:D0:E5:0F:90:1A:1D:C7:B3:92:47:8A:02:71:05:26:88:A5:15:52:B5:3C:CC:D8:2C" }, "key_size": 2048, "validity": { "not_valid_after": "2022-11-22 16:54:16", "not_valid_before": "2021-11-22 16:54:17" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:83 Monday 22 November 2021 16:54:32 +0000 (0:00:00.715) 0:00:28.585 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "74:0A:06:06:2B:08:2A:4B:45:E5:5D:70:8F:EE:B3:9D:E0:E7:D9:AE" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" }, { "name": "Universal Principal Name (UPN)", "oid": "1.3.6.1.4.1.311.20.2.3", "value": "HTTP/www.example.com@EXAMPLE.COM" }, { "name": "Kerberos principalname", "oid": "1.3.6.1.5.2.2", "value": "HTTP/www.example.com@EXAMPLE.COM" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "CF:B7:25:60:E0:35:DE:1D:B3:09:B8:87:9C:B7:C8:00:1B:82:A6:A8" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "34:F3:EF:4F:22:B7:90:70:BB:7C:DE:19:98:E0:15:5C:5C:3B:82:63:01:D1:AE:7D:53:6C:50:17:11:0C:7A:A8:14:1E:41:A7:38:A3:1A:D2:C0:DD:A2:8A:69:9E:4C:24:83:F6:47:FB:53:93:EF:DB:81:B6:28:93:39:5D:B6:3E:07:3E:64:88:95:49:FA:E5:4B:F5:69:60:87:05:89:CB:85:AF:85:1A:A7:61:31:4B:5D:F1:3E:22:04:26:B3:4D:AC:A2:AA:53:5D:13:4A:1E:0C:92:18:A9:E5:B7:9F:A4:70:7F:17:C7:50:DA:65:29:45:37:E9:2A:A6:83:ED:3C:D5:FF:D2:11:20:CD:4F:F3:87:9F:FA:1C:65:3F:06:48:5E:92:90:F7:E9:46:BE:46:79:40:D5:1B:5F:8C:D8:05:04:9C:84:A0:78:47:F8:32:17:68:7E:8A:B0:44:9B:10:14:71:BD:34:07:45:D0:48:96:F1:BE:23:FD:E9:FB:16:5E:5C:8F:5A:00:3A:83:D5:0F:27:4A:74:93:6E:B0:5E:F4:D7:D5:D4:50:73:AA:FA:A0:E6:CD:66:D1:B6:FD:76:A0:EE:0F:E7:0C:05:F7:FE:D0:E5:0F:90:1A:1D:C7:B3:92:47:8A:02:71:05:26:88:A5:15:52:B5:3C:CC:D8:2C" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "2022-11-22 16:54:16", "not_valid_before": "2021-11-22 16:54:17" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:87 Monday 22 November 2021 16:54:32 +0000 (0:00:00.044) 0:00:28.629 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:96 Monday 22 November 2021 16:54:32 +0000 (0:00:00.042) 0:00:28.672 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:105 Monday 22 November 2021 16:54:32 +0000 (0:00:00.022) 0:00:28.694 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:112 Monday 22 November 2021 16:54:32 +0000 (0:00:00.033) 0:00:28.728 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:125 Monday 22 November 2021 16:54:32 +0000 (0:00:00.035) 0:00:28.763 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:141 Monday 22 November 2021 16:54:32 +0000 (0:00:00.035) 0:00:28.799 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.040273", "end": "2021-11-22 11:54:32.212394", "rc": 0, "start": "2021-11-22 11:54:32.172121" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:150 Monday 22 November 2021 16:54:32 +0000 (0:00:00.346) 0:00:29.145 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY [Test issuing certificate with invalid principal.] ************************ TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_principal.yml:40 Monday 22 November 2021 16:54:32 +0000 (0:00:00.044) 0:00:29.190 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpcx8fxgbp/tasks/main.yml:2 Monday 22 November 2021 16:54:33 +0000 (0:00:00.712) 0:00:29.902 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpcx8fxgbp/vars/RedHat_7.yml" ], "changed": false } TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:17 Monday 22 November 2021 16:54:33 +0000 (0:00:00.027) 0:00:29.929 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0, "results": [ "python2-pyasn1-0.1.9-7.el7.noarch providing python-pyasn1 is already installed", "python2-cryptography-1.7.2-2.el7.x86_64 providing python-cryptography is already installed", "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed" ] } TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:34 Monday 22 November 2021 16:54:34 +0000 (0:00:00.907) 0:00:30.837 ******* ok: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "rc": 0, "results": [ "certmonger-0.78.4-14.el7.x86_64 providing certmonger is already installed" ] } TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:45 Monday 22 November 2021 16:54:35 +0000 (0:00:00.585) 0:00:31.422 ******* ok: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:71 Monday 22 November 2021 16:54:35 +0000 (0:00:00.346) 0:00:31.769 ******* ok: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:100 Monday 22 November 2021 16:54:35 +0000 (0:00:00.339) 0:00:32.109 ******* ok: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestamp": "Mon 2021-11-22 11:54:16 EST", "ActiveEnterTimestampMonotonic": "23785275", "ActiveExitTimestampMonotonic": "0", "ActiveState": "active", "After": "syslog.target basic.target dbus.service systemd-journald.socket network.target system.slice", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "yes", "AssertTimestamp": "Mon 2021-11-22 11:54:16 EST", "AssertTimestampMonotonic": "23749630", "Before": "shutdown.target multi-user.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "yes", "ConditionTimestamp": "Mon 2021-11-22 11:54:16 EST", "ConditionTimestampMonotonic": "23749630", "Conflicts": "shutdown.target", "ControlGroup": "/system.slice/certmonger.service", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "8289", "ExecMainStartTimestamp": "Mon 2021-11-22 11:54:16 EST", "ExecMainStartTimestampMonotonic": "23750794", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[Mon 2021-11-22 11:54:16 EST] ; stop_time=[n/a] ; pid=8289 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestamp": "Mon 2021-11-22 11:54:16 EST", "InactiveExitTimestampMonotonic": "23751461", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14968", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14968", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "8289", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "system.slice basic.target", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "running", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "enabled", "WantedBy": "multi-user.target", "WatchdogTimestamp": "Mon 2021-11-22 11:54:16 EST", "WatchdogTimestampMonotonic": "23785243", "WatchdogUSec": "0" } } TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpcx8fxgbp/tasks/main.yml:112 Monday 22 November 2021 16:54:36 +0000 (0:00:00.413) 0:00:32.523 ******* failed: [/cache/rhel-7.qcow2] (item={'name': 'mycertinvalid', 'dns': 'www.example.com', 'principal': 'HTTP/abc', 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": false, "item": { "ca": "self-sign", "dns": "www.example.com", "name": "mycertinvalid", "principal": "HTTP/abc" } } MSG: Invalid principal 'HTTP/abc'. It should be formatted as 'primary/instance@REALM' TASK [assert...] *************************************************************** task path: /tmp/tmpcx8fxgbp/tests/tests_principal.yml:59 Monday 22 November 2021 16:54:36 +0000 (0:00:00.421) 0:00:32.944 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=40 changed=10 unreachable=0 failed=0 skipped=1 rescued=1 ignored=0 Monday 22 November 2021 16:54:36 +0000 (0:00:00.024) 0:00:32.969 ******* =============================================================================== linux-system-roles.certificate : Ensure certificate role dependencies are installed --- 5.62s /tmp/tmpcx8fxgbp/tasks/main.yml:17 -------------------------------------------- Install the package, force upgrade -------------------------------------- 4.59s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:11 ------------- Ensure python3 is installed --------------------------------------------- 4.41s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:6 -------------- linux-system-roles.certificate : Ensure provider packages are installed --- 3.52s /tmp/tmpcx8fxgbp/tasks/main.yml:34 -------------------------------------------- Install certreader ------------------------------------------------------ 3.10s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:18 ------------- set up internal repositories -------------------------------------------- 1.39s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ Gathering Facts --------------------------------------------------------- 1.01s /tmp/tmpcx8fxgbp/tests/tests_principal.yml:2 ---------------------------------- linux-system-roles.certificate : Ensure certificate role dependencies are installed --- 0.91s /tmp/tmpcx8fxgbp/tasks/main.yml:17 -------------------------------------------- linux-system-roles.certificate : Ensure provider service is running ----- 0.83s /tmp/tmpcx8fxgbp/tasks/main.yml:100 ------------------------------------------- linux-system-roles.certificate : Ensure certificate requests ------------ 0.74s /tmp/tmpcx8fxgbp/tasks/main.yml:112 ------------------------------------------- Parse certificate ------------------------------------------------------- 0.72s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:78 ------------- Gathering Facts --------------------------------------------------------- 0.71s /tmp/tmpcx8fxgbp/tests/tests_principal.yml:13 --------------------------------- Gathering Facts --------------------------------------------------------- 0.71s /tmp/tmpcx8fxgbp/tests/tests_principal.yml:40 --------------------------------- linux-system-roles.certificate : Ensure provider packages are installed --- 0.59s /tmp/tmpcx8fxgbp/tasks/main.yml:34 -------------------------------------------- linux-system-roles.certificate : Ensure pre-scripts hooks directory exists --- 0.51s /tmp/tmpcx8fxgbp/tasks/main.yml:45 -------------------------------------------- Retrieve certificate file stats ----------------------------------------- 0.46s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:26 ------------- linux-system-roles.certificate : Ensure certificate requests ------------ 0.42s /tmp/tmpcx8fxgbp/tasks/main.yml:112 ------------------------------------------- linux-system-roles.certificate : Ensure provider service is running ----- 0.41s /tmp/tmpcx8fxgbp/tasks/main.yml:100 ------------------------------------------- Retrieve auto-renew flag ------------------------------------------------ 0.35s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:141 ------------ linux-system-roles.certificate : Ensure pre-scripts hooks directory exists --- 0.35s /tmp/tmpcx8fxgbp/tasks/main.yml:45 -------------------------------------------- + cd /tmp/tmpcx8fxgbp/tests; TEST_SSHD_USEDNS_NO=True TEST_SUBJECTS=/cache/rhel-7.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-103-b309c26-rhel-7-3xzp9nbc/artifacts ANSIBLE_COLLECTIONS_PATHS=/tmp/tmpvzmns1ns:~/.ansible/collections:/usr/share/ansible/collections ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 --skip-tags=tests::cleanup,tests::nvme /tmp/tmpcx8fxgbp/_setup.yml /tmp/tmpcx8fxgbp/tests/tests_provider.yml ansible-playbook [core 2.12.0.post0] config file = None configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.8/site-packages/ansible ansible collection location = /tmp/tmpvzmns1ns:/home/runner/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.8.8 (default, Aug 25 2021, 16:13:02) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] jinja version = 2.10.3 libyaml = True No config file found; using defaults Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 2 plays in /tmp/tmpcx8fxgbp/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpcx8fxgbp/_setup.yml:5 Monday 22 November 2021 16:54:51 +0000 (0:00:00.012) 0:00:00.012 ******* ok: [/cache/rhel-7.qcow2] => { "groups": { "all": [ "/cache/rhel-7.qcow2" ], "localhost": [ "/cache/rhel-7.qcow2" ], "subjects": [ "/cache/rhel-7.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:6 Monday 22 November 2021 16:54:51 +0000 (0:00:00.019) 0:00:00.031 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:13 Monday 22 November 2021 16:54:51 +0000 (0:00:00.024) 0:00:00.055 ******* changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 16:54:52 +0000 (0:00:01.367) 0:00:01.423 ******* =============================================================================== set up internal repositories -------------------------------------------- 1.37s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ fail -------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- PLAYBOOK: tests_provider.yml *************************************************** 2 plays in /tmp/tmpcx8fxgbp/tests/tests_provider.yml PLAY [Test issuing certificate with certmonger provider] *********************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_provider.yml:2 Monday 22 November 2021 16:54:52 +0000 (0:00:00.014) 0:00:01.438 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpcx8fxgbp/tasks/main.yml:2 Monday 22 November 2021 16:54:53 +0000 (0:00:00.969) 0:00:02.408 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpcx8fxgbp/vars/RedHat_7.yml" ], "changed": false } TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:17 Monday 22 November 2021 16:54:53 +0000 (0:00:00.029) 0:00:02.437 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python-pyasn1", "python-cryptography" ] }, "rc": 0, "results": [ "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 rhel 503 k\n python2-pyasn1 noarch 0.1.9-7.el7 rhel 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 rhel 218 k\n python-enum34 noarch 1.0.4-1.el7 rhel 52 k\n python-idna noarch 2.4-1.el7 rhel 94 k\n python-ply noarch 3.4-11.el7 rhel 123 k\n python-pycparser noarch 2.14-1.el7 rhel 105 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 15 MB/s | 1.2 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n" ] } TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:34 Monday 22 November 2021 16:54:58 +0000 (0:00:04.899) 0:00:07.336 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": { "installed": [ "certmonger" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-14.el7 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository\n Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-14.el7 rhel 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 rhel 33 k\n libtevent x86_64 0.9.39-1.el7 rhel 41 k\n psmisc x86_64 22.20-17.el7 rhel 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 rhel 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 rhel 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 980 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 13 MB/s | 980 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-14.el7.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 2/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 3/6 \n Verifying : certmonger-0.78.4-14.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-14.el7 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n" ] } TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:45 Monday 22 November 2021 16:55:00 +0000 (0:00:02.111) 0:00:09.448 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:71 Monday 22 November 2021 16:55:00 +0000 (0:00:00.479) 0:00:09.927 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:100 Monday 22 November 2021 16:55:01 +0000 (0:00:00.341) 0:00:10.269 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "dbus.service basic.target system.slice syslog.target systemd-journald.socket network.target", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14968", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14968", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "basic.target system.slice", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0" } } TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpcx8fxgbp/tasks/main.yml:112 Monday 22 November 2021 16:55:02 +0000 (0:00:00.864) 0:00:11.133 ******* changed: [/cache/rhel-7.qcow2] => (item={'name': 'mycert', 'dns': 'www.example.com', 'ca': 'self-sign', 'provider': 'certmonger'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.com", "name": "mycert", "provider": "certmonger" } } MSG: Certificate requested (new). META: role_complete for /cache/rhel-7.qcow2 META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_provider.yml:13 Monday 22 November 2021 16:55:03 +0000 (0:00:00.858) 0:00:11.992 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_provider.yml:27 Monday 22 November 2021 16:55:04 +0000 (0:00:01.011) 0:00:13.003 ******* included: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml for /cache/rhel-7.qcow2 => (item={'path': '/etc/pki/tls/certs/mycert.crt', 'key_path': '/etc/pki/tls/private/mycert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}]}) TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:2 Monday 22 November 2021 16:55:04 +0000 (0:00:00.032) 0:00:13.036 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:6 Monday 22 November 2021 16:55:04 +0000 (0:00:00.016) 0:00:13.052 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python3" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-17.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-17.el7 for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-17.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-17.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-17.el7 rhel 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-17.el7 rhel 6.9 M\n python3-pip noarch 9.0.3-8.el7 rhel 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 rhel 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 66 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Installing : python3-libs-3.6.8-17.el7.x86_64 2/4 \n Installing : python3-3.6.8-17.el7.x86_64 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 1/4 \n Verifying : python3-3.6.8-17.el7.x86_64 2/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Verifying : python3-libs-3.6.8-17.el7.x86_64 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-17.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-17.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:11 Monday 22 November 2021 16:55:08 +0000 (0:00:04.412) 0:00:17.464 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting pip Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB) Installing collected packages: pip Found existing installation: pip 9.0.3 Uninstalling pip-9.0.3: Successfully uninstalled pip-9.0.3 Successfully installed pip-21.3.1 TASK [Install certreader] ****************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:18 Monday 22 November 2021 16:55:13 +0000 (0:00:04.649) 0:00:22.114 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting cryptography<35 Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB) Collecting certreader>=0.1.1 Downloading certreader-0.1.1.tar.gz (4.4 kB) Preparing metadata (setup.py): started Preparing metadata (setup.py): finished with status 'done' Collecting cffi>=1.12 Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB) Collecting pyasn1 Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB) Collecting pyyaml Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB) Collecting pycparser Downloading pycparser-2.21-py2.py3-none-any.whl (118 kB) Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed. Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader Running setup.py install for certreader: started Running setup.py install for certreader: finished with status 'done' Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.21 pyyaml-6.0 TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:26 Monday 22 November 2021 16:55:16 +0000 (0:00:03.247) 0:00:25.362 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600101.9978597, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "13f541e6d63221beb6b0fb0ab4cc170bb08795f3", "ctime": 1637600101.9958599, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12584399, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637600101.9958599, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1310, "uid": 0, "version": "18446744071570656533", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:31 Monday 22 November 2021 16:55:16 +0000 (0:00:00.455) 0:00:25.818 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:37 Monday 22 November 2021 16:55:16 +0000 (0:00:00.023) 0:00:25.841 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:49 Monday 22 November 2021 16:55:16 +0000 (0:00:00.040) 0:00:25.882 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:55 Monday 22 November 2021 16:55:16 +0000 (0:00:00.035) 0:00:25.917 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600101.9548597, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "6c9c831b00975660e1633db26891f0d03168a106", "ctime": 1637600101.9958599, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12584398, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637600101.9958599, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "18446744072891150313", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:60 Monday 22 November 2021 16:55:17 +0000 (0:00:00.324) 0:00:26.242 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:66 Monday 22 November 2021 16:55:17 +0000 (0:00:00.023) 0:00:26.265 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:78 Monday 22 November 2021 16:55:17 +0000 (0:00:00.038) 0:00:26.303 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt" ], "delta": "0:00:00.278610", "end": "2021-11-22 11:55:17.174282", "rc": 0, "start": "2021-11-22 11:55:16.895672" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.com" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "EC:33:05:5A:C9:1F:77:A7:00:E6:F0:FB:8F:AD:7B:04:30:28:6D:83", "critical": false }, "authorityKeyIdentifier": { "value": "C1:71:08:28:D3:9B:6B:23:03:72:DE:02:E7:2E:50:18:C5:FA:89:D2", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "90:F2:2B:27:34:5D:B5:B7:20:44:D2:E8:41:17:19:E6:F6:F7:7F:42:5F:23:DF:99:1F:BF:D4:69:6D:D6:24:4B:5A:DB:16:7D:C5:DB:9E:3D:4F:71:6F:4D:12:E8:14:88:52:A3:27:E4:11:4C:FD:6F:E0:DE:0C:F1:05:0F:5A:18:7A:DF:96:E8:77:3E:D7:24:D2:CF:98:45:E6:A4:CD:82:E2:5A:4A:6C:9F:D2:09:09:6B:D7:00:AD:BE:A7:8D:E0:0D:4B:C9:62:EB:E7:C3:57:A2:F0:36:AA:A4:B9:E7:7F:D4:EC:10:E6:A8:25:24:CE:1A:68:6B:A5:3C:4E:81:4B:D1:F6:3D:9D:47:A2:DC:F1:30:14:B1:96:8C:16:68:44:AF:F9:6A:B0:7F:3B:A0:57:19:23:3B:EC:FB:47:3A:7E:FC:F7:32:3C:C1:6E:BB:73:E0:54:B7:E2:6E:F2:D5:9F:59:11:20:87:22:C7:DC:78:71:16:2C:5C:53:28:4B:8D:E8:B5:40:9E:B4:06:3E:EA:ED:58:C2:54:8F:29:3A:57:C6:32:2F:8C:B0:23:E9:43:44:5E:6B:12:0D:03:F1:80:0C:D1:00:E8:94:96:E8:4A:07:F2:A6:94:51:7D:E8:3B:65:CA:1D:01:A3:1E:C4:0E:CE:EF:B0:BE:FD:D4:BA:95" }, "key_size": 2048, "validity": { "not_valid_after": "2022-11-22 16:55:01", "not_valid_before": "2021-11-22 16:55:01" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:83 Monday 22 November 2021 16:55:18 +0000 (0:00:00.756) 0:00:27.059 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "C1:71:08:28:D3:9B:6B:23:03:72:DE:02:E7:2E:50:18:C5:FA:89:D2" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "EC:33:05:5A:C9:1F:77:A7:00:E6:F0:FB:8F:AD:7B:04:30:28:6D:83" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "90:F2:2B:27:34:5D:B5:B7:20:44:D2:E8:41:17:19:E6:F6:F7:7F:42:5F:23:DF:99:1F:BF:D4:69:6D:D6:24:4B:5A:DB:16:7D:C5:DB:9E:3D:4F:71:6F:4D:12:E8:14:88:52:A3:27:E4:11:4C:FD:6F:E0:DE:0C:F1:05:0F:5A:18:7A:DF:96:E8:77:3E:D7:24:D2:CF:98:45:E6:A4:CD:82:E2:5A:4A:6C:9F:D2:09:09:6B:D7:00:AD:BE:A7:8D:E0:0D:4B:C9:62:EB:E7:C3:57:A2:F0:36:AA:A4:B9:E7:7F:D4:EC:10:E6:A8:25:24:CE:1A:68:6B:A5:3C:4E:81:4B:D1:F6:3D:9D:47:A2:DC:F1:30:14:B1:96:8C:16:68:44:AF:F9:6A:B0:7F:3B:A0:57:19:23:3B:EC:FB:47:3A:7E:FC:F7:32:3C:C1:6E:BB:73:E0:54:B7:E2:6E:F2:D5:9F:59:11:20:87:22:C7:DC:78:71:16:2C:5C:53:28:4B:8D:E8:B5:40:9E:B4:06:3E:EA:ED:58:C2:54:8F:29:3A:57:C6:32:2F:8C:B0:23:E9:43:44:5E:6B:12:0D:03:F1:80:0C:D1:00:E8:94:96:E8:4A:07:F2:A6:94:51:7D:E8:3B:65:CA:1D:01:A3:1E:C4:0E:CE:EF:B0:BE:FD:D4:BA:95" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "2022-11-22 16:55:01", "not_valid_before": "2021-11-22 16:55:01" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:87 Monday 22 November 2021 16:55:18 +0000 (0:00:00.036) 0:00:27.096 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:96 Monday 22 November 2021 16:55:18 +0000 (0:00:00.038) 0:00:27.135 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:105 Monday 22 November 2021 16:55:18 +0000 (0:00:00.022) 0:00:27.158 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:112 Monday 22 November 2021 16:55:18 +0000 (0:00:00.035) 0:00:27.193 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:125 Monday 22 November 2021 16:55:18 +0000 (0:00:00.034) 0:00:27.227 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:141 Monday 22 November 2021 16:55:18 +0000 (0:00:00.034) 0:00:27.262 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.038602", "end": "2021-11-22 11:55:17.711622", "rc": 0, "start": "2021-11-22 11:55:17.673020" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:150 Monday 22 November 2021 16:55:18 +0000 (0:00:00.333) 0:00:27.595 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=32 changed=10 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 16:55:18 +0000 (0:00:00.045) 0:00:27.641 ******* =============================================================================== linux-system-roles.certificate : Ensure certificate role dependencies are installed --- 4.90s /tmp/tmpcx8fxgbp/tasks/main.yml:17 -------------------------------------------- Install the package, force upgrade -------------------------------------- 4.65s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:11 ------------- Ensure python3 is installed --------------------------------------------- 4.41s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:6 -------------- Install certreader ------------------------------------------------------ 3.25s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:18 ------------- linux-system-roles.certificate : Ensure provider packages are installed --- 2.11s /tmp/tmpcx8fxgbp/tasks/main.yml:34 -------------------------------------------- set up internal repositories -------------------------------------------- 1.37s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ Gathering Facts --------------------------------------------------------- 1.01s /tmp/tmpcx8fxgbp/tests/tests_provider.yml:13 ---------------------------------- Gathering Facts --------------------------------------------------------- 0.97s /tmp/tmpcx8fxgbp/tests/tests_provider.yml:2 ----------------------------------- linux-system-roles.certificate : Ensure provider service is running ----- 0.86s /tmp/tmpcx8fxgbp/tasks/main.yml:100 ------------------------------------------- linux-system-roles.certificate : Ensure certificate requests ------------ 0.86s /tmp/tmpcx8fxgbp/tasks/main.yml:112 ------------------------------------------- Parse certificate ------------------------------------------------------- 0.76s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:78 ------------- linux-system-roles.certificate : Ensure pre-scripts hooks directory exists --- 0.48s /tmp/tmpcx8fxgbp/tasks/main.yml:45 -------------------------------------------- Retrieve certificate file stats ----------------------------------------- 0.46s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:26 ------------- linux-system-roles.certificate : Ensure post-scripts hooks directory exists --- 0.34s /tmp/tmpcx8fxgbp/tasks/main.yml:71 -------------------------------------------- Retrieve auto-renew flag ------------------------------------------------ 0.33s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:141 ------------ Retrieve key file stats ------------------------------------------------- 0.32s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:55 ------------- Verify certificate auto-renew flag -------------------------------------- 0.05s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:150 ------------ Verify certificate file owner and group --------------------------------- 0.04s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:37 ------------- Verify certificate subject ---------------------------------------------- 0.04s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:87 ------------- Verify key file owner and group ----------------------------------------- 0.04s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:66 ------------- + cd /tmp/tmpcx8fxgbp/tests; TEST_SSHD_USEDNS_NO=True TEST_SUBJECTS=/cache/rhel-7.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-103-b309c26-rhel-7-3xzp9nbc/artifacts ANSIBLE_COLLECTIONS_PATHS=/tmp/tmpvzmns1ns:~/.ansible/collections:/usr/share/ansible/collections ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 --skip-tags=tests::cleanup,tests::nvme /tmp/tmpcx8fxgbp/_setup.yml /tmp/tmpcx8fxgbp/tests/tests_run_hooks.yml ansible-playbook [core 2.12.0.post0] config file = None configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.8/site-packages/ansible ansible collection location = /tmp/tmpvzmns1ns:/home/runner/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.8.8 (default, Aug 25 2021, 16:13:02) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] jinja version = 2.10.3 libyaml = True No config file found; using defaults Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 2 plays in /tmp/tmpcx8fxgbp/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpcx8fxgbp/_setup.yml:5 Monday 22 November 2021 16:55:32 +0000 (0:00:00.011) 0:00:00.011 ******* ok: [/cache/rhel-7.qcow2] => { "groups": { "all": [ "/cache/rhel-7.qcow2" ], "localhost": [ "/cache/rhel-7.qcow2" ], "subjects": [ "/cache/rhel-7.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:6 Monday 22 November 2021 16:55:32 +0000 (0:00:00.017) 0:00:00.028 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:13 Monday 22 November 2021 16:55:32 +0000 (0:00:00.022) 0:00:00.051 ******* changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 16:55:34 +0000 (0:00:01.423) 0:00:01.475 ******* =============================================================================== set up internal repositories -------------------------------------------- 1.42s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ fail -------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- PLAYBOOK: tests_run_hooks.yml ************************************************** 2 plays in /tmp/tmpcx8fxgbp/tests/tests_run_hooks.yml PLAY [Issue simple self-signed certificate] ************************************ TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_run_hooks.yml:2 Monday 22 November 2021 16:55:34 +0000 (0:00:00.015) 0:00:01.490 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpcx8fxgbp/tasks/main.yml:2 Monday 22 November 2021 16:55:35 +0000 (0:00:01.005) 0:00:02.496 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpcx8fxgbp/vars/RedHat_7.yml" ], "changed": false } TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:17 Monday 22 November 2021 16:55:35 +0000 (0:00:00.026) 0:00:02.522 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python-pyasn1", "python-cryptography" ] }, "rc": 0, "results": [ "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 rhel 503 k\n python2-pyasn1 noarch 0.1.9-7.el7 rhel 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 rhel 218 k\n python-enum34 noarch 1.0.4-1.el7 rhel 52 k\n python-idna noarch 2.4-1.el7 rhel 94 k\n python-ply noarch 3.4-11.el7 rhel 123 k\n python-pycparser noarch 2.14-1.el7 rhel 105 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 15 MB/s | 1.2 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n" ] } TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:34 Monday 22 November 2021 16:55:40 +0000 (0:00:04.872) 0:00:07.395 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": { "installed": [ "certmonger" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-14.el7 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository\n Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-14.el7 rhel 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 rhel 33 k\n libtevent x86_64 0.9.39-1.el7 rhel 41 k\n psmisc x86_64 22.20-17.el7 rhel 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 rhel 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 rhel 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 980 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 13 MB/s | 980 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-14.el7.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 2/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 3/6 \n Verifying : certmonger-0.78.4-14.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-14.el7 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n" ] } TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:45 Monday 22 November 2021 16:55:42 +0000 (0:00:02.185) 0:00:09.580 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:71 Monday 22 November 2021 16:55:42 +0000 (0:00:00.485) 0:00:10.065 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:100 Monday 22 November 2021 16:55:43 +0000 (0:00:00.337) 0:00:10.402 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "system.slice network.target basic.target dbus.service systemd-journald.socket syslog.target", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14968", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14968", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "basic.target system.slice", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0" } } TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpcx8fxgbp/tasks/main.yml:112 Monday 22 November 2021 16:55:43 +0000 (0:00:00.835) 0:00:11.238 ******* changed: [/cache/rhel-7.qcow2] => (item={'name': 'mycert', 'dns': 'www.example.com', 'ca': 'self-sign', 'run_before': 'touch /etc/pki/before_cert.tmp\n', 'run_after': 'touch /etc/pki/after_cert.tmp\n'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.com", "name": "mycert", "run_after": "touch /etc/pki/after_cert.tmp\n", "run_before": "touch /etc/pki/before_cert.tmp\n" } } MSG: Certificate requested (new). Pre/Post run hooks updated. META: role_complete for /cache/rhel-7.qcow2 META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_run_hooks.yml:17 Monday 22 November 2021 16:55:44 +0000 (0:00:00.845) 0:00:12.083 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_run_hooks.yml:31 Monday 22 November 2021 16:55:45 +0000 (0:00:00.683) 0:00:12.767 ******* included: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml for /cache/rhel-7.qcow2 => (item={'path': '/etc/pki/tls/certs/mycert.crt', 'key_path': '/etc/pki/tls/private/mycert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}]}) TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:2 Monday 22 November 2021 16:55:45 +0000 (0:00:00.031) 0:00:12.798 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:6 Monday 22 November 2021 16:55:45 +0000 (0:00:00.016) 0:00:12.814 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python3" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-17.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-17.el7 for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-17.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-17.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-17.el7 rhel 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-17.el7 rhel 6.9 M\n python3-pip noarch 9.0.3-8.el7 rhel 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 rhel 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 65 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Installing : python3-libs-3.6.8-17.el7.x86_64 2/4 \n Installing : python3-3.6.8-17.el7.x86_64 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 1/4 \n Verifying : python3-3.6.8-17.el7.x86_64 2/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Verifying : python3-libs-3.6.8-17.el7.x86_64 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-17.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-17.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:11 Monday 22 November 2021 16:55:49 +0000 (0:00:04.456) 0:00:17.271 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting pip Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB) Installing collected packages: pip Found existing installation: pip 9.0.3 Uninstalling pip-9.0.3: Successfully uninstalled pip-9.0.3 Successfully installed pip-21.3.1 TASK [Install certreader] ****************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:18 Monday 22 November 2021 16:55:54 +0000 (0:00:04.859) 0:00:22.131 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting cryptography<35 Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB) Collecting certreader>=0.1.1 Downloading certreader-0.1.1.tar.gz (4.4 kB) Preparing metadata (setup.py): started Preparing metadata (setup.py): finished with status 'done' Collecting cffi>=1.12 Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB) Collecting pyasn1 Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB) Collecting pyyaml Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB) Collecting pycparser Downloading pycparser-2.21-py2.py3-none-any.whl (118 kB) Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed. Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader Running setup.py install for certreader: started Running setup.py install for certreader: finished with status 'done' Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.21 pyyaml-6.0 TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:26 Monday 22 November 2021 16:55:58 +0000 (0:00:03.227) 0:00:25.358 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600143.6489446, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "7e376d35e0d107f83ae03d0874bccedf6cb7d5c6", "ctime": 1637600143.6449447, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12986522, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637600143.6449447, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1310, "uid": 0, "version": "18446744072948024348", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:31 Monday 22 November 2021 16:55:58 +0000 (0:00:00.463) 0:00:25.821 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:37 Monday 22 November 2021 16:55:58 +0000 (0:00:00.021) 0:00:25.843 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:49 Monday 22 November 2021 16:55:58 +0000 (0:00:00.045) 0:00:25.889 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:55 Monday 22 November 2021 16:55:58 +0000 (0:00:00.035) 0:00:25.924 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600143.5989447, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "28f40c1e64b3031be901c9b8732b13edc6c09557", "ctime": 1637600143.6449447, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12986521, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637600143.6449447, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "786687066", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:60 Monday 22 November 2021 16:55:58 +0000 (0:00:00.352) 0:00:26.277 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:66 Monday 22 November 2021 16:55:58 +0000 (0:00:00.022) 0:00:26.299 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:78 Monday 22 November 2021 16:55:58 +0000 (0:00:00.041) 0:00:26.341 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt" ], "delta": "0:00:00.274553", "end": "2021-11-22 11:55:58.752411", "rc": 0, "start": "2021-11-22 11:55:58.477858" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.com" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "A3:C4:FB:8D:E8:71:48:1A:02:34:52:63:6A:D5:EF:6F:B0:12:98:7F", "critical": false }, "authorityKeyIdentifier": { "value": "1C:EA:F5:B6:0B:B3:23:E7:C5:01:23:48:AC:DB:3F:F3:14:99:9C:C8", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "86:87:C7:9E:86:9A:AA:80:0D:F9:C0:14:88:62:33:52:B5:23:18:1C:A1:5B:56:6D:06:11:77:88:17:0B:AC:5B:DE:D3:FB:A6:8E:B5:8A:5A:AA:06:60:99:2E:BD:54:7A:BE:4A:0E:6B:83:A8:09:87:63:19:CC:DC:91:63:6F:E5:FD:CD:FA:AF:9B:8A:FF:88:6C:08:89:27:68:01:F6:14:3B:D7:D1:80:1F:B2:8D:4F:C8:40:2D:02:B8:D6:C2:C3:C2:CD:47:71:4E:28:4A:E6:F2:8B:15:AD:DE:C4:79:47:F1:4D:C8:19:89:5A:46:B2:E2:CE:2E:C9:C5:A1:B0:CC:19:D4:80:E3:A1:CC:5E:D7:D9:EC:4A:F5:95:C6:8D:FB:53:FE:67:1C:49:FC:15:78:F2:04:44:7B:12:90:EE:EA:8E:A6:48:AD:BA:BF:AF:61:07:08:3C:3A:B1:AC:08:65:F1:97:0F:7F:CE:77:AE:B1:1C:E6:B5:BC:B5:C6:EB:58:85:ED:1F:58:A5:F3:3A:9A:48:9D:6C:25:DA:7F:54:EA:84:B6:02:A9:C1:A4:60:16:DF:82:BD:9D:28:69:5D:D9:37:56:BF:16:E2:15:68:4A:C7:EE:66:4D:28:0F:79:97:B7:06:6B:4D:76:5C:63:49:3E:67:D5:F2:8A:C1:5A:72" }, "key_size": 2048, "validity": { "not_valid_after": "2022-11-22 16:55:43", "not_valid_before": "2021-11-22 16:55:43" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:83 Monday 22 November 2021 16:55:59 +0000 (0:00:00.754) 0:00:27.095 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "1C:EA:F5:B6:0B:B3:23:E7:C5:01:23:48:AC:DB:3F:F3:14:99:9C:C8" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "A3:C4:FB:8D:E8:71:48:1A:02:34:52:63:6A:D5:EF:6F:B0:12:98:7F" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "86:87:C7:9E:86:9A:AA:80:0D:F9:C0:14:88:62:33:52:B5:23:18:1C:A1:5B:56:6D:06:11:77:88:17:0B:AC:5B:DE:D3:FB:A6:8E:B5:8A:5A:AA:06:60:99:2E:BD:54:7A:BE:4A:0E:6B:83:A8:09:87:63:19:CC:DC:91:63:6F:E5:FD:CD:FA:AF:9B:8A:FF:88:6C:08:89:27:68:01:F6:14:3B:D7:D1:80:1F:B2:8D:4F:C8:40:2D:02:B8:D6:C2:C3:C2:CD:47:71:4E:28:4A:E6:F2:8B:15:AD:DE:C4:79:47:F1:4D:C8:19:89:5A:46:B2:E2:CE:2E:C9:C5:A1:B0:CC:19:D4:80:E3:A1:CC:5E:D7:D9:EC:4A:F5:95:C6:8D:FB:53:FE:67:1C:49:FC:15:78:F2:04:44:7B:12:90:EE:EA:8E:A6:48:AD:BA:BF:AF:61:07:08:3C:3A:B1:AC:08:65:F1:97:0F:7F:CE:77:AE:B1:1C:E6:B5:BC:B5:C6:EB:58:85:ED:1F:58:A5:F3:3A:9A:48:9D:6C:25:DA:7F:54:EA:84:B6:02:A9:C1:A4:60:16:DF:82:BD:9D:28:69:5D:D9:37:56:BF:16:E2:15:68:4A:C7:EE:66:4D:28:0F:79:97:B7:06:6B:4D:76:5C:63:49:3E:67:D5:F2:8A:C1:5A:72" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "2022-11-22 16:55:43", "not_valid_before": "2021-11-22 16:55:43" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:87 Monday 22 November 2021 16:55:59 +0000 (0:00:00.032) 0:00:27.128 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:96 Monday 22 November 2021 16:55:59 +0000 (0:00:00.034) 0:00:27.162 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:105 Monday 22 November 2021 16:55:59 +0000 (0:00:00.021) 0:00:27.184 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:112 Monday 22 November 2021 16:55:59 +0000 (0:00:00.033) 0:00:27.218 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:125 Monday 22 November 2021 16:55:59 +0000 (0:00:00.035) 0:00:27.253 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:141 Monday 22 November 2021 16:55:59 +0000 (0:00:00.036) 0:00:27.289 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.041456", "end": "2021-11-22 11:55:59.314901", "rc": 0, "start": "2021-11-22 11:55:59.273445" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:150 Monday 22 November 2021 16:56:00 +0000 (0:00:00.367) 0:00:27.657 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Get certificate timestamp] *********************************************** task path: /tmp/tmpcx8fxgbp/tests/tests_run_hooks.yml:39 Monday 22 November 2021 16:56:00 +0000 (0:00:00.035) 0:00:27.692 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600143.6489446, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "7e376d35e0d107f83ae03d0874bccedf6cb7d5c6", "ctime": 1637600143.6449447, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12986522, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637600143.6449447, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1310, "uid": 0, "version": "18446744072948024348", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Get pre-run file timestamp] ********************************************** task path: /tmp/tmpcx8fxgbp/tests/tests_run_hooks.yml:43 Monday 22 November 2021 16:56:00 +0000 (0:00:00.307) 0:00:28.000 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600143.6439447, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 0, "charset": "binary", "checksum": "da39a3ee5e6b4b0d3255bfef95601890afd80709", "ctime": 1637600143.6439447, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 798, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "inode/x-empty", "mode": "0600", "mtime": 1637600143.6439447, "nlink": 1, "path": "/etc/pki/before_cert.tmp", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 0, "uid": 0, "version": "18446744072138901930", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Get post-run file timestamp] ********************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_run_hooks.yml:47 Monday 22 November 2021 16:56:00 +0000 (0:00:00.306) 0:00:28.306 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600143.6749446, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 0, "charset": "binary", "checksum": "da39a3ee5e6b4b0d3255bfef95601890afd80709", "ctime": 1637600143.6749446, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 449, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "inode/x-empty", "mode": "0600", "mtime": 1637600143.6749446, "nlink": 1, "path": "/etc/pki/after_cert.tmp", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 0, "uid": 0, "version": "18446744072396492301", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Assert file created before cert] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tests_run_hooks.yml:51 Monday 22 November 2021 16:56:01 +0000 (0:00:00.302) 0:00:28.608 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Assert file created after cert] ****************************************** task path: /tmp/tmpcx8fxgbp/tests/tests_run_hooks.yml:58 Monday 22 November 2021 16:56:01 +0000 (0:00:00.024) 0:00:28.632 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=37 changed=10 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 16:56:01 +0000 (0:00:00.030) 0:00:28.663 ******* =============================================================================== linux-system-roles.certificate : Ensure certificate role dependencies are installed --- 4.87s /tmp/tmpcx8fxgbp/tasks/main.yml:17 -------------------------------------------- Install the package, force upgrade -------------------------------------- 4.86s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:11 ------------- Ensure python3 is installed --------------------------------------------- 4.46s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:6 -------------- Install certreader ------------------------------------------------------ 3.23s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:18 ------------- linux-system-roles.certificate : Ensure provider packages are installed --- 2.19s /tmp/tmpcx8fxgbp/tasks/main.yml:34 -------------------------------------------- set up internal repositories -------------------------------------------- 1.42s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ Gathering Facts --------------------------------------------------------- 1.01s /tmp/tmpcx8fxgbp/tests/tests_run_hooks.yml:2 ---------------------------------- linux-system-roles.certificate : Ensure certificate requests ------------ 0.85s /tmp/tmpcx8fxgbp/tasks/main.yml:112 ------------------------------------------- linux-system-roles.certificate : Ensure provider service is running ----- 0.84s /tmp/tmpcx8fxgbp/tasks/main.yml:100 ------------------------------------------- Parse certificate ------------------------------------------------------- 0.75s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:78 ------------- Gathering Facts --------------------------------------------------------- 0.68s /tmp/tmpcx8fxgbp/tests/tests_run_hooks.yml:17 --------------------------------- linux-system-roles.certificate : Ensure pre-scripts hooks directory exists --- 0.49s /tmp/tmpcx8fxgbp/tasks/main.yml:45 -------------------------------------------- Retrieve certificate file stats ----------------------------------------- 0.46s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:26 ------------- Retrieve auto-renew flag ------------------------------------------------ 0.37s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:141 ------------ Retrieve key file stats ------------------------------------------------- 0.35s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:55 ------------- linux-system-roles.certificate : Ensure post-scripts hooks directory exists --- 0.34s /tmp/tmpcx8fxgbp/tasks/main.yml:71 -------------------------------------------- Get certificate timestamp ----------------------------------------------- 0.31s /tmp/tmpcx8fxgbp/tests/tests_run_hooks.yml:39 --------------------------------- Get pre-run file timestamp ---------------------------------------------- 0.31s /tmp/tmpcx8fxgbp/tests/tests_run_hooks.yml:43 --------------------------------- Get post-run file timestamp --------------------------------------------- 0.30s /tmp/tmpcx8fxgbp/tests/tests_run_hooks.yml:47 --------------------------------- Verify certificate file owner and group --------------------------------- 0.05s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:37 ------------- + cd /tmp/tmpcx8fxgbp/tests; TEST_SSHD_USEDNS_NO=True TEST_SUBJECTS=/cache/rhel-7.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-103-b309c26-rhel-7-3xzp9nbc/artifacts ANSIBLE_COLLECTIONS_PATHS=/tmp/tmpvzmns1ns:~/.ansible/collections:/usr/share/ansible/collections ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 --skip-tags=tests::cleanup,tests::nvme /tmp/tmpcx8fxgbp/_setup.yml /tmp/tmpcx8fxgbp/tests/tests_subject.yml ansible-playbook [core 2.12.0.post0] config file = None configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.8/site-packages/ansible ansible collection location = /tmp/tmpvzmns1ns:/home/runner/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.8.8 (default, Aug 25 2021, 16:13:02) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] jinja version = 2.10.3 libyaml = True No config file found; using defaults Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 2 plays in /tmp/tmpcx8fxgbp/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpcx8fxgbp/_setup.yml:5 Monday 22 November 2021 16:56:15 +0000 (0:00:00.011) 0:00:00.011 ******* ok: [/cache/rhel-7.qcow2] => { "groups": { "all": [ "/cache/rhel-7.qcow2" ], "localhost": [ "/cache/rhel-7.qcow2" ], "subjects": [ "/cache/rhel-7.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:6 Monday 22 November 2021 16:56:15 +0000 (0:00:00.018) 0:00:00.029 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:13 Monday 22 November 2021 16:56:15 +0000 (0:00:00.026) 0:00:00.055 ******* changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 16:56:17 +0000 (0:00:01.425) 0:00:01.481 ******* =============================================================================== set up internal repositories -------------------------------------------- 1.43s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ fail -------------------------------------------------------------------- 0.03s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- PLAYBOOK: tests_subject.yml **************************************************** 2 plays in /tmp/tmpcx8fxgbp/tests/tests_subject.yml PLAY [Issue simple self-signed certificate] ************************************ TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_subject.yml:2 Monday 22 November 2021 16:56:17 +0000 (0:00:00.016) 0:00:01.497 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpcx8fxgbp/tasks/main.yml:2 Monday 22 November 2021 16:56:18 +0000 (0:00:00.961) 0:00:02.459 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpcx8fxgbp/vars/RedHat_7.yml" ], "changed": false } TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:17 Monday 22 November 2021 16:56:18 +0000 (0:00:00.028) 0:00:02.487 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python-pyasn1", "python-cryptography" ] }, "rc": 0, "results": [ "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 rhel 503 k\n python2-pyasn1 noarch 0.1.9-7.el7 rhel 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 rhel 218 k\n python-enum34 noarch 1.0.4-1.el7 rhel 52 k\n python-idna noarch 2.4-1.el7 rhel 94 k\n python-ply noarch 3.4-11.el7 rhel 123 k\n python-pycparser noarch 2.14-1.el7 rhel 105 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 15 MB/s | 1.2 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n" ] } TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:34 Monday 22 November 2021 16:56:22 +0000 (0:00:04.870) 0:00:07.357 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": { "installed": [ "certmonger" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-14.el7 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository\n Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-14.el7 rhel 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 rhel 33 k\n libtevent x86_64 0.9.39-1.el7 rhel 41 k\n psmisc x86_64 22.20-17.el7 rhel 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 rhel 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 rhel 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 980 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 13 MB/s | 980 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-14.el7.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 2/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 3/6 \n Verifying : certmonger-0.78.4-14.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-14.el7 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n" ] } TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:45 Monday 22 November 2021 16:56:25 +0000 (0:00:02.131) 0:00:09.489 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:71 Monday 22 November 2021 16:56:25 +0000 (0:00:00.491) 0:00:09.981 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:100 Monday 22 November 2021 16:56:25 +0000 (0:00:00.343) 0:00:10.324 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "syslog.target network.target systemd-journald.socket system.slice dbus.service basic.target", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14968", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14968", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "system.slice basic.target", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0" } } TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpcx8fxgbp/tasks/main.yml:112 Monday 22 November 2021 16:56:26 +0000 (0:00:00.811) 0:00:11.136 ******* changed: [/cache/rhel-7.qcow2] => (item={'name': 'mycert', 'dns': 'www.example.com', 'common_name': 'Some other common name', 'country': 'US', 'state': 'NC', 'locality': 'Raleigh', 'organization': 'Red Hat', 'organizational_unit': 'Linux', 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "common_name": "Some other common name", "country": "US", "dns": "www.example.com", "locality": "Raleigh", "name": "mycert", "organization": "Red Hat", "organizational_unit": "Linux", "state": "NC" } } MSG: Certificate requested (new). META: role_complete for /cache/rhel-7.qcow2 META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_subject.yml:19 Monday 22 November 2021 16:56:27 +0000 (0:00:00.888) 0:00:12.024 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_subject.yml:48 Monday 22 November 2021 16:56:28 +0000 (0:00:00.717) 0:00:12.742 ******* included: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml for /cache/rhel-7.qcow2 => (item={'path': '/etc/pki/tls/certs/mycert.crt', 'key_path': '/etc/pki/tls/private/mycert.key', 'subject': [{'name': 'countryName', 'oid': '2.5.4.6', 'value': 'US'}, {'name': 'stateOrProvinceName', 'oid': '2.5.4.8', 'value': 'NC'}, {'name': 'localityName', 'oid': '2.5.4.7', 'value': 'Raleigh'}, {'name': 'organizationName', 'oid': '2.5.4.10', 'value': 'Red Hat'}, {'name': 'organizationalUnitName', 'oid': '2.5.4.11', 'value': 'Linux'}, {'name': 'commonName', 'oid': '2.5.4.3', 'value': 'Some other common name'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}]}) TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:2 Monday 22 November 2021 16:56:28 +0000 (0:00:00.030) 0:00:12.772 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:6 Monday 22 November 2021 16:56:28 +0000 (0:00:00.015) 0:00:12.788 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python3" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-17.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-17.el7 for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-17.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-17.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-17.el7 rhel 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-17.el7 rhel 6.9 M\n python3-pip noarch 9.0.3-8.el7 rhel 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 rhel 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 67 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Installing : python3-libs-3.6.8-17.el7.x86_64 2/4 \n Installing : python3-3.6.8-17.el7.x86_64 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 1/4 \n Verifying : python3-3.6.8-17.el7.x86_64 2/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Verifying : python3-libs-3.6.8-17.el7.x86_64 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-17.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-17.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:11 Monday 22 November 2021 16:56:32 +0000 (0:00:04.471) 0:00:17.259 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting pip Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB) Installing collected packages: pip Found existing installation: pip 9.0.3 Uninstalling pip-9.0.3: Successfully uninstalled pip-9.0.3 Successfully installed pip-21.3.1 TASK [Install certreader] ****************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:18 Monday 22 November 2021 16:56:37 +0000 (0:00:04.814) 0:00:22.074 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting cryptography<35 Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB) Collecting certreader>=0.1.1 Downloading certreader-0.1.1.tar.gz (4.4 kB) Preparing metadata (setup.py): started Preparing metadata (setup.py): finished with status 'done' Collecting cffi>=1.12 Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB) Collecting pyasn1 Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB) Collecting pyyaml Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB) Collecting pycparser Downloading pycparser-2.21-py2.py3-none-any.whl (118 kB) Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed. Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader Running setup.py install for certreader: started Running setup.py install for certreader: finished with status 'done' Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.21 pyyaml-6.0 TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:26 Monday 22 November 2021 16:56:40 +0000 (0:00:03.155) 0:00:25.229 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600187.8902793, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "458f61e340228400d8d63515b60563373e324616", "ctime": 1637600187.8882794, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12584399, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637600187.8882794, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1428, "uid": 0, "version": "2113198032", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:31 Monday 22 November 2021 16:56:41 +0000 (0:00:00.446) 0:00:25.676 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:37 Monday 22 November 2021 16:56:41 +0000 (0:00:00.019) 0:00:25.696 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:49 Monday 22 November 2021 16:56:41 +0000 (0:00:00.040) 0:00:25.736 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:55 Monday 22 November 2021 16:56:41 +0000 (0:00:00.033) 0:00:25.770 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600187.8482792, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "3ee5e1f379cf12e3503c1944827524482bbcae9f", "ctime": 1637600187.8882794, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12584398, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637600187.8882794, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "18446744072212508168", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:60 Monday 22 November 2021 16:56:41 +0000 (0:00:00.306) 0:00:26.076 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:66 Monday 22 November 2021 16:56:41 +0000 (0:00:00.018) 0:00:26.095 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:78 Monday 22 November 2021 16:56:41 +0000 (0:00:00.034) 0:00:26.130 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt" ], "delta": "0:00:00.271971", "end": "2021-11-22 11:56:42.841095", "rc": 0, "start": "2021-11-22 11:56:42.569124" } STDOUT: { "subject": [ { "name": "localityName", "oid": "2.5.4.7", "value": "Raleigh" }, { "name": "countryName", "oid": "2.5.4.6", "value": "US" }, { "name": "stateOrProvinceName", "oid": "2.5.4.8", "value": "NC" }, { "name": "commonName", "oid": "2.5.4.3", "value": "Some other common name" }, { "name": "organizationName", "oid": "2.5.4.10", "value": "Red Hat" }, { "name": "organizationalUnitName", "oid": "2.5.4.11", "value": "Linux" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.com" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "39:55:11:93:86:B6:48:7A:10:00:80:C1:2B:0A:3D:D1:C9:A1:BF:9B", "critical": false }, "authorityKeyIdentifier": { "value": "F5:2F:A9:FA:5C:A9:C2:76:4A:0D:B7:99:F1:47:78:A5:42:40:E9:7B", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "7B:6C:9A:99:31:E8:A1:D6:E3:8C:B2:56:BF:16:E7:1B:75:F0:14:14:90:17:7A:CC:EC:2B:11:73:EF:89:A2:E3:62:D2:D7:61:14:C1:E5:73:63:3E:98:85:D7:F7:A2:A1:EF:59:72:94:C9:34:28:B8:E9:78:5D:49:20:C3:A5:EB:CB:99:33:5C:63:6B:AB:14:56:C3:DB:BA:7F:9C:E6:D1:D2:A9:31:A8:9C:06:6A:33:73:16:56:A4:7F:BE:74:A0:66:BB:70:3E:DA:2D:73:DF:7F:F0:B3:D8:29:83:16:21:18:5C:EC:E0:27:0B:C8:6F:18:1D:E7:36:D8:FA:ED:DF:D3:EA:BF:A8:75:62:D8:15:C4:46:93:08:B7:FC:1B:51:6B:1B:FF:D3:32:26:A6:E0:3F:42:C6:85:0B:2D:BA:E6:F9:1B:B4:9F:3C:94:8C:AB:FA:60:1B:B9:67:39:DD:52:0D:95:16:C5:39:61:4F:D3:6B:DA:4F:1C:0D:45:49:F6:1C:35:73:99:EB:5D:29:71:84:38:DE:44:BD:B1:62:63:02:F4:FC:1F:5A:A8:0A:07:A4:65:10:53:D6:C9:C0:B2:7E:7D:C8:6B:8E:2C:DE:62:C7:F1:E5:84:51:2D:BD:84:E9:52:89:37:CD:DF:E0:22:4F:C0:5B:37:F3:85:56:22" }, "key_size": 2048, "validity": { "not_valid_after": "2022-11-22 16:56:27", "not_valid_before": "2021-11-22 16:56:27" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:83 Monday 22 November 2021 16:56:42 +0000 (0:00:00.712) 0:00:26.842 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "F5:2F:A9:FA:5C:A9:C2:76:4A:0D:B7:99:F1:47:78:A5:42:40:E9:7B" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "39:55:11:93:86:B6:48:7A:10:00:80:C1:2B:0A:3D:D1:C9:A1:BF:9B" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "7B:6C:9A:99:31:E8:A1:D6:E3:8C:B2:56:BF:16:E7:1B:75:F0:14:14:90:17:7A:CC:EC:2B:11:73:EF:89:A2:E3:62:D2:D7:61:14:C1:E5:73:63:3E:98:85:D7:F7:A2:A1:EF:59:72:94:C9:34:28:B8:E9:78:5D:49:20:C3:A5:EB:CB:99:33:5C:63:6B:AB:14:56:C3:DB:BA:7F:9C:E6:D1:D2:A9:31:A8:9C:06:6A:33:73:16:56:A4:7F:BE:74:A0:66:BB:70:3E:DA:2D:73:DF:7F:F0:B3:D8:29:83:16:21:18:5C:EC:E0:27:0B:C8:6F:18:1D:E7:36:D8:FA:ED:DF:D3:EA:BF:A8:75:62:D8:15:C4:46:93:08:B7:FC:1B:51:6B:1B:FF:D3:32:26:A6:E0:3F:42:C6:85:0B:2D:BA:E6:F9:1B:B4:9F:3C:94:8C:AB:FA:60:1B:B9:67:39:DD:52:0D:95:16:C5:39:61:4F:D3:6B:DA:4F:1C:0D:45:49:F6:1C:35:73:99:EB:5D:29:71:84:38:DE:44:BD:B1:62:63:02:F4:FC:1F:5A:A8:0A:07:A4:65:10:53:D6:C9:C0:B2:7E:7D:C8:6B:8E:2C:DE:62:C7:F1:E5:84:51:2D:BD:84:E9:52:89:37:CD:DF:E0:22:4F:C0:5B:37:F3:85:56:22" }, "subject": [ { "name": "localityName", "oid": "2.5.4.7", "value": "Raleigh" }, { "name": "countryName", "oid": "2.5.4.6", "value": "US" }, { "name": "stateOrProvinceName", "oid": "2.5.4.8", "value": "NC" }, { "name": "commonName", "oid": "2.5.4.3", "value": "Some other common name" }, { "name": "organizationName", "oid": "2.5.4.10", "value": "Red Hat" }, { "name": "organizationalUnitName", "oid": "2.5.4.11", "value": "Linux" } ], "validity": { "not_valid_after": "2022-11-22 16:56:27", "not_valid_before": "2021-11-22 16:56:27" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:87 Monday 22 November 2021 16:56:42 +0000 (0:00:00.030) 0:00:26.873 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:96 Monday 22 November 2021 16:56:42 +0000 (0:00:00.031) 0:00:26.905 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:105 Monday 22 November 2021 16:56:42 +0000 (0:00:00.018) 0:00:26.923 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:112 Monday 22 November 2021 16:56:42 +0000 (0:00:00.031) 0:00:26.954 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:125 Monday 22 November 2021 16:56:42 +0000 (0:00:00.031) 0:00:26.986 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:141 Monday 22 November 2021 16:56:42 +0000 (0:00:00.031) 0:00:27.018 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.039021", "end": "2021-11-22 11:56:43.363062", "rc": 0, "start": "2021-11-22 11:56:43.324041" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:150 Monday 22 November 2021 16:56:42 +0000 (0:00:00.342) 0:00:27.361 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=32 changed=10 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 16:56:43 +0000 (0:00:00.037) 0:00:27.399 ******* =============================================================================== linux-system-roles.certificate : Ensure certificate role dependencies are installed --- 4.87s /tmp/tmpcx8fxgbp/tasks/main.yml:17 -------------------------------------------- Install the package, force upgrade -------------------------------------- 4.81s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:11 ------------- Ensure python3 is installed --------------------------------------------- 4.47s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:6 -------------- Install certreader ------------------------------------------------------ 3.16s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:18 ------------- linux-system-roles.certificate : Ensure provider packages are installed --- 2.13s /tmp/tmpcx8fxgbp/tasks/main.yml:34 -------------------------------------------- set up internal repositories -------------------------------------------- 1.43s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ Gathering Facts --------------------------------------------------------- 0.96s /tmp/tmpcx8fxgbp/tests/tests_subject.yml:2 ------------------------------------ linux-system-roles.certificate : Ensure certificate requests ------------ 0.89s /tmp/tmpcx8fxgbp/tasks/main.yml:112 ------------------------------------------- linux-system-roles.certificate : Ensure provider service is running ----- 0.81s /tmp/tmpcx8fxgbp/tasks/main.yml:100 ------------------------------------------- Gathering Facts --------------------------------------------------------- 0.72s /tmp/tmpcx8fxgbp/tests/tests_subject.yml:19 ----------------------------------- Parse certificate ------------------------------------------------------- 0.71s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:78 ------------- linux-system-roles.certificate : Ensure pre-scripts hooks directory exists --- 0.49s /tmp/tmpcx8fxgbp/tasks/main.yml:45 -------------------------------------------- Retrieve certificate file stats ----------------------------------------- 0.45s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:26 ------------- linux-system-roles.certificate : Ensure post-scripts hooks directory exists --- 0.34s /tmp/tmpcx8fxgbp/tasks/main.yml:71 -------------------------------------------- Retrieve auto-renew flag ------------------------------------------------ 0.34s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:141 ------------ Retrieve key file stats ------------------------------------------------- 0.31s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:55 ------------- Verify certificate file owner and group --------------------------------- 0.04s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:37 ------------- Verify certificate auto-renew flag -------------------------------------- 0.04s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:150 ------------ Verify key file owner and group ----------------------------------------- 0.03s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:66 ------------- Verify certificate permissions ------------------------------------------ 0.03s /tmp/tmpcx8fxgbp/tests/tasks/assert_certificate_parameters.yml:49 ------------- + cd /tmp/tmpcx8fxgbp/tests; TEST_SSHD_USEDNS_NO=True TEST_SUBJECTS=/cache/rhel-7.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-103-b309c26-rhel-7-3xzp9nbc/artifacts ANSIBLE_COLLECTIONS_PATHS=/tmp/tmpvzmns1ns:~/.ansible/collections:/usr/share/ansible/collections ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 --skip-tags=tests::cleanup,tests::nvme /tmp/tmpcx8fxgbp/_setup.yml /tmp/tmpcx8fxgbp/tests/tests_subject_complex.yml ansible-playbook [core 2.12.0.post0] config file = None configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.8/site-packages/ansible ansible collection location = /tmp/tmpvzmns1ns:/home/runner/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.8.8 (default, Aug 25 2021, 16:13:02) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] jinja version = 2.10.3 libyaml = True No config file found; using defaults Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 2 plays in /tmp/tmpcx8fxgbp/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpcx8fxgbp/_setup.yml:5 Monday 22 November 2021 16:56:57 +0000 (0:00:00.010) 0:00:00.010 ******* ok: [/cache/rhel-7.qcow2] => { "groups": { "all": [ "/cache/rhel-7.qcow2" ], "localhost": [ "/cache/rhel-7.qcow2" ], "subjects": [ "/cache/rhel-7.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:6 Monday 22 November 2021 16:56:57 +0000 (0:00:00.017) 0:00:00.028 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:13 Monday 22 November 2021 16:56:57 +0000 (0:00:00.024) 0:00:00.053 ******* changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 16:56:58 +0000 (0:00:01.430) 0:00:01.483 ******* =============================================================================== set up internal repositories -------------------------------------------- 1.43s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ fail -------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- PLAYBOOK: tests_subject_complex.yml ******************************************** 2 plays in /tmp/tmpcx8fxgbp/tests/tests_subject_complex.yml PLAY [Issue simple self-signed certificate] ************************************ TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_subject_complex.yml:2 Monday 22 November 2021 16:56:58 +0000 (0:00:00.014) 0:00:01.498 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpcx8fxgbp/tasks/main.yml:2 Monday 22 November 2021 16:56:59 +0000 (0:00:00.996) 0:00:02.494 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpcx8fxgbp/vars/RedHat_7.yml" ], "changed": false } TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:17 Monday 22 November 2021 16:56:59 +0000 (0:00:00.028) 0:00:02.523 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python-pyasn1", "python-cryptography" ] }, "rc": 0, "results": [ "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 rhel 503 k\n python2-pyasn1 noarch 0.1.9-7.el7 rhel 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 rhel 218 k\n python-enum34 noarch 1.0.4-1.el7 rhel 52 k\n python-idna noarch 2.4-1.el7 rhel 94 k\n python-ply noarch 3.4-11.el7 rhel 123 k\n python-pycparser noarch 2.14-1.el7 rhel 105 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 5.9 MB/s | 1.2 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n" ] } TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:34 Monday 22 November 2021 16:57:04 +0000 (0:00:04.917) 0:00:07.441 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": { "installed": [ "certmonger" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-14.el7 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository\n Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-14.el7 rhel 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 rhel 33 k\n libtevent x86_64 0.9.39-1.el7 rhel 41 k\n psmisc x86_64 22.20-17.el7 rhel 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 rhel 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 rhel 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 980 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 14 MB/s | 980 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-14.el7.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 2/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 3/6 \n Verifying : certmonger-0.78.4-14.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-14.el7 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n" ] } TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:45 Monday 22 November 2021 16:57:06 +0000 (0:00:02.244) 0:00:09.686 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:71 Monday 22 November 2021 16:57:07 +0000 (0:00:00.469) 0:00:10.156 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:100 Monday 22 November 2021 16:57:07 +0000 (0:00:00.332) 0:00:10.488 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "dbus.service basic.target syslog.target systemd-journald.socket system.slice network.target", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14968", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14968", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "basic.target system.slice", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0" } } TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpcx8fxgbp/tasks/main.yml:112 Monday 22 November 2021 16:57:08 +0000 (0:00:00.848) 0:00:11.337 ******* changed: [/cache/rhel-7.qcow2] => (item={'name': 'mycert', 'dns': 'www.example.com', 'common_name': '# \\\\Every"thing+that,ne;edsing\\0 ', 'contact_email': 'admin@example.com', 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "common_name": "# \\\\Every\"thing+that,ne;edsing\\0 ", "contact_email": "admin@example.com", "dns": "www.example.com", "name": "mycert" } } MSG: Certificate requested (new). META: role_complete for /cache/rhel-7.qcow2 META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_subject_complex.yml:16 Monday 22 November 2021 16:57:09 +0000 (0:00:00.787) 0:00:12.124 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_subject_complex.yml:36 Monday 22 November 2021 16:57:10 +0000 (0:00:00.695) 0:00:12.819 ******* skipping: [/cache/rhel-7.qcow2] => (item={'path': '/etc/pki/tls/certs/mycert.crt', 'key_path': '/etc/pki/tls/private/mycert.key', 'subject': [{'name': 'emailAddress', 'oid': '1.2.840.113549.1.9.1', 'value': 'admin@example.com'}, {'name': 'commonName', 'oid': '2.5.4.3', 'value': '# \\\\Every"thing+that,ne;edsing\\0 '}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}]}) => { "ansible_loop_var": "cert", "cert": { "key_path": "/etc/pki/tls/private/mycert.key", "path": "/etc/pki/tls/certs/mycert.crt", "subject": [ { "name": "emailAddress", "oid": "1.2.840.113549.1.9.1", "value": "admin@example.com" }, { "name": "commonName", "oid": "2.5.4.3", "value": "# \\\\Every\"thing+that,ne;edsing\\0 " } ], "subject_alt_name": [ { "name": "DNS", "value": "www.example.com" } ] }, "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=11 changed=7 unreachable=0 failed=0 skipped=2 rescued=0 ignored=0 Monday 22 November 2021 16:57:10 +0000 (0:00:00.025) 0:00:12.845 ******* =============================================================================== linux-system-roles.certificate : Ensure certificate role dependencies are installed --- 4.92s /tmp/tmpcx8fxgbp/tasks/main.yml:17 -------------------------------------------- linux-system-roles.certificate : Ensure provider packages are installed --- 2.24s /tmp/tmpcx8fxgbp/tasks/main.yml:34 -------------------------------------------- set up internal repositories -------------------------------------------- 1.43s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ Gathering Facts --------------------------------------------------------- 1.00s /tmp/tmpcx8fxgbp/tests/tests_subject_complex.yml:2 ---------------------------- linux-system-roles.certificate : Ensure provider service is running ----- 0.85s /tmp/tmpcx8fxgbp/tasks/main.yml:100 ------------------------------------------- linux-system-roles.certificate : Ensure certificate requests ------------ 0.79s /tmp/tmpcx8fxgbp/tasks/main.yml:112 ------------------------------------------- Gathering Facts --------------------------------------------------------- 0.70s /tmp/tmpcx8fxgbp/tests/tests_subject_complex.yml:16 --------------------------- linux-system-roles.certificate : Ensure pre-scripts hooks directory exists --- 0.47s /tmp/tmpcx8fxgbp/tasks/main.yml:45 -------------------------------------------- linux-system-roles.certificate : Ensure post-scripts hooks directory exists --- 0.33s /tmp/tmpcx8fxgbp/tasks/main.yml:71 -------------------------------------------- linux-system-roles.certificate : Set version specific variables --------- 0.03s /tmp/tmpcx8fxgbp/tasks/main.yml:2 --------------------------------------------- Verify each certificate ------------------------------------------------- 0.03s /tmp/tmpcx8fxgbp/tests/tests_subject_complex.yml:36 --------------------------- fail -------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- + cd /tmp/tmpcx8fxgbp/tests; TEST_SSHD_USEDNS_NO=True TEST_SUBJECTS=/cache/rhel-7.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-103-b309c26-rhel-7-3xzp9nbc/artifacts ANSIBLE_COLLECTIONS_PATHS=/tmp/tmpvzmns1ns:~/.ansible/collections:/usr/share/ansible/collections ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 --skip-tags=tests::cleanup,tests::nvme /tmp/tmpcx8fxgbp/_setup.yml /tmp/tmpcx8fxgbp/tests/tests_wrong_provider.yml ansible-playbook [core 2.12.0.post0] config file = None configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.8/site-packages/ansible ansible collection location = /tmp/tmpvzmns1ns:/home/runner/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.8.8 (default, Aug 25 2021, 16:13:02) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] jinja version = 2.10.3 libyaml = True No config file found; using defaults Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 2 plays in /tmp/tmpcx8fxgbp/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpcx8fxgbp/_setup.yml:5 Monday 22 November 2021 16:57:24 +0000 (0:00:00.012) 0:00:00.012 ******* ok: [/cache/rhel-7.qcow2] => { "groups": { "all": [ "/cache/rhel-7.qcow2" ], "localhost": [ "/cache/rhel-7.qcow2" ], "subjects": [ "/cache/rhel-7.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:6 Monday 22 November 2021 16:57:24 +0000 (0:00:00.017) 0:00:00.030 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:13 Monday 22 November 2021 16:57:24 +0000 (0:00:00.024) 0:00:00.055 ******* changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 16:57:25 +0000 (0:00:01.383) 0:00:01.438 ******* =============================================================================== set up internal repositories -------------------------------------------- 1.38s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ fail -------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- PLAYBOOK: tests_wrong_provider.yml ********************************************* 1 plays in /tmp/tmpcx8fxgbp/tests/tests_wrong_provider.yml PLAY [Test issuing certificate with nonexistent provider] ********************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpcx8fxgbp/tests/tests_wrong_provider.yml:2 Monday 22 November 2021 16:57:25 +0000 (0:00:00.014) 0:00:01.453 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmpcx8fxgbp/tasks/main.yml:2 Monday 22 November 2021 16:57:26 +0000 (0:00:01.000) 0:00:02.453 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpcx8fxgbp/vars/RedHat_7.yml" ], "changed": false } TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:17 Monday 22 November 2021 16:57:26 +0000 (0:00:00.027) 0:00:02.481 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python-pyasn1", "python-cryptography" ] }, "rc": 0, "results": [ "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 rhel 503 k\n python2-pyasn1 noarch 0.1.9-7.el7 rhel 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 rhel 218 k\n python-enum34 noarch 1.0.4-1.el7 rhel 52 k\n python-idna noarch 2.4-1.el7 rhel 94 k\n python-ply noarch 3.4-11.el7 rhel 123 k\n python-pycparser noarch 2.14-1.el7 rhel 105 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 16 MB/s | 1.2 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n" ] } TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:34 Monday 22 November 2021 16:57:31 +0000 (0:00:04.919) 0:00:07.400 ******* skipping: [/cache/rhel-7.qcow2] => (item=fake-provider) => { "__certificate_provider": "fake-provider", "ansible_loop_var": "__certificate_provider", "changed": false, "skip_reason": "Conditional result was False" } TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:45 Monday 22 November 2021 16:57:31 +0000 (0:00:00.037) 0:00:07.437 ******* skipping: [/cache/rhel-7.qcow2] => (item=fake-provider) => { "__certificate_provider": "fake-provider", "ansible_loop_var": "__certificate_provider", "changed": false, "skip_reason": "Conditional result was False" } TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:71 Monday 22 November 2021 16:57:31 +0000 (0:00:00.038) 0:00:07.476 ******* skipping: [/cache/rhel-7.qcow2] => (item=fake-provider) => { "__certificate_provider": "fake-provider", "ansible_loop_var": "__certificate_provider", "changed": false, "skip_reason": "Conditional result was False" } TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmpcx8fxgbp/tasks/main.yml:100 Monday 22 November 2021 16:57:31 +0000 (0:00:00.042) 0:00:07.519 ******* skipping: [/cache/rhel-7.qcow2] => (item=fake-provider) => { "__certificate_provider": "fake-provider", "ansible_loop_var": "__certificate_provider", "changed": false, "skip_reason": "Conditional result was False" } TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmpcx8fxgbp/tasks/main.yml:112 Monday 22 November 2021 16:57:31 +0000 (0:00:00.047) 0:00:07.566 ******* failed: [/cache/rhel-7.qcow2] (item={'name': 'mycert', 'dns': 'www.example.com', 'ca': 'self-sign', 'provider': 'fake-provider'}) => { "ansible_loop_var": "item", "changed": false, "item": { "ca": "self-sign", "dns": "www.example.com", "name": "mycert", "provider": "fake-provider" } } MSG: Chosen provider 'fake-provider' is not available. TASK [assert...] *************************************************************** task path: /tmp/tmpcx8fxgbp/tests/tests_wrong_provider.yml:22 Monday 22 November 2021 16:57:32 +0000 (0:00:00.552) 0:00:08.119 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=6 changed=2 unreachable=0 failed=0 skipped=5 rescued=1 ignored=0 Monday 22 November 2021 16:57:32 +0000 (0:00:00.027) 0:00:08.147 ******* =============================================================================== linux-system-roles.certificate : Ensure certificate role dependencies are installed --- 4.92s /tmp/tmpcx8fxgbp/tasks/main.yml:17 -------------------------------------------- set up internal repositories -------------------------------------------- 1.38s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ Gathering Facts --------------------------------------------------------- 1.00s /tmp/tmpcx8fxgbp/tests/tests_wrong_provider.yml:2 ----------------------------- linux-system-roles.certificate : Ensure certificate requests ------------ 0.55s /tmp/tmpcx8fxgbp/tasks/main.yml:112 ------------------------------------------- linux-system-roles.certificate : Ensure provider service is running ----- 0.05s /tmp/tmpcx8fxgbp/tasks/main.yml:100 ------------------------------------------- linux-system-roles.certificate : Ensure post-scripts hooks directory exists --- 0.04s /tmp/tmpcx8fxgbp/tasks/main.yml:71 -------------------------------------------- linux-system-roles.certificate : Ensure pre-scripts hooks directory exists --- 0.04s /tmp/tmpcx8fxgbp/tasks/main.yml:45 -------------------------------------------- linux-system-roles.certificate : Ensure provider packages are installed --- 0.04s /tmp/tmpcx8fxgbp/tasks/main.yml:34 -------------------------------------------- assert... --------------------------------------------------------------- 0.03s /tmp/tmpcx8fxgbp/tests/tests_wrong_provider.yml:22 ---------------------------- linux-system-roles.certificate : Set version specific variables --------- 0.03s /tmp/tmpcx8fxgbp/tasks/main.yml:2 --------------------------------------------- fail -------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- + cd /tmp/tmpv0mqm1w9/tests/certificate; TEST_SSHD_USEDNS_NO=True TEST_SUBJECTS=/cache/rhel-7.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-103-b309c26-rhel-7-3xzp9nbc/artifacts ANSIBLE_COLLECTIONS_PATHS=/tmp/tmpvzmns1ns:~/.ansible/collections:/usr/share/ansible/collections ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 --skip-tags=tests::cleanup,tests::nvme /tmp/tmpcx8fxgbp/_setup.yml /tmp/tmpv0mqm1w9/tests/certificate/tests_basic_ipa.yml ansible-playbook [core 2.12.0.post0] config file = None configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.8/site-packages/ansible ansible collection location = /tmp/tmpvzmns1ns:/home/runner/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.8.8 (default, Aug 25 2021, 16:13:02) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] jinja version = 2.10.3 libyaml = True No config file found; using defaults Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 2 plays in /tmp/tmpcx8fxgbp/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpcx8fxgbp/_setup.yml:5 Monday 22 November 2021 16:57:46 +0000 (0:00:00.011) 0:00:00.011 ******* ok: [/cache/rhel-7.qcow2] => { "groups": { "all": [ "/cache/rhel-7.qcow2" ], "localhost": [ "/cache/rhel-7.qcow2" ], "subjects": [ "/cache/rhel-7.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:6 Monday 22 November 2021 16:57:46 +0000 (0:00:00.018) 0:00:00.030 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:13 Monday 22 November 2021 16:57:46 +0000 (0:00:00.022) 0:00:00.053 ******* changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 16:57:48 +0000 (0:00:01.378) 0:00:01.431 ******* =============================================================================== set up internal repositories -------------------------------------------- 1.38s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ fail -------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- statically imported: /tmp/tmpv0mqm1w9/tests/certificate/tasks/setup_ipa.yml PLAYBOOK: tests_basic_ipa.yml ************************************************** 3 plays in /tmp/tmpv0mqm1w9/tests/certificate/tests_basic_ipa.yml PLAY [Install IPA server] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_basic_ipa.yml:2 Monday 22 November 2021 16:57:48 +0000 (0:00:00.024) 0:00:01.456 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [Set __is_beaker_env] ***************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/setup_ipa.yml:2 Monday 22 November 2021 16:57:49 +0000 (0:00:00.975) 0:00:02.431 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__is_beaker_env": false }, "changed": false } TASK [Install ansible-freeipa] ************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/setup_ipa.yml:6 Monday 22 November 2021 16:57:49 +0000 (0:00:00.036) 0:00:02.468 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [Clone ansible-freeipa repo] ********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/setup_ipa.yml:12 Monday 22 November 2021 16:57:49 +0000 (0:00:00.017) 0:00:02.485 ******* ok: [/cache/rhel-7.qcow2 -> 127.0.0.1] => { "after": "6c7f433135795d3ebec2ce26d6ca398301792588", "before": "6c7f433135795d3ebec2ce26d6ca398301792588", "changed": false, "remote_url_changed": false } TASK [Create role symlinks] **************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/setup_ipa.yml:21 Monday 22 November 2021 16:57:49 +0000 (0:00:00.677) 0:00:03.162 ******* changed: [/cache/rhel-7.qcow2 -> 127.0.0.1] => (item=ipaserver) => { "ansible_loop_var": "item", "changed": true, "dest": "/tmp/tmpv0mqm1w9/tests/certificate/roles/ipaserver", "gid": 0, "group": "root", "item": "ipaserver", "mode": "0777", "owner": "root", "size": 34, "src": "/tmp/freeipa-repo/roles/ipaserver/", "state": "link", "uid": 0 } changed: [/cache/rhel-7.qcow2 -> 127.0.0.1] => (item=ipaclient) => { "ansible_loop_var": "item", "changed": true, "dest": "/tmp/tmpv0mqm1w9/tests/certificate/roles/ipaclient", "gid": 0, "group": "root", "item": "ipaclient", "mode": "0777", "owner": "root", "size": 34, "src": "/tmp/freeipa-repo/roles/ipaclient/", "state": "link", "uid": 0 } TASK [ensure hostname package is installed] ************************************ task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/setup_ipa.yml:33 Monday 22 November 2021 16:57:50 +0000 (0:00:00.553) 0:00:03.716 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0, "results": [ "hostname-3.13-3.el7_7.1.x86_64 providing hostname is already installed" ] } TASK [Set hostname] ************************************************************ task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/setup_ipa.yml:38 Monday 22 November 2021 16:57:51 +0000 (0:00:00.823) 0:00:04.539 ******* changed: [/cache/rhel-7.qcow2] => { "ansible_facts": { "ansible_domain": "test.local", "ansible_fqdn": "ipaserver.test.local", "ansible_hostname": "ipaserver", "ansible_nodename": "ipaserver.test.local" }, "changed": true, "name": "ipaserver.test.local" } TASK [Ensure nss package is up-to-date] **************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/setup_ipa.yml:42 Monday 22 November 2021 16:57:51 +0000 (0:00:00.731) 0:00:05.271 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "changes": { "installed": [], "updated": [] }, "rc": 0, "results": [ "All packages providing nss are up to date", "" ] } TASK [Include ipaserver role] ************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/setup_ipa.yml:50 Monday 22 November 2021 16:57:55 +0000 (0:00:03.735) 0:00:09.007 ******* TASK [ipaserver : Import variables specific to distribution] ******************* task path: /tmp/freeipa-repo/roles/ipaserver/tasks/main.yml:4 Monday 22 November 2021 16:57:55 +0000 (0:00:00.031) 0:00:09.038 ******* ok: [/cache/rhel-7.qcow2] => (item=/tmp/freeipa-repo/roles/ipaserver/vars/RedHat-7.yml) => { "ansible_facts": { "ipaserver_packages": [ "ipa-server", "libselinux-python" ], "ipaserver_packages_adtrust": [ "ipa-server-trust-ad" ], "ipaserver_packages_dns": [ "ipa-server-dns" ], "ipaserver_packages_firewalld": [ "firewalld" ] }, "ansible_included_var_files": [ "/tmp/freeipa-repo/roles/ipaserver/vars/RedHat-7.yml" ], "ansible_loop_var": "item", "changed": false, "item": "/tmp/freeipa-repo/roles/ipaserver/vars/RedHat-7.yml" } TASK [ipaserver : Install IPA server] ****************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/main.yml:12 Monday 22 November 2021 16:57:55 +0000 (0:00:00.030) 0:00:09.068 ******* included: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml for /cache/rhel-7.qcow2 TASK [ipaserver : Install - Ensure that IPA server packages are installed] ***** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:5 Monday 22 November 2021 16:57:55 +0000 (0:00:00.059) 0:00:09.128 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "ipa-server" ] }, "rc": 0, "results": [ "libselinux-python-2.5-15.el7.x86_64 providing libselinux-python is already installed", "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package ipa-server.x86_64 0:4.6.8-5.el7 will be installed\n--> Processing Dependency: python2-ipaserver = 4.6.8-5.el7 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: ipa-server-common = 4.6.8-5.el7 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: ipa-common = 4.6.8-5.el7 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: ipa-client = 4.6.8-5.el7 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: krb5-server < 1.15.100 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: openldap-clients > 2.4.35-4 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: system-logos >= 70.7.0 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: sssd-dbus >= 1.15.2 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: softhsm >= 2.0.0rc1-1 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: slapi-nis >= 0.56.0-4 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: python-ldap >= 2.4.15 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: python-gssapi >= 1.2.0-3 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: pki-kra >= 10.5.9-5 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: pki-ca >= 10.5.9-5 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: mod_nss >= 1.0.14-7 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: mod_lookup_identity >= 0.9.9 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: mod_auth_gssapi >= 1.5.0 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: krb5-server >= 1.15.1-36 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: krb5-server >= 1.15 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: krb5-pkinit-openssl >= 1.15.1-36 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: httpd >= 2.4.6-31 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: certmonger >= 0.78.4-10 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: 389-ds-base >= 1.3.8.4-15 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: 389-ds-base >= 1.3.8.4-15 for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: systemd-python for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: open-sans-fonts for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: oddjob for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: ntp for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: mod_wsgi for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: mod_session for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: libsss_nss_idmap.so.0(SSS_NSS_IDMAP_0.4.0)(64bit) for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: libsss_nss_idmap.so.0(SSS_NSS_IDMAP_0.1.0)(64bit) for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: libsss_certmap.so.0(SSS_CERTMAP_0.0)(64bit) for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: libsamba-util.so.0(SAMBA_UTIL_0.0.1)(64bit) for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: libndr.so.0(NDR_0.0.1)(64bit) for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: libndr-nbt.so.0(NDR_NBT_0.0.1)(64bit) for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: libndr-krb5pac.so.0(NDR_KRB5PAC_0.0.1)(64bit) for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: fontawesome-fonts for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: cyrus-sasl-gssapi(x86-64) for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: libsss_nss_idmap.so.0()(64bit) for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: libsss_certmap.so.0()(64bit) for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: libsamba-util.so.0()(64bit) for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: libndr.so.0()(64bit) for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: libndr-standard.so.0()(64bit) for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: libndr-nbt.so.0()(64bit) for package: ipa-server-4.6.8-5.el7.x86_64\n--> Processing Dependency: libndr-krb5pac.so.0()(64bit) for package: ipa-server-4.6.8-5.el7.x86_64\n--> Running transaction check\n---> Package 389-ds-base.x86_64 0:1.3.10.2-6.el7 will be installed\n--> Processing Dependency: 389-ds-base-libs = 1.3.10.2-6.el7 for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: svrcore >= 4.1.3 for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl-Socket for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl-NetAddr-IP for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl-Mozilla-LDAP for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(warnings) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(vars) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(strict) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(sigtrap) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(lib) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(Time::Local) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(Sys::Hostname) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(Socket) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(Scalar::Util) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(POSIX) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(NetAddr::IP::Util) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(Mozilla::LDAP::Utils) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(Mozilla::LDAP::LDIF) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(Mozilla::LDAP::Conn) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(Mozilla::LDAP::API) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(MIME::Base64) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(IO::Uncompress::AnyUncompress) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(IO::File) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(Getopt::Std) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(Getopt::Long) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(File::Temp) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(File::Spec::Functions) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(File::Spec) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(File::Path) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(File::Copy) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(File::Basename) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(Exporter) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(DynaLoader) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(DB_File) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(DB) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(Cwd) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(Config) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(Carp) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(Archive::Tar) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: perl(:MODULE_COMPAT_5.16.3) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: gperftools-libs for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: cyrus-sasl-plain for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: cyrus-sasl-md5 for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: bind-utils for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: /usr/bin/perl for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: libtcmalloc.so.4()(64bit) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: libsvrcore.so.0()(64bit) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: libslapd.so.0()(64bit) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: libsds.so.0()(64bit) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: libnunc-stans.so.0()(64bit) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: libns-dshttpd-1.3.10.2.so()(64bit) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: libldaputil.so.0()(64bit) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: libicuuc.so.50()(64bit) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: libicui18n.so.50()(64bit) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n--> Processing Dependency: libicudata.so.50()(64bit) for package: 389-ds-base-1.3.10.2-6.el7.x86_64\n---> Package certmonger.x86_64 0:0.78.4-14.el7 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n---> Package cyrus-sasl-gssapi.x86_64 0:2.1.26-23.el7 will be installed\n---> Package fontawesome-fonts.noarch 0:4.1.0-2.el7 will be installed\n--> Processing Dependency: fontpackages-filesystem for package: fontawesome-fonts-4.1.0-2.el7.noarch\n---> Package httpd.x86_64 0:2.4.6-95.el7 will be installed\n--> Processing Dependency: httpd-tools = 2.4.6-95.el7 for package: httpd-2.4.6-95.el7.x86_64\n--> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-95.el7.x86_64\n--> Processing Dependency: libaprutil-1.so.0()(64bit) for package: httpd-2.4.6-95.el7.x86_64\n--> Processing Dependency: libapr-1.so.0()(64bit) for package: httpd-2.4.6-95.el7.x86_64\n---> Package ipa-client.x86_64 0:4.6.8-5.el7 will be installed\n--> Processing Dependency: python2-ipaclient = 4.6.8-5.el7 for package: ipa-client-4.6.8-5.el7.x86_64\n--> Processing Dependency: ipa-client-common = 4.6.8-5.el7 for package: ipa-client-4.6.8-5.el7.x86_64\n--> Processing Dependency: sssd >= 1.14.0 for package: ipa-client-4.6.8-5.el7.x86_64\n--> Processing Dependency: krb5-workstation >= 1.15.1-36 for package: ipa-client-4.6.8-5.el7.x86_64\n--> Processing Dependency: python-sssdconfig for package: ipa-client-4.6.8-5.el7.x86_64\n--> Processing Dependency: oddjob-mkhomedir for package: ipa-client-4.6.8-5.el7.x86_64\n--> Processing Dependency: libsss_autofs for package: ipa-client-4.6.8-5.el7.x86_64\n--> Processing Dependency: autofs for package: ipa-client-4.6.8-5.el7.x86_64\n---> Package ipa-common.noarch 0:4.6.8-5.el7 will be installed\n---> Package ipa-server-common.noarch 0:4.6.8-5.el7 will be installed\n--> Processing Dependency: custodia >= 0.3.0-4 for package: ipa-server-common-4.6.8-5.el7.noarch\n---> Package krb5-pkinit.x86_64 0:1.15.1-50.el7 will be installed\n---> Package krb5-server.x86_64 0:1.15.1-50.el7 will be installed\n--> Processing Dependency: libkadm5(x86-64) = 1.15.1-50.el7 for package: krb5-server-1.15.1-50.el7.x86_64\n--> Processing Dependency: libkadm5srv_mit.so.11(kadm5srv_mit_11_MIT)(64bit) for package: krb5-server-1.15.1-50.el7.x86_64\n--> Processing Dependency: libkadm5clnt_mit.so.11(kadm5clnt_mit_11_MIT)(64bit) for package: krb5-server-1.15.1-50.el7.x86_64\n--> Processing Dependency: /usr/share/dict/words for package: krb5-server-1.15.1-50.el7.x86_64\n--> Processing Dependency: libkadm5srv_mit.so.11()(64bit) for package: krb5-server-1.15.1-50.el7.x86_64\n--> Processing Dependency: libkadm5clnt_mit.so.11()(64bit) for package: krb5-server-1.15.1-50.el7.x86_64\n---> Package libsss_certmap.x86_64 0:1.16.5-10.el7 will be installed\n---> Package libsss_nss_idmap.x86_64 0:1.16.5-10.el7 will be installed\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package mod_auth_gssapi.x86_64 0:1.5.1-7.el7 will be installed\n---> Package mod_lookup_identity.x86_64 0:1.0.0-1.el7 will be installed\n---> Package mod_nss.x86_64 0:1.0.14-12.el7 will be installed\n---> Package mod_session.x86_64 0:2.4.6-95.el7 will be installed\n--> Processing Dependency: apr-util-openssl for package: mod_session-2.4.6-95.el7.x86_64\n---> Package mod_wsgi.x86_64 0:3.4-18.el7 will be installed\n---> Package ntp.x86_64 0:4.2.6p5-29.el7_8.2 will be installed\n--> Processing Dependency: ntpdate = 4.2.6p5-29.el7_8.2 for package: ntp-4.2.6p5-29.el7_8.2.x86_64\n--> Processing Dependency: libopts.so.25()(64bit) for package: ntp-4.2.6p5-29.el7_8.2.x86_64\n---> Package oddjob.x86_64 0:0.31.5-4.el7 will be installed\n---> Package open-sans-fonts.noarch 0:1.10-1.el7 will be installed\n---> Package openldap-clients.x86_64 0:2.4.44-22.el7 will be installed\n---> Package pki-ca.noarch 0:10.5.18-7.el7 will be installed\n--> Processing Dependency: pki-server = 10.5.18-7.el7 for package: pki-ca-10.5.18-7.el7.noarch\n--> Processing Dependency: java-1.8.0-openjdk-headless for package: pki-ca-10.5.18-7.el7.noarch\n---> Package pki-kra.noarch 0:10.5.18-7.el7 will be installed\n---> Package python-gssapi.x86_64 0:1.2.0-3.el7 will be installed\n--> Processing Dependency: python-enum34 for package: python-gssapi-1.2.0-3.el7.x86_64\n---> Package python-ldap.x86_64 0:2.4.15-2.el7 will be installed\n---> Package python2-ipaserver.noarch 0:4.6.8-5.el7 will be installed\n--> Processing Dependency: python-kdcproxy >= 0.3 for package: python2-ipaserver-4.6.8-5.el7.noarch\n--> Processing Dependency: python-dns >= 1.12.0-3 for package: python2-ipaserver-4.6.8-5.el7.noarch\n--> Processing Dependency: python-custodia >= 0.3.0-4 for package: python2-ipaserver-4.6.8-5.el7.noarch\n--> Processing Dependency: python-augeas >= 0.5 for package: python2-ipaserver-4.6.8-5.el7.noarch\n--> Processing Dependency: pki-base-python2 >= 10.5.9-5 for package: python2-ipaserver-4.6.8-5.el7.noarch\n--> Processing Dependency: python-pyasn1 for package: python2-ipaserver-4.6.8-5.el7.noarch\n---> Package redhat-logos.noarch 0:70.7.0-1.el7 will be installed\n---> Package samba-client-libs.x86_64 0:4.10.16-5.el7 will be installed\n--> Processing Dependency: samba-common-libs = 4.10.16-5.el7 for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: samba-common = 4.10.16-5.el7 for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: samba-common = 4.10.16-5.el7 for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libwbclient = 4.10.16-5.el7 for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libwbclient.so.0(WBCLIENT_0.9)(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libwbclient.so.0(WBCLIENT_0.13)(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libtdb.so.1(TDB_1.3.17)(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libtdb.so.1(TDB_1.3.11)(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libtdb.so.1(TDB_1.3.0)(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libtdb.so.1(TDB_1.2.5)(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libtdb.so.1(TDB_1.2.2)(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libtdb.so.1(TDB_1.2.1)(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libldb.so.1(LDB_1.3.0)(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libldb.so.1(LDB_1.1.30)(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libldb.so.1(LDB_1.1.19)(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libldb.so.1(LDB_1.1.1)(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libldb.so.1(LDB_0.9.23)(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libldb.so.1(LDB_0.9.15)(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libldb.so.1(LDB_0.9.10)(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libgnutls.so.28(GNUTLS_3_1_0)(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libgnutls.so.28(GNUTLS_1_4)(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libaesni-intel-samba4.so(SAMBA_4.10.16)(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libwinbind-client-samba4.so()(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libwbclient.so.0()(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libtdb.so.1()(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libldb.so.1()(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libgnutls.so.28()(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libcups.so.2()(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libcluster-samba4.so()(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libavahi-common.so.3()(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libavahi-client.so.3()(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n--> Processing Dependency: libaesni-intel-samba4.so()(64bit) for package: samba-client-libs-4.10.16-5.el7.x86_64\n---> Package slapi-nis.x86_64 0:0.56.5-2.el7 will be installed\n---> Package softhsm.x86_64 0:2.1.0-3.el7 will be installed\n---> Package sssd-dbus.x86_64 0:1.16.5-10.el7 will be installed\n--> Processing Dependency: sssd-common = 1.16.5-10.el7 for package: sssd-dbus-1.16.5-10.el7.x86_64\n--> Processing Dependency: libdhash.so.1(DHASH_0.4.3)(64bit) for package: sssd-dbus-1.16.5-10.el7.x86_64\n--> Processing Dependency: libsss_util.so()(64bit) for package: sssd-dbus-1.16.5-10.el7.x86_64\n--> Processing Dependency: libsss_debug.so()(64bit) for package: sssd-dbus-1.16.5-10.el7.x86_64\n--> Processing Dependency: libsss_crypt.so()(64bit) for package: sssd-dbus-1.16.5-10.el7.x86_64\n--> Processing Dependency: libsss_child.so()(64bit) for package: sssd-dbus-1.16.5-10.el7.x86_64\n--> Processing Dependency: libsss_cert.so()(64bit) for package: sssd-dbus-1.16.5-10.el7.x86_64\n--> Processing Dependency: libdhash.so.1()(64bit) for package: sssd-dbus-1.16.5-10.el7.x86_64\n---> Package systemd-python.x86_64 0:219-78.el7 will be installed\n--> Running transaction check\n---> Package 389-ds-base-libs.x86_64 0:1.3.10.2-6.el7 will be installed\n---> Package apr.x86_64 0:1.4.8-7.el7 will be installed\n---> Package apr-util.x86_64 0:1.5.2-6.el7 will be installed\n---> Package apr-util-openssl.x86_64 0:1.5.2-6.el7 will be installed\n---> Package autofs.x86_64 1:5.0.7-113.el7 will be installed\n--> Processing Dependency: libhesiod.so.0()(64bit) for package: 1:autofs-5.0.7-113.el7.x86_64\n---> Package autogen-libopts.x86_64 0:5.18-5.el7 will be installed\n---> Package avahi-libs.x86_64 0:0.6.31-20.el7 will be installed\n---> Package bind-utils.x86_64 32:9.11.4-26.P2.el7 will be installed\n--> Processing Dependency: bind-libs-lite(x86-64) = 32:9.11.4-26.P2.el7 for package: 32:bind-utils-9.11.4-26.P2.el7.x86_64\n--> Processing Dependency: bind-libs(x86-64) = 32:9.11.4-26.P2.el7 for package: 32:bind-utils-9.11.4-26.P2.el7.x86_64\n--> Processing Dependency: liblwres.so.160()(64bit) for package: 32:bind-utils-9.11.4-26.P2.el7.x86_64\n--> Processing Dependency: libisccfg.so.160()(64bit) for package: 32:bind-utils-9.11.4-26.P2.el7.x86_64\n--> Processing Dependency: libisc.so.169()(64bit) for package: 32:bind-utils-9.11.4-26.P2.el7.x86_64\n--> Processing Dependency: libirs.so.160()(64bit) for package: 32:bind-utils-9.11.4-26.P2.el7.x86_64\n--> Processing Dependency: libdns.so.1102()(64bit) for package: 32:bind-utils-9.11.4-26.P2.el7.x86_64\n--> Processing Dependency: libbind9.so.160()(64bit) for package: 32:bind-utils-9.11.4-26.P2.el7.x86_64\n--> Processing Dependency: libGeoIP.so.1()(64bit) for package: 32:bind-utils-9.11.4-26.P2.el7.x86_64\n---> Package cups-libs.x86_64 1:1.6.3-51.el7 will be installed\n---> Package custodia.noarch 0:0.3.1-4.el7 will be installed\n---> Package cyrus-sasl-md5.x86_64 0:2.1.26-23.el7 will be installed\n---> Package cyrus-sasl-plain.x86_64 0:2.1.26-23.el7 will be installed\n---> Package fontpackages-filesystem.noarch 0:1.44-8.el7 will be installed\n---> Package gnutls.x86_64 0:3.3.29-9.el7_6 will be installed\n--> Processing Dependency: trousers >= 0.3.11.2 for package: gnutls-3.3.29-9.el7_6.x86_64\n--> Processing Dependency: libnettle.so.4()(64bit) for package: gnutls-3.3.29-9.el7_6.x86_64\n--> Processing Dependency: libhogweed.so.2()(64bit) for package: gnutls-3.3.29-9.el7_6.x86_64\n---> Package gperftools-libs.x86_64 0:2.6.1-1.el7 will be installed\n---> Package httpd-tools.x86_64 0:2.4.6-95.el7 will be installed\n---> Package ipa-client-common.noarch 0:4.6.8-5.el7 will be installed\n---> Package java-1.8.0-openjdk-headless.x86_64 1:1.8.0.262.b10-1.el7 will be installed\n--> Processing Dependency: tzdata-java >= 2020a for package: 1:java-1.8.0-openjdk-headless-1.8.0.262.b10-1.el7.x86_64\n--> Processing Dependency: copy-jdk-configs >= 3.3 for package: 1:java-1.8.0-openjdk-headless-1.8.0.262.b10-1.el7.x86_64\n--> Processing Dependency: pcsc-lite-libs(x86-64) for package: 1:java-1.8.0-openjdk-headless-1.8.0.262.b10-1.el7.x86_64\n--> Processing Dependency: lksctp-tools(x86-64) for package: 1:java-1.8.0-openjdk-headless-1.8.0.262.b10-1.el7.x86_64\n--> Processing Dependency: libjpeg.so.62(LIBJPEG_6.2)(64bit) for package: 1:java-1.8.0-openjdk-headless-1.8.0.262.b10-1.el7.x86_64\n--> Processing Dependency: jpackage-utils for package: 1:java-1.8.0-openjdk-headless-1.8.0.262.b10-1.el7.x86_64\n--> Processing Dependency: libjpeg.so.62()(64bit) for package: 1:java-1.8.0-openjdk-headless-1.8.0.262.b10-1.el7.x86_64\n---> Package krb5-workstation.x86_64 0:1.15.1-50.el7 will be installed\n---> Package libdhash.x86_64 0:0.5.0-32.el7 will be installed\n---> Package libicu.x86_64 0:50.2-4.el7_7 will be installed\n---> Package libkadm5.x86_64 0:1.15.1-50.el7 will be installed\n---> Package libldb.x86_64 0:1.5.4-1.el7 will be installed\n---> Package libsss_autofs.x86_64 0:1.16.5-10.el7 will be installed\n---> Package libtdb.x86_64 0:1.3.18-1.el7 will be installed\n---> Package libwbclient.x86_64 0:4.10.16-5.el7 will be installed\n---> Package mailcap.noarch 0:2.1.41-2.el7 will be installed\n---> Package ntpdate.x86_64 0:4.2.6p5-29.el7_8.2 will be installed\n---> Package oddjob-mkhomedir.x86_64 0:0.31.5-4.el7 will be installed\n---> Package perl.x86_64 4:5.16.3-297.el7 will be installed\n--> Processing Dependency: perl-libs = 4:5.16.3-297.el7 for package: 4:perl-5.16.3-297.el7.x86_64\n--> Processing Dependency: perl-macros for package: 4:perl-5.16.3-297.el7.x86_64\n--> Processing Dependency: perl-libs for package: 4:perl-5.16.3-297.el7.x86_64\n--> Processing Dependency: perl(threads::shared) for package: 4:perl-5.16.3-297.el7.x86_64\n--> Processing Dependency: perl(threads) for package: 4:perl-5.16.3-297.el7.x86_64\n--> Processing Dependency: perl(constant) for package: 4:perl-5.16.3-297.el7.x86_64\n--> Processing Dependency: perl(Time::HiRes) for package: 4:perl-5.16.3-297.el7.x86_64\n--> Processing Dependency: perl(Storable) for package: 4:perl-5.16.3-297.el7.x86_64\n--> Processing Dependency: perl(Pod::Simple::XHTML) for package: 4:perl-5.16.3-297.el7.x86_64\n--> Processing Dependency: perl(Pod::Simple::Search) for package: 4:perl-5.16.3-297.el7.x86_64\n--> Processing Dependency: perl(Filter::Util::Call) for package: 4:perl-5.16.3-297.el7.x86_64\n--> Processing Dependency: libperl.so()(64bit) for package: 4:perl-5.16.3-297.el7.x86_64\n---> Package perl-Archive-Tar.noarch 0:1.92-3.el7 will be installed\n--> Processing Dependency: perl(IO::Zlib) >= 1.01 for package: perl-Archive-Tar-1.92-3.el7.noarch\n--> Processing Dependency: perl(Pod::Usage) for package: perl-Archive-Tar-1.92-3.el7.noarch\n--> Processing Dependency: perl(Package::Constants) for package: perl-Archive-Tar-1.92-3.el7.noarch\n--> Processing Dependency: perl(IO::Zlib) for package: perl-Archive-Tar-1.92-3.el7.noarch\n--> Processing Dependency: perl(Data::Dumper) for package: perl-Archive-Tar-1.92-3.el7.noarch\n---> Package perl-Carp.noarch 0:1.26-244.el7 will be installed\n---> Package perl-DB_File.x86_64 0:1.830-6.el7 will be installed\n---> Package perl-Exporter.noarch 0:5.68-3.el7 will be installed\n---> Package perl-File-Path.noarch 0:2.09-2.el7 will be installed\n---> Package perl-File-Temp.noarch 0:0.23.01-3.el7 will be installed\n---> Package perl-Getopt-Long.noarch 0:2.40-3.el7 will be installed\n--> Processing Dependency: perl(Text::ParseWords) for package: perl-Getopt-Long-2.40-3.el7.noarch\n---> Package perl-IO-Compress.noarch 0:2.061-2.el7 will be installed\n--> Processing Dependency: perl(Compress::Raw::Zlib) >= 2.061 for package: perl-IO-Compress-2.061-2.el7.noarch\n--> Processing Dependency: perl(Compress::Raw::Bzip2) >= 2.061 for package: perl-IO-Compress-2.061-2.el7.noarch\n--> Processing Dependency: perl(Encode) for package: perl-IO-Compress-2.061-2.el7.noarch\n---> Package perl-Mozilla-LDAP.x86_64 0:1.5.3-12.el7 will be installed\n---> Package perl-NetAddr-IP.x86_64 0:4.069-3.el7 will be installed\n---> Package perl-PathTools.x86_64 0:3.40-5.el7 will be installed\n---> Package perl-Scalar-List-Utils.x86_64 0:1.27-248.el7 will be installed\n---> Package perl-Socket.x86_64 0:2.010-5.el7 will be installed\n---> Package perl-Time-Local.noarch 0:1.2300-2.el7 will be installed\n---> Package pki-base.noarch 0:10.5.18-7.el7 will be installed\n--> Processing Dependency: python2-cryptography for package: pki-base-10.5.18-7.el7.noarch\n--> Processing Dependency: python-nss for package: pki-base-10.5.18-7.el7.noarch\n---> Package pki-server.noarch 0:10.5.18-7.el7 will be installed\n--> Processing Dependency: pki-tools = 10.5.18-7.el7 for package: pki-server-10.5.18-7.el7.noarch\n--> Processing Dependency: pki-base-java = 10.5.18-7.el7 for package: pki-server-10.5.18-7.el7.noarch\n--> Processing Dependency: tomcatjss >= 7.2.5-1 for package: pki-server-10.5.18-7.el7.noarch\n--> Processing Dependency: tomcat >= 7.0.69 for package: pki-server-10.5.18-7.el7.noarch\n--> Processing Dependency: nuxwdog-client-java >= 1.0.5-1 for package: pki-server-10.5.18-7.el7.noarch\n--> Processing Dependency: velocity for package: pki-server-10.5.18-7.el7.noarch\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package python-augeas.noarch 0:0.5.0-2.el7 will be installed\n--> Processing Dependency: augeas-libs for package: python-augeas-0.5.0-2.el7.noarch\n---> Package python-custodia.noarch 0:0.3.1-4.el7 will be installed\n--> Processing Dependency: python-jwcrypto for package: python-custodia-0.3.1-4.el7.noarch\n---> Package python-dns.noarch 0:1.12.0-4.20150617git465785f.el7 will be installed\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-kdcproxy.noarch 0:0.3.2-3.el7 will be installed\n---> Package python-sssdconfig.noarch 0:1.16.5-10.el7 will be installed\n---> Package python2-ipaclient.noarch 0:4.6.8-5.el7 will be installed\n--> Processing Dependency: python2-ipalib = 4.6.8-5.el7 for package: python2-ipaclient-4.6.8-5.el7.noarch\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n---> Package samba-common.noarch 0:4.10.16-5.el7 will be installed\n---> Package samba-common-libs.x86_64 0:4.10.16-5.el7 will be installed\n---> Package sssd.x86_64 0:1.16.5-10.el7 will be installed\n--> Processing Dependency: sssd-proxy = 1.16.5-10.el7 for package: sssd-1.16.5-10.el7.x86_64\n--> Processing Dependency: sssd-ldap = 1.16.5-10.el7 for package: sssd-1.16.5-10.el7.x86_64\n--> Processing Dependency: sssd-krb5 = 1.16.5-10.el7 for package: sssd-1.16.5-10.el7.x86_64\n--> Processing Dependency: sssd-ipa = 1.16.5-10.el7 for package: sssd-1.16.5-10.el7.x86_64\n--> Processing Dependency: sssd-ad = 1.16.5-10.el7 for package: sssd-1.16.5-10.el7.x86_64\n---> Package sssd-common.x86_64 0:1.16.5-10.el7 will be installed\n--> Processing Dependency: sssd-client(x86-64) = 1.16.5-10.el7 for package: sssd-common-1.16.5-10.el7.x86_64\n--> Processing Dependency: libsss_sudo(x86-64) = 1.16.5-10.el7 for package: sssd-common-1.16.5-10.el7.x86_64\n--> Processing Dependency: libsss_idmap(x86-64) = 1.16.5-10.el7 for package: sssd-common-1.16.5-10.el7.x86_64\n--> Processing Dependency: libsss_idmap.so.0(SSS_IDMAP_0.5)(64bit) for package: sssd-common-1.16.5-10.el7.x86_64\n--> Processing Dependency: libsss_idmap.so.0(SSS_IDMAP_0.4)(64bit) for package: sssd-common-1.16.5-10.el7.x86_64\n--> Processing Dependency: libsss_idmap.so.0()(64bit) for package: sssd-common-1.16.5-10.el7.x86_64\n--> Processing Dependency: libhttp_parser_strict.so.2()(64bit) for package: sssd-common-1.16.5-10.el7.x86_64\n--> Processing Dependency: libcares.so.2()(64bit) for package: sssd-common-1.16.5-10.el7.x86_64\n---> Package svrcore.x86_64 0:4.1.3-2.el7 will be installed\n---> Package words.noarch 0:3.0-22.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Running transaction check\n---> Package GeoIP.x86_64 0:1.5.0-14.el7 will be installed\n--> Processing Dependency: geoipupdate for package: GeoIP-1.5.0-14.el7.x86_64\n---> Package augeas-libs.x86_64 0:1.4.0-10.el7 will be installed\n---> Package bind-libs.x86_64 32:9.11.4-26.P2.el7 will be installed\n--> Processing Dependency: bind-license = 32:9.11.4-26.P2.el7 for package: 32:bind-libs-9.11.4-26.P2.el7.x86_64\n---> Package bind-libs-lite.x86_64 32:9.11.4-26.P2.el7 will be installed\n---> Package c-ares.x86_64 0:1.10.0-3.el7 will be installed\n---> Package copy-jdk-configs.noarch 0:3.3-10.el7_5 will be installed\n---> Package hesiod.x86_64 0:3.2.1-3.el7 will be installed\n---> Package http-parser.x86_64 0:2.7.1-9.el7 will be installed\n---> Package javapackages-tools.noarch 0:3.4.1-11.el7 will be installed\n--> Processing Dependency: python-javapackages = 3.4.1-11.el7 for package: javapackages-tools-3.4.1-11.el7.noarch\n---> Package libjpeg-turbo.x86_64 0:1.2.90-8.el7 will be installed\n---> Package libsss_idmap.x86_64 0:1.16.5-10.el7 will be installed\n---> Package libsss_sudo.x86_64 0:1.16.5-10.el7 will be installed\n---> Package lksctp-tools.x86_64 0:1.0.17-2.el7 will be installed\n---> Package nettle.x86_64 0:2.7.1-8.el7 will be installed\n---> Package nuxwdog-client-java.x86_64 0:1.0.5-1.el7 will be installed\n--> Processing Dependency: nuxwdog = 1.0.5-1.el7 for package: nuxwdog-client-java-1.0.5-1.el7.x86_64\n--> Processing Dependency: libnuxwdog.so.0()(64bit) for package: nuxwdog-client-java-1.0.5-1.el7.x86_64\n---> Package pcsc-lite-libs.x86_64 0:1.8.8-8.el7 will be installed\n---> Package perl-Compress-Raw-Bzip2.x86_64 0:2.061-3.el7 will be installed\n---> Package perl-Compress-Raw-Zlib.x86_64 1:2.061-4.el7 will be installed\n---> Package perl-Data-Dumper.x86_64 0:2.145-3.el7 will be installed\n---> Package perl-Encode.x86_64 0:2.51-7.el7 will be installed\n---> Package perl-Filter.x86_64 0:1.49-3.el7 will be installed\n---> Package perl-IO-Zlib.noarch 1:1.10-297.el7 will be installed\n---> Package perl-Package-Constants.noarch 1:0.02-297.el7 will be installed\n---> Package perl-Pod-Simple.noarch 1:3.28-4.el7 will be installed\n--> Processing Dependency: perl(Pod::Escapes) >= 1.04 for package: 1:perl-Pod-Simple-3.28-4.el7.noarch\n---> Package perl-Pod-Usage.noarch 0:1.63-3.el7 will be installed\n--> Processing Dependency: perl(Pod::Text) >= 3.15 for package: perl-Pod-Usage-1.63-3.el7.noarch\n--> Processing Dependency: perl-Pod-Perldoc for package: perl-Pod-Usage-1.63-3.el7.noarch\n---> Package perl-Storable.x86_64 0:2.45-3.el7 will be installed\n---> Package perl-Text-ParseWords.noarch 0:3.29-4.el7 will be installed\n---> Package perl-Time-HiRes.x86_64 4:1.9725-3.el7 will be installed\n---> Package perl-constant.noarch 0:1.27-2.el7 will be installed\n---> Package perl-libs.x86_64 4:5.16.3-297.el7 will be installed\n---> Package perl-macros.x86_64 4:5.16.3-297.el7 will be installed\n---> Package perl-threads.x86_64 0:1.87-4.el7 will be installed\n---> Package perl-threads-shared.x86_64 0:1.43-6.el7 will be installed\n---> Package pki-base-java.noarch 0:10.5.18-7.el7 will be installed\n--> Processing Dependency: resteasy-base-jaxrs-api >= 3.0.6-1 for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: resteasy-base-jaxrs >= 3.0.6-1 for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: resteasy-base-jaxb-provider >= 3.0.6-1 for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: resteasy-base-jackson-provider >= 3.0.6-1 for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: resteasy-base-client >= 3.0.6-1 for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: resteasy-base-atom-provider >= 3.0.6-1 for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: ldapjdk >= 4.19-5 for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: jss >= 4.4.9-3 for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: xml-commons-resolver for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: xml-commons-apis for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: xerces-j2 for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: xalan-j2 for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: slf4j for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: javassist for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: jakarta-commons-httpclient for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: apache-commons-logging for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: apache-commons-lang for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: apache-commons-io for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: apache-commons-codec for package: pki-base-java-10.5.18-7.el7.noarch\n--> Processing Dependency: apache-commons-cli for package: pki-base-java-10.5.18-7.el7.noarch\n---> Package pki-tools.x86_64 0:10.5.18-7.el7 will be installed\n---> Package python-jwcrypto.noarch 0:0.4.2-1.el7 will be installed\n---> Package python-nss.x86_64 0:0.16.0-3.el7 will be installed\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-ipalib.noarch 0:4.6.8-5.el7 will be installed\n--> Processing Dependency: python-yubico >= 1.2.3 for package: python2-ipalib-4.6.8-5.el7.noarch\n--> Processing Dependency: python-qrcode-core >= 5.0.0 for package: python2-ipalib-4.6.8-5.el7.noarch\n--> Processing Dependency: python-netifaces >= 0.10.4 for package: python2-ipalib-4.6.8-5.el7.noarch\n--> Processing Dependency: python-netaddr >= 0.7.5-9 for package: python2-ipalib-4.6.8-5.el7.noarch\n--> Processing Dependency: pyusb for package: python2-ipalib-4.6.8-5.el7.noarch\n--> Processing Dependency: python-sss-murmur for package: python2-ipalib-4.6.8-5.el7.noarch\n--> Processing Dependency: python-pyasn1-modules for package: python2-ipalib-4.6.8-5.el7.noarch\n--> Processing Dependency: python-libipa_hbac for package: python2-ipalib-4.6.8-5.el7.noarch\n---> Package sssd-ad.x86_64 0:1.16.5-10.el7 will be installed\n--> Processing Dependency: sssd-krb5-common = 1.16.5-10.el7 for package: sssd-ad-1.16.5-10.el7.x86_64\n--> Processing Dependency: sssd-common-pac = 1.16.5-10.el7 for package: sssd-ad-1.16.5-10.el7.x86_64\n--> Processing Dependency: libsmbclient.so.0(SMBCLIENT_0.1.0)(64bit) for package: sssd-ad-1.16.5-10.el7.x86_64\n--> Processing Dependency: libsmbclient.so.0()(64bit) for package: sssd-ad-1.16.5-10.el7.x86_64\n---> Package sssd-client.x86_64 0:1.16.5-10.el7 will be installed\n---> Package sssd-ipa.x86_64 0:1.16.5-10.el7 will be installed\n--> Processing Dependency: libipa_hbac(x86-64) = 1.16.5-10.el7 for package: sssd-ipa-1.16.5-10.el7.x86_64\n--> Processing Dependency: libipa_hbac.so.0(IPA_HBAC_0.1.0)(64bit) for package: sssd-ipa-1.16.5-10.el7.x86_64\n--> Processing Dependency: libipa_hbac.so.0(IPA_HBAC_0.0.1)(64bit) for package: sssd-ipa-1.16.5-10.el7.x86_64\n--> Processing Dependency: libipa_hbac.so.0()(64bit) for package: sssd-ipa-1.16.5-10.el7.x86_64\n---> Package sssd-krb5.x86_64 0:1.16.5-10.el7 will be installed\n---> Package sssd-ldap.x86_64 0:1.16.5-10.el7 will be installed\n---> Package sssd-proxy.x86_64 0:1.16.5-10.el7 will be installed\n---> Package tomcat.noarch 0:7.0.76-15.el7 will be installed\n--> Processing Dependency: tomcat-lib = 7.0.76-15.el7 for package: tomcat-7.0.76-15.el7.noarch\n--> Processing Dependency: java >= 1:1.6.0 for package: tomcat-7.0.76-15.el7.noarch\n--> Processing Dependency: apache-commons-pool for package: tomcat-7.0.76-15.el7.noarch\n--> Processing Dependency: apache-commons-dbcp for package: tomcat-7.0.76-15.el7.noarch\n--> Processing Dependency: apache-commons-daemon for package: tomcat-7.0.76-15.el7.noarch\n--> Processing Dependency: apache-commons-collections for package: tomcat-7.0.76-15.el7.noarch\n---> Package tomcatjss.noarch 0:7.2.5-1.el7 will be installed\n---> Package trousers.x86_64 0:0.3.14-2.el7 will be installed\n---> Package tzdata-java.noarch 0:2020a-1.el7 will be installed\n---> Package velocity.noarch 0:1.7-10.el7 will be installed\n--> Processing Dependency: servlet3 for package: velocity-1.7-10.el7.noarch\n--> Processing Dependency: log4j for package: velocity-1.7-10.el7.noarch\n--> Processing Dependency: junit for package: velocity-1.7-10.el7.noarch\n--> Processing Dependency: jdom for package: velocity-1.7-10.el7.noarch\n--> Processing Dependency: jaxen for package: velocity-1.7-10.el7.noarch\n--> Processing Dependency: jakarta-oro for package: velocity-1.7-10.el7.noarch\n--> Processing Dependency: hsqldb for package: velocity-1.7-10.el7.noarch\n--> Processing Dependency: bcel for package: velocity-1.7-10.el7.noarch\n--> Running transaction check\n---> Package apache-commons-cli.noarch 0:1.2-13.el7 will be installed\n---> Package apache-commons-codec.noarch 0:1.8-7.el7 will be installed\n---> Package apache-commons-collections.noarch 0:3.2.1-22.el7_2 will be installed\n---> Package apache-commons-daemon.x86_64 0:1.0.13-7.el7 will be installed\n---> Package apache-commons-dbcp.noarch 0:1.4-17.el7 will be installed\n--> Processing Dependency: mvn(org.apache.geronimo.specs:geronimo-jta_1.1_spec) for package: apache-commons-dbcp-1.4-17.el7.noarch\n---> Package apache-commons-io.noarch 1:2.4-12.el7 will be installed\n---> Package apache-commons-lang.noarch 0:2.6-15.el7 will be installed\n---> Package apache-commons-logging.noarch 0:1.1.2-7.el7 will be installed\n--> Processing Dependency: mvn(logkit:logkit) for package: apache-commons-logging-1.1.2-7.el7.noarch\n--> Processing Dependency: mvn(avalon-framework:avalon-framework-api) for package: apache-commons-logging-1.1.2-7.el7.noarch\n---> Package apache-commons-pool.noarch 0:1.6-9.el7 will be installed\n---> Package bcel.noarch 0:5.2-18.el7 will be installed\n--> Processing Dependency: mvn(regexp:regexp) for package: bcel-5.2-18.el7.noarch\n---> Package bind-license.noarch 32:9.11.4-26.P2.el7 will be installed\n---> Package geoipupdate.x86_64 0:2.5.0-1.el7 will be installed\n---> Package hsqldb.noarch 1:1.8.1.3-14.el7 will be installed\n---> Package jakarta-commons-httpclient.noarch 1:3.1-16.el7_0 will be installed\n---> Package jakarta-oro.noarch 0:2.0.8-16.el7 will be installed\n---> Package java-1.8.0-openjdk.x86_64 1:1.8.0.262.b10-1.el7 will be installed\n--> Processing Dependency: xorg-x11-fonts-Type1 for package: 1:java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64\n--> Processing Dependency: libasound.so.2(ALSA_0.9.0rc4)(64bit) for package: 1:java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64\n--> Processing Dependency: libasound.so.2(ALSA_0.9)(64bit) for package: 1:java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64\n--> Processing Dependency: libXcomposite(x86-64) for package: 1:java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64\n--> Processing Dependency: gtk2(x86-64) for package: 1:java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64\n--> Processing Dependency: fontconfig(x86-64) for package: 1:java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64\n--> Processing Dependency: libgif.so.4()(64bit) for package: 1:java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64\n--> Processing Dependency: libasound.so.2()(64bit) for package: 1:java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64\n--> Processing Dependency: libXtst.so.6()(64bit) for package: 1:java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64\n--> Processing Dependency: libXrender.so.1()(64bit) for package: 1:java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64\n--> Processing Dependency: libXi.so.6()(64bit) for package: 1:java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64\n--> Processing Dependency: libXext.so.6()(64bit) for package: 1:java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64\n--> Processing Dependency: libX11.so.6()(64bit) for package: 1:java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64\n---> Package javassist.noarch 0:3.16.1-10.el7 will be installed\n---> Package jaxen.noarch 0:1.1.3-11.el7 will be installed\n--> Processing Dependency: dom4j >= 1.6.1 for package: jaxen-1.1.3-11.el7.noarch\n---> Package jdom.noarch 0:1.1.3-6.el7 will be installed\n---> Package jss.x86_64 0:4.4.9-3.el7 will be installed\n---> Package junit.noarch 0:4.11-8.el7 will be installed\n--> Processing Dependency: osgi(org.hamcrest.core) for package: junit-4.11-8.el7.noarch\n--> Processing Dependency: hamcrest for package: junit-4.11-8.el7.noarch\n---> Package ldapjdk.noarch 0:4.19-5.el7 will be installed\n---> Package libipa_hbac.x86_64 0:1.16.5-10.el7 will be installed\n---> Package libsmbclient.x86_64 0:4.10.16-5.el7 will be installed\n---> Package log4j.noarch 0:1.2.17-16.el7_4 will be installed\n--> Processing Dependency: mvn(org.apache.geronimo.specs:geronimo-jms_1.1_spec) for package: log4j-1.2.17-16.el7_4.noarch\n--> Processing Dependency: mvn(javax.mail:mail) for package: log4j-1.2.17-16.el7_4.noarch\n---> Package nuxwdog.x86_64 0:1.0.5-1.el7 will be installed\n---> Package perl-Pod-Escapes.noarch 1:1.04-297.el7 will be installed\n---> Package perl-Pod-Perldoc.noarch 0:3.20-4.el7 will be installed\n--> Processing Dependency: perl(parent) for package: perl-Pod-Perldoc-3.20-4.el7.noarch\n--> Processing Dependency: perl(HTTP::Tiny) for package: perl-Pod-Perldoc-3.20-4.el7.noarch\n---> Package perl-podlators.noarch 0:2.5.1-3.el7 will be installed\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n---> Package python-javapackages.noarch 0:3.4.1-11.el7 will be installed\n---> Package python-libipa_hbac.x86_64 0:1.16.5-10.el7 will be installed\n---> Package python-netaddr.noarch 0:0.7.5-9.el7 will be installed\n---> Package python-netifaces.x86_64 0:0.10.4-3.el7 will be installed\n---> Package python-qrcode-core.noarch 0:5.0.1-1.el7 will be installed\n---> Package python-sss-murmur.x86_64 0:1.16.5-10.el7 will be installed\n---> Package python-yubico.noarch 0:1.2.3-1.el7 will be installed\n---> Package python2-pyasn1-modules.noarch 0:0.1.9-7.el7 will be installed\n---> Package pyusb.noarch 0:1.0.0-0.11.b1.el7 will be installed\n---> Package resteasy-base-atom-provider.noarch 0:3.0.6-4.el7 will be installed\n--> Processing Dependency: mvn(com.sun.xml.bind:jaxb-impl) for package: resteasy-base-atom-provider-3.0.6-4.el7.noarch\n---> Package resteasy-base-client.noarch 0:3.0.6-4.el7 will be installed\n---> Package resteasy-base-jackson-provider.noarch 0:3.0.6-4.el7 will be installed\n--> Processing Dependency: mvn(org.codehaus.jackson:jackson-xc) for package: resteasy-base-jackson-provider-3.0.6-4.el7.noarch\n--> Processing Dependency: mvn(org.codehaus.jackson:jackson-mapper-asl) for package: resteasy-base-jackson-provider-3.0.6-4.el7.noarch\n--> Processing Dependency: mvn(org.codehaus.jackson:jackson-jaxrs) for package: resteasy-base-jackson-provider-3.0.6-4.el7.noarch\n--> Processing Dependency: mvn(org.codehaus.jackson:jackson-core-asl) for package: resteasy-base-jackson-provider-3.0.6-4.el7.noarch\n---> Package resteasy-base-jaxb-provider.noarch 0:3.0.6-4.el7 will be installed\n---> Package resteasy-base-jaxrs.noarch 0:3.0.6-4.el7 will be installed\n--> Processing Dependency: mvn(org.scannotation:scannotation) for package: resteasy-base-jaxrs-3.0.6-4.el7.noarch\n--> Processing Dependency: mvn(org.jboss.spec.javax.annotation:jboss-annotations-api_1.1_spec) for package: resteasy-base-jaxrs-3.0.6-4.el7.noarch\n--> Processing Dependency: mvn(org.apache.httpcomponents:httpclient) for package: resteasy-base-jaxrs-3.0.6-4.el7.noarch\n---> Package resteasy-base-jaxrs-api.noarch 0:3.0.6-4.el7 will be installed\n---> Package slf4j.noarch 0:1.7.4-4.el7_4 will be installed\n--> Processing Dependency: mvn(ch.qos.cal10n:cal10n-api) for package: slf4j-1.7.4-4.el7_4.noarch\n---> Package sssd-common-pac.x86_64 0:1.16.5-10.el7 will be installed\n---> Package sssd-krb5-common.x86_64 0:1.16.5-10.el7 will be installed\n---> Package tomcat-lib.noarch 0:7.0.76-15.el7 will be installed\n--> Processing Dependency: tomcat-jsp-2.2-api = 7.0.76-15.el7 for package: tomcat-lib-7.0.76-15.el7.noarch\n--> Processing Dependency: tomcat-el-2.2-api = 7.0.76-15.el7 for package: tomcat-lib-7.0.76-15.el7.noarch\n--> Processing Dependency: ecj >= 1:4.2.1 for package: tomcat-lib-7.0.76-15.el7.noarch\n---> Package tomcat-servlet-3.0-api.noarch 0:7.0.76-15.el7 will be installed\n---> Package xalan-j2.noarch 0:2.7.1-23.el7 will be installed\n---> Package xerces-j2.noarch 0:2.11.0-17.el7_0 will be installed\n---> Package xml-commons-apis.noarch 0:1.4.01-16.el7 will be installed\n---> Package xml-commons-resolver.noarch 0:1.2-15.el7 will be installed\n--> Running transaction check\n---> Package alsa-lib.x86_64 0:1.1.8-1.el7 will be installed\n---> Package avalon-framework.noarch 0:4.3-10.el7 will be installed\n---> Package avalon-logkit.noarch 0:2.1-14.el7 will be installed\n---> Package cal10n.noarch 0:0.7.7-4.el7 will be installed\n---> Package dom4j.noarch 0:1.6.1-20.el7 will be installed\n--> Processing Dependency: xpp3 for package: dom4j-1.6.1-20.el7.noarch\n--> Processing Dependency: ws-jaxme for package: dom4j-1.6.1-20.el7.noarch\n--> Processing Dependency: relaxngDatatype for package: dom4j-1.6.1-20.el7.noarch\n--> Processing Dependency: msv-xsdlib for package: dom4j-1.6.1-20.el7.noarch\n--> Processing Dependency: msv-msv for package: dom4j-1.6.1-20.el7.noarch\n--> Processing Dependency: isorelax for package: dom4j-1.6.1-20.el7.noarch\n--> Processing Dependency: bea-stax-api for package: dom4j-1.6.1-20.el7.noarch\n--> Processing Dependency: bea-stax for package: dom4j-1.6.1-20.el7.noarch\n---> Package ecj.x86_64 1:4.5.2-3.el7 will be installed\n---> Package fontconfig.x86_64 0:2.13.0-4.3.el7 will be installed\n--> Processing Dependency: dejavu-sans-fonts for package: fontconfig-2.13.0-4.3.el7.x86_64\n---> Package geronimo-jms.noarch 0:1.1.1-19.el7 will be installed\n---> Package geronimo-jta.noarch 0:1.1.1-17.el7 will be installed\n---> Package giflib.x86_64 0:4.1.6-9.el7 will be installed\n--> Processing Dependency: libSM.so.6()(64bit) for package: giflib-4.1.6-9.el7.x86_64\n--> Processing Dependency: libICE.so.6()(64bit) for package: giflib-4.1.6-9.el7.x86_64\n---> Package glassfish-jaxb.noarch 0:2.2.5-6.el7 will be installed\n--> Processing Dependency: xsom for package: glassfish-jaxb-2.2.5-6.el7.noarch\n--> Processing Dependency: txw2 for package: glassfish-jaxb-2.2.5-6.el7.noarch\n--> Processing Dependency: stax-ex for package: glassfish-jaxb-2.2.5-6.el7.noarch\n--> Processing Dependency: rngom for package: glassfish-jaxb-2.2.5-6.el7.noarch\n--> Processing Dependency: jing for package: glassfish-jaxb-2.2.5-6.el7.noarch\n--> Processing Dependency: istack-commons for package: glassfish-jaxb-2.2.5-6.el7.noarch\n--> Processing Dependency: glassfish-jaxb-api for package: glassfish-jaxb-2.2.5-6.el7.noarch\n--> Processing Dependency: glassfish-fastinfoset for package: glassfish-jaxb-2.2.5-6.el7.noarch\n--> Processing Dependency: glassfish-dtd-parser for package: glassfish-jaxb-2.2.5-6.el7.noarch\n--> Processing Dependency: codemodel for package: glassfish-jaxb-2.2.5-6.el7.noarch\n---> Package gtk2.x86_64 0:2.24.31-1.el7 will be installed\n--> Processing Dependency: pango >= 1.20.0-1 for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libtiff >= 3.6.1 for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libXrandr >= 1.2.99.4-2 for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: atk >= 1.29.4-2 for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: hicolor-icon-theme for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: gtk-update-icon-cache for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libpangoft2-1.0.so.0()(64bit) for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libpangocairo-1.0.so.0()(64bit) for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libpango-1.0.so.0()(64bit) for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libgdk_pixbuf-2.0.so.0()(64bit) for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libcairo.so.2()(64bit) for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libatk-1.0.so.0()(64bit) for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libXrandr.so.2()(64bit) for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libXinerama.so.1()(64bit) for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libXfixes.so.3()(64bit) for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libXdamage.so.1()(64bit) for package: gtk2-2.24.31-1.el7.x86_64\n--> Processing Dependency: libXcursor.so.1()(64bit) for package: gtk2-2.24.31-1.el7.x86_64\n---> Package hamcrest.noarch 0:1.3-6.el7 will be installed\n--> Processing Dependency: qdox for package: hamcrest-1.3-6.el7.noarch\n--> Processing Dependency: easymock2 for package: hamcrest-1.3-6.el7.noarch\n---> Package httpcomponents-client.noarch 0:4.2.5-5.el7_0 will be installed\n--> Processing Dependency: mvn(org.apache.httpcomponents:httpcore) for package: httpcomponents-client-4.2.5-5.el7_0.noarch\n---> Package jackson.noarch 0:1.9.4-7.el7 will be installed\n--> Processing Dependency: stax2-api >= 3.1.1 for package: jackson-1.9.4-7.el7.noarch\n--> Processing Dependency: objectweb-asm >= 3.3 for package: jackson-1.9.4-7.el7.noarch\n--> Processing Dependency: jsr-311 >= 1.1.1 for package: jackson-1.9.4-7.el7.noarch\n--> Processing Dependency: joda-time >= 1.6.2 for package: jackson-1.9.4-7.el7.noarch\n---> Package javamail.noarch 0:1.4.6-8.el7 will be installed\n---> Package jboss-annotations-1.1-api.noarch 0:1.0.1-0.6.20120212git76e1a2.el7 will be installed\n---> Package libX11.x86_64 0:1.6.7-2.el7 will be installed\n--> Processing Dependency: libX11-common >= 1.6.7-2.el7 for package: libX11-1.6.7-2.el7.x86_64\n--> Processing Dependency: libxcb.so.1()(64bit) for package: libX11-1.6.7-2.el7.x86_64\n---> Package libXcomposite.x86_64 0:0.4.4-4.1.el7 will be installed\n---> Package libXext.x86_64 0:1.3.3-3.el7 will be installed\n---> Package libXi.x86_64 0:1.7.9-1.el7 will be installed\n---> Package libXrender.x86_64 0:0.9.10-1.el7 will be installed\n---> Package libXtst.x86_64 0:1.2.3-1.el7 will be installed\n---> Package perl-HTTP-Tiny.noarch 0:0.033-3.el7 will be installed\n---> Package perl-parent.noarch 1:0.225-244.el7 will be installed\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n---> Package regexp.noarch 0:1.5-13.el7 will be installed\n---> Package scannotation.noarch 0:1.0.3-0.7.r12.el7 will be installed\n---> Package tomcat-el-2.2-api.noarch 0:7.0.76-15.el7 will be installed\n---> Package tomcat-jsp-2.2-api.noarch 0:7.0.76-15.el7 will be installed\n---> Package xorg-x11-fonts-Type1.noarch 0:7.5-9.el7 will be installed\n--> Processing Dependency: ttmkfdir for package: xorg-x11-fonts-Type1-7.5-9.el7.noarch\n--> Processing Dependency: ttmkfdir for package: xorg-x11-fonts-Type1-7.5-9.el7.noarch\n--> Processing Dependency: mkfontdir for package: xorg-x11-fonts-Type1-7.5-9.el7.noarch\n--> Processing Dependency: mkfontdir for package: xorg-x11-fonts-Type1-7.5-9.el7.noarch\n--> Running transaction check\n---> Package atk.x86_64 0:2.28.1-2.el7 will be installed\n---> Package bea-stax.noarch 0:1.2.0-9.el7 will be installed\n---> Package bea-stax-api.noarch 0:1.2.0-9.el7 will be installed\n---> Package cairo.x86_64 0:1.15.12-4.el7 will be installed\n--> Processing Dependency: libpixman-1.so.0()(64bit) for package: cairo-1.15.12-4.el7.x86_64\n--> Processing Dependency: libGL.so.1()(64bit) for package: cairo-1.15.12-4.el7.x86_64\n--> Processing Dependency: libEGL.so.1()(64bit) for package: cairo-1.15.12-4.el7.x86_64\n---> Package codemodel.noarch 0:2.6-9.el7 will be installed\n--> Processing Dependency: jvnet-parent for package: codemodel-2.6-9.el7.noarch\n---> Package dejavu-sans-fonts.noarch 0:2.33-6.el7 will be installed\n--> Processing Dependency: dejavu-fonts-common = 2.33-6.el7 for package: dejavu-sans-fonts-2.33-6.el7.noarch\n---> Package easymock2.noarch 0:2.5.2-12.el7 will be installed\n---> Package gdk-pixbuf2.x86_64 0:2.36.12-3.el7 will be installed\n--> Processing Dependency: libjasper.so.1()(64bit) for package: gdk-pixbuf2-2.36.12-3.el7.x86_64\n---> Package glassfish-dtd-parser.noarch 0:1.2-0.8.20120120svn.el7 will be installed\n---> Package glassfish-fastinfoset.noarch 0:1.2.12-9.el7 will be installed\n---> Package glassfish-jaxb-api.noarch 0:2.2.7-4.el7 will be installed\n---> Package gtk-update-icon-cache.x86_64 0:3.22.30-5.el7 will be installed\n---> Package hicolor-icon-theme.noarch 0:0.12-7.el7 will be installed\n---> Package httpcomponents-core.noarch 0:4.2.4-6.el7 will be installed\n---> Package isorelax.noarch 1:0-0.15.release20050331.el7 will be installed\n---> Package istack-commons.noarch 0:2.17-4.el7 will be installed\n---> Package jing.noarch 0:20091111-14.el7 will be installed\n---> Package joda-time.noarch 0:2.2-3.tzdata2013c.el7 will be installed\n--> Processing Dependency: mvn(org.joda:joda-convert) for package: joda-time-2.2-3.tzdata2013c.el7.noarch\n---> Package jsr-311.noarch 0:1.1.1-6.el7 will be installed\n---> Package libICE.x86_64 0:1.0.9-9.el7 will be installed\n---> Package libSM.x86_64 0:1.2.2-2.el7 will be installed\n---> Package libX11-common.noarch 0:1.6.7-2.el7 will be installed\n---> Package libXcursor.x86_64 0:1.1.15-1.el7 will be installed\n---> Package libXdamage.x86_64 0:1.1.4-4.1.el7 will be installed\n---> Package libXfixes.x86_64 0:5.0.3-1.el7 will be installed\n---> Package libXinerama.x86_64 0:1.1.3-2.1.el7 will be installed\n---> Package libXrandr.x86_64 0:1.5.1-2.el7 will be installed\n---> Package libtiff.x86_64 0:4.0.3-35.el7 will be installed\n--> Processing Dependency: libjbig.so.2.0()(64bit) for package: libtiff-4.0.3-35.el7.x86_64\n---> Package libxcb.x86_64 0:1.13-1.el7 will be installed\n--> Processing Dependency: libXau.so.6()(64bit) for package: libxcb-1.13-1.el7.x86_64\n---> Package msv-msv.noarch 1:2013.5.1-7.el7 will be installed\n---> Package msv-xsdlib.noarch 1:2013.5.1-7.el7 will be installed\n---> Package objectweb-asm.noarch 0:3.3.1-9.el7 will be installed\n---> Package pango.x86_64 0:1.42.4-4.el7_7 will be installed\n--> Processing Dependency: libthai(x86-64) >= 0.1.9 for package: pango-1.42.4-4.el7_7.x86_64\n--> Processing Dependency: libXft(x86-64) >= 2.0.0 for package: pango-1.42.4-4.el7_7.x86_64\n--> Processing Dependency: harfbuzz(x86-64) >= 1.4.2 for package: pango-1.42.4-4.el7_7.x86_64\n--> Processing Dependency: fribidi(x86-64) >= 1.0 for package: pango-1.42.4-4.el7_7.x86_64\n--> Processing Dependency: libthai.so.0(LIBTHAI_0.1)(64bit) for package: pango-1.42.4-4.el7_7.x86_64\n--> Processing Dependency: libthai.so.0()(64bit) for package: pango-1.42.4-4.el7_7.x86_64\n--> Processing Dependency: libharfbuzz.so.0()(64bit) for package: pango-1.42.4-4.el7_7.x86_64\n--> Processing Dependency: libfribidi.so.0()(64bit) for package: pango-1.42.4-4.el7_7.x86_64\n--> Processing Dependency: libXft.so.2()(64bit) for package: pango-1.42.4-4.el7_7.x86_64\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n---> Package qdox.noarch 0:1.12.1-10.el7 will be installed\n---> Package relaxngDatatype.noarch 0:1.0-11.el7 will be installed\n---> Package rngom.noarch 0:201103-0.8.20120119svn.el7 will be installed\n---> Package stax-ex.noarch 0:1.7.1-6.el7 will be installed\n---> Package stax2-api.noarch 0:3.1.1-10.el7 will be installed\n---> Package ttmkfdir.x86_64 0:3.0.9-42.el7 will be installed\n---> Package txw2.noarch 0:20110809-8.el7 will be installed\n--> Processing Dependency: args4j for package: txw2-20110809-8.el7.noarch\n---> Package ws-jaxme.noarch 0:0.5.2-10.el7 will be installed\n--> Processing Dependency: antlr for package: ws-jaxme-0.5.2-10.el7.noarch\n---> Package xorg-x11-font-utils.x86_64 1:7.5-21.el7 will be installed\n--> Processing Dependency: libfontenc.so.1()(64bit) for package: 1:xorg-x11-font-utils-7.5-21.el7.x86_64\n---> Package xpp3.noarch 0:1.1.3.8-11.el7 will be installed\n---> Package xsom.noarch 0:0-10.20110809svn.el7 will be installed\n--> Running transaction check\n---> Package antlr-tool.noarch 0:2.7.7-30.el7 will be installed\n---> Package args4j.noarch 0:2.0.16-13.el7 will be installed\n---> Package dejavu-fonts-common.noarch 0:2.33-6.el7 will be installed\n---> Package fribidi.x86_64 0:1.0.2-1.el7_7.1 will be installed\n---> Package harfbuzz.x86_64 0:1.7.5-2.el7 will be installed\n--> Processing Dependency: libgraphite2.so.3()(64bit) for package: harfbuzz-1.7.5-2.el7.x86_64\n---> Package jasper-libs.x86_64 0:1.900.1-33.el7 will be installed\n---> Package jbigkit-libs.x86_64 0:2.0-11.el7 will be installed\n---> Package joda-convert.noarch 0:1.3-5.el7 will be installed\n---> Package jvnet-parent.noarch 0:4-2.el7 will be installed\n---> Package libXau.x86_64 0:1.0.8-2.1.el7 will be installed\n---> Package libXft.x86_64 0:2.3.2-2.el7 will be installed\n---> Package libfontenc.x86_64 0:1.1.3-3.el7 will be installed\n---> Package libglvnd-egl.x86_64 1:1.0.1-0.8.git5baa1e5.el7 will be installed\n--> Processing Dependency: libglvnd(x86-64) = 1:1.0.1-0.8.git5baa1e5.el7 for package: 1:libglvnd-egl-1.0.1-0.8.git5baa1e5.el7.x86_64\n--> Processing Dependency: mesa-libEGL(x86-64) >= 13.0.4-1 for package: 1:libglvnd-egl-1.0.1-0.8.git5baa1e5.el7.x86_64\n--> Processing Dependency: libGLdispatch.so.0()(64bit) for package: 1:libglvnd-egl-1.0.1-0.8.git5baa1e5.el7.x86_64\n---> Package libglvnd-glx.x86_64 1:1.0.1-0.8.git5baa1e5.el7 will be installed\n--> Processing Dependency: mesa-libGL(x86-64) >= 13.0.4-1 for package: 1:libglvnd-glx-1.0.1-0.8.git5baa1e5.el7.x86_64\n---> Package libthai.x86_64 0:0.1.14-9.el7 will be installed\n---> Package pixman.x86_64 0:0.34.0-1.el7 will be installed\n--> Running transaction check\n---> Package graphite2.x86_64 0:1.3.10-1.el7_3 will be installed\n---> Package libglvnd.x86_64 1:1.0.1-0.8.git5baa1e5.el7 will be installed\n---> Package mesa-libEGL.x86_64 0:18.3.4-10.el7 will be installed\n--> Processing Dependency: mesa-libgbm = 18.3.4-10.el7 for package: mesa-libEGL-18.3.4-10.el7.x86_64\n--> Processing Dependency: libxshmfence.so.1()(64bit) for package: mesa-libEGL-18.3.4-10.el7.x86_64\n--> Processing Dependency: libwayland-server.so.0()(64bit) for package: mesa-libEGL-18.3.4-10.el7.x86_64\n--> Processing Dependency: libwayland-client.so.0()(64bit) for package: mesa-libEGL-18.3.4-10.el7.x86_64\n--> Processing Dependency: libglapi.so.0()(64bit) for package: mesa-libEGL-18.3.4-10.el7.x86_64\n--> Processing Dependency: libgbm.so.1()(64bit) for package: mesa-libEGL-18.3.4-10.el7.x86_64\n--> Processing Dependency: libdrm.so.2()(64bit) for package: mesa-libEGL-18.3.4-10.el7.x86_64\n---> Package mesa-libGL.x86_64 0:18.3.4-10.el7 will be installed\n--> Processing Dependency: libXxf86vm.so.1()(64bit) for package: mesa-libGL-18.3.4-10.el7.x86_64\n--> Running transaction check\n---> Package libXxf86vm.x86_64 0:1.1.4-1.el7 will be installed\n---> Package libdrm.x86_64 0:2.4.97-2.el7 will be installed\n--> Processing Dependency: libpciaccess.so.0()(64bit) for package: libdrm-2.4.97-2.el7.x86_64\n---> Package libwayland-client.x86_64 0:1.15.0-1.el7 will be installed\n---> Package libwayland-server.x86_64 0:1.15.0-1.el7 will be installed\n---> Package libxshmfence.x86_64 0:1.2-1.el7 will be installed\n---> Package mesa-libgbm.x86_64 0:18.3.4-10.el7 will be installed\n---> Package mesa-libglapi.x86_64 0:18.3.4-10.el7 will be installed\n--> Running transaction check\n---> Package libpciaccess.x86_64 0:0.14-1.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository\n Size\n================================================================================\nInstalling:\n ipa-server x86_64 4.6.8-5.el7 rhel 531 k\nInstalling for dependencies:\n 389-ds-base x86_64 1.3.10.2-6.el7 rhel 1.7 M\n 389-ds-base-libs x86_64 1.3.10.2-6.el7 rhel 713 k\n GeoIP x86_64 1.5.0-14.el7 rhel 1.5 M\n alsa-lib x86_64 1.1.8-1.el7 rhel 425 k\n antlr-tool noarch 2.7.7-30.el7 rhel 357 k\n apache-commons-cli noarch 1.2-13.el7 rhel 51 k\n apache-commons-codec noarch 1.8-7.el7 rhel 223 k\n apache-commons-collections noarch 3.2.1-22.el7_2 rhel 509 k\n apache-commons-daemon x86_64 1.0.13-7.el7 rhel 54 k\n apache-commons-dbcp noarch 1.4-17.el7 rhel 167 k\n apache-commons-io noarch 1:2.4-12.el7 rhel 189 k\n apache-commons-lang noarch 2.6-15.el7 rhel 276 k\n apache-commons-logging noarch 1.1.2-7.el7 rhel 78 k\n apache-commons-pool noarch 1.6-9.el7 rhel 113 k\n apr x86_64 1.4.8-7.el7 rhel 104 k\n apr-util x86_64 1.5.2-6.el7 rhel 92 k\n apr-util-openssl x86_64 1.5.2-6.el7 rhel 20 k\n args4j noarch 2.0.16-13.el7 rhel 70 k\n atk x86_64 2.28.1-2.el7 rhel 263 k\n augeas-libs x86_64 1.4.0-10.el7 rhel 357 k\n autofs x86_64 1:5.0.7-113.el7 rhel 836 k\n autogen-libopts x86_64 5.18-5.el7 rhel 66 k\n avahi-libs x86_64 0.6.31-20.el7 rhel 62 k\n avalon-framework noarch 4.3-10.el7 rhel 87 k\n avalon-logkit noarch 2.1-14.el7 rhel 87 k\n bcel noarch 5.2-18.el7 rhel 469 k\n bea-stax noarch 1.2.0-9.el7 rhel 176 k\n bea-stax-api noarch 1.2.0-9.el7 rhel 31 k\n bind-libs x86_64 32:9.11.4-26.P2.el7 rhel 156 k\n bind-libs-lite x86_64 32:9.11.4-26.P2.el7 rhel 1.1 M\n bind-license noarch 32:9.11.4-26.P2.el7 rhel 90 k\n bind-utils x86_64 32:9.11.4-26.P2.el7 rhel 260 k\n c-ares x86_64 1.10.0-3.el7 rhel 78 k\n cairo x86_64 1.15.12-4.el7 rhel 741 k\n cal10n noarch 0.7.7-4.el7 rhel 36 k\n certmonger x86_64 0.78.4-14.el7 rhel 604 k\n codemodel noarch 2.6-9.el7 rhel 164 k\n copy-jdk-configs noarch 3.3-10.el7_5 rhel 21 k\n cups-libs x86_64 1:1.6.3-51.el7 rhel 359 k\n custodia noarch 0.3.1-4.el7 rhel 24 k\n cyrus-sasl-gssapi x86_64 2.1.26-23.el7 rhel 41 k\n cyrus-sasl-md5 x86_64 2.1.26-23.el7 rhel 57 k\n cyrus-sasl-plain x86_64 2.1.26-23.el7 rhel 39 k\n dejavu-fonts-common noarch 2.33-6.el7 rhel 64 k\n dejavu-sans-fonts noarch 2.33-6.el7 rhel 1.4 M\n dom4j noarch 1.6.1-20.el7 rhel 277 k\n easymock2 noarch 2.5.2-12.el7 rhel 92 k\n ecj x86_64 1:4.5.2-3.el7 rhel 1.9 M\n fontawesome-fonts noarch 4.1.0-2.el7 rhel 137 k\n fontconfig x86_64 2.13.0-4.3.el7 rhel 254 k\n fontpackages-filesystem noarch 1.44-8.el7 rhel 9.9 k\n fribidi x86_64 1.0.2-1.el7_7.1 rhel 80 k\n gdk-pixbuf2 x86_64 2.36.12-3.el7 rhel 570 k\n geoipupdate x86_64 2.5.0-1.el7 rhel 35 k\n geronimo-jms noarch 1.1.1-19.el7 rhel 31 k\n geronimo-jta noarch 1.1.1-17.el7 rhel 20 k\n giflib x86_64 4.1.6-9.el7 rhel 40 k\n glassfish-dtd-parser noarch 1.2-0.8.20120120svn.el7 rhel 70 k\n glassfish-fastinfoset noarch 1.2.12-9.el7 rhel 272 k\n glassfish-jaxb noarch 2.2.5-6.el7 rhel 1.8 M\n glassfish-jaxb-api noarch 2.2.7-4.el7 rhel 92 k\n gnutls x86_64 3.3.29-9.el7_6 rhel 681 k\n gperftools-libs x86_64 2.6.1-1.el7 rhel 272 k\n graphite2 x86_64 1.3.10-1.el7_3 rhel 115 k\n gtk-update-icon-cache x86_64 3.22.30-5.el7 rhel 27 k\n gtk2 x86_64 2.24.31-1.el7 rhel 3.4 M\n hamcrest noarch 1.3-6.el7 rhel 125 k\n harfbuzz x86_64 1.7.5-2.el7 rhel 267 k\n hesiod x86_64 3.2.1-3.el7 rhel 30 k\n hicolor-icon-theme noarch 0.12-7.el7 rhel 43 k\n hsqldb noarch 1:1.8.1.3-14.el7 rhel 950 k\n http-parser x86_64 2.7.1-9.el7 rhel 29 k\n httpcomponents-client noarch 4.2.5-5.el7_0 rhel 425 k\n httpcomponents-core noarch 4.2.4-6.el7 rhel 466 k\n httpd x86_64 2.4.6-95.el7 rhel 1.2 M\n httpd-tools x86_64 2.4.6-95.el7 rhel 93 k\n ipa-client x86_64 4.6.8-5.el7 rhel 288 k\n ipa-client-common noarch 4.6.8-5.el7 rhel 193 k\n ipa-common noarch 4.6.8-5.el7 rhel 619 k\n ipa-server-common noarch 4.6.8-5.el7 rhel 700 k\n isorelax noarch 1:0-0.15.release20050331.el7 rhel 75 k\n istack-commons noarch 2.17-4.el7 rhel 100 k\n jackson noarch 1.9.4-7.el7 rhel 1.0 M\n jakarta-commons-httpclient noarch 1:3.1-16.el7_0 rhel 241 k\n jakarta-oro noarch 2.0.8-16.el7 rhel 78 k\n jasper-libs x86_64 1.900.1-33.el7 rhel 150 k\n java-1.8.0-openjdk x86_64 1:1.8.0.262.b10-1.el7 rhel 300 k\n java-1.8.0-openjdk-headless x86_64 1:1.8.0.262.b10-1.el7 rhel 33 M\n javamail noarch 1.4.6-8.el7 rhel 758 k\n javapackages-tools noarch 3.4.1-11.el7 rhel 73 k\n javassist noarch 3.16.1-10.el7 rhel 627 k\n jaxen noarch 1.1.3-11.el7 rhel 204 k\n jbigkit-libs x86_64 2.0-11.el7 rhel 46 k\n jboss-annotations-1.1-api noarch 1.0.1-0.6.20120212git76e1a2.el7 rhel 20 k\n jdom noarch 1.1.3-6.el7 rhel 174 k\n jing noarch 20091111-14.el7 rhel 611 k\n joda-convert noarch 1.3-5.el7 rhel 46 k\n joda-time noarch 2.2-3.tzdata2013c.el7 rhel 484 k\n jsr-311 noarch 1.1.1-6.el7 rhel 45 k\n jss x86_64 4.4.9-3.el7 rhel 1.1 M\n junit noarch 4.11-8.el7 rhel 261 k\n jvnet-parent noarch 4-2.el7 rhel 10 k\n krb5-pkinit x86_64 1.15.1-50.el7 rhel 167 k\n krb5-server x86_64 1.15.1-50.el7 rhel 1.0 M\n krb5-workstation x86_64 1.15.1-50.el7 rhel 820 k\n ldapjdk noarch 4.19-5.el7 rhel 316 k\n libICE x86_64 1.0.9-9.el7 rhel 66 k\n libSM x86_64 1.2.2-2.el7 rhel 39 k\n libX11 x86_64 1.6.7-2.el7 rhel 607 k\n libX11-common noarch 1.6.7-2.el7 rhel 164 k\n libXau x86_64 1.0.8-2.1.el7 rhel 29 k\n libXcomposite x86_64 0.4.4-4.1.el7 rhel 22 k\n libXcursor x86_64 1.1.15-1.el7 rhel 30 k\n libXdamage x86_64 1.1.4-4.1.el7 rhel 20 k\n libXext x86_64 1.3.3-3.el7 rhel 39 k\n libXfixes x86_64 5.0.3-1.el7 rhel 18 k\n libXft x86_64 2.3.2-2.el7 rhel 58 k\n libXi x86_64 1.7.9-1.el7 rhel 40 k\n libXinerama x86_64 1.1.3-2.1.el7 rhel 14 k\n libXrandr x86_64 1.5.1-2.el7 rhel 27 k\n libXrender x86_64 0.9.10-1.el7 rhel 26 k\n libXtst x86_64 1.2.3-1.el7 rhel 20 k\n libXxf86vm x86_64 1.1.4-1.el7 rhel 18 k\n libdhash x86_64 0.5.0-32.el7 rhel 29 k\n libdrm x86_64 2.4.97-2.el7 rhel 151 k\n libfontenc x86_64 1.1.3-3.el7 rhel 31 k\n libglvnd x86_64 1:1.0.1-0.8.git5baa1e5.el7 rhel 90 k\n libglvnd-egl x86_64 1:1.0.1-0.8.git5baa1e5.el7 rhel 44 k\n libglvnd-glx x86_64 1:1.0.1-0.8.git5baa1e5.el7 rhel 125 k\n libicu x86_64 50.2-4.el7_7 rhel 6.9 M\n libipa_hbac x86_64 1.16.5-10.el7 rhel 153 k\n libjpeg-turbo x86_64 1.2.90-8.el7 rhel 135 k\n libkadm5 x86_64 1.15.1-50.el7 rhel 179 k\n libldb x86_64 1.5.4-1.el7 rhel 149 k\n libpciaccess x86_64 0.14-1.el7 rhel 26 k\n libsmbclient x86_64 4.10.16-5.el7 rhel 144 k\n libsss_autofs x86_64 1.16.5-10.el7 rhel 155 k\n libsss_certmap x86_64 1.16.5-10.el7 rhel 186 k\n libsss_idmap x86_64 1.16.5-10.el7 rhel 158 k\n libsss_nss_idmap x86_64 1.16.5-10.el7 rhel 164 k\n libsss_sudo x86_64 1.16.5-10.el7 rhel 153 k\n libtalloc x86_64 2.1.16-1.el7 rhel 33 k\n libtdb x86_64 1.3.18-1.el7 rhel 49 k\n libtevent x86_64 0.9.39-1.el7 rhel 41 k\n libthai x86_64 0.1.14-9.el7 rhel 187 k\n libtiff x86_64 4.0.3-35.el7 rhel 172 k\n libwayland-client x86_64 1.15.0-1.el7 rhel 33 k\n libwayland-server x86_64 1.15.0-1.el7 rhel 39 k\n libwbclient x86_64 4.10.16-5.el7 rhel 114 k\n libxcb x86_64 1.13-1.el7 rhel 214 k\n libxshmfence x86_64 1.2-1.el7 rhel 7.1 k\n lksctp-tools x86_64 1.0.17-2.el7 rhel 88 k\n log4j noarch 1.2.17-16.el7_4 rhel 444 k\n mailcap noarch 2.1.41-2.el7 rhel 31 k\n mesa-libEGL x86_64 18.3.4-10.el7 rhel 109 k\n mesa-libGL x86_64 18.3.4-10.el7 rhel 166 k\n mesa-libgbm x86_64 18.3.4-10.el7 rhel 39 k\n mesa-libglapi x86_64 18.3.4-10.el7 rhel 46 k\n mod_auth_gssapi x86_64 1.5.1-7.el7 rhel 67 k\n mod_lookup_identity x86_64 1.0.0-1.el7 rhel 24 k\n mod_nss x86_64 1.0.14-12.el7 rhel 113 k\n mod_session x86_64 2.4.6-95.el7 rhel 63 k\n mod_wsgi x86_64 3.4-18.el7 rhel 77 k\n msv-msv noarch 1:2013.5.1-7.el7 rhel 3.7 M\n msv-xsdlib noarch 1:2013.5.1-7.el7 rhel 1.1 M\n nettle x86_64 2.7.1-8.el7 rhel 327 k\n ntp x86_64 4.2.6p5-29.el7_8.2 rhel 549 k\n ntpdate x86_64 4.2.6p5-29.el7_8.2 rhel 87 k\n nuxwdog x86_64 1.0.5-1.el7 rhel 46 k\n nuxwdog-client-java x86_64 1.0.5-1.el7 rhel 12 k\n objectweb-asm noarch 3.3.1-9.el7 rhel 197 k\n oddjob x86_64 0.31.5-4.el7 rhel 69 k\n oddjob-mkhomedir x86_64 0.31.5-4.el7 rhel 38 k\n open-sans-fonts noarch 1.10-1.el7 rhel 475 k\n openldap-clients x86_64 2.4.44-22.el7 rhel 191 k\n pango x86_64 1.42.4-4.el7_7 rhel 280 k\n pcsc-lite-libs x86_64 1.8.8-8.el7 rhel 34 k\n perl x86_64 4:5.16.3-297.el7 rhel 8.0 M\n perl-Archive-Tar noarch 1.92-3.el7 rhel 73 k\n perl-Carp noarch 1.26-244.el7 rhel 19 k\n perl-Compress-Raw-Bzip2 x86_64 2.061-3.el7 rhel 32 k\n perl-Compress-Raw-Zlib x86_64 1:2.061-4.el7 rhel 57 k\n perl-DB_File x86_64 1.830-6.el7 rhel 74 k\n perl-Data-Dumper x86_64 2.145-3.el7 rhel 47 k\n perl-Encode x86_64 2.51-7.el7 rhel 1.5 M\n perl-Exporter noarch 5.68-3.el7 rhel 28 k\n perl-File-Path noarch 2.09-2.el7 rhel 27 k\n perl-File-Temp noarch 0.23.01-3.el7 rhel 56 k\n perl-Filter x86_64 1.49-3.el7 rhel 76 k\n perl-Getopt-Long noarch 2.40-3.el7 rhel 56 k\n perl-HTTP-Tiny noarch 0.033-3.el7 rhel 38 k\n perl-IO-Compress noarch 2.061-2.el7 rhel 260 k\n perl-IO-Zlib noarch 1:1.10-297.el7 rhel 52 k\n perl-Mozilla-LDAP x86_64 1.5.3-12.el7 rhel 147 k\n perl-NetAddr-IP x86_64 4.069-3.el7 rhel 125 k\n perl-Package-Constants noarch 1:0.02-297.el7 rhel 46 k\n perl-PathTools x86_64 3.40-5.el7 rhel 83 k\n perl-Pod-Escapes noarch 1:1.04-297.el7 rhel 52 k\n perl-Pod-Perldoc noarch 3.20-4.el7 rhel 87 k\n perl-Pod-Simple noarch 1:3.28-4.el7 rhel 216 k\n perl-Pod-Usage noarch 1.63-3.el7 rhel 27 k\n perl-Scalar-List-Utils x86_64 1.27-248.el7 rhel 36 k\n perl-Socket x86_64 2.010-5.el7 rhel 49 k\n perl-Storable x86_64 2.45-3.el7 rhel 77 k\n perl-Text-ParseWords noarch 3.29-4.el7 rhel 14 k\n perl-Time-HiRes x86_64 4:1.9725-3.el7 rhel 45 k\n perl-Time-Local noarch 1.2300-2.el7 rhel 24 k\n perl-constant noarch 1.27-2.el7 rhel 19 k\n perl-libs x86_64 4:5.16.3-297.el7 rhel 689 k\n perl-macros x86_64 4:5.16.3-297.el7 rhel 44 k\n perl-parent noarch 1:0.225-244.el7 rhel 12 k\n perl-podlators noarch 2.5.1-3.el7 rhel 112 k\n perl-threads x86_64 1.87-4.el7 rhel 49 k\n perl-threads-shared x86_64 1.43-6.el7 rhel 39 k\n pixman x86_64 0.34.0-1.el7 rhel 248 k\n pki-base noarch 10.5.18-7.el7 rhel 423 k\n pki-base-java noarch 10.5.18-7.el7 rhel 1.2 M\n pki-ca noarch 10.5.18-7.el7 rhel 479 k\n pki-kra noarch 10.5.18-7.el7 rhel 302 k\n pki-server noarch 10.5.18-7.el7 rhel 2.9 M\n pki-tools x86_64 10.5.18-7.el7 rhel 764 k\n psmisc x86_64 22.20-17.el7 rhel 141 k\n python-augeas noarch 0.5.0-2.el7 rhel 25 k\n python-cffi x86_64 1.6.0-5.el7 rhel 218 k\n python-custodia noarch 0.3.1-4.el7 rhel 115 k\n python-dns noarch 1.12.0-4.20150617git465785f.el7 rhel 234 k\n python-enum34 noarch 1.0.4-1.el7 rhel 52 k\n python-gssapi x86_64 1.2.0-3.el7 rhel 322 k\n python-idna noarch 2.4-1.el7 rhel 94 k\n python-javapackages noarch 3.4.1-11.el7 rhel 31 k\n python-jwcrypto noarch 0.4.2-1.el7 rhel 57 k\n python-kdcproxy noarch 0.3.2-3.el7 rhel 28 k\n python-ldap x86_64 2.4.15-2.el7 rhel 159 k\n python-libipa_hbac x86_64 1.16.5-10.el7 rhel 146 k\n python-netaddr noarch 0.7.5-9.el7 rhel 983 k\n python-netifaces x86_64 0.10.4-3.el7 rhel 18 k\n python-nss x86_64 0.16.0-3.el7 rhel 266 k\n python-ply noarch 3.4-11.el7 rhel 123 k\n python-pycparser noarch 2.14-1.el7 rhel 105 k\n python-qrcode-core noarch 5.0.1-1.el7 rhel 40 k\n python-sss-murmur x86_64 1.16.5-10.el7 rhel 136 k\n python-sssdconfig noarch 1.16.5-10.el7 rhel 176 k\n python-yubico noarch 1.2.3-1.el7 rhel 47 k\n python2-cryptography x86_64 1.7.2-2.el7 rhel 503 k\n python2-ipaclient noarch 4.6.8-5.el7 rhel 702 k\n python2-ipalib noarch 4.6.8-5.el7 rhel 685 k\n python2-ipaserver noarch 4.6.8-5.el7 rhel 1.5 M\n python2-pyasn1 noarch 0.1.9-7.el7 rhel 100 k\n python2-pyasn1-modules noarch 0.1.9-7.el7 rhel 59 k\n pyusb noarch 1.0.0-0.11.b1.el7 rhel 66 k\n qdox noarch 1.12.1-10.el7 rhel 170 k\n redhat-logos noarch 70.7.0-1.el7 rhel 13 M\n regexp noarch 1.5-13.el7 rhel 47 k\n relaxngDatatype noarch 1.0-11.el7 rhel 16 k\n resteasy-base-atom-provider noarch 3.0.6-4.el7 rhel 41 k\n resteasy-base-client noarch 3.0.6-4.el7 rhel 125 k\n resteasy-base-jackson-provider\n noarch 3.0.6-4.el7 rhel 13 k\n resteasy-base-jaxb-provider noarch 3.0.6-4.el7 rhel 65 k\n resteasy-base-jaxrs noarch 3.0.6-4.el7 rhel 728 k\n resteasy-base-jaxrs-api noarch 3.0.6-4.el7 rhel 96 k\n rngom noarch 201103-0.8.20120119svn.el7 rhel 266 k\n samba-client-libs x86_64 4.10.16-5.el7 rhel 5.0 M\n samba-common noarch 4.10.16-5.el7 rhel 214 k\n samba-common-libs x86_64 4.10.16-5.el7 rhel 180 k\n scannotation noarch 1.0.3-0.7.r12.el7 rhel 23 k\n slapi-nis x86_64 0.56.5-2.el7 rhel 149 k\n slf4j noarch 1.7.4-4.el7_4 rhel 170 k\n softhsm x86_64 2.1.0-3.el7 rhel 291 k\n sssd x86_64 1.16.5-10.el7 rhel 145 k\n sssd-ad x86_64 1.16.5-10.el7 rhel 296 k\n sssd-client x86_64 1.16.5-10.el7 rhel 224 k\n sssd-common x86_64 1.16.5-10.el7 rhel 1.5 M\n sssd-common-pac x86_64 1.16.5-10.el7 rhel 218 k\n sssd-dbus x86_64 1.16.5-10.el7 rhel 256 k\n sssd-ipa x86_64 1.16.5-10.el7 rhel 378 k\n sssd-krb5 x86_64 1.16.5-10.el7 rhel 187 k\n sssd-krb5-common x86_64 1.16.5-10.el7 rhel 220 k\n sssd-ldap x86_64 1.16.5-10.el7 rhel 280 k\n sssd-proxy x86_64 1.16.5-10.el7 rhel 180 k\n stax-ex noarch 1.7.1-6.el7 rhel 33 k\n stax2-api noarch 3.1.1-10.el7 rhel 165 k\n svrcore x86_64 4.1.3-2.el7 rhel 19 k\n systemd-python x86_64 219-78.el7 rhel 145 k\n tomcat noarch 7.0.76-15.el7 rhel 93 k\n tomcat-el-2.2-api noarch 7.0.76-15.el7 rhel 83 k\n tomcat-jsp-2.2-api noarch 7.0.76-15.el7 rhel 96 k\n tomcat-lib noarch 7.0.76-15.el7 rhel 3.9 M\n tomcat-servlet-3.0-api noarch 7.0.76-15.el7 rhel 214 k\n tomcatjss noarch 7.2.5-1.el7 rhel 40 k\n trousers x86_64 0.3.14-2.el7 rhel 289 k\n ttmkfdir x86_64 3.0.9-42.el7 rhel 48 k\n txw2 noarch 20110809-8.el7 rhel 134 k\n tzdata-java noarch 2020a-1.el7 rhel 188 k\n velocity noarch 1.7-10.el7 rhel 414 k\n words noarch 3.0-22.el7 rhel 1.4 M\n ws-jaxme noarch 0.5.2-10.el7 rhel 1.1 M\n xalan-j2 noarch 2.7.1-23.el7 rhel 1.9 M\n xerces-j2 noarch 2.11.0-17.el7_0 rhel 1.1 M\n xml-commons-apis noarch 1.4.01-16.el7 rhel 227 k\n xml-commons-resolver noarch 1.2-15.el7 rhel 108 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 rhel 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 rhel 32 k\n xorg-x11-font-utils x86_64 1:7.5-21.el7 rhel 104 k\n xorg-x11-fonts-Type1 noarch 7.5-9.el7 rhel 521 k\n xpp3 noarch 1.1.3.8-11.el7 rhel 336 k\n xsom noarch 0-10.20110809svn.el7 rhel 380 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+306 Dependent packages)\n\nTotal download size: 154 M\nInstalled size: 399 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 27 MB/s | 154 MB 00:05 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : libtalloc-2.1.16-1.el7.x86_64 1/307 \n Installing : libtevent-0.9.39-1.el7.x86_64 2/307 \n Installing : libtdb-1.3.18-1.el7.x86_64 3/307 \n Installing : libldb-1.5.4-1.el7.x86_64 4/307 \n Installing : libsss_certmap-1.16.5-10.el7.x86_64 5/307 \n Installing : libdhash-0.5.0-32.el7.x86_64 6/307 \n Installing : python-ldap-2.4.15-2.el7.x86_64 7/307 \n Installing : libsss_idmap-1.16.5-10.el7.x86_64 8/307 \n Installing : python2-pyasn1-0.1.9-7.el7.noarch 9/307 \n Installing : libjpeg-turbo-1.2.90-8.el7.x86_64 10/307 \n Installing : ipa-common-4.6.8-5.el7.noarch 11/307 \n Installing : cyrus-sasl-gssapi-2.1.26-23.el7.x86_64 12/307 \n Installing : python-dns-1.12.0-4.20150617git465785f.el7.noarch 13/307 \n Installing : fontpackages-filesystem-1.44-8.el7.noarch 14/307 \n Installing : openldap-clients-2.4.44-22.el7.x86_64 15/307 \n Installing : samba-common-4.10.16-5.el7.noarch 16/307 \n Installing : python-enum34-1.0.4-1.el7.noarch 17/307 \n Installing : python-gssapi-1.2.0-3.el7.x86_64 18/307 \n Installing : libsss_nss_idmap-1.16.5-10.el7.x86_64 19/307 \n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 20/307 \n Installing : mesa-libglapi-18.3.4-10.el7.x86_64 21/307 \n Installing : python-sssdconfig-1.16.5-10.el7.noarch 22/307 \n Installing : ipa-client-common-4.6.8-5.el7.noarch 23/307 \n Installing : psmisc-22.20-17.el7.x86_64 24/307 \n Installing : apr-1.4.8-7.el7.x86_64 25/307 \n Installing : apr-util-1.5.2-6.el7.x86_64 26/307 \n Installing : oddjob-0.31.5-4.el7.x86_64 27/307 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 28/307 \n Installing : certmonger-0.78.4-14.el7.x86_64 29/307 \n Installing : 32:bind-license-9.11.4-26.P2.el7.noarch 30/307 \n Installing : libsss_autofs-1.16.5-10.el7.x86_64 31/307 \n Installing : svrcore-4.1.3-2.el7.x86_64 32/307 \n Installing : pyusb-1.0.0-0.11.b1.el7.noarch 33/307 \n Installing : avahi-libs-0.6.31-20.el7.x86_64 34/307 \n Installing : 1:cups-libs-1.6.3-51.el7.x86_64 35/307 \n Installing : 1:libglvnd-1.0.1-0.8.git5baa1e5.el7.x86_64 36/307 \n Installing : systemd-python-219-78.el7.x86_64 37/307 \n Installing : libipa_hbac-1.16.5-10.el7.x86_64 38/307 \n Installing : libICE-1.0.9-9.el7.x86_64 39/307 \n Installing : gperftools-libs-2.6.1-1.el7.x86_64 40/307 \n Installing : libwayland-server-1.15.0-1.el7.x86_64 41/307 \n Installing : libxshmfence-1.2-1.el7.x86_64 42/307 \n Installing : redhat-logos-70.7.0-1.el7.noarch 43/307 \n Installing : python-nss-0.16.0-3.el7.x86_64 44/307 \n Installing : libkadm5-1.15.1-50.el7.x86_64 45/307 \n Installing : krb5-workstation-1.15.1-50.el7.x86_64 46/307 \n Installing : 389-ds-base-libs-1.3.10.2-6.el7.x86_64 47/307 \n Installing : libSM-1.2.2-2.el7.x86_64 48/307 \n Installing : python-libipa_hbac-1.16.5-10.el7.x86_64 49/307 \n Installing : python-yubico-1.2.3-1.el7.noarch 50/307 \n Installing : oddjob-mkhomedir-0.31.5-4.el7.x86_64 51/307 \n Installing : apr-util-openssl-1.5.2-6.el7.x86_64 52/307 \n Installing : httpd-tools-2.4.6-95.el7.x86_64 53/307 \n Installing : sssd-client-1.16.5-10.el7.x86_64 54/307 \n Installing : fontawesome-fonts-4.1.0-2.el7.noarch 55/307 \n Installing : open-sans-fonts-1.10-1.el7.noarch 56/307 \n Installing : dejavu-fonts-common-2.33-6.el7.noarch 57/307 \n Installing : dejavu-sans-fonts-2.33-6.el7.noarch 58/307 \n Installing : fontconfig-2.13.0-4.3.el7.x86_64 59/307 \n Installing : python-kdcproxy-0.3.2-3.el7.noarch 60/307 \n Installing : jasper-libs-1.900.1-33.el7.x86_64 61/307 \n Installing : python2-pyasn1-modules-0.1.9-7.el7.noarch 62/307 \n Installing : 1:perl-parent-0.225-244.el7.noarch 63/307 \n Installing : perl-HTTP-Tiny-0.033-3.el7.noarch 64/307 \n Installing : perl-podlators-2.5.1-3.el7.noarch 65/307 \n Installing : perl-Pod-Perldoc-3.20-4.el7.noarch 66/307 \n Installing : 1:perl-Pod-Escapes-1.04-297.el7.noarch 67/307 \n Installing : perl-Text-ParseWords-3.29-4.el7.noarch 68/307 \n Installing : perl-Encode-2.51-7.el7.x86_64 69/307 \n Installing : perl-Pod-Usage-1.63-3.el7.noarch 70/307 \n Installing : 4:perl-macros-5.16.3-297.el7.x86_64 71/307 \n Installing : 4:perl-libs-5.16.3-297.el7.x86_64 72/307 \n Installing : perl-threads-1.87-4.el7.x86_64 73/307 \n Installing : perl-Storable-2.45-3.el7.x86_64 74/307 \n Installing : perl-Carp-1.26-244.el7.noarch 75/307 \n Installing : 4:perl-Time-HiRes-1.9725-3.el7.x86_64 76/307 \n Installing : perl-Filter-1.49-3.el7.x86_64 77/307 \n Installing : perl-Exporter-5.68-3.el7.noarch 78/307 \n Installing : perl-constant-1.27-2.el7.noarch 79/307 \n Installing : perl-Socket-2.010-5.el7.x86_64 80/307 \n Installing : perl-Time-Local-1.2300-2.el7.noarch 81/307 \n Installing : perl-threads-shared-1.43-6.el7.x86_64 82/307 \n Installing : perl-File-Temp-0.23.01-3.el7.noarch 83/307 \n Installing : perl-File-Path-2.09-2.el7.noarch 84/307 \n Installing : perl-PathTools-3.40-5.el7.x86_64 85/307 \n Installing : perl-Scalar-List-Utils-1.27-248.el7.x86_64 86/307 \n Installing : 1:perl-Pod-Simple-3.28-4.el7.noarch 87/307 \n Installing : perl-Getopt-Long-2.40-3.el7.noarch 88/307 \n Installing : 4:perl-5.16.3-297.el7.x86_64 89/307 \n Installing : perl-Data-Dumper-2.145-3.el7.x86_64 90/307 \n Installing : perl-Mozilla-LDAP-1.5.3-12.el7.x86_64 91/307 \n Installing : perl-DB_File-1.830-6.el7.x86_64 92/307 \n Installing : perl-Compress-Raw-Bzip2-2.061-3.el7.x86_64 93/307 \n Installing : perl-NetAddr-IP-4.069-3.el7.x86_64 94/307 \n Installing : 1:perl-Package-Constants-0.02-297.el7.noarch 95/307 \n Installing : 1:perl-Compress-Raw-Zlib-2.061-4.el7.x86_64 96/307 \n Installing : perl-IO-Compress-2.061-2.el7.noarch 97/307 \n Installing : 1:perl-IO-Zlib-1.10-297.el7.noarch 98/307 \n Installing : perl-Archive-Tar-1.92-3.el7.noarch 99/307 \n Installing : libfontenc-1.1.3-3.el7.x86_64 100/307 \n Installing : 1:xorg-x11-font-utils-7.5-21.el7.x86_64 101/307 \n Installing : jbigkit-libs-2.0-11.el7.x86_64 102/307 \n Installing : libtiff-4.0.3-35.el7.x86_64 103/307 \n Installing : ntpdate-4.2.6p5-29.el7_8.2.x86_64 104/307 \n Installing : python-netifaces-0.10.4-3.el7.x86_64 105/307 \n Installing : libX11-common-1.6.7-2.el7.noarch 106/307 \n Installing : softhsm-2.1.0-3.el7.x86_64 107/307 \n Installing : alsa-lib-1.1.8-1.el7.x86_64 108/307 \n Installing : python-netaddr-0.7.5-9.el7.noarch 109/307 \n Installing : python-sss-murmur-1.16.5-10.el7.x86_64 110/307 \n Installing : fribidi-1.0.2-1.el7_7.1.x86_64 111/307 \n Installing : geoipupdate-2.5.0-1.el7.x86_64 112/307 \n Installing : GeoIP-1.5.0-14.el7.x86_64 113/307 \n Installing : 32:bind-libs-lite-9.11.4-26.P2.el7.x86_64 114/307 \n Installing : 32:bind-libs-9.11.4-26.P2.el7.x86_64 115/307 \n Installing : 32:bind-utils-9.11.4-26.P2.el7.x86_64 116/307 \n Installing : copy-jdk-configs-3.3-10.el7_5.noarch 117/307 \n Installing : hicolor-icon-theme-0.12-7.el7.noarch 118/307 \n Installing : ttmkfdir-3.0.9-42.el7.x86_64 119/307 \n Installing : xorg-x11-fonts-Type1-7.5-9.el7.noarch 120/307 \n Installing : libwayland-client-1.15.0-1.el7.x86_64 121/307 \n Installing : libpciaccess-0.14-1.el7.x86_64 122/307 \n Installing : libdrm-2.4.97-2.el7.x86_64 123/307 \n Installing : mesa-libgbm-18.3.4-10.el7.x86_64 124/307 \n Installing : tzdata-java-2020a-1.el7.noarch 125/307 \n Installing : mailcap-2.1.41-2.el7.noarch 126/307 \n Installing : httpd-2.4.6-95.el7.x86_64 127/307 \n Installing : mod_wsgi-3.4-18.el7.x86_64 128/307 \n Installing : mod_nss-1.0.14-12.el7.x86_64 129/307 \n\nmod_nss certificate database generated.\n\n Installing : mod_session-2.4.6-95.el7.x86_64 130/307 \n Installing : mod_lookup_identity-1.0.0-1.el7.x86_64 131/307 \n Installing : mod_auth_gssapi-1.5.1-7.el7.x86_64 132/307 \n Installing : augeas-libs-1.4.0-10.el7.x86_64 133/307 \n Installing : python-augeas-0.5.0-2.el7.noarch 134/307 \n Installing : atk-2.28.1-2.el7.x86_64 135/307 \n Installing : http-parser-2.7.1-9.el7.x86_64 136/307 \n Installing : pixman-0.34.0-1.el7.x86_64 137/307 \n Installing : python-ply-3.4-11.el7.noarch 138/307 \n Installing : python-pycparser-2.14-1.el7.noarch 139/307 \n Installing : python-cffi-1.6.0-5.el7.x86_64 140/307 \n Installing : python-idna-2.4-1.el7.noarch 141/307 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 142/307 \n Installing : pki-base-10.5.18-7.el7.noarch 143/307 \n Installing : python-jwcrypto-0.4.2-1.el7.noarch 144/307 \n Installing : python-custodia-0.3.1-4.el7.noarch 145/307 \n Installing : custodia-0.3.1-4.el7.noarch 146/307 \n Installing : ipa-server-common-4.6.8-5.el7.noarch 147/307 \n Installing : libicu-50.2-4.el7_7.x86_64 148/307 \n Installing : cyrus-sasl-plain-2.1.26-23.el7.x86_64 149/307 \n Installing : nuxwdog-1.0.5-1.el7.x86_64 150/307 \n Installing : libthai-0.1.14-9.el7.x86_64 151/307 \n Installing : python-qrcode-core-5.0.1-1.el7.noarch 152/307 \n Installing : python2-ipalib-4.6.8-5.el7.noarch 153/307 \n Installing : python2-ipaclient-4.6.8-5.el7.noarch 154/307 \n Installing : python2-ipaserver-4.6.8-5.el7.noarch 155/307 \n Installing : autogen-libopts-5.18-5.el7.x86_64 156/307 \n Installing : ntp-4.2.6p5-29.el7_8.2.x86_64 157/307 \n Installing : trousers-0.3.14-2.el7.x86_64 158/307 \n Installing : libXau-1.0.8-2.1.el7.x86_64 159/307 \n Installing : libxcb-1.13-1.el7.x86_64 160/307 \n Installing : libX11-1.6.7-2.el7.x86_64 161/307 \n Installing : libXext-1.3.3-3.el7.x86_64 162/307 \n Installing : libXrender-0.9.10-1.el7.x86_64 163/307 \n Installing : libXfixes-5.0.3-1.el7.x86_64 164/307 \n Installing : libXi-1.7.9-1.el7.x86_64 165/307 \n Installing : libXdamage-1.1.4-4.1.el7.x86_64 166/307 \n Installing : libXcomposite-0.4.4-4.1.el7.x86_64 167/307 \n Installing : gdk-pixbuf2-2.36.12-3.el7.x86_64 168/307 \n Installing : gtk-update-icon-cache-3.22.30-5.el7.x86_64 169/307 \n Installing : libXtst-1.2.3-1.el7.x86_64 170/307 \n Installing : libXcursor-1.1.15-1.el7.x86_64 171/307 \n Installing : libXrandr-1.5.1-2.el7.x86_64 172/307 \n Installing : libXft-2.3.2-2.el7.x86_64 173/307 \n Installing : libXxf86vm-1.1.4-1.el7.x86_64 174/307 \n Installing : 1:libglvnd-glx-1.0.1-0.8.git5baa1e5.el7.x86_64 175/307 \n Installing : mesa-libGL-18.3.4-10.el7.x86_64 176/307 \n Installing : libXinerama-1.1.3-2.1.el7.x86_64 177/307 \n Installing : 1:libglvnd-egl-1.0.1-0.8.git5baa1e5.el7.x86_64 178/307 \n Installing : mesa-libEGL-18.3.4-10.el7.x86_64 179/307 \n Installing : cairo-1.15.12-4.el7.x86_64 180/307 \n Installing : giflib-4.1.6-9.el7.x86_64 181/307 \n Installing : libsss_sudo-1.16.5-10.el7.x86_64 182/307 \n Installing : graphite2-1.3.10-1.el7_3.x86_64 183/307 \n Installing : harfbuzz-1.7.5-2.el7.x86_64 184/307 \n Installing : pango-1.42.4-4.el7_7.x86_64 185/307 \n Installing : gtk2-2.24.31-1.el7.x86_64 186/307 \n Installing : pcsc-lite-libs-1.8.8-8.el7.x86_64 187/307 \n Installing : lksctp-tools-1.0.17-2.el7.x86_64 188/307 \n Installing : c-ares-1.10.0-3.el7.x86_64 189/307 \n Installing : python-javapackages-3.4.1-11.el7.noarch 190/307 \n Installing : javapackages-tools-3.4.1-11.el7.noarch 191/307 \n Installing : 1:java-1.8.0-openjdk-headless-1.8.0.262.b10-1.el7.x86_ 192/307 \n Installing : 1:java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64 193/307 \n Installing : relaxngDatatype-1.0-11.el7.noarch 194/307 \n Installing : apache-commons-codec-1.8-7.el7.noarch 195/307 \n Installing : apache-commons-lang-2.6-15.el7.noarch 196/307 \n Installing : xml-commons-apis-1.4.01-16.el7.noarch 197/307 \n Installing : xml-commons-resolver-1.2-15.el7.noarch 198/307 \n Installing : xalan-j2-2.7.1-23.el7.noarch 199/307 \n Installing : xerces-j2-2.11.0-17.el7_0.noarch 200/307 \n Installing : tomcat-servlet-3.0-api-7.0.76-15.el7.noarch 201/307 \n Installing : 1:isorelax-0-0.15.release20050331.el7.noarch 202/307 \n Installing : bea-stax-api-1.2.0-9.el7.noarch 203/307 \n Installing : 1:msv-xsdlib-2013.5.1-7.el7.noarch 204/307 \n Installing : jss-4.4.9-3.el7.x86_64 205/307 \n Installing : xsom-0-10.20110809svn.el7.noarch 206/307 \n Installing : apache-commons-pool-1.6-9.el7.noarch 207/307 \n Installing : apache-commons-collections-3.2.1-22.el7_2.noarch 208/307 \n Installing : javassist-3.16.1-10.el7.noarch 209/307 \n Installing : stax2-api-3.1.1-10.el7.noarch 210/307 \n Installing : rngom-201103-0.8.20120119svn.el7.noarch 211/307 \n Installing : 1:hsqldb-1.8.1.3-14.el7.noarch 212/307 \n Installing : geronimo-jms-1.1.1-19.el7.noarch 213/307 \n Installing : resteasy-base-jaxrs-api-3.0.6-4.el7.noarch 214/307 \n Installing : 1:apache-commons-io-2.4-12.el7.noarch 215/307 \n Installing : jvnet-parent-4-2.el7.noarch 216/307 \n Installing : codemodel-2.6-9.el7.noarch 217/307 \n Installing : bea-stax-1.2.0-9.el7.noarch 218/307 \n Installing : stax-ex-1.7.1-6.el7.noarch 219/307 \n Installing : istack-commons-2.17-4.el7.noarch 220/307 \n Installing : scannotation-1.0.3-0.7.r12.el7.noarch 221/307 \n Installing : glassfish-fastinfoset-1.2.12-9.el7.noarch 222/307 \n Installing : ldapjdk-4.19-5.el7.noarch 223/307 \n Installing : 1:msv-msv-2013.5.1-7.el7.noarch 224/307 \n Installing : tomcat-jsp-2.2-api-7.0.76-15.el7.noarch 225/307 \n Installing : jing-20091111-14.el7.noarch 226/307 \n Installing : objectweb-asm-3.3.1-9.el7.noarch 227/307 \n Installing : glassfish-dtd-parser-1.2-0.8.20120120svn.el7.noarch 228/307 \n Installing : joda-convert-1.3-5.el7.noarch 229/307 \n Installing : joda-time-2.2-3.tzdata2013c.el7.noarch 230/307 \n Installing : javamail-1.4.6-8.el7.noarch 231/307 \n Installing : log4j-1.2.17-16.el7_4.noarch 232/307 \n Installing : avalon-logkit-2.1-14.el7.noarch 233/307 \n Installing : apache-commons-logging-1.1.2-7.el7.noarch 234/307 \n Installing : avalon-framework-4.3-10.el7.noarch 235/307 \n Installing : 1:jakarta-commons-httpclient-3.1-16.el7_0.noarch 236/307 \n Installing : 1:ecj-4.5.2-3.el7.x86_64 237/307 \n Installing : antlr-tool-2.7.7-30.el7.noarch 238/307 \n Installing : args4j-2.0.16-13.el7.noarch 239/307 \n Installing : txw2-20110809-8.el7.noarch 240/307 \n Installing : easymock2-2.5.2-12.el7.noarch 241/307 \n Installing : qdox-1.12.1-10.el7.noarch 242/307 \n Installing : hamcrest-1.3-6.el7.noarch 243/307 \n Installing : junit-4.11-8.el7.noarch 244/307 \n Installing : ws-jaxme-0.5.2-10.el7.noarch 245/307 \n Installing : xpp3-1.1.3.8-11.el7.noarch 246/307 \n Installing : jdom-1.1.3-6.el7.noarch 247/307 \n Installing : jaxen-1.1.3-11.el7.noarch 248/307 \n Installing : dom4j-1.6.1-20.el7.noarch 249/307 \n Installing : glassfish-jaxb-api-2.2.7-4.el7.noarch 250/307 \n Installing : glassfish-jaxb-2.2.5-6.el7.noarch 251/307 \n Installing : resteasy-base-jaxb-provider-3.0.6-4.el7.noarch 252/307 \n Installing : httpcomponents-core-4.2.4-6.el7.noarch 253/307 \n Installing : httpcomponents-client-4.2.5-5.el7_0.noarch 254/307 \n Installing : jboss-annotations-1.1-api-1.0.1-0.6.20120212git76e1a2. 255/307 \n Installing : resteasy-base-jaxrs-3.0.6-4.el7.noarch 256/307 \n Installing : resteasy-base-atom-provider-3.0.6-4.el7.noarch 257/307 \n Installing : resteasy-base-client-3.0.6-4.el7.noarch 258/307 \n Installing : apache-commons-cli-1.2-13.el7.noarch 259/307 \n Installing : geronimo-jta-1.1.1-17.el7.noarch 260/307 \n Installing : apache-commons-dbcp-1.4-17.el7.noarch 261/307 \n Installing : cal10n-0.7.7-4.el7.noarch 262/307 \n Installing : slf4j-1.7.4-4.el7_4.noarch 263/307 \n Installing : jsr-311-1.1.1-6.el7.noarch 264/307 \n Installing : jackson-1.9.4-7.el7.noarch 265/307 \n Installing : resteasy-base-jackson-provider-3.0.6-4.el7.noarch 266/307 \n Installing : pki-base-java-10.5.18-7.el7.noarch 267/307 \n Installing : pki-tools-10.5.18-7.el7.x86_64 268/307 \n Installing : apache-commons-daemon-1.0.13-7.el7.x86_64 269/307 \n Installing : regexp-1.5-13.el7.noarch 270/307 \n Installing : bcel-5.2-18.el7.noarch 271/307 \n Installing : nuxwdog-client-java-1.0.5-1.el7.x86_64 272/307 \n Installing : tomcat-el-2.2-api-7.0.76-15.el7.noarch 273/307 \n Installing : tomcat-lib-7.0.76-15.el7.noarch 274/307 \n Installing : tomcat-7.0.76-15.el7.noarch 275/307 \n Installing : tomcatjss-7.2.5-1.el7.noarch 276/307 \n Installing : jakarta-oro-2.0.8-16.el7.noarch 277/307 \n Installing : velocity-1.7-10.el7.noarch 278/307 \n Installing : pki-server-10.5.18-7.el7.noarch 279/307 \n Installing : pki-ca-10.5.18-7.el7.noarch 280/307 \n Installing : pki-kra-10.5.18-7.el7.noarch 281/307 \n Installing : krb5-pkinit-1.15.1-50.el7.x86_64 282/307 \n Installing : nettle-2.7.1-8.el7.x86_64 283/307 \n Installing : gnutls-3.3.29-9.el7_6.x86_64 284/307 \n Installing : samba-common-libs-4.10.16-5.el7.x86_64 285/307 \n Installing : libwbclient-4.10.16-5.el7.x86_64 286/307 \n Installing : samba-client-libs-4.10.16-5.el7.x86_64 287/307 \n Installing : sssd-common-1.16.5-10.el7.x86_64 288/307 \n Installing : sssd-krb5-common-1.16.5-10.el7.x86_64 289/307 \n Installing : sssd-common-pac-1.16.5-10.el7.x86_64 290/307 \n Installing : sssd-ipa-1.16.5-10.el7.x86_64 291/307 \n Installing : sssd-ldap-1.16.5-10.el7.x86_64 292/307 \n Installing : sssd-krb5-1.16.5-10.el7.x86_64 293/307 \n Installing : sssd-dbus-1.16.5-10.el7.x86_64 294/307 \n Installing : sssd-proxy-1.16.5-10.el7.x86_64 295/307 \n Installing : libsmbclient-4.10.16-5.el7.x86_64 296/307 \n Installing : sssd-ad-1.16.5-10.el7.x86_64 297/307 \n Installing : sssd-1.16.5-10.el7.x86_64 298/307 \n Installing : words-3.0-22.el7.noarch 299/307 \n Installing : krb5-server-1.15.1-50.el7.x86_64 300/307 \n Installing : hesiod-3.2.1-3.el7.x86_64 301/307 \n Installing : 1:autofs-5.0.7-113.el7.x86_64 302/307 \n Installing : ipa-client-4.6.8-5.el7.x86_64 303/307 \n Installing : cyrus-sasl-md5-2.1.26-23.el7.x86_64 304/307 \n Installing : 389-ds-base-1.3.10.2-6.el7.x86_64 305/307 \n Installing : slapi-nis-0.56.5-2.el7.x86_64 306/307 \n Installing : ipa-server-4.6.8-5.el7.x86_64 307/307 \n Verifying : libXext-1.3.3-3.el7.x86_64 1/307 \n Verifying : perl-HTTP-Tiny-0.033-3.el7.noarch 2/307 \n Verifying : cyrus-sasl-md5-2.1.26-23.el7.x86_64 3/307 \n Verifying : mesa-libEGL-18.3.4-10.el7.x86_64 4/307 \n Verifying : jackson-1.9.4-7.el7.noarch 5/307 \n Verifying : avalon-logkit-2.1-14.el7.noarch 6/307 \n Verifying : libXrender-0.9.10-1.el7.x86_64 7/307 \n Verifying : libXi-1.7.9-1.el7.x86_64 8/307 \n Verifying : hesiod-3.2.1-3.el7.x86_64 9/307 \n Verifying : sssd-ipa-1.16.5-10.el7.x86_64 10/307 \n Verifying : glassfish-dtd-parser-1.2-0.8.20120120svn.el7.noarch 11/307 \n Verifying : words-3.0-22.el7.noarch 12/307 \n Verifying : junit-4.11-8.el7.noarch 13/307 \n Verifying : nettle-2.7.1-8.el7.x86_64 14/307 \n Verifying : samba-common-libs-4.10.16-5.el7.x86_64 15/307 \n Verifying : sssd-client-1.16.5-10.el7.x86_64 16/307 \n Verifying : gtk-update-icon-cache-3.22.30-5.el7.x86_64 17/307 \n Verifying : 32:bind-libs-lite-9.11.4-26.P2.el7.x86_64 18/307 \n Verifying : libkadm5-1.15.1-50.el7.x86_64 19/307 \n Verifying : pki-ca-10.5.18-7.el7.noarch 20/307 \n Verifying : sssd-krb5-common-1.16.5-10.el7.x86_64 21/307 \n Verifying : krb5-pkinit-1.15.1-50.el7.x86_64 22/307 \n Verifying : python-libipa_hbac-1.16.5-10.el7.x86_64 23/307 \n Verifying : jaxen-1.1.3-11.el7.noarch 24/307 \n Verifying : libsmbclient-4.10.16-5.el7.x86_64 25/307 \n Verifying : python-javapackages-3.4.1-11.el7.noarch 26/307 \n Verifying : perl-File-Temp-0.23.01-3.el7.noarch 27/307 \n Verifying : libsss_certmap-1.16.5-10.el7.x86_64 28/307 \n Verifying : libXcomposite-0.4.4-4.1.el7.x86_64 29/307 \n Verifying : mod_wsgi-3.4-18.el7.x86_64 30/307 \n Verifying : c-ares-1.10.0-3.el7.x86_64 31/307 \n Verifying : xerces-j2-2.11.0-17.el7_0.noarch 32/307 \n Verifying : libX11-1.6.7-2.el7.x86_64 33/307 \n Verifying : python-yubico-1.2.3-1.el7.noarch 34/307 \n Verifying : lksctp-tools-1.0.17-2.el7.x86_64 35/307 \n Verifying : httpd-2.4.6-95.el7.x86_64 36/307 \n Verifying : jing-20091111-14.el7.noarch 37/307 \n Verifying : perl-Archive-Tar-1.92-3.el7.noarch 38/307 \n Verifying : 1:libglvnd-glx-1.0.1-0.8.git5baa1e5.el7.x86_64 39/307 \n Verifying : perl-Data-Dumper-2.145-3.el7.x86_64 40/307 \n Verifying : perl-threads-shared-1.43-6.el7.x86_64 41/307 \n Verifying : python-nss-0.16.0-3.el7.x86_64 42/307 \n Verifying : apr-util-1.5.2-6.el7.x86_64 43/307 \n Verifying : certmonger-0.78.4-14.el7.x86_64 44/307 \n Verifying : apr-util-openssl-1.5.2-6.el7.x86_64 45/307 \n Verifying : dejavu-sans-fonts-2.33-6.el7.noarch 46/307 \n Verifying : pcsc-lite-libs-1.8.8-8.el7.x86_64 47/307 \n Verifying : graphite2-1.3.10-1.el7_3.x86_64 48/307 \n Verifying : libsss_sudo-1.16.5-10.el7.x86_64 49/307 \n Verifying : redhat-logos-70.7.0-1.el7.noarch 50/307 \n Verifying : rngom-201103-0.8.20120119svn.el7.noarch 51/307 \n Verifying : libxshmfence-1.2-1.el7.x86_64 52/307 \n Verifying : python-pycparser-2.14-1.el7.noarch 53/307 \n Verifying : libwayland-server-1.15.0-1.el7.x86_64 54/307 \n Verifying : 389-ds-base-1.3.10.2-6.el7.x86_64 55/307 \n Verifying : apache-commons-logging-1.1.2-7.el7.noarch 56/307 \n Verifying : ipa-common-4.6.8-5.el7.noarch 57/307 \n Verifying : joda-convert-1.3-5.el7.noarch 58/307 \n Verifying : ws-jaxme-0.5.2-10.el7.noarch 59/307 \n Verifying : 1:java-1.8.0-openjdk-1.8.0.262.b10-1.el7.x86_64 60/307 \n Verifying : libXau-1.0.8-2.1.el7.x86_64 61/307 \n Verifying : perl-File-Path-2.09-2.el7.noarch 62/307 \n Verifying : apache-commons-pool-1.6-9.el7.noarch 63/307 \n Verifying : libXcursor-1.1.15-1.el7.x86_64 64/307 \n Verifying : gperftools-libs-2.6.1-1.el7.x86_64 65/307 \n Verifying : slf4j-1.7.4-4.el7_4.noarch 66/307 \n Verifying : 1:hsqldb-1.8.1.3-14.el7.noarch 67/307 \n Verifying : perl-Text-ParseWords-3.29-4.el7.noarch 68/307 \n Verifying : libdhash-0.5.0-32.el7.x86_64 69/307 \n Verifying : sssd-dbus-1.16.5-10.el7.x86_64 70/307 \n Verifying : glassfish-jaxb-2.2.5-6.el7.noarch 71/307 \n Verifying : 4:perl-macros-5.16.3-297.el7.x86_64 72/307 \n Verifying : python-augeas-0.5.0-2.el7.noarch 73/307 \n Verifying : trousers-0.3.14-2.el7.x86_64 74/307 \n Verifying : libICE-1.0.9-9.el7.x86_64 75/307 \n Verifying : sssd-common-pac-1.16.5-10.el7.x86_64 76/307 \n Verifying : giflib-4.1.6-9.el7.x86_64 77/307 \n Verifying : libldb-1.5.4-1.el7.x86_64 78/307 \n Verifying : velocity-1.7-10.el7.noarch 79/307 \n Verifying : openldap-clients-2.4.44-22.el7.x86_64 80/307 \n Verifying : autogen-libopts-5.18-5.el7.x86_64 81/307 \n Verifying : javamail-1.4.6-8.el7.noarch 82/307 \n Verifying : bcel-5.2-18.el7.noarch 83/307 \n Verifying : python-qrcode-core-5.0.1-1.el7.noarch 84/307 \n Verifying : libtdb-1.3.18-1.el7.x86_64 85/307 \n Verifying : perl-Mozilla-LDAP-1.5.3-12.el7.x86_64 86/307 \n Verifying : xml-commons-resolver-1.2-15.el7.noarch 87/307 \n Verifying : libipa_hbac-1.16.5-10.el7.x86_64 88/307 \n Verifying : jvnet-parent-4-2.el7.noarch 89/307 \n Verifying : 32:bind-utils-9.11.4-26.P2.el7.x86_64 90/307 \n Verifying : libthai-0.1.14-9.el7.x86_64 91/307 \n Verifying : python2-ipaclient-4.6.8-5.el7.noarch 92/307 \n Verifying : 1:cups-libs-1.6.3-51.el7.x86_64 93/307 \n Verifying : joda-time-2.2-3.tzdata2013c.el7.noarch 94/307 \n Verifying : libsss_idmap-1.16.5-10.el7.x86_64 95/307 \n Verifying : bea-stax-1.2.0-9.el7.noarch 96/307 \n Verifying : resteasy-base-atom-provider-3.0.6-4.el7.noarch 97/307 \n Verifying : apr-1.4.8-7.el7.x86_64 98/307 \n Verifying : 389-ds-base-libs-1.3.10.2-6.el7.x86_64 99/307 \n Verifying : 1:ecj-4.5.2-3.el7.x86_64 100/307 \n Verifying : nuxwdog-1.0.5-1.el7.x86_64 101/307 \n Verifying : resteasy-base-client-3.0.6-4.el7.noarch 102/307 \n Verifying : libXtst-1.2.3-1.el7.x86_64 103/307 \n Verifying : cyrus-sasl-plain-2.1.26-23.el7.x86_64 104/307 \n Verifying : xsom-0-10.20110809svn.el7.noarch 105/307 \n Verifying : libicu-50.2-4.el7_7.x86_64 106/307 \n Verifying : mesa-libgbm-18.3.4-10.el7.x86_64 107/307 \n Verifying : apache-commons-codec-1.8-7.el7.noarch 108/307 \n Verifying : gnutls-3.3.29-9.el7_6.x86_64 109/307 \n Verifying : python-idna-2.4-1.el7.noarch 110/307 \n Verifying : python-ply-3.4-11.el7.noarch 111/307 \n Verifying : geronimo-jms-1.1.1-19.el7.noarch 112/307 \n Verifying : libXdamage-1.1.4-4.1.el7.x86_64 113/307 \n Verifying : mod_nss-1.0.14-12.el7.x86_64 114/307 \n Verifying : 1:perl-IO-Zlib-1.10-297.el7.noarch 115/307 \n Verifying : krb5-workstation-1.15.1-50.el7.x86_64 116/307 \n Verifying : tomcat-el-2.2-api-7.0.76-15.el7.noarch 117/307 \n Verifying : sssd-proxy-1.16.5-10.el7.x86_64 118/307 \n Verifying : systemd-python-219-78.el7.x86_64 119/307 \n Verifying : pixman-0.34.0-1.el7.x86_64 120/307 \n Verifying : python-jwcrypto-0.4.2-1.el7.noarch 121/307 \n Verifying : python-ldap-2.4.15-2.el7.x86_64 122/307 \n Verifying : ipa-server-4.6.8-5.el7.x86_64 123/307 \n Verifying : 1:libglvnd-1.0.1-0.8.git5baa1e5.el7.x86_64 124/307 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 125/307 \n Verifying : perl-Pod-Usage-1.63-3.el7.noarch 126/307 \n Verifying : perl-Encode-2.51-7.el7.x86_64 127/307 \n Verifying : python2-pyasn1-modules-0.1.9-7.el7.noarch 128/307 \n Verifying : perl-DB_File-1.830-6.el7.x86_64 129/307 \n Verifying : http-parser-2.7.1-9.el7.x86_64 130/307 \n Verifying : stax2-api-3.1.1-10.el7.noarch 131/307 \n Verifying : 1:java-1.8.0-openjdk-headless-1.8.0.262.b10-1.el7.x86_ 132/307 \n Verifying : 1:libglvnd-egl-1.0.1-0.8.git5baa1e5.el7.x86_64 133/307 \n Verifying : jasper-libs-1.900.1-33.el7.x86_64 134/307 \n Verifying : perl-threads-1.87-4.el7.x86_64 135/307 \n Verifying : fontawesome-fonts-4.1.0-2.el7.noarch 136/307 \n Verifying : perl-Getopt-Long-2.40-3.el7.noarch 137/307 \n Verifying : 1:autofs-5.0.7-113.el7.x86_64 138/307 \n Verifying : atk-2.28.1-2.el7.x86_64 139/307 \n Verifying : antlr-tool-2.7.7-30.el7.noarch 140/307 \n Verifying : psmisc-22.20-17.el7.x86_64 141/307 \n Verifying : 4:perl-5.16.3-297.el7.x86_64 142/307 \n Verifying : relaxngDatatype-1.0-11.el7.noarch 143/307 \n Verifying : avahi-libs-0.6.31-20.el7.x86_64 144/307 \n Verifying : 32:bind-libs-9.11.4-26.P2.el7.x86_64 145/307 \n Verifying : augeas-libs-1.4.0-10.el7.x86_64 146/307 \n Verifying : 1:xorg-x11-font-utils-7.5-21.el7.x86_64 147/307 \n Verifying : httpcomponents-client-4.2.5-5.el7_0.noarch 148/307 \n Verifying : fontconfig-2.13.0-4.3.el7.x86_64 149/307 \n Verifying : gdk-pixbuf2-2.36.12-3.el7.x86_64 150/307 \n Verifying : args4j-2.0.16-13.el7.noarch 151/307 \n Verifying : 1:msv-msv-2013.5.1-7.el7.noarch 152/307 \n Verifying : mailcap-2.1.41-2.el7.noarch 153/307 \n Verifying : javapackages-tools-3.4.1-11.el7.noarch 154/307 \n Verifying : libtevent-0.9.39-1.el7.x86_64 155/307 \n Verifying : perl-Storable-2.45-3.el7.x86_64 156/307 \n Verifying : easymock2-2.5.2-12.el7.noarch 157/307 \n Verifying : mod_session-2.4.6-95.el7.x86_64 158/307 \n Verifying : tzdata-java-2020a-1.el7.noarch 159/307 \n Verifying : resteasy-base-jaxb-provider-3.0.6-4.el7.noarch 160/307 \n Verifying : 1:jakarta-commons-httpclient-3.1-16.el7_0.noarch 161/307 \n Verifying : libpciaccess-0.14-1.el7.x86_64 162/307 \n Verifying : libwayland-client-1.15.0-1.el7.x86_64 163/307 \n Verifying : libXrandr-1.5.1-2.el7.x86_64 164/307 \n Verifying : perl-Compress-Raw-Bzip2-2.061-3.el7.x86_64 165/307 \n Verifying : fontpackages-filesystem-1.44-8.el7.noarch 166/307 \n Verifying : ttmkfdir-3.0.9-42.el7.x86_64 167/307 \n Verifying : sssd-1.16.5-10.el7.x86_64 168/307 \n Verifying : hicolor-icon-theme-0.12-7.el7.noarch 169/307 \n Verifying : log4j-1.2.17-16.el7_4.noarch 170/307 \n Verifying : 1:perl-parent-0.225-244.el7.noarch 171/307 \n Verifying : slapi-nis-0.56.5-2.el7.x86_64 172/307 \n Verifying : samba-client-libs-4.10.16-5.el7.x86_64 173/307 \n Verifying : apache-commons-lang-2.6-15.el7.noarch 174/307 \n Verifying : python-gssapi-1.2.0-3.el7.x86_64 175/307 \n Verifying : copy-jdk-configs-3.3-10.el7_5.noarch 176/307 \n Verifying : geoipupdate-2.5.0-1.el7.x86_64 177/307 \n Verifying : 1:perl-Pod-Escapes-1.04-297.el7.noarch 178/307 \n Verifying : python-dns-1.12.0-4.20150617git465785f.el7.noarch 179/307 \n Verifying : sssd-ldap-1.16.5-10.el7.x86_64 180/307 \n Verifying : pango-1.42.4-4.el7_7.x86_64 181/307 \n Verifying : fribidi-1.0.2-1.el7_7.1.x86_64 182/307 \n Verifying : custodia-0.3.1-4.el7.noarch 183/307 \n Verifying : python-sss-murmur-1.16.5-10.el7.x86_64 184/307 \n Verifying : pyusb-1.0.0-0.11.b1.el7.noarch 185/307 \n Verifying : libwbclient-4.10.16-5.el7.x86_64 186/307 \n Verifying : jakarta-oro-2.0.8-16.el7.noarch 187/307 \n Verifying : tomcat-servlet-3.0-api-7.0.76-15.el7.noarch 188/307 \n Verifying : httpd-tools-2.4.6-95.el7.x86_64 189/307 \n Verifying : cyrus-sasl-gssapi-2.1.26-23.el7.x86_64 190/307 \n Verifying : avalon-framework-4.3-10.el7.noarch 191/307 \n Verifying : libjpeg-turbo-1.2.90-8.el7.x86_64 192/307 \n Verifying : open-sans-fonts-1.10-1.el7.noarch 193/307 \n Verifying : perl-Carp-1.26-244.el7.noarch 194/307 \n Verifying : 1:isorelax-0-0.15.release20050331.el7.noarch 195/307 \n Verifying : harfbuzz-1.7.5-2.el7.x86_64 196/307 \n Verifying : resteasy-base-jaxrs-api-3.0.6-4.el7.noarch 197/307 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 198/307 \n Verifying : 4:perl-Time-HiRes-1.9725-3.el7.x86_64 199/307 \n Verifying : apache-commons-dbcp-1.4-17.el7.noarch 200/307 \n Verifying : tomcat-7.0.76-15.el7.noarch 201/307 \n Verifying : tomcatjss-7.2.5-1.el7.noarch 202/307 \n Verifying : codemodel-2.6-9.el7.noarch 203/307 \n Verifying : xalan-j2-2.7.1-23.el7.noarch 204/307 \n Verifying : ipa-client-common-4.6.8-5.el7.noarch 205/307 \n Verifying : apache-commons-collections-3.2.1-22.el7_2.noarch 206/307 \n Verifying : libXft-2.3.2-2.el7.x86_64 207/307 \n Verifying : python-sssdconfig-1.16.5-10.el7.noarch 208/307 \n Verifying : libXfixes-5.0.3-1.el7.x86_64 209/307 \n Verifying : nuxwdog-client-java-1.0.5-1.el7.x86_64 210/307 \n Verifying : mesa-libGL-18.3.4-10.el7.x86_64 211/307 \n Verifying : istack-commons-2.17-4.el7.noarch 212/307 \n Verifying : mesa-libglapi-18.3.4-10.el7.x86_64 213/307 \n Verifying : perl-Pod-Perldoc-3.20-4.el7.noarch 214/307 \n Verifying : xpp3-1.1.3.8-11.el7.noarch 215/307 \n Verifying : scannotation-1.0.3-0.7.r12.el7.noarch 216/307 \n Verifying : jss-4.4.9-3.el7.x86_64 217/307 \n Verifying : libSM-1.2.2-2.el7.x86_64 218/307 \n Verifying : python2-ipalib-4.6.8-5.el7.noarch 219/307 \n Verifying : libtiff-4.0.3-35.el7.x86_64 220/307 \n Verifying : perl-Filter-1.49-3.el7.x86_64 221/307 \n Verifying : ipa-server-common-4.6.8-5.el7.noarch 222/307 \n Verifying : qdox-1.12.1-10.el7.noarch 223/307 \n Verifying : oddjob-mkhomedir-0.31.5-4.el7.x86_64 224/307 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 225/307 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 226/307 \n Verifying : tomcat-jsp-2.2-api-7.0.76-15.el7.noarch 227/307 \n Verifying : libsss_nss_idmap-1.16.5-10.el7.x86_64 228/307 \n Verifying : pki-base-10.5.18-7.el7.noarch 229/307 \n Verifying : libXxf86vm-1.1.4-1.el7.x86_64 230/307 \n Verifying : python-netaddr-0.7.5-9.el7.noarch 231/307 \n Verifying : bea-stax-api-1.2.0-9.el7.noarch 232/307 \n Verifying : sssd-ad-1.16.5-10.el7.x86_64 233/307 \n Verifying : libXinerama-1.1.3-2.1.el7.x86_64 234/307 \n Verifying : pki-server-10.5.18-7.el7.noarch 235/307 \n Verifying : python2-ipaserver-4.6.8-5.el7.noarch 236/307 \n Verifying : glassfish-jaxb-api-2.2.7-4.el7.noarch 237/307 \n Verifying : resteasy-base-jaxrs-3.0.6-4.el7.noarch 238/307 \n Verifying : pki-base-java-10.5.18-7.el7.noarch 239/307 \n Verifying : 4:perl-libs-5.16.3-297.el7.x86_64 240/307 \n Verifying : perl-IO-Compress-2.061-2.el7.noarch 241/307 \n Verifying : perl-Exporter-5.68-3.el7.noarch 242/307 \n Verifying : perl-constant-1.27-2.el7.noarch 243/307 \n Verifying : perl-PathTools-3.40-5.el7.x86_64 244/307 \n Verifying : python-enum34-1.0.4-1.el7.noarch 245/307 \n Verifying : 1:msv-xsdlib-2013.5.1-7.el7.noarch 246/307 \n Verifying : perl-NetAddr-IP-4.069-3.el7.x86_64 247/307 \n Verifying : perl-Socket-2.010-5.el7.x86_64 248/307 \n Verifying : gtk2-2.24.31-1.el7.x86_64 249/307 \n Verifying : xml-commons-apis-1.4.01-16.el7.noarch 250/307 \n Verifying : alsa-lib-1.1.8-1.el7.x86_64 251/307 \n Verifying : mod_lookup_identity-1.0.0-1.el7.x86_64 252/307 \n Verifying : oddjob-0.31.5-4.el7.x86_64 253/307 \n Verifying : python-kdcproxy-0.3.2-3.el7.noarch 254/307 \n Verifying : softhsm-2.1.0-3.el7.x86_64 255/307 \n Verifying : svrcore-4.1.3-2.el7.x86_64 256/307 \n Verifying : dejavu-fonts-common-2.33-6.el7.noarch 257/307 \n Verifying : glassfish-fastinfoset-1.2.12-9.el7.noarch 258/307 \n Verifying : 1:perl-Pod-Simple-3.28-4.el7.noarch 259/307 \n Verifying : dom4j-1.6.1-20.el7.noarch 260/307 \n Verifying : perl-Time-Local-1.2300-2.el7.noarch 261/307 \n Verifying : libX11-common-1.6.7-2.el7.noarch 262/307 \n Verifying : libxcb-1.13-1.el7.x86_64 263/307 \n Verifying : mod_auth_gssapi-1.5.1-7.el7.x86_64 264/307 \n Verifying : 1:apache-commons-io-2.4-12.el7.noarch 265/307 \n Verifying : hamcrest-1.3-6.el7.noarch 266/307 \n Verifying : libsss_autofs-1.16.5-10.el7.x86_64 267/307 \n Verifying : httpcomponents-core-4.2.4-6.el7.noarch 268/307 \n Verifying : GeoIP-1.5.0-14.el7.x86_64 269/307 \n Verifying : jboss-annotations-1.1-api-1.0.1-0.6.20120212git76e1a2. 270/307 \n Verifying : sssd-krb5-1.16.5-10.el7.x86_64 271/307 \n Verifying : 1:perl-Package-Constants-0.02-297.el7.noarch 272/307 \n Verifying : apache-commons-cli-1.2-13.el7.noarch 273/307 \n Verifying : xorg-x11-fonts-Type1-7.5-9.el7.noarch 274/307 \n Verifying : txw2-20110809-8.el7.noarch 275/307 \n Verifying : geronimo-jta-1.1.1-17.el7.noarch 276/307 \n Verifying : samba-common-4.10.16-5.el7.noarch 277/307 \n Verifying : cal10n-0.7.7-4.el7.noarch 278/307 \n Verifying : pki-kra-10.5.18-7.el7.noarch 279/307 \n Verifying : krb5-server-1.15.1-50.el7.x86_64 280/307 \n Verifying : pki-tools-10.5.18-7.el7.x86_64 281/307 \n Verifying : perl-Scalar-List-Utils-1.27-248.el7.x86_64 282/307 \n Verifying : 1:perl-Compress-Raw-Zlib-2.061-4.el7.x86_64 283/307 \n Verifying : objectweb-asm-3.3.1-9.el7.noarch 284/307 \n Verifying : python-custodia-0.3.1-4.el7.noarch 285/307 \n Verifying : resteasy-base-jackson-provider-3.0.6-4.el7.noarch 286/307 \n Verifying : python-netifaces-0.10.4-3.el7.x86_64 287/307 \n Verifying : cairo-1.15.12-4.el7.x86_64 288/307 \n Verifying : ntpdate-4.2.6p5-29.el7_8.2.x86_64 289/307 \n Verifying : stax-ex-1.7.1-6.el7.noarch 290/307 \n Verifying : sssd-common-1.16.5-10.el7.x86_64 291/307 \n Verifying : jdom-1.1.3-6.el7.noarch 292/307 \n Verifying : tomcat-lib-7.0.76-15.el7.noarch 293/307 \n Verifying : perl-podlators-2.5.1-3.el7.noarch 294/307 \n Verifying : ldapjdk-4.19-5.el7.noarch 295/307 \n Verifying : jsr-311-1.1.1-6.el7.noarch 296/307 \n Verifying : jbigkit-libs-2.0-11.el7.x86_64 297/307 \n Verifying : apache-commons-daemon-1.0.13-7.el7.x86_64 298/307 \n Verifying : libdrm-2.4.97-2.el7.x86_64 299/307 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 300/307 \n Verifying : javassist-3.16.1-10.el7.noarch 301/307 \n Verifying : libfontenc-1.1.3-3.el7.x86_64 302/307 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 303/307 \n Verifying : ipa-client-4.6.8-5.el7.x86_64 304/307 \n Verifying : 32:bind-license-9.11.4-26.P2.el7.noarch 305/307 \n Verifying : ntp-4.2.6p5-29.el7_8.2.x86_64 306/307 \n Verifying : regexp-1.5-13.el7.noarch 307/307 \n\nInstalled:\n ipa-server.x86_64 0:4.6.8-5.el7 \n\nDependency Installed:\n 389-ds-base.x86_64 0:1.3.10.2-6.el7 \n 389-ds-base-libs.x86_64 0:1.3.10.2-6.el7 \n GeoIP.x86_64 0:1.5.0-14.el7 \n alsa-lib.x86_64 0:1.1.8-1.el7 \n antlr-tool.noarch 0:2.7.7-30.el7 \n apache-commons-cli.noarch 0:1.2-13.el7 \n apache-commons-codec.noarch 0:1.8-7.el7 \n apache-commons-collections.noarch 0:3.2.1-22.el7_2 \n apache-commons-daemon.x86_64 0:1.0.13-7.el7 \n apache-commons-dbcp.noarch 0:1.4-17.el7 \n apache-commons-io.noarch 1:2.4-12.el7 \n apache-commons-lang.noarch 0:2.6-15.el7 \n apache-commons-logging.noarch 0:1.1.2-7.el7 \n apache-commons-pool.noarch 0:1.6-9.el7 \n apr.x86_64 0:1.4.8-7.el7 \n apr-util.x86_64 0:1.5.2-6.el7 \n apr-util-openssl.x86_64 0:1.5.2-6.el7 \n args4j.noarch 0:2.0.16-13.el7 \n atk.x86_64 0:2.28.1-2.el7 \n augeas-libs.x86_64 0:1.4.0-10.el7 \n autofs.x86_64 1:5.0.7-113.el7 \n autogen-libopts.x86_64 0:5.18-5.el7 \n avahi-libs.x86_64 0:0.6.31-20.el7 \n avalon-framework.noarch 0:4.3-10.el7 \n avalon-logkit.noarch 0:2.1-14.el7 \n bcel.noarch 0:5.2-18.el7 \n bea-stax.noarch 0:1.2.0-9.el7 \n bea-stax-api.noarch 0:1.2.0-9.el7 \n bind-libs.x86_64 32:9.11.4-26.P2.el7 \n bind-libs-lite.x86_64 32:9.11.4-26.P2.el7 \n bind-license.noarch 32:9.11.4-26.P2.el7 \n bind-utils.x86_64 32:9.11.4-26.P2.el7 \n c-ares.x86_64 0:1.10.0-3.el7 \n cairo.x86_64 0:1.15.12-4.el7 \n cal10n.noarch 0:0.7.7-4.el7 \n certmonger.x86_64 0:0.78.4-14.el7 \n codemodel.noarch 0:2.6-9.el7 \n copy-jdk-configs.noarch 0:3.3-10.el7_5 \n cups-libs.x86_64 1:1.6.3-51.el7 \n custodia.noarch 0:0.3.1-4.el7 \n cyrus-sasl-gssapi.x86_64 0:2.1.26-23.el7 \n cyrus-sasl-md5.x86_64 0:2.1.26-23.el7 \n cyrus-sasl-plain.x86_64 0:2.1.26-23.el7 \n dejavu-fonts-common.noarch 0:2.33-6.el7 \n dejavu-sans-fonts.noarch 0:2.33-6.el7 \n dom4j.noarch 0:1.6.1-20.el7 \n easymock2.noarch 0:2.5.2-12.el7 \n ecj.x86_64 1:4.5.2-3.el7 \n fontawesome-fonts.noarch 0:4.1.0-2.el7 \n fontconfig.x86_64 0:2.13.0-4.3.el7 \n fontpackages-filesystem.noarch 0:1.44-8.el7 \n fribidi.x86_64 0:1.0.2-1.el7_7.1 \n gdk-pixbuf2.x86_64 0:2.36.12-3.el7 \n geoipupdate.x86_64 0:2.5.0-1.el7 \n geronimo-jms.noarch 0:1.1.1-19.el7 \n geronimo-jta.noarch 0:1.1.1-17.el7 \n giflib.x86_64 0:4.1.6-9.el7 \n glassfish-dtd-parser.noarch 0:1.2-0.8.20120120svn.el7 \n glassfish-fastinfoset.noarch 0:1.2.12-9.el7 \n glassfish-jaxb.noarch 0:2.2.5-6.el7 \n glassfish-jaxb-api.noarch 0:2.2.7-4.el7 \n gnutls.x86_64 0:3.3.29-9.el7_6 \n gperftools-libs.x86_64 0:2.6.1-1.el7 \n graphite2.x86_64 0:1.3.10-1.el7_3 \n gtk-update-icon-cache.x86_64 0:3.22.30-5.el7 \n gtk2.x86_64 0:2.24.31-1.el7 \n hamcrest.noarch 0:1.3-6.el7 \n harfbuzz.x86_64 0:1.7.5-2.el7 \n hesiod.x86_64 0:3.2.1-3.el7 \n hicolor-icon-theme.noarch 0:0.12-7.el7 \n hsqldb.noarch 1:1.8.1.3-14.el7 \n http-parser.x86_64 0:2.7.1-9.el7 \n httpcomponents-client.noarch 0:4.2.5-5.el7_0 \n httpcomponents-core.noarch 0:4.2.4-6.el7 \n httpd.x86_64 0:2.4.6-95.el7 \n httpd-tools.x86_64 0:2.4.6-95.el7 \n ipa-client.x86_64 0:4.6.8-5.el7 \n ipa-client-common.noarch 0:4.6.8-5.el7 \n ipa-common.noarch 0:4.6.8-5.el7 \n ipa-server-common.noarch 0:4.6.8-5.el7 \n isorelax.noarch 1:0-0.15.release20050331.el7 \n istack-commons.noarch 0:2.17-4.el7 \n jackson.noarch 0:1.9.4-7.el7 \n jakarta-commons-httpclient.noarch 1:3.1-16.el7_0 \n jakarta-oro.noarch 0:2.0.8-16.el7 \n jasper-libs.x86_64 0:1.900.1-33.el7 \n java-1.8.0-openjdk.x86_64 1:1.8.0.262.b10-1.el7 \n java-1.8.0-openjdk-headless.x86_64 1:1.8.0.262.b10-1.el7 \n javamail.noarch 0:1.4.6-8.el7 \n javapackages-tools.noarch 0:3.4.1-11.el7 \n javassist.noarch 0:3.16.1-10.el7 \n jaxen.noarch 0:1.1.3-11.el7 \n jbigkit-libs.x86_64 0:2.0-11.el7 \n jboss-annotations-1.1-api.noarch 0:1.0.1-0.6.20120212git76e1a2.el7 \n jdom.noarch 0:1.1.3-6.el7 \n jing.noarch 0:20091111-14.el7 \n joda-convert.noarch 0:1.3-5.el7 \n joda-time.noarch 0:2.2-3.tzdata2013c.el7 \n jsr-311.noarch 0:1.1.1-6.el7 \n jss.x86_64 0:4.4.9-3.el7 \n junit.noarch 0:4.11-8.el7 \n jvnet-parent.noarch 0:4-2.el7 \n krb5-pkinit.x86_64 0:1.15.1-50.el7 \n krb5-server.x86_64 0:1.15.1-50.el7 \n krb5-workstation.x86_64 0:1.15.1-50.el7 \n ldapjdk.noarch 0:4.19-5.el7 \n libICE.x86_64 0:1.0.9-9.el7 \n libSM.x86_64 0:1.2.2-2.el7 \n libX11.x86_64 0:1.6.7-2.el7 \n libX11-common.noarch 0:1.6.7-2.el7 \n libXau.x86_64 0:1.0.8-2.1.el7 \n libXcomposite.x86_64 0:0.4.4-4.1.el7 \n libXcursor.x86_64 0:1.1.15-1.el7 \n libXdamage.x86_64 0:1.1.4-4.1.el7 \n libXext.x86_64 0:1.3.3-3.el7 \n libXfixes.x86_64 0:5.0.3-1.el7 \n libXft.x86_64 0:2.3.2-2.el7 \n libXi.x86_64 0:1.7.9-1.el7 \n libXinerama.x86_64 0:1.1.3-2.1.el7 \n libXrandr.x86_64 0:1.5.1-2.el7 \n libXrender.x86_64 0:0.9.10-1.el7 \n libXtst.x86_64 0:1.2.3-1.el7 \n libXxf86vm.x86_64 0:1.1.4-1.el7 \n libdhash.x86_64 0:0.5.0-32.el7 \n libdrm.x86_64 0:2.4.97-2.el7 \n libfontenc.x86_64 0:1.1.3-3.el7 \n libglvnd.x86_64 1:1.0.1-0.8.git5baa1e5.el7 \n libglvnd-egl.x86_64 1:1.0.1-0.8.git5baa1e5.el7 \n libglvnd-glx.x86_64 1:1.0.1-0.8.git5baa1e5.el7 \n libicu.x86_64 0:50.2-4.el7_7 \n libipa_hbac.x86_64 0:1.16.5-10.el7 \n libjpeg-turbo.x86_64 0:1.2.90-8.el7 \n libkadm5.x86_64 0:1.15.1-50.el7 \n libldb.x86_64 0:1.5.4-1.el7 \n libpciaccess.x86_64 0:0.14-1.el7 \n libsmbclient.x86_64 0:4.10.16-5.el7 \n libsss_autofs.x86_64 0:1.16.5-10.el7 \n libsss_certmap.x86_64 0:1.16.5-10.el7 \n libsss_idmap.x86_64 0:1.16.5-10.el7 \n libsss_nss_idmap.x86_64 0:1.16.5-10.el7 \n libsss_sudo.x86_64 0:1.16.5-10.el7 \n libtalloc.x86_64 0:2.1.16-1.el7 \n libtdb.x86_64 0:1.3.18-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n libthai.x86_64 0:0.1.14-9.el7 \n libtiff.x86_64 0:4.0.3-35.el7 \n libwayland-client.x86_64 0:1.15.0-1.el7 \n libwayland-server.x86_64 0:1.15.0-1.el7 \n libwbclient.x86_64 0:4.10.16-5.el7 \n libxcb.x86_64 0:1.13-1.el7 \n libxshmfence.x86_64 0:1.2-1.el7 \n lksctp-tools.x86_64 0:1.0.17-2.el7 \n log4j.noarch 0:1.2.17-16.el7_4 \n mailcap.noarch 0:2.1.41-2.el7 \n mesa-libEGL.x86_64 0:18.3.4-10.el7 \n mesa-libGL.x86_64 0:18.3.4-10.el7 \n mesa-libgbm.x86_64 0:18.3.4-10.el7 \n mesa-libglapi.x86_64 0:18.3.4-10.el7 \n mod_auth_gssapi.x86_64 0:1.5.1-7.el7 \n mod_lookup_identity.x86_64 0:1.0.0-1.el7 \n mod_nss.x86_64 0:1.0.14-12.el7 \n mod_session.x86_64 0:2.4.6-95.el7 \n mod_wsgi.x86_64 0:3.4-18.el7 \n msv-msv.noarch 1:2013.5.1-7.el7 \n msv-xsdlib.noarch 1:2013.5.1-7.el7 \n nettle.x86_64 0:2.7.1-8.el7 \n ntp.x86_64 0:4.2.6p5-29.el7_8.2 \n ntpdate.x86_64 0:4.2.6p5-29.el7_8.2 \n nuxwdog.x86_64 0:1.0.5-1.el7 \n nuxwdog-client-java.x86_64 0:1.0.5-1.el7 \n objectweb-asm.noarch 0:3.3.1-9.el7 \n oddjob.x86_64 0:0.31.5-4.el7 \n oddjob-mkhomedir.x86_64 0:0.31.5-4.el7 \n open-sans-fonts.noarch 0:1.10-1.el7 \n openldap-clients.x86_64 0:2.4.44-22.el7 \n pango.x86_64 0:1.42.4-4.el7_7 \n pcsc-lite-libs.x86_64 0:1.8.8-8.el7 \n perl.x86_64 4:5.16.3-297.el7 \n perl-Archive-Tar.noarch 0:1.92-3.el7 \n perl-Carp.noarch 0:1.26-244.el7 \n perl-Compress-Raw-Bzip2.x86_64 0:2.061-3.el7 \n perl-Compress-Raw-Zlib.x86_64 1:2.061-4.el7 \n perl-DB_File.x86_64 0:1.830-6.el7 \n perl-Data-Dumper.x86_64 0:2.145-3.el7 \n perl-Encode.x86_64 0:2.51-7.el7 \n perl-Exporter.noarch 0:5.68-3.el7 \n perl-File-Path.noarch 0:2.09-2.el7 \n perl-File-Temp.noarch 0:0.23.01-3.el7 \n perl-Filter.x86_64 0:1.49-3.el7 \n perl-Getopt-Long.noarch 0:2.40-3.el7 \n perl-HTTP-Tiny.noarch 0:0.033-3.el7 \n perl-IO-Compress.noarch 0:2.061-2.el7 \n perl-IO-Zlib.noarch 1:1.10-297.el7 \n perl-Mozilla-LDAP.x86_64 0:1.5.3-12.el7 \n perl-NetAddr-IP.x86_64 0:4.069-3.el7 \n perl-Package-Constants.noarch 1:0.02-297.el7 \n perl-PathTools.x86_64 0:3.40-5.el7 \n perl-Pod-Escapes.noarch 1:1.04-297.el7 \n perl-Pod-Perldoc.noarch 0:3.20-4.el7 \n perl-Pod-Simple.noarch 1:3.28-4.el7 \n perl-Pod-Usage.noarch 0:1.63-3.el7 \n perl-Scalar-List-Utils.x86_64 0:1.27-248.el7 \n perl-Socket.x86_64 0:2.010-5.el7 \n perl-Storable.x86_64 0:2.45-3.el7 \n perl-Text-ParseWords.noarch 0:3.29-4.el7 \n perl-Time-HiRes.x86_64 4:1.9725-3.el7 \n perl-Time-Local.noarch 0:1.2300-2.el7 \n perl-constant.noarch 0:1.27-2.el7 \n perl-libs.x86_64 4:5.16.3-297.el7 \n perl-macros.x86_64 4:5.16.3-297.el7 \n perl-parent.noarch 1:0.225-244.el7 \n perl-podlators.noarch 0:2.5.1-3.el7 \n perl-threads.x86_64 0:1.87-4.el7 \n perl-threads-shared.x86_64 0:1.43-6.el7 \n pixman.x86_64 0:0.34.0-1.el7 \n pki-base.noarch 0:10.5.18-7.el7 \n pki-base-java.noarch 0:10.5.18-7.el7 \n pki-ca.noarch 0:10.5.18-7.el7 \n pki-kra.noarch 0:10.5.18-7.el7 \n pki-server.noarch 0:10.5.18-7.el7 \n pki-tools.x86_64 0:10.5.18-7.el7 \n psmisc.x86_64 0:22.20-17.el7 \n python-augeas.noarch 0:0.5.0-2.el7 \n python-cffi.x86_64 0:1.6.0-5.el7 \n python-custodia.noarch 0:0.3.1-4.el7 \n python-dns.noarch 0:1.12.0-4.20150617git465785f.el7 \n python-enum34.noarch 0:1.0.4-1.el7 \n python-gssapi.x86_64 0:1.2.0-3.el7 \n python-idna.noarch 0:2.4-1.el7 \n python-javapackages.noarch 0:3.4.1-11.el7 \n python-jwcrypto.noarch 0:0.4.2-1.el7 \n python-kdcproxy.noarch 0:0.3.2-3.el7 \n python-ldap.x86_64 0:2.4.15-2.el7 \n python-libipa_hbac.x86_64 0:1.16.5-10.el7 \n python-netaddr.noarch 0:0.7.5-9.el7 \n python-netifaces.x86_64 0:0.10.4-3.el7 \n python-nss.x86_64 0:0.16.0-3.el7 \n python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n python-qrcode-core.noarch 0:5.0.1-1.el7 \n python-sss-murmur.x86_64 0:1.16.5-10.el7 \n python-sssdconfig.noarch 0:1.16.5-10.el7 \n python-yubico.noarch 0:1.2.3-1.el7 \n python2-cryptography.x86_64 0:1.7.2-2.el7 \n python2-ipaclient.noarch 0:4.6.8-5.el7 \n python2-ipalib.noarch 0:4.6.8-5.el7 \n python2-ipaserver.noarch 0:4.6.8-5.el7 \n python2-pyasn1.noarch 0:0.1.9-7.el7 \n python2-pyasn1-modules.noarch 0:0.1.9-7.el7 \n pyusb.noarch 0:1.0.0-0.11.b1.el7 \n qdox.noarch 0:1.12.1-10.el7 \n redhat-logos.noarch 0:70.7.0-1.el7 \n regexp.noarch 0:1.5-13.el7 \n relaxngDatatype.noarch 0:1.0-11.el7 \n resteasy-base-atom-provider.noarch 0:3.0.6-4.el7 \n resteasy-base-client.noarch 0:3.0.6-4.el7 \n resteasy-base-jackson-provider.noarch 0:3.0.6-4.el7 \n resteasy-base-jaxb-provider.noarch 0:3.0.6-4.el7 \n resteasy-base-jaxrs.noarch 0:3.0.6-4.el7 \n resteasy-base-jaxrs-api.noarch 0:3.0.6-4.el7 \n rngom.noarch 0:201103-0.8.20120119svn.el7 \n samba-client-libs.x86_64 0:4.10.16-5.el7 \n samba-common.noarch 0:4.10.16-5.el7 \n samba-common-libs.x86_64 0:4.10.16-5.el7 \n scannotation.noarch 0:1.0.3-0.7.r12.el7 \n slapi-nis.x86_64 0:0.56.5-2.el7 \n slf4j.noarch 0:1.7.4-4.el7_4 \n softhsm.x86_64 0:2.1.0-3.el7 \n sssd.x86_64 0:1.16.5-10.el7 \n sssd-ad.x86_64 0:1.16.5-10.el7 \n sssd-client.x86_64 0:1.16.5-10.el7 \n sssd-common.x86_64 0:1.16.5-10.el7 \n sssd-common-pac.x86_64 0:1.16.5-10.el7 \n sssd-dbus.x86_64 0:1.16.5-10.el7 \n sssd-ipa.x86_64 0:1.16.5-10.el7 \n sssd-krb5.x86_64 0:1.16.5-10.el7 \n sssd-krb5-common.x86_64 0:1.16.5-10.el7 \n sssd-ldap.x86_64 0:1.16.5-10.el7 \n sssd-proxy.x86_64 0:1.16.5-10.el7 \n stax-ex.noarch 0:1.7.1-6.el7 \n stax2-api.noarch 0:3.1.1-10.el7 \n svrcore.x86_64 0:4.1.3-2.el7 \n systemd-python.x86_64 0:219-78.el7 \n tomcat.noarch 0:7.0.76-15.el7 \n tomcat-el-2.2-api.noarch 0:7.0.76-15.el7 \n tomcat-jsp-2.2-api.noarch 0:7.0.76-15.el7 \n tomcat-lib.noarch 0:7.0.76-15.el7 \n tomcat-servlet-3.0-api.noarch 0:7.0.76-15.el7 \n tomcatjss.noarch 0:7.2.5-1.el7 \n trousers.x86_64 0:0.3.14-2.el7 \n ttmkfdir.x86_64 0:3.0.9-42.el7 \n txw2.noarch 0:20110809-8.el7 \n tzdata-java.noarch 0:2020a-1.el7 \n velocity.noarch 0:1.7-10.el7 \n words.noarch 0:3.0-22.el7 \n ws-jaxme.noarch 0:0.5.2-10.el7 \n xalan-j2.noarch 0:2.7.1-23.el7 \n xerces-j2.noarch 0:2.11.0-17.el7_0 \n xml-commons-apis.noarch 0:1.4.01-16.el7 \n xml-commons-resolver.noarch 0:1.2-15.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n xorg-x11-font-utils.x86_64 1:7.5-21.el7 \n xorg-x11-fonts-Type1.noarch 0:7.5-9.el7 \n xpp3.noarch 0:1.1.3.8-11.el7 \n xsom.noarch 0:0-10.20110809svn.el7 \n\nComplete!\n" ] } TASK [ipaserver : Install - Ensure that IPA server packages for dns are installed] *** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:10 Monday 22 November 2021 16:58:35 +0000 (0:00:40.153) 0:00:49.281 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "ipa-server-dns" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package ipa-server-dns.noarch 0:4.6.8-5.el7 will be installed\n--> Processing Dependency: opendnssec >= 1.4.6-4 for package: ipa-server-dns-4.6.8-5.el7.noarch\n--> Processing Dependency: bind-pkcs11-utils >= 9.9.4-51 for package: ipa-server-dns-4.6.8-5.el7.noarch\n--> Processing Dependency: bind-pkcs11 >= 9.9.4-51 for package: ipa-server-dns-4.6.8-5.el7.noarch\n--> Processing Dependency: bind-dyndb-ldap >= 11.1-4 for package: ipa-server-dns-4.6.8-5.el7.noarch\n--> Processing Dependency: bind >= 9.9.4-51 for package: ipa-server-dns-4.6.8-5.el7.noarch\n--> Running transaction check\n---> Package bind.x86_64 32:9.11.4-26.P2.el7 will be installed\n---> Package bind-dyndb-ldap.x86_64 0:11.1-7.el7 will be installed\n---> Package bind-pkcs11.x86_64 32:9.11.4-26.P2.el7 will be installed\n--> Processing Dependency: bind-pkcs11-libs(x86-64) = 32:9.11.4-26.P2.el7 for package: 32:bind-pkcs11-9.11.4-26.P2.el7.x86_64\n--> Processing Dependency: libisc-pkcs11.so.169()(64bit) for package: 32:bind-pkcs11-9.11.4-26.P2.el7.x86_64\n--> Processing Dependency: libdns-pkcs11.so.1102()(64bit) for package: 32:bind-pkcs11-9.11.4-26.P2.el7.x86_64\n---> Package bind-pkcs11-utils.x86_64 32:9.11.4-26.P2.el7 will be installed\n---> Package opendnssec.x86_64 0:1.4.7-4.el7 will be installed\n--> Processing Dependency: opencryptoki for package: opendnssec-1.4.7-4.el7.x86_64\n--> Processing Dependency: libldns.so.1()(64bit) for package: opendnssec-1.4.7-4.el7.x86_64\n--> Running transaction check\n---> Package bind-pkcs11-libs.x86_64 32:9.11.4-26.P2.el7 will be installed\n---> Package ldns.x86_64 0:1.6.16-10.el7 will be installed\n---> Package opencryptoki.x86_64 0:3.12.1-2.el7 will be installed\n--> Processing Dependency: opencryptoki-libs(x86-64) = 3.12.1-2.el7 for package: opencryptoki-3.12.1-2.el7.x86_64\n--> Processing Dependency: opencryptoki-libs(x86-64) = 3.12.1-2.el7 for package: opencryptoki-3.12.1-2.el7.x86_64\n--> Processing Dependency: opencryptoki(token) for package: opencryptoki-3.12.1-2.el7.x86_64\n--> Processing Dependency: libitm.so.1(LIBITM_1.0)(64bit) for package: opencryptoki-3.12.1-2.el7.x86_64\n--> Processing Dependency: libitm.so.1()(64bit) for package: opencryptoki-3.12.1-2.el7.x86_64\n--> Running transaction check\n---> Package libitm.x86_64 0:4.8.5-44.el7 will be installed\n---> Package opencryptoki-libs.x86_64 0:3.12.1-2.el7 will be installed\n---> Package opencryptoki-swtok.x86_64 0:3.12.1-2.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository\n Size\n================================================================================\nInstalling:\n ipa-server-dns noarch 4.6.8-5.el7 rhel 191 k\nInstalling for dependencies:\n bind x86_64 32:9.11.4-26.P2.el7 rhel 2.3 M\n bind-dyndb-ldap x86_64 11.1-7.el7 rhel 121 k\n bind-pkcs11 x86_64 32:9.11.4-26.P2.el7 rhel 361 k\n bind-pkcs11-libs x86_64 32:9.11.4-26.P2.el7 rhel 1.1 M\n bind-pkcs11-utils x86_64 32:9.11.4-26.P2.el7 rhel 208 k\n ldns x86_64 1.6.16-10.el7 rhel 475 k\n libitm x86_64 4.8.5-44.el7 rhel 92 k\n opencryptoki x86_64 3.12.1-2.el7 rhel 76 k\n opencryptoki-libs x86_64 3.12.1-2.el7 rhel 48 k\n opencryptoki-swtok x86_64 3.12.1-2.el7 rhel 196 k\n opendnssec x86_64 1.4.7-4.el7 rhel 437 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+11 Dependent packages)\n\nTotal download size: 5.5 M\nInstalled size: 14 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 11 MB/s | 5.5 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : libitm-4.8.5-44.el7.x86_64 1/12 \n Installing : opencryptoki-libs-3.12.1-2.el7.x86_64 2/12 \n Installing : 32:bind-9.11.4-26.P2.el7.x86_64 3/12 \n Installing : 32:bind-pkcs11-libs-9.11.4-26.P2.el7.x86_64 4/12 \n Installing : 32:bind-pkcs11-9.11.4-26.P2.el7.x86_64 5/12 \n Installing : 32:bind-pkcs11-utils-9.11.4-26.P2.el7.x86_64 6/12 \n Installing : bind-dyndb-ldap-11.1-7.el7.x86_64 7/12 \n Installing : opencryptoki-swtok-3.12.1-2.el7.x86_64 8/12 \n Installing : opencryptoki-3.12.1-2.el7.x86_64 9/12 \n Installing : ldns-1.6.16-10.el7.x86_64 10/12 \n Installing : opendnssec-1.4.7-4.el7.x86_64 11/12 \n Installing : ipa-server-dns-4.6.8-5.el7.noarch 12/12 \n Verifying : opencryptoki-libs-3.12.1-2.el7.x86_64 1/12 \n Verifying : opencryptoki-swtok-3.12.1-2.el7.x86_64 2/12 \n Verifying : ipa-server-dns-4.6.8-5.el7.noarch 3/12 \n Verifying : opendnssec-1.4.7-4.el7.x86_64 4/12 \n Verifying : bind-dyndb-ldap-11.1-7.el7.x86_64 5/12 \n Verifying : libitm-4.8.5-44.el7.x86_64 6/12 \n Verifying : opencryptoki-3.12.1-2.el7.x86_64 7/12 \n Verifying : 32:bind-pkcs11-libs-9.11.4-26.P2.el7.x86_64 8/12 \n Verifying : 32:bind-pkcs11-9.11.4-26.P2.el7.x86_64 9/12 \n Verifying : 32:bind-9.11.4-26.P2.el7.x86_64 10/12 \n Verifying : ldns-1.6.16-10.el7.x86_64 11/12 \n Verifying : 32:bind-pkcs11-utils-9.11.4-26.P2.el7.x86_64 12/12 \n\nInstalled:\n ipa-server-dns.noarch 0:4.6.8-5.el7 \n\nDependency Installed:\n bind.x86_64 32:9.11.4-26.P2.el7 \n bind-dyndb-ldap.x86_64 0:11.1-7.el7 \n bind-pkcs11.x86_64 32:9.11.4-26.P2.el7 \n bind-pkcs11-libs.x86_64 32:9.11.4-26.P2.el7 \n bind-pkcs11-utils.x86_64 32:9.11.4-26.P2.el7 \n ldns.x86_64 0:1.6.16-10.el7 \n libitm.x86_64 0:4.8.5-44.el7 \n opencryptoki.x86_64 0:3.12.1-2.el7 \n opencryptoki-libs.x86_64 0:3.12.1-2.el7 \n opencryptoki-swtok.x86_64 0:3.12.1-2.el7 \n opendnssec.x86_64 0:1.4.7-4.el7 \n\nComplete!\n" ] } TASK [ipaserver : Install - Ensure that IPA server packages for adtrust are installed] *** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:16 Monday 22 November 2021 16:58:43 +0000 (0:00:07.192) 0:00:56.474 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaserver : Install - Ensure that firewall packages installed] *********** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:22 Monday 22 November 2021 16:58:43 +0000 (0:00:00.046) 0:00:56.520 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "firewalld" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package firewalld.noarch 0:0.6.3-11.el7 will be installed\n--> Processing Dependency: python-firewall = 0.6.3-11.el7 for package: firewalld-0.6.3-11.el7.noarch\n--> Processing Dependency: firewalld-filesystem = 0.6.3-11.el7 for package: firewalld-0.6.3-11.el7.noarch\n--> Processing Dependency: ipset for package: firewalld-0.6.3-11.el7.noarch\n--> Processing Dependency: ebtables for package: firewalld-0.6.3-11.el7.noarch\n--> Running transaction check\n---> Package ebtables.x86_64 0:2.0.10-16.el7 will be installed\n---> Package firewalld-filesystem.noarch 0:0.6.3-11.el7 will be installed\n---> Package ipset.x86_64 0:7.1-1.el7 will be installed\n--> Processing Dependency: ipset-libs(x86-64) = 7.1-1.el7 for package: ipset-7.1-1.el7.x86_64\n--> Processing Dependency: libipset.so.13(LIBIPSET_4.8)(64bit) for package: ipset-7.1-1.el7.x86_64\n--> Processing Dependency: libipset.so.13(LIBIPSET_2.0)(64bit) for package: ipset-7.1-1.el7.x86_64\n--> Processing Dependency: libipset.so.13()(64bit) for package: ipset-7.1-1.el7.x86_64\n---> Package python-firewall.noarch 0:0.6.3-11.el7 will be installed\n--> Processing Dependency: python-slip-dbus for package: python-firewall-0.6.3-11.el7.noarch\n--> Running transaction check\n---> Package ipset-libs.x86_64 0:7.1-1.el7 will be installed\n---> Package python-slip-dbus.noarch 0:0.4.0-4.el7 will be installed\n--> Processing Dependency: python-slip = 0.4.0-4.el7 for package: python-slip-dbus-0.4.0-4.el7.noarch\n--> Running transaction check\n---> Package python-slip.noarch 0:0.4.0-4.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n firewalld noarch 0.6.3-11.el7 rhel 448 k\nInstalling for dependencies:\n ebtables x86_64 2.0.10-16.el7 rhel 123 k\n firewalld-filesystem noarch 0.6.3-11.el7 rhel 51 k\n ipset x86_64 7.1-1.el7 rhel 39 k\n ipset-libs x86_64 7.1-1.el7 rhel 64 k\n python-firewall noarch 0.6.3-11.el7 rhel 355 k\n python-slip noarch 0.4.0-4.el7 rhel 31 k\n python-slip-dbus noarch 0.4.0-4.el7 rhel 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+7 Dependent packages)\n\nTotal download size: 1.1 M\nInstalled size: 4.5 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 14 MB/s | 1.1 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : ebtables-2.0.10-16.el7.x86_64 1/8 \n Installing : ipset-libs-7.1-1.el7.x86_64 2/8 \n Installing : ipset-7.1-1.el7.x86_64 3/8 \n Installing : python-slip-0.4.0-4.el7.noarch 4/8 \n Installing : python-slip-dbus-0.4.0-4.el7.noarch 5/8 \n Installing : python-firewall-0.6.3-11.el7.noarch 6/8 \n Installing : firewalld-filesystem-0.6.3-11.el7.noarch 7/8 \n Installing : firewalld-0.6.3-11.el7.noarch 8/8 \n Verifying : ipset-7.1-1.el7.x86_64 1/8 \n Verifying : python-firewall-0.6.3-11.el7.noarch 2/8 \n Verifying : firewalld-filesystem-0.6.3-11.el7.noarch 3/8 \n Verifying : firewalld-0.6.3-11.el7.noarch 4/8 \n Verifying : python-slip-0.4.0-4.el7.noarch 5/8 \n Verifying : python-slip-dbus-0.4.0-4.el7.noarch 6/8 \n Verifying : ipset-libs-7.1-1.el7.x86_64 7/8 \n Verifying : ebtables-2.0.10-16.el7.x86_64 8/8 \n\nInstalled:\n firewalld.noarch 0:0.6.3-11.el7 \n\nDependency Installed:\n ebtables.x86_64 0:2.0.10-16.el7 \n firewalld-filesystem.noarch 0:0.6.3-11.el7 \n ipset.x86_64 0:7.1-1.el7 \n ipset-libs.x86_64 0:7.1-1.el7 \n python-firewall.noarch 0:0.6.3-11.el7 \n python-slip.noarch 0:0.4.0-4.el7 \n python-slip-dbus.noarch 0:0.4.0-4.el7 \n\nComplete!\n" ] } TASK [ipaserver : Firewalld service - Ensure that firewalld is running] ******** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:31 Monday 22 November 2021 16:58:45 +0000 (0:00:02.265) 0:00:58.786 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "enabled": true, "name": "firewalld", "state": "started", "status": { "ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "system.slice dbus.service polkit.service basic.target", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target network-pre.target multi-user.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedoraproject.FirewallD1", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "yes", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target ipset.service iptables.service ip6tables.service ebtables.service", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "firewalld - dynamic firewall daemon", "DevicePolicy": "auto", "Documentation": "man:firewalld(1)", "EnvironmentFile": "/etc/sysconfig/firewalld (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecReload": "{ path=/bin/kill ; argv[]=/bin/kill -HUP $MAINPID ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "ExecStart": "{ path=/usr/sbin/firewalld ; argv[]=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/firewalld.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "firewalld.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "mixed", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14968", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14968", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "firewalld.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "basic.target system.slice", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "null", "StandardInput": "null", "StandardOutput": "null", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "enabled", "UnitFileState": "enabled", "WantedBy": "multi-user.target", "Wants": "network-pre.target", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0" } } TASK [ipaserver : Firewalld - Verify runtime zone "{{ ipaserver_firewalld_zone }}"] *** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:37 Monday 22 November 2021 16:58:46 +0000 (0:00:00.954) 0:00:59.740 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaserver : Firewalld - Verify permanent zone "{{ ipaserver_firewalld_zone }}"] *** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:44 Monday 22 November 2021 16:58:46 +0000 (0:00:00.036) 0:00:59.777 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaserver : include_tasks] *********************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:54 Monday 22 November 2021 16:58:46 +0000 (0:00:00.033) 0:00:59.810 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaserver : Install - Server installation test] ************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:60 Monday 22 November 2021 16:58:46 +0000 (0:00:00.032) 0:00:59.843 ******* ok: [/cache/rhel-7.qcow2] => { "_dirsrv_ca_cert": null, "_dirsrv_pkcs12_info": null, "_hostname_overridden": true, "_http_ca_cert": null, "_http_pkcs12_info": null, "_installation_cleanup": true, "_pkinit_ca_cert": null, "_pkinit_pkcs12_info": null, "changed": false, "domain": "test.local", "domainlevel": 1, "external_ca": false, "external_ca_profile": null, "external_ca_type": null, "hostname": "ipaserver.test.local", "idmax": 414399999, "idstart": 414200000, "ipa_python_version": 40608, "no_host_dns": true, "no_pkinit": false, "ntp_pool": null, "ntp_servers": null, "realm": "TEST.LOCAL", "rid_base": 1000, "secondary_rid_base": 100000000, "setup_adtrust": false, "setup_ca": true, "setup_kra": false } TASK [ipaserver : Install - Master password creation] ************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:137 Monday 22 November 2021 16:58:47 +0000 (0:00:01.079) 0:01:00.923 ******* changed: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } TASK [ipaserver : Install - Use new master password] *************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:144 Monday 22 November 2021 16:58:48 +0000 (0:00:00.934) 0:01:01.857 ******* ok: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } TASK [ipaserver : Install - Server preparation] ******************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:152 Monday 22 November 2021 16:58:48 +0000 (0:00:00.025) 0:01:01.883 ******* changed: [/cache/rhel-7.qcow2] => { "_ca_subject": "CN=Certificate Authority,O=TEST.LOCAL", "_subject_base": "O=TEST.LOCAL", "adtrust_netbios_name": null, "adtrust_reset_netbios_name": false, "ca_subject": "CN=Certificate Authority,O=TEST.LOCAL", "changed": true, "dns_ip_addresses": [ "fec0::5054:ff:fe12:3456", "10.0.2.15" ], "dns_reverse_zones": [], "forward_policy": "only", "forwarders": [ "10.0.2.3" ], "ip_addresses": [ "fec0::5054:ff:fe12:3456", "10.0.2.15" ], "no_dnssec_validation": true, "reverse_zones": [], "subject_base": "O=TEST.LOCAL" } TASK [ipaserver : Install - Setup NTP] ***************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:196 Monday 22 November 2021 16:58:50 +0000 (0:00:02.220) 0:01:04.103 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true } TASK [ipaserver : Install - Setup DS] ****************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:203 Monday 22 November 2021 16:58:52 +0000 (0:00:01.239) 0:01:05.343 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true } TASK [ipaserver : Install - Setup KRB] ***************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:232 Monday 22 November 2021 16:59:13 +0000 (0:00:21.772) 0:01:27.116 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true } TASK [ipaserver : Install - Setup custodia] ************************************ task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:259 Monday 22 November 2021 16:59:18 +0000 (0:00:04.899) 0:01:32.016 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true } TASK [ipaserver : Install - Setup CA] ****************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:265 Monday 22 November 2021 16:59:22 +0000 (0:00:03.987) 0:01:36.003 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "csr_generated": false } TASK [ipaserver : Copy /root/ipa.csr to "/cache/rhel-7.qcow2-ipa.csr"] ********* task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:306 Monday 22 November 2021 17:01:43 +0000 (0:02:20.442) 0:03:56.445 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaserver : Install - Setup otpd] **************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:315 Monday 22 November 2021 17:01:43 +0000 (0:00:00.039) 0:03:56.484 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true } TASK [ipaserver : Install - Setup HTTP] **************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:321 Monday 22 November 2021 17:01:45 +0000 (0:00:02.447) 0:03:58.931 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true } TASK [ipaserver : Install - Setup KRA] ***************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:353 Monday 22 November 2021 17:02:42 +0000 (0:00:57.153) 0:04:56.084 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaserver : Install - Setup DNS] ***************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:364 Monday 22 November 2021 17:02:42 +0000 (0:00:00.042) 0:04:56.127 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true } TASK [ipaserver : Install - Setup ADTRUST] ************************************* task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:381 Monday 22 November 2021 17:02:50 +0000 (0:00:08.095) 0:05:04.223 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaserver : Install - Set DS password] *********************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:396 Monday 22 November 2021 17:02:50 +0000 (0:00:00.037) 0:05:04.260 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true } TASK [Install - Setup client] ************************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:413 Monday 22 November 2021 17:02:53 +0000 (0:00:02.202) 0:05:06.462 ******* TASK [ipaclient : Import variables specific to distribution] ******************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/main.yml:4 Monday 22 November 2021 17:02:53 +0000 (0:00:00.064) 0:05:06.526 ******* ok: [/cache/rhel-7.qcow2] => (item=/tmp/freeipa-repo/roles/ipaclient/vars/RedHat-7.yml) => { "ansible_facts": { "ipaclient_packages": [ "ipa-client", "libselinux-python" ] }, "ansible_included_var_files": [ "/tmp/freeipa-repo/roles/ipaclient/vars/RedHat-7.yml" ], "ansible_loop_var": "item", "changed": false, "item": "/tmp/freeipa-repo/roles/ipaclient/vars/RedHat-7.yml" } TASK [ipaclient : Install IPA client] ****************************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/main.yml:12 Monday 22 November 2021 17:02:53 +0000 (0:00:00.053) 0:05:06.580 ******* included: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml for /cache/rhel-7.qcow2 TASK [ipaclient : Install - Ensure that IPA client packages are installed] ***** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:4 Monday 22 November 2021 17:02:53 +0000 (0:00:00.082) 0:05:06.663 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0, "results": [ "ipa-client-4.6.8-5.el7.x86_64 providing ipa-client is already installed", "libselinux-python-2.5-15.el7.x86_64 providing libselinux-python is already installed" ] } TASK [ipaclient : Install - Set ipaclient_servers] ***************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:10 Monday 22 November 2021 17:02:53 +0000 (0:00:00.568) 0:05:07.231 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Set ipaclient_servers from cluster inventory] ****** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:15 Monday 22 November 2021 17:02:53 +0000 (0:00:00.038) 0:05:07.270 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Check that either principal or keytab is set] ****** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:21 Monday 22 November 2021 17:02:53 +0000 (0:00:00.039) 0:05:07.309 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Set default principal if no keytab is given] ******* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:25 Monday 22 November 2021 17:02:54 +0000 (0:00:00.039) 0:05:07.348 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "ipaadmin_principal": "admin" }, "changed": false } TASK [ipaclient : Install - IPA client test] *********************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:30 Monday 22 November 2021 17:02:54 +0000 (0:00:00.040) 0:05:07.389 ******* ok: [/cache/rhel-7.qcow2] => { "basedn": "dc=test,dc=local", "changed": false, "client_already_configured": false, "client_domain": "test.local", "dnsok": false, "domain": "test.local", "hostname": "ipaserver.test.local", "ipa_python_version": 40608, "kdc": "ipaserver.test.local", "ntp_pool": null, "ntp_servers": null, "realm": "TEST.LOCAL", "servers": [ "ipaserver.test.local" ], "sssd": true } TASK [ipaclient : Install - Cleanup leftover ccache] *************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:56 Monday 22 November 2021 17:02:54 +0000 (0:00:00.728) 0:05:08.118 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "path": "/etc/ipa/.dns_ccache", "state": "absent" } TASK [ipaclient : Install - Configure NTP] ************************************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:61 Monday 22 November 2021 17:02:55 +0000 (0:00:00.352) 0:05:08.470 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } TASK [ipaclient : Install - Make sure One-Time Password is enabled if it's already defined] *** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:73 Monday 22 November 2021 17:02:55 +0000 (0:00:00.664) 0:05:09.134 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Disable One-Time Password for on_master] *********** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:78 Monday 22 November 2021 17:02:55 +0000 (0:00:00.040) 0:05:09.174 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Test if IPA client has working krb5.keytab] ******** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:83 Monday 22 November 2021 17:02:55 +0000 (0:00:00.040) 0:05:09.215 ******* ok: [/cache/rhel-7.qcow2] => { "ca_crt_exists": true, "changed": false, "krb5_conf_ok": true, "krb5_keytab_ok": true, "ping_test_ok": false } TASK [ipaclient : Install - Disable One-Time Password for client with working krb5.keytab] *** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:93 Monday 22 November 2021 17:02:56 +0000 (0:00:00.860) 0:05:10.075 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Keytab or password is required for getting otp] **** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:109 Monday 22 November 2021 17:02:56 +0000 (0:00:00.037) 0:05:10.113 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Get One-Time Password for client enrollment] ******* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:113 Monday 22 November 2021 17:02:56 +0000 (0:00:00.050) 0:05:10.163 ******* skipping: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } TASK [ipaclient : Install - Report error for OTP generation] ******************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:132 Monday 22 November 2021 17:02:56 +0000 (0:00:00.045) 0:05:10.208 ******* skipping: [/cache/rhel-7.qcow2] => {} TASK [ipaclient : Install - Store the previously obtained OTP] ***************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:138 Monday 22 November 2021 17:02:56 +0000 (0:00:00.038) 0:05:10.247 ******* skipping: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } TASK [ipaclient : Store predefined OTP in admin_password] ********************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:147 Monday 22 November 2021 17:02:56 +0000 (0:00:00.037) 0:05:10.285 ******* skipping: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } TASK [ipaclient : Install - Check if principal and keytab are set] ************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:163 Monday 22 November 2021 17:02:56 +0000 (0:00:00.037) 0:05:10.322 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Check if one of password or keytabs are set] ******* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:167 Monday 22 November 2021 17:02:57 +0000 (0:00:00.036) 0:05:10.358 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Purge TEST.LOCAL from host keytab] ***************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:175 Monday 22 November 2021 17:02:57 +0000 (0:00:00.036) 0:05:10.395 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Backup and set hostname] *************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:188 Monday 22 November 2021 17:02:57 +0000 (0:00:00.038) 0:05:10.434 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Join IPA] ****************************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:193 Monday 22 November 2021 17:02:57 +0000 (0:00:00.040) 0:05:10.474 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : fail] ******************************************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:215 Monday 22 November 2021 17:02:57 +0000 (0:00:00.042) 0:05:10.517 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : fail] ******************************************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:220 Monday 22 November 2021 17:02:57 +0000 (0:00:00.039) 0:05:10.557 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : fail] ******************************************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:223 Monday 22 November 2021 17:02:57 +0000 (0:00:00.042) 0:05:10.599 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Configure IPA default.conf] ************************ task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:235 Monday 22 November 2021 17:02:57 +0000 (0:00:00.039) 0:05:10.638 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Configure SSSD] ************************************ task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:244 Monday 22 November 2021 17:02:57 +0000 (0:00:00.038) 0:05:10.677 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true } TASK [ipaclient : Install - Configure krb5 for IPA realm] ********************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:266 Monday 22 November 2021 17:02:58 +0000 (0:00:00.689) 0:05:11.367 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - IPA API calls for remaining enrollment parts] ****** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:280 Monday 22 November 2021 17:02:58 +0000 (0:00:00.039) 0:05:11.406 ******* changed: [/cache/rhel-7.qcow2] => { "ca_enabled": true, "changed": true, "subject_base": "O=TEST.LOCAL" } TASK [ipaclient : Install - Fix IPA ca] **************************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:288 Monday 22 November 2021 17:03:00 +0000 (0:00:02.756) 0:05:14.163 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Create IPA NSS database] *************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:298 Monday 22 November 2021 17:03:00 +0000 (0:00:00.060) 0:05:14.223 ******* changed: [/cache/rhel-7.qcow2] => { "ca_enabled_ra": true, "changed": true } TASK [ipaclient : Install - Configure SSH and SSHD] **************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:329 Monday 22 November 2021 17:03:04 +0000 (0:00:03.627) 0:05:17.851 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true } TASK [ipaclient : Install - Configure automount] ******************************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:337 Monday 22 November 2021 17:03:05 +0000 (0:00:00.711) 0:05:18.563 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true } TASK [ipaclient : Install - Configure firefox] ********************************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:343 Monday 22 November 2021 17:03:05 +0000 (0:00:00.607) 0:05:19.170 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Configure NIS] ************************************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:349 Monday 22 November 2021 17:03:05 +0000 (0:00:00.039) 0:05:19.209 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true } TASK [ipaclient : Install - Restore original admin password if overwritten by OTP] *** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:367 Monday 22 November 2021 17:03:06 +0000 (0:00:00.970) 0:05:20.180 ******* skipping: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } TASK [ipaclient : Cleanup leftover ccache] ************************************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:373 Monday 22 November 2021 17:03:06 +0000 (0:00:00.036) 0:05:20.216 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "path": "/etc/ipa/.dns_ccache", "state": "absent" } TASK [ipaclient : Uninstall IPA client] **************************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/main.yml:16 Monday 22 November 2021 17:03:07 +0000 (0:00:00.328) 0:05:20.545 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: role_complete for /cache/rhel-7.qcow2 TASK [ipaserver : Install - Enable IPA] **************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:428 Monday 22 November 2021 17:03:07 +0000 (0:00:00.041) 0:05:20.587 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true } TASK [ipaserver : Install - Cleanup root IPA cache] **************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:435 Monday 22 November 2021 17:03:12 +0000 (0:00:04.751) 0:05:25.338 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "path": "/root/.ipa_cache", "state": "absent" } TASK [ipaserver : Install - Configure firewalld] ******************************* task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:441 Monday 22 November 2021 17:03:12 +0000 (0:00:00.336) 0:05:25.674 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "firewall-cmd", "--permanent", "--zone=", "--add-service=freeipa-ldap", "--add-service=freeipa-ldaps", "--add-service=dns", "--add-service=ntp" ], "delta": "0:00:00.286933", "end": "2021-11-22 12:03:13.254138", "rc": 0, "start": "2021-11-22 12:03:12.967205" } STDOUT: success TASK [ipaserver : Install - Configure firewalld runtime] *********************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:455 Monday 22 November 2021 17:03:13 +0000 (0:00:00.742) 0:05:26.417 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "firewall-cmd", "--zone=", "--add-service=freeipa-ldap", "--add-service=freeipa-ldaps", "--add-service=dns", "--add-service=ntp" ], "delta": "0:00:00.321557", "end": "2021-11-22 12:03:13.909569", "rc": 0, "start": "2021-11-22 12:03:13.588012" } STDOUT: success TASK [ipaserver : Cleanup temporary files] ************************************* task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:471 Monday 22 November 2021 17:03:13 +0000 (0:00:00.657) 0:05:27.075 ******* ok: [/cache/rhel-7.qcow2] => (item=/etc/ipa/.tmp_pkcs12_dirsrv) => { "ansible_loop_var": "item", "changed": false, "item": "/etc/ipa/.tmp_pkcs12_dirsrv", "path": "/etc/ipa/.tmp_pkcs12_dirsrv", "state": "absent" } ok: [/cache/rhel-7.qcow2] => (item=/etc/ipa/.tmp_pkcs12_http) => { "ansible_loop_var": "item", "changed": false, "item": "/etc/ipa/.tmp_pkcs12_http", "path": "/etc/ipa/.tmp_pkcs12_http", "state": "absent" } ok: [/cache/rhel-7.qcow2] => (item=/etc/ipa/.tmp_pkcs12_pkinit) => { "ansible_loop_var": "item", "changed": false, "item": "/etc/ipa/.tmp_pkcs12_pkinit", "path": "/etc/ipa/.tmp_pkcs12_pkinit", "state": "absent" } TASK [ipaserver : Uninstall IPA server] **************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/main.yml:16 Monday 22 November 2021 17:03:14 +0000 (0:00:00.931) 0:05:28.006 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: role_complete for /cache/rhel-7.qcow2 META: ran handlers META: ran handlers PLAY [Issue IPA signed certificates] ******************************************* TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_basic_ipa.yml:8 Monday 22 November 2021 17:03:14 +0000 (0:00:00.047) 0:05:28.054 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [fedora.linux_system_roles.certificate : Set version specific variables] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:2 Monday 22 November 2021 17:03:15 +0000 (0:00:00.715) 0:05:28.769 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/vars/RedHat_7.yml" ], "changed": false } TASK [fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:15 Monday 22 November 2021 17:03:15 +0000 (0:00:00.028) 0:05:28.797 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0, "results": [ "python2-pyasn1-0.1.9-7.el7.noarch providing python-pyasn1 is already installed", "python2-cryptography-1.7.2-2.el7.x86_64 providing python-cryptography is already installed", "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed" ] } TASK [fedora.linux_system_roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:32 Monday 22 November 2021 17:03:16 +0000 (0:00:00.938) 0:05:29.736 ******* ok: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "rc": 0, "results": [ "certmonger-0.78.4-14.el7.x86_64 providing certmonger is already installed" ] } TASK [fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:43 Monday 22 November 2021 17:03:16 +0000 (0:00:00.563) 0:05:30.300 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:57 Monday 22 November 2021 17:03:17 +0000 (0:00:00.358) 0:05:30.658 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure provider service is running] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:74 Monday 22 November 2021 17:03:17 +0000 (0:00:00.359) 0:05:31.018 ******* ok: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestamp": "Mon 2021-11-22 12:00:31 EST", "ActiveEnterTimestampMonotonic": "174566095", "ActiveExitTimestampMonotonic": "0", "ActiveState": "active", "After": "network.target system.slice dbus.service basic.target syslog.target systemd-journald.socket", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "yes", "AssertTimestamp": "Mon 2021-11-22 12:00:31 EST", "AssertTimestampMonotonic": "174552168", "Before": "multi-user.target shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "yes", "ConditionTimestamp": "Mon 2021-11-22 12:00:31 EST", "ConditionTimestampMonotonic": "174552168", "Conflicts": "shutdown.target", "ControlGroup": "/system.slice/certmonger.service", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "12329", "ExecMainStartTimestamp": "Mon 2021-11-22 12:00:31 EST", "ExecMainStartTimestampMonotonic": "174552838", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestamp": "Mon 2021-11-22 12:00:31 EST", "InactiveExitTimestampMonotonic": "174553665", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14968", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14968", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "12329", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "basic.target system.slice", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "running", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "enabled", "WantedBy": "multi-user.target", "WatchdogTimestamp": "Mon 2021-11-22 12:00:31 EST", "WatchdogTimestampMonotonic": "174566045", "WatchdogUSec": "0" } } TASK [fedora.linux_system_roles.certificate : Ensure certificate requests] ***** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:84 Monday 22 November 2021 17:03:18 +0000 (0:00:00.721) 0:05:31.740 ******* changed: [/cache/rhel-7.qcow2] => (item={'name': 'mycert', 'dns': 'ipaserver.test.local', 'principal': 'HTTP/ipaserver.test.local@TEST.LOCAL', 'ca': 'ipa'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "ipa", "dns": "ipaserver.test.local", "name": "mycert", "principal": "HTTP/ipaserver.test.local@TEST.LOCAL" } } MSG: Certificate requested (new). changed: [/cache/rhel-7.qcow2] => (item={'name': 'groupcert', 'dns': 'ipaserver.test.local', 'principal': 'HTTP/ipaserver.test.local@TEST.LOCAL', 'ca': 'ipa', 'group': 'ftp'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "ipa", "dns": "ipaserver.test.local", "group": "ftp", "name": "groupcert", "principal": "HTTP/ipaserver.test.local@TEST.LOCAL" } } MSG: Certificate requested (new). File attributes updated. META: role_complete for /cache/rhel-7.qcow2 META: ran handlers META: ran handlers PLAY [Verify certificates] ***************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_basic_ipa.yml:27 Monday 22 November 2021 17:03:22 +0000 (0:00:03.862) 0:05:35.602 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_basic_ipa.yml:84 Monday 22 November 2021 17:03:22 +0000 (0:00:00.690) 0:05:36.292 ******* included: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml for /cache/rhel-7.qcow2 => (item={'path': '/etc/pki/tls/certs/mycert.crt', 'key_path': '/etc/pki/tls/private/mycert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'ipaserver.test.local'}, {'name': 'organizationName', 'oid': '2.5.4.10', 'value': 'TEST.LOCAL'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'ipaserver.test.local'}, {'name': 'Universal Principal Name (UPN)', 'oid': '1.3.6.1.4.1.311.20.2.3', 'value': 'HTTP/ipaserver.test.local@TEST.LOCAL'}, {'name': 'Kerberos principalname', 'oid': '1.3.6.1.5.2.2', 'value': 'HTTP/ipaserver.test.local@TEST.LOCAL'}], 'key_usage': ['digital_signature', 'content_commitment', 'key_encipherment', 'data_encipherment']}) included: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml for /cache/rhel-7.qcow2 => (item={'path': '/etc/pki/tls/certs/groupcert.crt', 'key_path': '/etc/pki/tls/private/groupcert.key', 'owner': 'root', 'group': 'ftp', 'mode': '0640', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'ipaserver.test.local'}, {'name': 'organizationName', 'oid': '2.5.4.10', 'value': 'TEST.LOCAL'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'ipaserver.test.local'}, {'name': 'Universal Principal Name (UPN)', 'oid': '1.3.6.1.4.1.311.20.2.3', 'value': 'HTTP/ipaserver.test.local@TEST.LOCAL'}, {'name': 'Kerberos principalname', 'oid': '1.3.6.1.5.2.2', 'value': 'HTTP/ipaserver.test.local@TEST.LOCAL'}], 'key_usage': ['digital_signature', 'content_commitment', 'key_encipherment', 'data_encipherment']}) TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:2 Monday 22 November 2021 17:03:23 +0000 (0:00:00.040) 0:05:36.333 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:6 Monday 22 November 2021 17:03:23 +0000 (0:00:00.017) 0:05:36.350 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python3" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-17.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-17.el7 for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-17.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-17.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-17.el7 rhel 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-17.el7 rhel 6.9 M\n python3-pip noarch 9.0.3-8.el7 rhel 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 rhel 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 64 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Installing : python3-libs-3.6.8-17.el7.x86_64 2/4 \n Installing : python3-3.6.8-17.el7.x86_64 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 1/4 \n Verifying : python3-3.6.8-17.el7.x86_64 2/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Verifying : python3-libs-3.6.8-17.el7.x86_64 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-17.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-17.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:11 Monday 22 November 2021 17:03:27 +0000 (0:00:04.435) 0:05:40.785 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting pip Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB) Installing collected packages: pip Found existing installation: pip 9.0.3 Uninstalling pip-9.0.3: Successfully uninstalled pip-9.0.3 Successfully installed pip-21.3.1 TASK [Install certreader] ****************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:18 Monday 22 November 2021 17:03:32 +0000 (0:00:04.611) 0:05:45.397 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting cryptography<35 Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB) Collecting certreader>=0.1.1 Downloading certreader-0.1.1.tar.gz (4.4 kB) Preparing metadata (setup.py): started Preparing metadata (setup.py): finished with status 'done' Collecting cffi>=1.12 Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB) Collecting pyasn1 Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB) Collecting pyyaml Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB) Collecting pycparser Downloading pycparser-2.21-py2.py3-none-any.whl (118 kB) Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed. Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader Running setup.py install for certreader: started Running setup.py install for certreader: finished with status 'done' Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.21 pyyaml-6.0 TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:26 Monday 22 November 2021 17:03:35 +0000 (0:00:03.227) 0:05:48.625 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600600.6545234, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "f8e82336ff766857ac0f8c496ec48e10ba10b28f", "ctime": 1637600600.6515234, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12849430, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637600600.6515234, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1684, "uid": 0, "version": "1334734546", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:31 Monday 22 November 2021 17:03:35 +0000 (0:00:00.466) 0:05:49.091 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:37 Monday 22 November 2021 17:03:35 +0000 (0:00:00.019) 0:05:49.111 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:43 Monday 22 November 2021 17:03:35 +0000 (0:00:00.035) 0:05:49.147 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:49 Monday 22 November 2021 17:03:35 +0000 (0:00:00.032) 0:05:49.179 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600599.3695233, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "c71cc272b09ac2cffb122306d8792efbc1047ff7", "ctime": 1637600600.6515234, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12849492, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637600600.6515234, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "18446744072961198179", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:54 Monday 22 November 2021 17:03:36 +0000 (0:00:00.315) 0:05:49.495 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:60 Monday 22 November 2021 17:03:36 +0000 (0:00:00.019) 0:05:49.514 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:66 Monday 22 November 2021 17:03:36 +0000 (0:00:00.034) 0:05:49.549 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt" ], "delta": "0:00:00.263803", "end": "2021-11-22 12:03:36.953180", "rc": 0, "start": "2021-11-22 12:03:36.689377" } STDOUT: { "subject": [ { "name": "organizationName", "oid": "2.5.4.10", "value": "TEST.LOCAL" }, { "name": "commonName", "oid": "2.5.4.3", "value": "ipaserver.test.local" } ], "extensions": { "authorityKeyIdentifier": { "value": "C8:DA:E2:71:E6:3A:7F:7A:ED:BC:F3:FC:1A:D3:79:64:AE:2D:2E:D8", "critical": false }, "authorityInfoAccess": { "value": [ { "method": "OCSP", "location": "http://ipa-ca.test.local/ca/ocsp" } ], "critical": false }, "keyUsage": { "value": [ "digital_signature", "content_commitment", "key_encipherment", "data_encipherment" ], "critical": true }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "cRLDistributionPoints": { "value": [ { "full_name": [ "http://ipa-ca.test.local/ipa/crl/MasterCRL.bin" ], "crl_issuer": [ { "organizationName": "ipaca", "commonName": "Certificate Authority" } ] } ], "critical": false }, "subjectKeyIdentifier": { "value": "D8:15:84:42:85:03:E6:0D:AE:05:29:E5:BA:1E:D4:9D:8E:09:B7:4C", "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "ipaserver.test.local" }, { "name": "Universal Principal Name (UPN)", "value": "HTTP/ipaserver.test.local@TEST.LOCAL", "oid": "1.3.6.1.4.1.311.20.2.3" }, { "name": "Kerberos principalname", "value": "HTTP/ipaserver.test.local@TEST.LOCAL", "oid": "1.3.6.1.5.2.2" } ], "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "53:3B:70:3B:1A:7D:0A:BC:83:8C:C8:9D:E8:39:F9:8B:C8:A2:D6:85:00:65:48:62:58:17:93:D5:6E:C7:5B:96:BD:30:BA:79:63:D8:5E:BB:05:B3:58:B8:AA:E9:95:41:0B:E2:3E:15:BC:3D:16:B9:56:39:80:0E:F2:34:77:BA:5F:E5:7A:86:74:60:82:EA:84:47:A1:65:90:C4:1D:A9:F0:BF:BD:6A:3F:11:BA:B5:C9:31:9C:44:14:B7:E5:A2:4A:D5:EC:12:CC:05:4B:5E:19:5D:F2:EE:71:38:FC:FD:01:6D:4A:7D:D5:77:4B:B3:54:C8:7A:83:94:5F:81:1C:FC:CC:A1:54:E4:F3:49:0B:2A:6E:CA:60:4A:B9:05:AF:6E:8A:F1:99:3B:43:E7:94:F1:36:DF:C0:8D:15:73:C3:1D:F0:C5:C7:C1:EC:D1:DB:6D:E4:E9:52:E2:7E:75:F8:90:42:E0:F8:B0:59:E2:8B:C3:69:CE:D9:57:6E:53:7C:C6:40:15:90:98:BB:17:49:49:5B:98:39:E4:21:82:8D:22:6B:C3:ED:92:B5:BA:75:92:00:67:22:22:DD:5A:9E:2C:54:C8:C7:70:04:EB:8A:D3:54:DA:04:F0:D1:48:F8:15:CC:90:24:47:42:9F:80:01:18:C1:5A:24:2D:81:7F" }, "key_size": 2048, "validity": { "not_valid_after": "2023-11-23 17:03:20", "not_valid_before": "2021-11-22 17:03:20" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:71 Monday 22 November 2021 17:03:36 +0000 (0:00:00.572) 0:05:50.121 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityInfoAccess": { "critical": false, "value": [ { "location": "http://ipa-ca.test.local/ca/ocsp", "method": "OCSP" } ] }, "authorityKeyIdentifier": { "critical": false, "value": "C8:DA:E2:71:E6:3A:7F:7A:ED:BC:F3:FC:1A:D3:79:64:AE:2D:2E:D8" }, "cRLDistributionPoints": { "critical": false, "value": [ { "crl_issuer": [ { "commonName": "Certificate Authority", "organizationName": "ipaca" } ], "full_name": [ "http://ipa-ca.test.local/ipa/crl/MasterCRL.bin" ] } ] }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": true, "value": [ "digital_signature", "content_commitment", "key_encipherment", "data_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "ipaserver.test.local" }, { "name": "Universal Principal Name (UPN)", "oid": "1.3.6.1.4.1.311.20.2.3", "value": "HTTP/ipaserver.test.local@TEST.LOCAL" }, { "name": "Kerberos principalname", "oid": "1.3.6.1.5.2.2", "value": "HTTP/ipaserver.test.local@TEST.LOCAL" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "D8:15:84:42:85:03:E6:0D:AE:05:29:E5:BA:1E:D4:9D:8E:09:B7:4C" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "53:3B:70:3B:1A:7D:0A:BC:83:8C:C8:9D:E8:39:F9:8B:C8:A2:D6:85:00:65:48:62:58:17:93:D5:6E:C7:5B:96:BD:30:BA:79:63:D8:5E:BB:05:B3:58:B8:AA:E9:95:41:0B:E2:3E:15:BC:3D:16:B9:56:39:80:0E:F2:34:77:BA:5F:E5:7A:86:74:60:82:EA:84:47:A1:65:90:C4:1D:A9:F0:BF:BD:6A:3F:11:BA:B5:C9:31:9C:44:14:B7:E5:A2:4A:D5:EC:12:CC:05:4B:5E:19:5D:F2:EE:71:38:FC:FD:01:6D:4A:7D:D5:77:4B:B3:54:C8:7A:83:94:5F:81:1C:FC:CC:A1:54:E4:F3:49:0B:2A:6E:CA:60:4A:B9:05:AF:6E:8A:F1:99:3B:43:E7:94:F1:36:DF:C0:8D:15:73:C3:1D:F0:C5:C7:C1:EC:D1:DB:6D:E4:E9:52:E2:7E:75:F8:90:42:E0:F8:B0:59:E2:8B:C3:69:CE:D9:57:6E:53:7C:C6:40:15:90:98:BB:17:49:49:5B:98:39:E4:21:82:8D:22:6B:C3:ED:92:B5:BA:75:92:00:67:22:22:DD:5A:9E:2C:54:C8:C7:70:04:EB:8A:D3:54:DA:04:F0:D1:48:F8:15:CC:90:24:47:42:9F:80:01:18:C1:5A:24:2D:81:7F" }, "subject": [ { "name": "organizationName", "oid": "2.5.4.10", "value": "TEST.LOCAL" }, { "name": "commonName", "oid": "2.5.4.3", "value": "ipaserver.test.local" } ], "validity": { "not_valid_after": "2023-11-23 17:03:20", "not_valid_before": "2021-11-22 17:03:20" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:75 Monday 22 November 2021 17:03:36 +0000 (0:00:00.031) 0:05:50.153 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:80 Monday 22 November 2021 17:03:36 +0000 (0:00:00.033) 0:05:50.186 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:85 Monday 22 November 2021 17:03:36 +0000 (0:00:00.020) 0:05:50.206 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:90 Monday 22 November 2021 17:03:36 +0000 (0:00:00.031) 0:05:50.238 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:99 Monday 22 November 2021 17:03:36 +0000 (0:00:00.032) 0:05:50.270 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:110 Monday 22 November 2021 17:03:36 +0000 (0:00:00.033) 0:05:50.304 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.057851", "end": "2021-11-22 12:03:37.514570", "rc": 0, "start": "2021-11-22 12:03:37.456719" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:115 Monday 22 November 2021 17:03:37 +0000 (0:00:00.381) 0:05:50.686 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:2 Monday 22 November 2021 17:03:37 +0000 (0:00:00.033) 0:05:50.719 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:6 Monday 22 November 2021 17:03:37 +0000 (0:00:00.016) 0:05:50.736 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0, "results": [ "python3-3.6.8-17.el7.x86_64 providing python3 is already installed" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:11 Monday 22 November 2021 17:03:37 +0000 (0:00:00.548) 0:05:51.284 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1) TASK [Install certreader] ****************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:18 Monday 22 November 2021 17:03:38 +0000 (0:00:00.946) 0:05:52.230 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8) Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1) Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.0) Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8) Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0) Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21) TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:26 Monday 22 November 2021 17:03:39 +0000 (0:00:00.806) 0:05:53.037 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600602.3455234, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "1e6a2d5be82b9b9a2e3ee811f25b6726d3754cb1", "ctime": 1637600602.4105234, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 50, "gr_name": "ftp", "inode": 12724606, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0640", "mtime": 1637600602.3415234, "nlink": 1, "path": "/etc/pki/tls/certs/groupcert.crt", "pw_name": "root", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 1684, "uid": 0, "version": "699560745", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:31 Monday 22 November 2021 17:03:40 +0000 (0:00:00.315) 0:05:53.353 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:37 Monday 22 November 2021 17:03:40 +0000 (0:00:00.025) 0:05:53.378 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:43 Monday 22 November 2021 17:03:40 +0000 (0:00:00.035) 0:05:53.414 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:49 Monday 22 November 2021 17:03:40 +0000 (0:00:00.031) 0:05:53.445 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600601.3735235, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "bd3a461f37f0e0e674dd2711d6aad297967c51de", "ctime": 1637600602.4105234, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 50, "gr_name": "ftp", "inode": 12724605, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0640", "mtime": 1637600602.3415234, "nlink": 1, "path": "/etc/pki/tls/private/groupcert.key", "pw_name": "root", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "2146350127", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:54 Monday 22 November 2021 17:03:40 +0000 (0:00:00.317) 0:05:53.763 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:60 Monday 22 November 2021 17:03:40 +0000 (0:00:00.023) 0:05:53.786 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:66 Monday 22 November 2021 17:03:40 +0000 (0:00:00.036) 0:05:53.822 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/groupcert.crt" ], "delta": "0:00:00.262157", "end": "2021-11-22 12:03:41.235399", "rc": 0, "start": "2021-11-22 12:03:40.973242" } STDOUT: { "subject": [ { "name": "organizationName", "oid": "2.5.4.10", "value": "TEST.LOCAL" }, { "name": "commonName", "oid": "2.5.4.3", "value": "ipaserver.test.local" } ], "extensions": { "authorityKeyIdentifier": { "value": "C8:DA:E2:71:E6:3A:7F:7A:ED:BC:F3:FC:1A:D3:79:64:AE:2D:2E:D8", "critical": false }, "authorityInfoAccess": { "value": [ { "method": "OCSP", "location": "http://ipa-ca.test.local/ca/ocsp" } ], "critical": false }, "keyUsage": { "value": [ "digital_signature", "content_commitment", "key_encipherment", "data_encipherment" ], "critical": true }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "cRLDistributionPoints": { "value": [ { "full_name": [ "http://ipa-ca.test.local/ipa/crl/MasterCRL.bin" ], "crl_issuer": [ { "organizationName": "ipaca", "commonName": "Certificate Authority" } ] } ], "critical": false }, "subjectKeyIdentifier": { "value": "8D:9B:55:F4:9A:11:49:64:42:E5:2C:B0:5E:35:4B:AE:D6:12:B7:7D", "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "ipaserver.test.local" }, { "name": "Universal Principal Name (UPN)", "value": "HTTP/ipaserver.test.local@TEST.LOCAL", "oid": "1.3.6.1.4.1.311.20.2.3" }, { "name": "Kerberos principalname", "value": "HTTP/ipaserver.test.local@TEST.LOCAL", "oid": "1.3.6.1.5.2.2" } ], "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "CE:89:23:AF:FF:F7:76:9C:AC:7E:EF:42:B6:6D:14:1B:66:7B:34:80:35:B5:90:60:D1:07:CC:C5:93:E7:00:5B:D6:33:3C:98:6E:14:27:9D:98:51:CA:97:49:1E:43:2A:FB:73:08:BF:24:9E:01:03:6E:F1:11:B2:5E:4B:B1:B6:63:E1:79:63:D3:BE:EC:BF:A7:4B:2D:3D:AB:0C:63:1D:2F:24:11:DE:ED:F6:A3:30:D6:51:7D:45:C3:F0:78:EC:34:0A:2B:60:F2:8C:19:EA:8C:DE:8D:F6:AB:FA:61:18:C6:37:66:A0:39:B4:CC:E3:E3:36:14:CB:41:26:00:15:B4:41:FC:C2:53:B4:E8:93:FB:89:3D:86:B9:11:D9:6D:A4:A6:0A:8B:B8:8F:66:81:DE:FB:1F:91:59:64:78:AF:FF:34:C5:20:F9:8E:CC:6D:B9:62:D9:22:19:F8:6F:2A:FB:B7:FA:51:60:D6:CE:7E:73:9B:1B:84:E5:54:34:45:9B:43:28:BC:7C:5D:75:5B:D6:0F:63:6E:ED:5B:13:D9:35:D4:04:01:64:3E:B5:75:1C:DF:4B:C0:A1:EA:E1:8D:09:44:FE:EF:49:55:17:D4:9B:1C:02:80:53:4E:EB:85:71:A0:CB:DA:88:72:52:29:35:5D:7B:45:91:4A:02:19" }, "key_size": 2048, "validity": { "not_valid_after": "2023-11-23 17:03:22", "not_valid_before": "2021-11-22 17:03:22" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:71 Monday 22 November 2021 17:03:41 +0000 (0:00:00.577) 0:05:54.400 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityInfoAccess": { "critical": false, "value": [ { "location": "http://ipa-ca.test.local/ca/ocsp", "method": "OCSP" } ] }, "authorityKeyIdentifier": { "critical": false, "value": "C8:DA:E2:71:E6:3A:7F:7A:ED:BC:F3:FC:1A:D3:79:64:AE:2D:2E:D8" }, "cRLDistributionPoints": { "critical": false, "value": [ { "crl_issuer": [ { "commonName": "Certificate Authority", "organizationName": "ipaca" } ], "full_name": [ "http://ipa-ca.test.local/ipa/crl/MasterCRL.bin" ] } ] }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": true, "value": [ "digital_signature", "content_commitment", "key_encipherment", "data_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "ipaserver.test.local" }, { "name": "Universal Principal Name (UPN)", "oid": "1.3.6.1.4.1.311.20.2.3", "value": "HTTP/ipaserver.test.local@TEST.LOCAL" }, { "name": "Kerberos principalname", "oid": "1.3.6.1.5.2.2", "value": "HTTP/ipaserver.test.local@TEST.LOCAL" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "8D:9B:55:F4:9A:11:49:64:42:E5:2C:B0:5E:35:4B:AE:D6:12:B7:7D" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "CE:89:23:AF:FF:F7:76:9C:AC:7E:EF:42:B6:6D:14:1B:66:7B:34:80:35:B5:90:60:D1:07:CC:C5:93:E7:00:5B:D6:33:3C:98:6E:14:27:9D:98:51:CA:97:49:1E:43:2A:FB:73:08:BF:24:9E:01:03:6E:F1:11:B2:5E:4B:B1:B6:63:E1:79:63:D3:BE:EC:BF:A7:4B:2D:3D:AB:0C:63:1D:2F:24:11:DE:ED:F6:A3:30:D6:51:7D:45:C3:F0:78:EC:34:0A:2B:60:F2:8C:19:EA:8C:DE:8D:F6:AB:FA:61:18:C6:37:66:A0:39:B4:CC:E3:E3:36:14:CB:41:26:00:15:B4:41:FC:C2:53:B4:E8:93:FB:89:3D:86:B9:11:D9:6D:A4:A6:0A:8B:B8:8F:66:81:DE:FB:1F:91:59:64:78:AF:FF:34:C5:20:F9:8E:CC:6D:B9:62:D9:22:19:F8:6F:2A:FB:B7:FA:51:60:D6:CE:7E:73:9B:1B:84:E5:54:34:45:9B:43:28:BC:7C:5D:75:5B:D6:0F:63:6E:ED:5B:13:D9:35:D4:04:01:64:3E:B5:75:1C:DF:4B:C0:A1:EA:E1:8D:09:44:FE:EF:49:55:17:D4:9B:1C:02:80:53:4E:EB:85:71:A0:CB:DA:88:72:52:29:35:5D:7B:45:91:4A:02:19" }, "subject": [ { "name": "organizationName", "oid": "2.5.4.10", "value": "TEST.LOCAL" }, { "name": "commonName", "oid": "2.5.4.3", "value": "ipaserver.test.local" } ], "validity": { "not_valid_after": "2023-11-23 17:03:22", "not_valid_before": "2021-11-22 17:03:22" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:75 Monday 22 November 2021 17:03:41 +0000 (0:00:00.031) 0:05:54.432 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:80 Monday 22 November 2021 17:03:41 +0000 (0:00:00.036) 0:05:54.468 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:85 Monday 22 November 2021 17:03:41 +0000 (0:00:00.018) 0:05:54.486 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:90 Monday 22 November 2021 17:03:41 +0000 (0:00:00.032) 0:05:54.519 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:99 Monday 22 November 2021 17:03:41 +0000 (0:00:00.031) 0:05:54.551 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:110 Monday 22 November 2021 17:03:41 +0000 (0:00:00.034) 0:05:54.586 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/groupcert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.058434", "end": "2021-11-22 12:03:41.807330", "rc": 0, "start": "2021-11-22 12:03:41.748896" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:115 Monday 22 November 2021 17:03:41 +0000 (0:00:00.388) 0:05:54.974 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=99 changed=33 unreachable=0 failed=0 skipped=35 rescued=0 ignored=0 Monday 22 November 2021 17:03:41 +0000 (0:00:00.041) 0:05:55.016 ******* =============================================================================== ipaserver : Install - Setup CA ---------------------------------------- 140.44s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:265 ----------------------- ipaserver : Install - Setup HTTP --------------------------------------- 57.15s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:321 ----------------------- ipaserver : Install - Ensure that IPA server packages are installed ---- 40.15s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:5 ------------------------- ipaserver : Install - Setup DS ----------------------------------------- 21.77s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:203 ----------------------- ipaserver : Install - Setup DNS ----------------------------------------- 8.10s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:364 ----------------------- ipaserver : Install - Ensure that IPA server packages for dns are installed --- 7.19s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:10 ------------------------ ipaserver : Install - Setup KRB ----------------------------------------- 4.90s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:232 ----------------------- ipaserver : Install - Enable IPA ---------------------------------------- 4.75s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:428 ----------------------- Install the package, force upgrade -------------------------------------- 4.61s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:11 - Ensure python3 is installed --------------------------------------------- 4.44s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:6 -- ipaserver : Install - Setup custodia ------------------------------------ 3.99s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:259 ----------------------- fedora.linux_system_roles.certificate : Ensure certificate requests ----- 3.86s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:84 Ensure nss package is up-to-date ---------------------------------------- 3.74s /tmp/tmpv0mqm1w9/tests/certificate/tasks/setup_ipa.yml:42 --------------------- ipaclient : Install - Create IPA NSS database --------------------------- 3.63s /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:298 ----------------------- Install certreader ------------------------------------------------------ 3.23s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:18 - ipaclient : Install - IPA API calls for remaining enrollment parts ------ 2.76s /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:280 ----------------------- ipaserver : Install - Setup otpd ---------------------------------------- 2.45s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:315 ----------------------- ipaserver : Install - Ensure that firewall packages installed ----------- 2.27s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:22 ------------------------ ipaserver : Install - Server preparation -------------------------------- 2.22s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:152 ----------------------- ipaserver : Install - Set DS password ----------------------------------- 2.20s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:396 ----------------------- + cd /tmp/tmpv0mqm1w9/tests/certificate; TEST_SSHD_USEDNS_NO=True TEST_SUBJECTS=/cache/rhel-7.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-103-b309c26-rhel-7-3xzp9nbc/artifacts ANSIBLE_COLLECTIONS_PATHS=/tmp/tmpvzmns1ns:~/.ansible/collections:/usr/share/ansible/collections ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 --skip-tags=tests::cleanup,tests::nvme /tmp/tmpcx8fxgbp/_setup.yml /tmp/tmpv0mqm1w9/tests/certificate/tests_basic_self_signed.yml ansible-playbook [core 2.12.0.post0] config file = None configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.8/site-packages/ansible ansible collection location = /tmp/tmpvzmns1ns:/home/runner/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.8.8 (default, Aug 25 2021, 16:13:02) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] jinja version = 2.10.3 libyaml = True No config file found; using defaults Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 2 plays in /tmp/tmpcx8fxgbp/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpcx8fxgbp/_setup.yml:5 Monday 22 November 2021 17:03:55 +0000 (0:00:00.011) 0:00:00.011 ******* ok: [/cache/rhel-7.qcow2] => { "groups": { "all": [ "/cache/rhel-7.qcow2" ], "localhost": [ "/cache/rhel-7.qcow2" ], "subjects": [ "/cache/rhel-7.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:6 Monday 22 November 2021 17:03:55 +0000 (0:00:00.016) 0:00:00.027 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:13 Monday 22 November 2021 17:03:55 +0000 (0:00:00.022) 0:00:00.049 ******* changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 17:03:57 +0000 (0:00:01.342) 0:00:01.392 ******* =============================================================================== set up internal repositories -------------------------------------------- 1.34s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ fail -------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- PLAYBOOK: tests_basic_self_signed.yml ****************************************** 2 plays in /tmp/tmpv0mqm1w9/tests/certificate/tests_basic_self_signed.yml PLAY [Issue simple self-signed certificate] ************************************ TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_basic_self_signed.yml:2 Monday 22 November 2021 17:03:57 +0000 (0:00:00.018) 0:00:01.410 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [fedora.linux_system_roles.certificate : Set version specific variables] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:2 Monday 22 November 2021 17:03:58 +0000 (0:00:00.967) 0:00:02.378 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/vars/RedHat_7.yml" ], "changed": false } TASK [fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:15 Monday 22 November 2021 17:03:58 +0000 (0:00:00.031) 0:00:02.409 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python-pyasn1", "python-cryptography" ] }, "rc": 0, "results": [ "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 rhel 503 k\n python2-pyasn1 noarch 0.1.9-7.el7 rhel 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 rhel 218 k\n python-enum34 noarch 1.0.4-1.el7 rhel 52 k\n python-idna noarch 2.4-1.el7 rhel 94 k\n python-ply noarch 3.4-11.el7 rhel 123 k\n python-pycparser noarch 2.14-1.el7 rhel 105 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 10 MB/s | 1.2 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n" ] } TASK [fedora.linux_system_roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:32 Monday 22 November 2021 17:04:02 +0000 (0:00:04.732) 0:00:07.142 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": { "installed": [ "certmonger" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-14.el7 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository\n Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-14.el7 rhel 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 rhel 33 k\n libtevent x86_64 0.9.39-1.el7 rhel 41 k\n psmisc x86_64 22.20-17.el7 rhel 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 rhel 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 rhel 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 980 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 11 MB/s | 980 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-14.el7.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 2/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 3/6 \n Verifying : certmonger-0.78.4-14.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-14.el7 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n" ] } TASK [fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:43 Monday 22 November 2021 17:04:05 +0000 (0:00:02.094) 0:00:09.236 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:57 Monday 22 November 2021 17:04:05 +0000 (0:00:00.482) 0:00:09.719 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure provider service is running] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:74 Monday 22 November 2021 17:04:05 +0000 (0:00:00.352) 0:00:10.071 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "dbus.service syslog.target basic.target system.slice systemd-journald.socket network.target", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14968", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14968", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "system.slice basic.target", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0" } } TASK [fedora.linux_system_roles.certificate : Ensure certificate requests] ***** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:84 Monday 22 November 2021 17:04:06 +0000 (0:00:00.836) 0:00:10.907 ******* changed: [/cache/rhel-7.qcow2] => (item={'name': 'mycert', 'dns': 'www.example.com', 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.com", "name": "mycert" } } MSG: Certificate requested (new). META: role_complete for /cache/rhel-7.qcow2 META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_basic_self_signed.yml:13 Monday 22 November 2021 17:04:07 +0000 (0:00:00.726) 0:00:11.634 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_basic_self_signed.yml:27 Monday 22 November 2021 17:04:08 +0000 (0:00:00.703) 0:00:12.338 ******* included: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml for /cache/rhel-7.qcow2 => (item={'path': '/etc/pki/tls/certs/mycert.crt', 'key_path': '/etc/pki/tls/private/mycert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}]}) TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:2 Monday 22 November 2021 17:04:08 +0000 (0:00:00.031) 0:00:12.369 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:6 Monday 22 November 2021 17:04:08 +0000 (0:00:00.016) 0:00:12.386 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python3" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-17.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-17.el7 for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-17.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-17.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-17.el7 rhel 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-17.el7 rhel 6.9 M\n python3-pip noarch 9.0.3-8.el7 rhel 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 rhel 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 66 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Installing : python3-libs-3.6.8-17.el7.x86_64 2/4 \n Installing : python3-3.6.8-17.el7.x86_64 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 1/4 \n Verifying : python3-3.6.8-17.el7.x86_64 2/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Verifying : python3-libs-3.6.8-17.el7.x86_64 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-17.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-17.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:11 Monday 22 November 2021 17:04:12 +0000 (0:00:04.315) 0:00:16.702 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting pip Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB) Installing collected packages: pip Found existing installation: pip 9.0.3 Uninstalling pip-9.0.3: Successfully uninstalled pip-9.0.3 Successfully installed pip-21.3.1 TASK [Install certreader] ****************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:18 Monday 22 November 2021 17:04:17 +0000 (0:00:04.512) 0:00:21.215 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting cryptography<35 Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB) Collecting certreader>=0.1.1 Downloading certreader-0.1.1.tar.gz (4.4 kB) Preparing metadata (setup.py): started Preparing metadata (setup.py): finished with status 'done' Collecting cffi>=1.12 Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB) Collecting pyasn1 Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB) Collecting pyyaml Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB) Collecting pycparser Downloading pycparser-2.21-py2.py3-none-any.whl (118 kB) Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed. Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader Running setup.py install for certreader: started Running setup.py install for certreader: finished with status 'done' Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.21 pyyaml-6.0 TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:26 Monday 22 November 2021 17:04:20 +0000 (0:00:03.124) 0:00:24.339 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600646.4682364, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "c82d0807161812bd5e759c4cf60cd0632c37e34d", "ctime": 1637600646.4652367, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12584399, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637600646.4652367, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1310, "uid": 0, "version": "2026287039", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:31 Monday 22 November 2021 17:04:20 +0000 (0:00:00.454) 0:00:24.793 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:37 Monday 22 November 2021 17:04:20 +0000 (0:00:00.020) 0:00:24.814 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:43 Monday 22 November 2021 17:04:20 +0000 (0:00:00.033) 0:00:24.848 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:49 Monday 22 November 2021 17:04:20 +0000 (0:00:00.036) 0:00:24.884 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600646.4242365, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "582fe9562a0fecb1266dd8f5bfc7ee8688ad1851", "ctime": 1637600646.4652367, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12584398, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637600646.4652367, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "1767770006", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:54 Monday 22 November 2021 17:04:21 +0000 (0:00:00.317) 0:00:25.202 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:60 Monday 22 November 2021 17:04:21 +0000 (0:00:00.021) 0:00:25.223 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:66 Monday 22 November 2021 17:04:21 +0000 (0:00:00.038) 0:00:25.262 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt" ], "delta": "0:00:00.258366", "end": "2021-11-22 12:04:20.868133", "rc": 0, "start": "2021-11-22 12:04:20.609767" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.com" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "D7:0C:D9:CE:51:08:D7:13:06:3A:B5:F7:32:C7:61:12:AF:56:51:9E", "critical": false }, "authorityKeyIdentifier": { "value": "7A:3F:8F:E1:16:A3:03:EF:72:02:CA:A9:14:54:9C:E1:D4:A5:A6:33", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "33:6D:CD:19:05:20:CA:34:0D:D6:D0:5E:55:F9:31:31:84:05:D9:7A:97:16:C3:AC:46:7B:55:36:4E:C8:56:B2:BB:D1:34:3A:36:48:78:E4:64:37:C6:F5:DC:E7:4C:93:88:83:AE:EF:59:7D:46:1D:D4:58:1B:9C:2B:7C:27:4D:CA:C3:C3:42:98:0C:4C:ED:22:58:FB:03:1D:2E:63:DF:D3:89:6B:C2:4C:FF:49:20:0D:37:C4:C9:A9:C4:EA:6E:DE:C5:C7:F3:CF:02:9E:24:44:A2:1C:42:07:56:7A:9C:4B:EC:9A:4D:DE:7E:D6:C3:2B:43:49:2F:B8:0C:80:2C:5E:8F:F1:04:72:A2:97:0A:9C:20:C5:C2:24:3C:CC:5D:B1:C7:A0:F1:3D:BB:A2:81:9E:D2:32:79:13:56:24:ED:9F:FE:DA:2A:82:DD:07:07:33:64:68:9B:A0:AA:EE:32:4F:C0:F6:47:4B:E4:51:48:13:46:0D:13:7E:84:5B:9A:35:01:E8:4F:A6:86:B4:AA:9E:4A:43:01:35:23:9C:55:76:30:6E:7A:0F:0E:F5:09:76:69:37:4F:55:FB:F1:1C:12:49:C1:99:A6:3B:07:58:BB:9F:42:8F:98:91:9E:C5:A7:78:60:BF:5D:95:E6:66:DF:D8:70:0E:5E:3D:18:C6" }, "key_size": 2048, "validity": { "not_valid_after": "2022-11-22 17:04:05", "not_valid_before": "2021-11-22 17:04:06" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:71 Monday 22 November 2021 17:04:21 +0000 (0:00:00.692) 0:00:25.954 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "7A:3F:8F:E1:16:A3:03:EF:72:02:CA:A9:14:54:9C:E1:D4:A5:A6:33" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "D7:0C:D9:CE:51:08:D7:13:06:3A:B5:F7:32:C7:61:12:AF:56:51:9E" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "33:6D:CD:19:05:20:CA:34:0D:D6:D0:5E:55:F9:31:31:84:05:D9:7A:97:16:C3:AC:46:7B:55:36:4E:C8:56:B2:BB:D1:34:3A:36:48:78:E4:64:37:C6:F5:DC:E7:4C:93:88:83:AE:EF:59:7D:46:1D:D4:58:1B:9C:2B:7C:27:4D:CA:C3:C3:42:98:0C:4C:ED:22:58:FB:03:1D:2E:63:DF:D3:89:6B:C2:4C:FF:49:20:0D:37:C4:C9:A9:C4:EA:6E:DE:C5:C7:F3:CF:02:9E:24:44:A2:1C:42:07:56:7A:9C:4B:EC:9A:4D:DE:7E:D6:C3:2B:43:49:2F:B8:0C:80:2C:5E:8F:F1:04:72:A2:97:0A:9C:20:C5:C2:24:3C:CC:5D:B1:C7:A0:F1:3D:BB:A2:81:9E:D2:32:79:13:56:24:ED:9F:FE:DA:2A:82:DD:07:07:33:64:68:9B:A0:AA:EE:32:4F:C0:F6:47:4B:E4:51:48:13:46:0D:13:7E:84:5B:9A:35:01:E8:4F:A6:86:B4:AA:9E:4A:43:01:35:23:9C:55:76:30:6E:7A:0F:0E:F5:09:76:69:37:4F:55:FB:F1:1C:12:49:C1:99:A6:3B:07:58:BB:9F:42:8F:98:91:9E:C5:A7:78:60:BF:5D:95:E6:66:DF:D8:70:0E:5E:3D:18:C6" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "2022-11-22 17:04:05", "not_valid_before": "2021-11-22 17:04:06" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:75 Monday 22 November 2021 17:04:21 +0000 (0:00:00.034) 0:00:25.989 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:80 Monday 22 November 2021 17:04:21 +0000 (0:00:00.032) 0:00:26.022 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:85 Monday 22 November 2021 17:04:21 +0000 (0:00:00.022) 0:00:26.044 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:90 Monday 22 November 2021 17:04:21 +0000 (0:00:00.033) 0:00:26.078 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:99 Monday 22 November 2021 17:04:21 +0000 (0:00:00.032) 0:00:26.111 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:110 Monday 22 November 2021 17:04:21 +0000 (0:00:00.033) 0:00:26.144 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.038514", "end": "2021-11-22 12:04:21.392239", "rc": 0, "start": "2021-11-22 12:04:21.353725" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:115 Monday 22 November 2021 17:04:22 +0000 (0:00:00.331) 0:00:26.476 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=32 changed=10 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 17:04:22 +0000 (0:00:00.039) 0:00:26.515 ******* =============================================================================== fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed --- 4.73s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:15 Install the package, force upgrade -------------------------------------- 4.51s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:11 - Ensure python3 is installed --------------------------------------------- 4.32s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:6 -- Install certreader ------------------------------------------------------ 3.12s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:18 - fedora.linux_system_roles.certificate : Ensure provider packages are installed --- 2.09s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:32 set up internal repositories -------------------------------------------- 1.34s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ Gathering Facts --------------------------------------------------------- 0.97s /tmp/tmpv0mqm1w9/tests/certificate/tests_basic_self_signed.yml:2 -------------- fedora.linux_system_roles.certificate : Ensure provider service is running --- 0.84s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:74 fedora.linux_system_roles.certificate : Ensure certificate requests ----- 0.73s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:84 Gathering Facts --------------------------------------------------------- 0.70s /tmp/tmpv0mqm1w9/tests/certificate/tests_basic_self_signed.yml:13 ------------- Parse certificate ------------------------------------------------------- 0.69s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:66 - fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists --- 0.48s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:43 Retrieve certificate file stats ----------------------------------------- 0.45s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:26 - fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists --- 0.35s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:57 Retrieve auto-renew flag ------------------------------------------------ 0.33s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:110 Retrieve key file stats ------------------------------------------------- 0.32s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:49 - Verify certificate auto-renew flag -------------------------------------- 0.04s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:115 Verify key file owner and group ----------------------------------------- 0.04s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:60 - Verify certificate permissions ------------------------------------------ 0.04s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:43 - Load certificate YAML to cert_issued variable --------------------------- 0.03s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:71 - + cd /tmp/tmpv0mqm1w9/tests/certificate; TEST_SSHD_USEDNS_NO=True TEST_SUBJECTS=/cache/rhel-7.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-103-b309c26-rhel-7-3xzp9nbc/artifacts ANSIBLE_COLLECTIONS_PATHS=/tmp/tmpvzmns1ns:~/.ansible/collections:/usr/share/ansible/collections ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 --skip-tags=tests::cleanup,tests::nvme /tmp/tmpcx8fxgbp/_setup.yml /tmp/tmpv0mqm1w9/tests/certificate/tests_default.yml ansible-playbook [core 2.12.0.post0] config file = None configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.8/site-packages/ansible ansible collection location = /tmp/tmpvzmns1ns:/home/runner/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.8.8 (default, Aug 25 2021, 16:13:02) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] jinja version = 2.10.3 libyaml = True No config file found; using defaults Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 2 plays in /tmp/tmpcx8fxgbp/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpcx8fxgbp/_setup.yml:5 Monday 22 November 2021 17:04:36 +0000 (0:00:00.010) 0:00:00.010 ******* ok: [/cache/rhel-7.qcow2] => { "groups": { "all": [ "/cache/rhel-7.qcow2" ], "localhost": [ "/cache/rhel-7.qcow2" ], "subjects": [ "/cache/rhel-7.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:6 Monday 22 November 2021 17:04:36 +0000 (0:00:00.017) 0:00:00.028 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:13 Monday 22 November 2021 17:04:36 +0000 (0:00:00.025) 0:00:00.054 ******* changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 17:04:38 +0000 (0:00:01.355) 0:00:01.409 ******* =============================================================================== set up internal repositories -------------------------------------------- 1.36s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ fail -------------------------------------------------------------------- 0.03s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- PLAYBOOK: tests_default.yml **************************************************** 1 plays in /tmp/tmpv0mqm1w9/tests/certificate/tests_default.yml PLAY [Ensure that the role runs with default parameters] *********************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_default.yml:3 Monday 22 November 2021 17:04:38 +0000 (0:00:00.017) 0:00:01.427 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [fedora.linux_system_roles.certificate : Set version specific variables] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:2 Monday 22 November 2021 17:04:39 +0000 (0:00:00.970) 0:00:02.397 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/vars/RedHat_7.yml" ], "changed": false } TASK [fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:15 Monday 22 November 2021 17:04:39 +0000 (0:00:00.030) 0:00:02.428 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python-pyasn1", "python-cryptography" ] }, "rc": 0, "results": [ "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 rhel 503 k\n python2-pyasn1 noarch 0.1.9-7.el7 rhel 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 rhel 218 k\n python-enum34 noarch 1.0.4-1.el7 rhel 52 k\n python-idna noarch 2.4-1.el7 rhel 94 k\n python-ply noarch 3.4-11.el7 rhel 123 k\n python-pycparser noarch 2.14-1.el7 rhel 105 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 16 MB/s | 1.2 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n" ] } TASK [fedora.linux_system_roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:32 Monday 22 November 2021 17:04:43 +0000 (0:00:04.772) 0:00:07.200 ******* TASK [fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:43 Monday 22 November 2021 17:04:43 +0000 (0:00:00.030) 0:00:07.231 ******* TASK [fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:57 Monday 22 November 2021 17:04:43 +0000 (0:00:00.028) 0:00:07.260 ******* TASK [fedora.linux_system_roles.certificate : Ensure provider service is running] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:74 Monday 22 November 2021 17:04:43 +0000 (0:00:00.028) 0:00:07.288 ******* TASK [fedora.linux_system_roles.certificate : Ensure certificate requests] ***** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:84 Monday 22 November 2021 17:04:44 +0000 (0:00:00.028) 0:00:07.317 ******* META: role_complete for /cache/rhel-7.qcow2 META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=5 changed=2 unreachable=0 failed=0 skipped=6 rescued=0 ignored=0 Monday 22 November 2021 17:04:44 +0000 (0:00:00.028) 0:00:07.345 ******* =============================================================================== fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed --- 4.77s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:15 set up internal repositories -------------------------------------------- 1.36s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ Gathering Facts --------------------------------------------------------- 0.97s /tmp/tmpv0mqm1w9/tests/certificate/tests_default.yml:3 ------------------------ fedora.linux_system_roles.certificate : Ensure provider packages are installed --- 0.03s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:32 fedora.linux_system_roles.certificate : Set version specific variables --- 0.03s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:2 fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists --- 0.03s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:43 fedora.linux_system_roles.certificate : Ensure provider service is running --- 0.03s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:74 fedora.linux_system_roles.certificate : Ensure certificate requests ----- 0.03s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:84 fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists --- 0.03s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:57 fail -------------------------------------------------------------------- 0.03s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- + cd /tmp/tmpv0mqm1w9/tests/certificate; TEST_SSHD_USEDNS_NO=True TEST_SUBJECTS=/cache/rhel-7.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-103-b309c26-rhel-7-3xzp9nbc/artifacts ANSIBLE_COLLECTIONS_PATHS=/tmp/tmpvzmns1ns:~/.ansible/collections:/usr/share/ansible/collections ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 --skip-tags=tests::cleanup,tests::nvme /tmp/tmpcx8fxgbp/_setup.yml /tmp/tmpv0mqm1w9/tests/certificate/tests_dns_ip_email.yml ansible-playbook [core 2.12.0.post0] config file = None configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.8/site-packages/ansible ansible collection location = /tmp/tmpvzmns1ns:/home/runner/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.8.8 (default, Aug 25 2021, 16:13:02) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] jinja version = 2.10.3 libyaml = True No config file found; using defaults Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 2 plays in /tmp/tmpcx8fxgbp/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpcx8fxgbp/_setup.yml:5 Monday 22 November 2021 17:04:58 +0000 (0:00:00.011) 0:00:00.012 ******* ok: [/cache/rhel-7.qcow2] => { "groups": { "all": [ "/cache/rhel-7.qcow2" ], "localhost": [ "/cache/rhel-7.qcow2" ], "subjects": [ "/cache/rhel-7.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:6 Monday 22 November 2021 17:04:58 +0000 (0:00:00.018) 0:00:00.030 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:13 Monday 22 November 2021 17:04:58 +0000 (0:00:00.021) 0:00:00.052 ******* changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 17:05:00 +0000 (0:00:01.379) 0:00:01.431 ******* =============================================================================== set up internal repositories -------------------------------------------- 1.38s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ fail -------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- PLAYBOOK: tests_dns_ip_email.yml *********************************************** 2 plays in /tmp/tmpv0mqm1w9/tests/certificate/tests_dns_ip_email.yml PLAY [Issue certificate with dns, ip and email in SAN] ************************* TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_dns_ip_email.yml:2 Monday 22 November 2021 17:05:00 +0000 (0:00:00.018) 0:00:01.450 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [fedora.linux_system_roles.certificate : Set version specific variables] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:2 Monday 22 November 2021 17:05:01 +0000 (0:00:00.970) 0:00:02.420 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/vars/RedHat_7.yml" ], "changed": false } TASK [fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:15 Monday 22 November 2021 17:05:01 +0000 (0:00:00.029) 0:00:02.450 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python-pyasn1", "python-cryptography" ] }, "rc": 0, "results": [ "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 rhel 503 k\n python2-pyasn1 noarch 0.1.9-7.el7 rhel 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 rhel 218 k\n python-enum34 noarch 1.0.4-1.el7 rhel 52 k\n python-idna noarch 2.4-1.el7 rhel 94 k\n python-ply noarch 3.4-11.el7 rhel 123 k\n python-pycparser noarch 2.14-1.el7 rhel 105 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 14 MB/s | 1.2 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n" ] } TASK [fedora.linux_system_roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:32 Monday 22 November 2021 17:05:05 +0000 (0:00:04.738) 0:00:07.189 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": { "installed": [ "certmonger" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-14.el7 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository\n Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-14.el7 rhel 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 rhel 33 k\n libtevent x86_64 0.9.39-1.el7 rhel 41 k\n psmisc x86_64 22.20-17.el7 rhel 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 rhel 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 rhel 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 980 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 11 MB/s | 980 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-14.el7.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 2/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 3/6 \n Verifying : certmonger-0.78.4-14.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-14.el7 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n" ] } TASK [fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:43 Monday 22 November 2021 17:05:07 +0000 (0:00:02.136) 0:00:09.325 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:57 Monday 22 November 2021 17:05:08 +0000 (0:00:00.507) 0:00:09.833 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure provider service is running] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:74 Monday 22 November 2021 17:05:08 +0000 (0:00:00.336) 0:00:10.169 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "syslog.target dbus.service basic.target system.slice network.target systemd-journald.socket", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14968", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14968", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "basic.target system.slice", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0" } } TASK [fedora.linux_system_roles.certificate : Ensure certificate requests] ***** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:84 Monday 22 November 2021 17:05:09 +0000 (0:00:00.861) 0:00:11.031 ******* changed: [/cache/rhel-7.qcow2] => (item={'name': 'mycert', 'common_name': 'My Certificate with SAN', 'dns': ['sub1.example.com', 'www.example.com', 'sub2.example.com', 'sub3.example.com'], 'ip': ['192.0.2.12', '198.51.100.65', '2001:db8::2:1'], 'email': ['sysadmin@example.com', 'support@example.com'], 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "common_name": "My Certificate with SAN", "dns": [ "sub1.example.com", "www.example.com", "sub2.example.com", "sub3.example.com" ], "email": [ "sysadmin@example.com", "support@example.com" ], "ip": [ "192.0.2.12", "198.51.100.65", "2001:db8::2:1" ], "name": "mycert" } } MSG: Certificate requested (new). META: role_complete for /cache/rhel-7.qcow2 META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_dns_ip_email.yml:24 Monday 22 November 2021 17:05:10 +0000 (0:00:00.988) 0:00:12.019 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_dns_ip_email.yml:54 Monday 22 November 2021 17:05:11 +0000 (0:00:00.711) 0:00:12.731 ******* included: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml for /cache/rhel-7.qcow2 => (item={'path': '/etc/pki/tls/certs/mycert.crt', 'key_path': '/etc/pki/tls/private/mycert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'My Certificate with SAN'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'sub1.example.com'}, {'name': 'DNS', 'value': 'www.example.com'}, {'name': 'DNS', 'value': 'sub2.example.com'}, {'name': 'DNS', 'value': 'sub3.example.com'}, {'name': 'email', 'value': 'sysadmin@example.com'}, {'name': 'email', 'value': 'support@example.com'}, {'name': 'IP Address', 'value': '192.0.2.12'}, {'name': 'IP Address', 'value': '198.51.100.65'}, {'name': 'IP Address', 'value': '2001:db8::2:1'}]}) TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:2 Monday 22 November 2021 17:05:11 +0000 (0:00:00.032) 0:00:12.763 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:6 Monday 22 November 2021 17:05:11 +0000 (0:00:00.015) 0:00:12.779 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python3" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-17.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-17.el7 for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-17.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-17.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-17.el7 rhel 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-17.el7 rhel 6.9 M\n python3-pip noarch 9.0.3-8.el7 rhel 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 rhel 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 60 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Installing : python3-libs-3.6.8-17.el7.x86_64 2/4 \n Installing : python3-3.6.8-17.el7.x86_64 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 1/4 \n Verifying : python3-3.6.8-17.el7.x86_64 2/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Verifying : python3-libs-3.6.8-17.el7.x86_64 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-17.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-17.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:11 Monday 22 November 2021 17:05:15 +0000 (0:00:04.463) 0:00:17.242 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting pip Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB) Installing collected packages: pip Found existing installation: pip 9.0.3 Uninstalling pip-9.0.3: Successfully uninstalled pip-9.0.3 Successfully installed pip-21.3.1 TASK [Install certreader] ****************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:18 Monday 22 November 2021 17:05:20 +0000 (0:00:04.772) 0:00:22.014 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting cryptography<35 Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB) Collecting certreader>=0.1.1 Downloading certreader-0.1.1.tar.gz (4.4 kB) Preparing metadata (setup.py): started Preparing metadata (setup.py): finished with status 'done' Collecting cffi>=1.12 Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB) Collecting pyasn1 Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB) Collecting pyyaml Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB) Collecting pycparser Downloading pycparser-2.21-py2.py3-none-any.whl (118 kB) Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed. Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader Running setup.py install for certreader: started Running setup.py install for certreader: finished with status 'done' Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.21 pyyaml-6.0 TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:26 Monday 22 November 2021 17:05:23 +0000 (0:00:03.174) 0:00:25.188 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600709.2368214, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "495022e8322a09d601062c903339261271490a99", "ctime": 1637600709.2348213, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12986540, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637600709.2348213, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1501, "uid": 0, "version": "18446744072448341051", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:31 Monday 22 November 2021 17:05:24 +0000 (0:00:00.449) 0:00:25.638 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:37 Monday 22 November 2021 17:05:24 +0000 (0:00:00.020) 0:00:25.659 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:43 Monday 22 November 2021 17:05:24 +0000 (0:00:00.036) 0:00:25.696 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:49 Monday 22 November 2021 17:05:24 +0000 (0:00:00.032) 0:00:25.728 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600709.1948214, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "05ab0731648f85659e6787bd36a594f50181e899", "ctime": 1637600709.2338214, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12986539, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637600709.2338214, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "18446744072391036431", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:54 Monday 22 November 2021 17:05:24 +0000 (0:00:00.311) 0:00:26.040 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:60 Monday 22 November 2021 17:05:24 +0000 (0:00:00.020) 0:00:26.061 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:66 Monday 22 November 2021 17:05:24 +0000 (0:00:00.034) 0:00:26.095 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt" ], "delta": "0:00:00.260136", "end": "2021-11-22 12:05:24.112043", "rc": 0, "start": "2021-11-22 12:05:23.851907" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "My Certificate with SAN" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "sub1.example.com" }, { "name": "DNS", "value": "www.example.com" }, { "name": "DNS", "value": "sub2.example.com" }, { "name": "DNS", "value": "sub3.example.com" }, { "name": "email", "value": "sysadmin@example.com" }, { "name": "email", "value": "support@example.com" }, { "name": "IP Address", "value": "192.0.2.12" }, { "name": "IP Address", "value": "198.51.100.65" }, { "name": "IP Address", "value": "2001:db8::2:1" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "1A:33:42:3E:E2:2C:A7:3D:4F:9F:F1:B2:AD:10:A9:49:43:E8:FB:A6", "critical": false }, "authorityKeyIdentifier": { "value": "C1:62:B5:86:3C:26:F4:97:8C:D9:74:56:E6:C2:68:31:E6:DD:96:DA", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "5A:9D:06:F2:2A:44:17:4C:09:70:2A:9E:7D:D7:FB:43:FF:EB:CB:9A:2C:59:B5:46:7E:87:41:ED:47:D9:70:AF:EA:72:05:6A:6F:E1:A1:AA:E3:D4:38:23:8D:E9:1C:D5:69:0F:76:27:45:ED:20:7F:A8:7B:AC:84:97:67:EC:36:B9:97:4C:A5:01:B1:3A:31:AE:9B:AF:D9:E8:01:0B:EB:5C:8A:84:13:D7:3A:E2:D2:94:63:CF:82:A1:0C:3F:F3:FC:2A:B1:B7:F8:A2:CA:1B:4B:11:B5:49:E0:8E:94:42:02:E2:A7:01:2E:D0:E3:D6:90:9C:9D:8A:29:BD:D8:AC:90:FE:DF:C2:87:84:98:90:D7:C1:5D:7C:EC:AB:31:4C:EC:9A:4C:36:49:71:D2:8D:42:69:F7:7F:04:D4:3D:EA:FA:EB:23:92:46:88:F8:FE:29:3C:B6:18:5A:05:F9:D2:30:7C:A7:15:5F:5E:B7:F8:6B:95:09:25:52:A2:2F:95:74:4D:90:8D:9C:29:7A:3E:5B:25:77:13:A4:20:EA:45:35:33:38:AD:1F:5E:D4:3B:97:CD:19:77:14:D4:F0:28:96:85:CF:A9:FD:85:B9:D7:F7:70:65:10:96:5B:0D:74:F4:16:2E:4A:C3:FA:03:98:AE:77:E2:92:FC:E9:A5:3E" }, "key_size": 2048, "validity": { "not_valid_after": "2022-11-22 17:05:08", "not_valid_before": "2021-11-22 17:05:09" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:71 Monday 22 November 2021 17:05:25 +0000 (0:00:00.684) 0:00:26.780 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "C1:62:B5:86:3C:26:F4:97:8C:D9:74:56:E6:C2:68:31:E6:DD:96:DA" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "sub1.example.com" }, { "name": "DNS", "value": "www.example.com" }, { "name": "DNS", "value": "sub2.example.com" }, { "name": "DNS", "value": "sub3.example.com" }, { "name": "email", "value": "sysadmin@example.com" }, { "name": "email", "value": "support@example.com" }, { "name": "IP Address", "value": "192.0.2.12" }, { "name": "IP Address", "value": "198.51.100.65" }, { "name": "IP Address", "value": "2001:db8::2:1" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "1A:33:42:3E:E2:2C:A7:3D:4F:9F:F1:B2:AD:10:A9:49:43:E8:FB:A6" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "5A:9D:06:F2:2A:44:17:4C:09:70:2A:9E:7D:D7:FB:43:FF:EB:CB:9A:2C:59:B5:46:7E:87:41:ED:47:D9:70:AF:EA:72:05:6A:6F:E1:A1:AA:E3:D4:38:23:8D:E9:1C:D5:69:0F:76:27:45:ED:20:7F:A8:7B:AC:84:97:67:EC:36:B9:97:4C:A5:01:B1:3A:31:AE:9B:AF:D9:E8:01:0B:EB:5C:8A:84:13:D7:3A:E2:D2:94:63:CF:82:A1:0C:3F:F3:FC:2A:B1:B7:F8:A2:CA:1B:4B:11:B5:49:E0:8E:94:42:02:E2:A7:01:2E:D0:E3:D6:90:9C:9D:8A:29:BD:D8:AC:90:FE:DF:C2:87:84:98:90:D7:C1:5D:7C:EC:AB:31:4C:EC:9A:4C:36:49:71:D2:8D:42:69:F7:7F:04:D4:3D:EA:FA:EB:23:92:46:88:F8:FE:29:3C:B6:18:5A:05:F9:D2:30:7C:A7:15:5F:5E:B7:F8:6B:95:09:25:52:A2:2F:95:74:4D:90:8D:9C:29:7A:3E:5B:25:77:13:A4:20:EA:45:35:33:38:AD:1F:5E:D4:3B:97:CD:19:77:14:D4:F0:28:96:85:CF:A9:FD:85:B9:D7:F7:70:65:10:96:5B:0D:74:F4:16:2E:4A:C3:FA:03:98:AE:77:E2:92:FC:E9:A5:3E" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "My Certificate with SAN" } ], "validity": { "not_valid_after": "2022-11-22 17:05:08", "not_valid_before": "2021-11-22 17:05:09" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:75 Monday 22 November 2021 17:05:25 +0000 (0:00:00.030) 0:00:26.810 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:80 Monday 22 November 2021 17:05:25 +0000 (0:00:00.030) 0:00:26.841 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:85 Monday 22 November 2021 17:05:25 +0000 (0:00:00.018) 0:00:26.859 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:90 Monday 22 November 2021 17:05:25 +0000 (0:00:00.029) 0:00:26.888 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:99 Monday 22 November 2021 17:05:25 +0000 (0:00:00.029) 0:00:26.918 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:110 Monday 22 November 2021 17:05:25 +0000 (0:00:00.031) 0:00:26.950 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.040877", "end": "2021-11-22 12:05:24.611962", "rc": 0, "start": "2021-11-22 12:05:24.571085" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:115 Monday 22 November 2021 17:05:25 +0000 (0:00:00.326) 0:00:27.276 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=32 changed=10 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 17:05:25 +0000 (0:00:00.035) 0:00:27.312 ******* =============================================================================== Install the package, force upgrade -------------------------------------- 4.77s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:11 - fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed --- 4.74s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:15 Ensure python3 is installed --------------------------------------------- 4.46s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:6 -- Install certreader ------------------------------------------------------ 3.17s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:18 - fedora.linux_system_roles.certificate : Ensure provider packages are installed --- 2.14s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:32 set up internal repositories -------------------------------------------- 1.38s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ fedora.linux_system_roles.certificate : Ensure certificate requests ----- 0.99s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:84 Gathering Facts --------------------------------------------------------- 0.97s /tmp/tmpv0mqm1w9/tests/certificate/tests_dns_ip_email.yml:2 ------------------- fedora.linux_system_roles.certificate : Ensure provider service is running --- 0.86s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:74 Gathering Facts --------------------------------------------------------- 0.71s /tmp/tmpv0mqm1w9/tests/certificate/tests_dns_ip_email.yml:24 ------------------ Parse certificate ------------------------------------------------------- 0.68s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:66 - fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists --- 0.51s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:43 Retrieve certificate file stats ----------------------------------------- 0.45s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:26 - fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists --- 0.34s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:57 Retrieve auto-renew flag ------------------------------------------------ 0.33s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:110 Retrieve key file stats ------------------------------------------------- 0.31s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:49 - Verify certificate file owner and group --------------------------------- 0.04s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:37 - Verify certificate auto-renew flag -------------------------------------- 0.04s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:115 Verify key file owner and group ----------------------------------------- 0.03s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:60 - Verify certificate permissions ------------------------------------------ 0.03s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:43 - + cd /tmp/tmpv0mqm1w9/tests/certificate; TEST_SSHD_USEDNS_NO=True TEST_SUBJECTS=/cache/rhel-7.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-103-b309c26-rhel-7-3xzp9nbc/artifacts ANSIBLE_COLLECTIONS_PATHS=/tmp/tmpvzmns1ns:~/.ansible/collections:/usr/share/ansible/collections ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 --skip-tags=tests::cleanup,tests::nvme /tmp/tmpcx8fxgbp/_setup.yml /tmp/tmpv0mqm1w9/tests/certificate/tests_fs_attrs.yml ansible-playbook [core 2.12.0.post0] config file = None configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.8/site-packages/ansible ansible collection location = /tmp/tmpvzmns1ns:/home/runner/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.8.8 (default, Aug 25 2021, 16:13:02) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] jinja version = 2.10.3 libyaml = True No config file found; using defaults Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 2 plays in /tmp/tmpcx8fxgbp/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpcx8fxgbp/_setup.yml:5 Monday 22 November 2021 17:05:40 +0000 (0:00:00.011) 0:00:00.011 ******* ok: [/cache/rhel-7.qcow2] => { "groups": { "all": [ "/cache/rhel-7.qcow2" ], "localhost": [ "/cache/rhel-7.qcow2" ], "subjects": [ "/cache/rhel-7.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:6 Monday 22 November 2021 17:05:40 +0000 (0:00:00.017) 0:00:00.029 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:13 Monday 22 November 2021 17:05:40 +0000 (0:00:00.024) 0:00:00.053 ******* changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 17:05:41 +0000 (0:00:01.372) 0:00:01.426 ******* =============================================================================== set up internal repositories -------------------------------------------- 1.37s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ fail -------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- PLAYBOOK: tests_fs_attrs.yml *************************************************** 3 plays in /tmp/tmpv0mqm1w9/tests/certificate/tests_fs_attrs.yml PLAY [Ensure UID and GID exists] *********************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_fs_attrs.yml:2 Monday 22 November 2021 17:05:41 +0000 (0:00:00.018) 0:00:01.444 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [Ensure user exists] ****************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_fs_attrs.yml:5 Monday 22 November 2021 17:05:42 +0000 (0:00:00.967) 0:00:02.411 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "comment": "", "create_home": true, "group": 1040, "home": "/home/user1", "name": "user1", "shell": "/bin/bash", "state": "present", "system": false, "uid": 1040 } TASK [Ensure group "somegroup" exists] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_fs_attrs.yml:9 Monday 22 November 2021 17:05:43 +0000 (0:00:00.536) 0:00:02.947 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "gid": 1041, "name": "somegroup", "state": "present", "system": false } META: ran handlers META: ran handlers PLAY [Issue certificate setting user/group] ************************************ TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_fs_attrs.yml:13 Monday 22 November 2021 17:05:43 +0000 (0:00:00.494) 0:00:03.442 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [fedora.linux_system_roles.certificate : Set version specific variables] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:2 Monday 22 November 2021 17:05:44 +0000 (0:00:00.683) 0:00:04.126 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/vars/RedHat_7.yml" ], "changed": false } TASK [fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:15 Monday 22 November 2021 17:05:44 +0000 (0:00:00.030) 0:00:04.156 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python-pyasn1", "python-cryptography" ] }, "rc": 0, "results": [ "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 rhel 503 k\n python2-pyasn1 noarch 0.1.9-7.el7 rhel 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 rhel 218 k\n python-enum34 noarch 1.0.4-1.el7 rhel 52 k\n python-idna noarch 2.4-1.el7 rhel 94 k\n python-ply noarch 3.4-11.el7 rhel 123 k\n python-pycparser noarch 2.14-1.el7 rhel 105 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 14 MB/s | 1.2 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n" ] } TASK [fedora.linux_system_roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:32 Monday 22 November 2021 17:05:50 +0000 (0:00:06.152) 0:00:10.309 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": { "installed": [ "certmonger" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-14.el7 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository\n Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-14.el7 rhel 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 rhel 33 k\n libtevent x86_64 0.9.39-1.el7 rhel 41 k\n psmisc x86_64 22.20-17.el7 rhel 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 rhel 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 rhel 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 980 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 13 MB/s | 980 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-14.el7.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 2/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 3/6 \n Verifying : certmonger-0.78.4-14.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-14.el7 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n" ] } TASK [fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:43 Monday 22 November 2021 17:05:52 +0000 (0:00:02.163) 0:00:12.473 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:57 Monday 22 November 2021 17:05:53 +0000 (0:00:00.508) 0:00:12.982 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure provider service is running] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:74 Monday 22 November 2021 17:05:53 +0000 (0:00:00.342) 0:00:13.324 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "network.target system.slice systemd-journald.socket dbus.service basic.target syslog.target", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14968", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14968", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "system.slice basic.target", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0" } } TASK [fedora.linux_system_roles.certificate : Ensure certificate requests] ***** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:84 Monday 22 November 2021 17:05:54 +0000 (0:00:00.839) 0:00:14.164 ******* changed: [/cache/rhel-7.qcow2] => (item={'name': 'mycert', 'dns': 'www.example.com', 'owner': 'ftp', 'group': 'ftp', 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.com", "group": "ftp", "name": "mycert", "owner": "ftp" } } MSG: Certificate requested (new). File attributes updated. changed: [/cache/rhel-7.qcow2] => (item={'name': 'certid', 'dns': 'www.example.com', 'owner': 1040, 'group': 1041, 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.com", "group": 1041, "name": "certid", "owner": 1040 } } MSG: Certificate requested (new). File attributes updated. META: role_complete for /cache/rhel-7.qcow2 META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_fs_attrs.yml:31 Monday 22 November 2021 17:05:55 +0000 (0:00:01.477) 0:00:15.642 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_fs_attrs.yml:60 Monday 22 November 2021 17:05:56 +0000 (0:00:00.709) 0:00:16.351 ******* included: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml for /cache/rhel-7.qcow2 => (item={'path': '/etc/pki/tls/certs/mycert.crt', 'key_path': '/etc/pki/tls/private/mycert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}], 'owner': 'ftp', 'group': 'ftp', 'mode': '0640'}) included: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml for /cache/rhel-7.qcow2 => (item={'path': '/etc/pki/tls/certs/certid.crt', 'key_path': '/etc/pki/tls/private/certid.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}], 'owner': 1040, 'group': 1041, 'mode': '0640'}) TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:2 Monday 22 November 2021 17:05:56 +0000 (0:00:00.042) 0:00:16.394 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:6 Monday 22 November 2021 17:05:56 +0000 (0:00:00.017) 0:00:16.411 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python3" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-17.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-17.el7 for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-17.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-17.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-17.el7 rhel 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-17.el7 rhel 6.9 M\n python3-pip noarch 9.0.3-8.el7 rhel 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 rhel 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 59 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Installing : python3-libs-3.6.8-17.el7.x86_64 2/4 \n Installing : python3-3.6.8-17.el7.x86_64 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 1/4 \n Verifying : python3-3.6.8-17.el7.x86_64 2/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Verifying : python3-libs-3.6.8-17.el7.x86_64 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-17.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-17.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:11 Monday 22 November 2021 17:06:01 +0000 (0:00:04.497) 0:00:20.909 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting pip Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB) Installing collected packages: pip Found existing installation: pip 9.0.3 Uninstalling pip-9.0.3: Successfully uninstalled pip-9.0.3 Successfully installed pip-21.3.1 TASK [Install certreader] ****************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:18 Monday 22 November 2021 17:06:06 +0000 (0:00:05.514) 0:00:26.423 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting cryptography<35 Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB) Collecting certreader>=0.1.1 Downloading certreader-0.1.1.tar.gz (4.4 kB) Preparing metadata (setup.py): started Preparing metadata (setup.py): finished with status 'done' Collecting cffi>=1.12 Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB) Collecting pyasn1 Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB) Collecting pyyaml Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB) Collecting pycparser Downloading pycparser-2.21-py2.py3-none-any.whl (118 kB) Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed. Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader Running setup.py install for certreader: started Running setup.py install for certreader: finished with status 'done' Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.21 pyyaml-6.0 TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:26 Monday 22 November 2021 17:06:09 +0000 (0:00:03.397) 0:00:29.821 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600753.9094076, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "13114a77dbcd2962f87c9820666d3c856483809e", "ctime": 1637600753.9584076, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 50, "gr_name": "ftp", "inode": 12583735, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0640", "mtime": 1637600753.9064076, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "ftp", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 1310, "uid": 14, "version": "831274769", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:31 Monday 22 November 2021 17:06:10 +0000 (0:00:00.465) 0:00:30.286 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:37 Monday 22 November 2021 17:06:10 +0000 (0:00:00.023) 0:00:30.310 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:43 Monday 22 November 2021 17:06:10 +0000 (0:00:00.037) 0:00:30.347 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:49 Monday 22 November 2021 17:06:10 +0000 (0:00:00.033) 0:00:30.381 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600753.8654077, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "7fe43b6255d7718213f7377bbf1d46cfc1c55b4a", "ctime": 1637600753.9584076, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 50, "gr_name": "ftp", "inode": 12583734, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0640", "mtime": 1637600753.9064076, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "ftp", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 1704, "uid": 14, "version": "18446744073128475493", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:54 Monday 22 November 2021 17:06:10 +0000 (0:00:00.325) 0:00:30.706 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:60 Monday 22 November 2021 17:06:10 +0000 (0:00:00.021) 0:00:30.728 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:66 Monday 22 November 2021 17:06:10 +0000 (0:00:00.075) 0:00:30.803 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt" ], "delta": "0:00:00.268755", "end": "2021-11-22 12:06:10.569300", "rc": 0, "start": "2021-11-22 12:06:10.300545" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.com" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "F4:3E:0E:77:79:09:69:4E:BF:5C:84:58:2B:ED:63:FB:8A:F7:CC:FD", "critical": false }, "authorityKeyIdentifier": { "value": "42:36:57:9B:F5:4E:FA:C0:A3:57:A4:C5:02:3C:80:13:FF:E8:B6:C4", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "A8:82:57:81:20:5A:07:8D:93:53:3A:4F:70:27:D4:5C:DF:A4:7C:E5:C3:0C:80:3D:1C:C4:FF:05:35:F0:B1:36:C2:38:6F:45:DB:30:40:72:32:C6:B3:45:A4:B8:D4:7F:8D:4F:13:2D:A2:D7:05:CD:25:0B:3A:F0:CC:12:AC:BE:11:D3:3A:76:1C:1D:AE:A1:58:F2:64:9B:67:B5:8A:54:0D:22:20:72:AC:9C:0C:01:52:88:78:E8:72:8B:79:99:9D:93:E1:3F:E3:7A:EB:A2:A1:16:EF:B7:EB:8B:06:CC:A2:F7:8E:0E:5C:10:5F:8F:FD:5A:5D:D0:1C:F2:7F:0B:3E:D9:7A:A6:7F:F9:41:33:26:F2:E2:94:EE:8B:38:86:C0:87:E1:72:66:68:DA:29:09:07:B5:C2:AA:CB:8B:19:8E:A1:A5:7F:F0:42:5F:4D:3B:A8:1F:AD:D1:EB:17:C9:B6:88:D7:5A:05:3D:1B:FA:D5:9E:B6:D5:D1:51:14:0C:78:3A:AD:E5:3B:9B:01:AB:EB:FB:32:1B:B0:45:86:24:17:CF:EA:00:0E:78:97:53:12:E1:08:2D:D8:8F:60:87:6E:7A:FA:2B:A8:CD:74:02:CB:E7:2A:AA:E7:67:0D:55:49:A5:2E:DE:70:2F:FB:44:0E:DE:68:55:FD:A7:61:D0" }, "key_size": 2048, "validity": { "not_valid_after": "2022-11-22 17:05:53", "not_valid_before": "2021-11-22 17:05:53" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:71 Monday 22 November 2021 17:06:11 +0000 (0:00:00.716) 0:00:31.520 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "42:36:57:9B:F5:4E:FA:C0:A3:57:A4:C5:02:3C:80:13:FF:E8:B6:C4" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "F4:3E:0E:77:79:09:69:4E:BF:5C:84:58:2B:ED:63:FB:8A:F7:CC:FD" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "A8:82:57:81:20:5A:07:8D:93:53:3A:4F:70:27:D4:5C:DF:A4:7C:E5:C3:0C:80:3D:1C:C4:FF:05:35:F0:B1:36:C2:38:6F:45:DB:30:40:72:32:C6:B3:45:A4:B8:D4:7F:8D:4F:13:2D:A2:D7:05:CD:25:0B:3A:F0:CC:12:AC:BE:11:D3:3A:76:1C:1D:AE:A1:58:F2:64:9B:67:B5:8A:54:0D:22:20:72:AC:9C:0C:01:52:88:78:E8:72:8B:79:99:9D:93:E1:3F:E3:7A:EB:A2:A1:16:EF:B7:EB:8B:06:CC:A2:F7:8E:0E:5C:10:5F:8F:FD:5A:5D:D0:1C:F2:7F:0B:3E:D9:7A:A6:7F:F9:41:33:26:F2:E2:94:EE:8B:38:86:C0:87:E1:72:66:68:DA:29:09:07:B5:C2:AA:CB:8B:19:8E:A1:A5:7F:F0:42:5F:4D:3B:A8:1F:AD:D1:EB:17:C9:B6:88:D7:5A:05:3D:1B:FA:D5:9E:B6:D5:D1:51:14:0C:78:3A:AD:E5:3B:9B:01:AB:EB:FB:32:1B:B0:45:86:24:17:CF:EA:00:0E:78:97:53:12:E1:08:2D:D8:8F:60:87:6E:7A:FA:2B:A8:CD:74:02:CB:E7:2A:AA:E7:67:0D:55:49:A5:2E:DE:70:2F:FB:44:0E:DE:68:55:FD:A7:61:D0" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "2022-11-22 17:05:53", "not_valid_before": "2021-11-22 17:05:53" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:75 Monday 22 November 2021 17:06:11 +0000 (0:00:00.035) 0:00:31.555 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:80 Monday 22 November 2021 17:06:11 +0000 (0:00:00.112) 0:00:31.668 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:85 Monday 22 November 2021 17:06:11 +0000 (0:00:00.021) 0:00:31.690 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:90 Monday 22 November 2021 17:06:11 +0000 (0:00:00.033) 0:00:31.724 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:99 Monday 22 November 2021 17:06:11 +0000 (0:00:00.034) 0:00:31.758 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:110 Monday 22 November 2021 17:06:11 +0000 (0:00:00.034) 0:00:31.793 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.044345", "end": "2021-11-22 12:06:11.199155", "rc": 0, "start": "2021-11-22 12:06:11.154810" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:115 Monday 22 November 2021 17:06:12 +0000 (0:00:00.354) 0:00:32.147 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:2 Monday 22 November 2021 17:06:12 +0000 (0:00:00.035) 0:00:32.183 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:6 Monday 22 November 2021 17:06:12 +0000 (0:00:00.016) 0:00:32.200 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0, "results": [ "python3-3.6.8-17.el7.x86_64 providing python3 is already installed" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:11 Monday 22 November 2021 17:06:12 +0000 (0:00:00.541) 0:00:32.742 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1) TASK [Install certreader] ****************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:18 Monday 22 November 2021 17:06:13 +0000 (0:00:01.005) 0:00:33.748 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8) Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1) Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.0) Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8) Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0) Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21) TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:26 Monday 22 November 2021 17:06:14 +0000 (0:00:00.796) 0:00:34.544 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600754.5924077, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "38cd4d1f53ae1d515f6b2f2fc035c9478a06af14", "ctime": 1637600754.6694076, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 1041, "gr_name": "somegroup", "inode": 13017480, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0640", "mtime": 1637600754.5894077, "nlink": 1, "path": "/etc/pki/tls/certs/certid.crt", "pw_name": "user1", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 1310, "uid": 1040, "version": "18446744073109882966", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:31 Monday 22 November 2021 17:06:15 +0000 (0:00:00.313) 0:00:34.858 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:37 Monday 22 November 2021 17:06:15 +0000 (0:00:00.023) 0:00:34.881 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:43 Monday 22 November 2021 17:06:15 +0000 (0:00:00.037) 0:00:34.919 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:49 Monday 22 November 2021 17:06:15 +0000 (0:00:00.036) 0:00:34.955 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600754.5504076, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "77e19f8a114bd6b1137312b22a9e5d3c400a0921", "ctime": 1637600754.6694076, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 1041, "gr_name": "somegroup", "inode": 13017474, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0640", "mtime": 1637600754.5894077, "nlink": 1, "path": "/etc/pki/tls/private/certid.key", "pw_name": "user1", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 1704, "uid": 1040, "version": "612879422", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:54 Monday 22 November 2021 17:06:15 +0000 (0:00:00.315) 0:00:35.271 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:60 Monday 22 November 2021 17:06:15 +0000 (0:00:00.021) 0:00:35.292 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:66 Monday 22 November 2021 17:06:15 +0000 (0:00:00.037) 0:00:35.330 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/certid.crt" ], "delta": "0:00:00.273596", "end": "2021-11-22 12:06:14.959573", "rc": 0, "start": "2021-11-22 12:06:14.685977" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.com" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "54:09:E2:11:6F:65:A8:0E:F9:A8:4F:DF:ED:FA:29:99:F5:97:6A:20", "critical": false }, "authorityKeyIdentifier": { "value": "42:36:57:9B:F5:4E:FA:C0:A3:57:A4:C5:02:3C:80:13:FF:E8:B6:C4", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "AB:FE:EA:26:89:14:6E:31:61:FE:27:D2:C6:44:39:3D:43:54:5F:6D:3D:B4:DB:DB:56:D2:16:B8:8A:1D:5E:92:0C:6B:44:58:B4:7E:80:57:B4:41:04:F7:9B:88:A1:D3:63:28:F8:1D:A9:4F:BC:1C:4C:27:D3:CC:09:1F:68:D2:52:F6:95:F3:1D:67:7B:B9:07:62:5E:31:9A:8F:D3:67:DE:27:2B:DB:87:39:C6:58:C2:CE:51:D7:92:E0:C2:0C:4A:81:D9:83:21:0E:3E:CD:C3:61:DB:55:52:08:73:37:5E:43:D8:62:CE:88:06:A6:B1:35:3F:FC:51:96:5A:4F:37:68:3A:6D:D6:D4:C1:27:D0:D2:37:AF:AB:6B:FF:5E:A3:C8:1D:16:D4:A5:A7:38:5E:37:9A:1E:39:25:9D:BF:F5:30:DF:F7:04:45:14:CF:E7:00:77:E5:FB:34:FC:C4:B8:3F:B7:0C:02:F8:72:75:E7:E7:6E:93:52:F6:1A:F7:B9:54:54:CD:6D:08:2D:93:D8:EA:79:92:13:41:9A:AE:59:C1:09:86:BD:89:A8:DB:BC:C6:62:C1:90:98:FC:E6:16:6E:BF:5F:74:5D:77:82:DA:C2:1B:F6:89:52:B1:FD:18:25:9F:88:8D:64:09:46:E4:17:F5:AE:C1:5E:D4:4F" }, "key_size": 2048, "validity": { "not_valid_after": "2022-11-22 17:05:53", "not_valid_before": "2021-11-22 17:05:54" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:71 Monday 22 November 2021 17:06:16 +0000 (0:00:00.578) 0:00:35.909 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "42:36:57:9B:F5:4E:FA:C0:A3:57:A4:C5:02:3C:80:13:FF:E8:B6:C4" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "54:09:E2:11:6F:65:A8:0E:F9:A8:4F:DF:ED:FA:29:99:F5:97:6A:20" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "AB:FE:EA:26:89:14:6E:31:61:FE:27:D2:C6:44:39:3D:43:54:5F:6D:3D:B4:DB:DB:56:D2:16:B8:8A:1D:5E:92:0C:6B:44:58:B4:7E:80:57:B4:41:04:F7:9B:88:A1:D3:63:28:F8:1D:A9:4F:BC:1C:4C:27:D3:CC:09:1F:68:D2:52:F6:95:F3:1D:67:7B:B9:07:62:5E:31:9A:8F:D3:67:DE:27:2B:DB:87:39:C6:58:C2:CE:51:D7:92:E0:C2:0C:4A:81:D9:83:21:0E:3E:CD:C3:61:DB:55:52:08:73:37:5E:43:D8:62:CE:88:06:A6:B1:35:3F:FC:51:96:5A:4F:37:68:3A:6D:D6:D4:C1:27:D0:D2:37:AF:AB:6B:FF:5E:A3:C8:1D:16:D4:A5:A7:38:5E:37:9A:1E:39:25:9D:BF:F5:30:DF:F7:04:45:14:CF:E7:00:77:E5:FB:34:FC:C4:B8:3F:B7:0C:02:F8:72:75:E7:E7:6E:93:52:F6:1A:F7:B9:54:54:CD:6D:08:2D:93:D8:EA:79:92:13:41:9A:AE:59:C1:09:86:BD:89:A8:DB:BC:C6:62:C1:90:98:FC:E6:16:6E:BF:5F:74:5D:77:82:DA:C2:1B:F6:89:52:B1:FD:18:25:9F:88:8D:64:09:46:E4:17:F5:AE:C1:5E:D4:4F" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "2022-11-22 17:05:53", "not_valid_before": "2021-11-22 17:05:54" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:75 Monday 22 November 2021 17:06:16 +0000 (0:00:00.036) 0:00:35.945 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:80 Monday 22 November 2021 17:06:16 +0000 (0:00:00.037) 0:00:35.983 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:85 Monday 22 November 2021 17:06:16 +0000 (0:00:00.022) 0:00:36.005 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:90 Monday 22 November 2021 17:06:16 +0000 (0:00:00.034) 0:00:36.040 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:99 Monday 22 November 2021 17:06:16 +0000 (0:00:00.040) 0:00:36.080 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:110 Monday 22 November 2021 17:06:16 +0000 (0:00:00.038) 0:00:36.119 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/certid.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.042636", "end": "2021-11-22 12:06:15.526312", "rc": 0, "start": "2021-11-22 12:06:15.483676" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:115 Monday 22 November 2021 17:06:16 +0000 (0:00:00.357) 0:00:36.476 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=56 changed=12 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 17:06:16 +0000 (0:00:00.039) 0:00:36.516 ******* =============================================================================== fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed --- 6.15s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:15 Install the package, force upgrade -------------------------------------- 5.51s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:11 - Ensure python3 is installed --------------------------------------------- 4.50s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:6 -- Install certreader ------------------------------------------------------ 3.40s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:18 - fedora.linux_system_roles.certificate : Ensure provider packages are installed --- 2.16s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:32 fedora.linux_system_roles.certificate : Ensure certificate requests ----- 1.48s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:84 set up internal repositories -------------------------------------------- 1.37s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ Install the package, force upgrade -------------------------------------- 1.01s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:11 - Gathering Facts --------------------------------------------------------- 0.97s /tmp/tmpv0mqm1w9/tests/certificate/tests_fs_attrs.yml:2 ----------------------- fedora.linux_system_roles.certificate : Ensure provider service is running --- 0.84s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:74 Install certreader ------------------------------------------------------ 0.80s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:18 - Parse certificate ------------------------------------------------------- 0.72s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:66 - Gathering Facts --------------------------------------------------------- 0.71s /tmp/tmpv0mqm1w9/tests/certificate/tests_fs_attrs.yml:31 ---------------------- Gathering Facts --------------------------------------------------------- 0.68s /tmp/tmpv0mqm1w9/tests/certificate/tests_fs_attrs.yml:13 ---------------------- Parse certificate ------------------------------------------------------- 0.58s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:66 - Ensure python3 is installed --------------------------------------------- 0.54s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:6 -- Ensure user exists ------------------------------------------------------ 0.54s /tmp/tmpv0mqm1w9/tests/certificate/tests_fs_attrs.yml:5 ----------------------- fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists --- 0.51s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:43 Ensure group "somegroup" exists ----------------------------------------- 0.49s /tmp/tmpv0mqm1w9/tests/certificate/tests_fs_attrs.yml:9 ----------------------- Retrieve certificate file stats ----------------------------------------- 0.47s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:26 - + cd /tmp/tmpv0mqm1w9/tests/certificate; TEST_SSHD_USEDNS_NO=True TEST_SUBJECTS=/cache/rhel-7.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-103-b309c26-rhel-7-3xzp9nbc/artifacts ANSIBLE_COLLECTIONS_PATHS=/tmp/tmpvzmns1ns:~/.ansible/collections:/usr/share/ansible/collections ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 --skip-tags=tests::cleanup,tests::nvme /tmp/tmpcx8fxgbp/_setup.yml /tmp/tmpv0mqm1w9/tests/certificate/tests_include_vars_from_parent.yml ansible-playbook [core 2.12.0.post0] config file = None configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.8/site-packages/ansible ansible collection location = /tmp/tmpvzmns1ns:/home/runner/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.8.8 (default, Aug 25 2021, 16:13:02) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] jinja version = 2.10.3 libyaml = True No config file found; using defaults Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 2 plays in /tmp/tmpcx8fxgbp/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpcx8fxgbp/_setup.yml:5 Monday 22 November 2021 17:06:31 +0000 (0:00:00.011) 0:00:00.011 ******* ok: [/cache/rhel-7.qcow2] => { "groups": { "all": [ "/cache/rhel-7.qcow2" ], "localhost": [ "/cache/rhel-7.qcow2" ], "subjects": [ "/cache/rhel-7.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:6 Monday 22 November 2021 17:06:31 +0000 (0:00:00.015) 0:00:00.026 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:13 Monday 22 November 2021 17:06:31 +0000 (0:00:00.023) 0:00:00.049 ******* changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 17:06:32 +0000 (0:00:01.374) 0:00:01.424 ******* =============================================================================== set up internal repositories -------------------------------------------- 1.37s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ fail -------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- PLAYBOOK: tests_include_vars_from_parent.yml *********************************** 1 plays in /tmp/tmpv0mqm1w9/tests/certificate/tests_include_vars_from_parent.yml PLAY [all] ********************************************************************* TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_include_vars_from_parent.yml:1 Monday 22 November 2021 17:06:32 +0000 (0:00:00.008) 0:00:01.432 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [create var file in caller that can override the one in called role] ****** task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_include_vars_from_parent.yml:3 Monday 22 November 2021 17:06:33 +0000 (0:00:00.994) 0:00:02.427 ******* changed: [/cache/rhel-7.qcow2 -> localhost] => (item=RedHat-7.9) => { "ansible_loop_var": "item", "changed": true, "checksum": "870b2314d3f4184a363b31373f07abb444f26444", "dest": "/tmp/tmpv0mqm1w9/tests/certificate/roles/caller/vars/RedHat-7.9.yml", "gid": 0, "group": "root", "item": "RedHat-7.9", "md5sum": "5a57da448a1d752b982858b38aab344d", "mode": "0600", "owner": "root", "size": 23, "src": "/root/.ansible/tmp/ansible-tmp-1637600793.4667037-29335-99967113364495/source", "state": "file", "uid": 0 } changed: [/cache/rhel-7.qcow2 -> localhost] => (item=RedHat-7) => { "ansible_loop_var": "item", "changed": true, "checksum": "870b2314d3f4184a363b31373f07abb444f26444", "dest": "/tmp/tmpv0mqm1w9/tests/certificate/roles/caller/vars/RedHat-7.yml", "gid": 0, "group": "root", "item": "RedHat-7", "md5sum": "5a57da448a1d752b982858b38aab344d", "mode": "0600", "owner": "root", "size": 23, "src": "/root/.ansible/tmp/ansible-tmp-1637600794.0511274-29335-177774318221061/source", "state": "file", "uid": 0 } changed: [/cache/rhel-7.qcow2 -> localhost] => (item=RedHat_7.9) => { "ansible_loop_var": "item", "changed": true, "checksum": "870b2314d3f4184a363b31373f07abb444f26444", "dest": "/tmp/tmpv0mqm1w9/tests/certificate/roles/caller/vars/RedHat_7.9.yml", "gid": 0, "group": "root", "item": "RedHat_7.9", "md5sum": "5a57da448a1d752b982858b38aab344d", "mode": "0600", "owner": "root", "size": 23, "src": "/root/.ansible/tmp/ansible-tmp-1637600794.3989842-29335-190072357401753/source", "state": "file", "uid": 0 } changed: [/cache/rhel-7.qcow2 -> localhost] => (item=RedHat_7) => { "ansible_loop_var": "item", "changed": true, "checksum": "870b2314d3f4184a363b31373f07abb444f26444", "dest": "/tmp/tmpv0mqm1w9/tests/certificate/roles/caller/vars/RedHat_7.yml", "gid": 0, "group": "root", "item": "RedHat_7", "md5sum": "5a57da448a1d752b982858b38aab344d", "mode": "0600", "owner": "root", "size": 23, "src": "/root/.ansible/tmp/ansible-tmp-1637600794.7438152-29335-88634246835153/source", "state": "file", "uid": 0 } changed: [/cache/rhel-7.qcow2 -> localhost] => (item=RedHat) => { "ansible_loop_var": "item", "changed": true, "checksum": "870b2314d3f4184a363b31373f07abb444f26444", "dest": "/tmp/tmpv0mqm1w9/tests/certificate/roles/caller/vars/RedHat.yml", "gid": 0, "group": "root", "item": "RedHat", "md5sum": "5a57da448a1d752b982858b38aab344d", "mode": "0600", "owner": "root", "size": 23, "src": "/root/.ansible/tmp/ansible-tmp-1637600795.0974927-29335-60504213004142/source", "state": "file", "uid": 0 } TASK [include_role : {{ roletoinclude }}] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/roles/caller/tasks/main.yml:4 Monday 22 November 2021 17:06:35 +0000 (0:00:02.012) 0:00:04.439 ******* TASK [fedora.linux_system_roles.certificate : Set version specific variables] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:2 Monday 22 November 2021 17:06:35 +0000 (0:00:00.031) 0:00:04.471 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/vars/RedHat_7.yml" ], "changed": false } TASK [fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:15 Monday 22 November 2021 17:06:35 +0000 (0:00:00.026) 0:00:04.497 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python-pyasn1", "python-cryptography" ] }, "rc": 0, "results": [ "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 rhel 503 k\n python2-pyasn1 noarch 0.1.9-7.el7 rhel 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 rhel 218 k\n python-enum34 noarch 1.0.4-1.el7 rhel 52 k\n python-idna noarch 2.4-1.el7 rhel 94 k\n python-ply noarch 3.4-11.el7 rhel 123 k\n python-pycparser noarch 2.14-1.el7 rhel 105 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 14 MB/s | 1.2 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n" ] } TASK [fedora.linux_system_roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:32 Monday 22 November 2021 17:06:40 +0000 (0:00:04.852) 0:00:09.349 ******* TASK [fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:43 Monday 22 November 2021 17:06:40 +0000 (0:00:00.019) 0:00:09.369 ******* TASK [fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:57 Monday 22 November 2021 17:06:40 +0000 (0:00:00.019) 0:00:09.388 ******* TASK [fedora.linux_system_roles.certificate : Ensure provider service is running] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:74 Monday 22 November 2021 17:06:40 +0000 (0:00:00.019) 0:00:09.408 ******* TASK [fedora.linux_system_roles.certificate : Ensure certificate requests] ***** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:84 Monday 22 November 2021 17:06:40 +0000 (0:00:00.017) 0:00:09.426 ******* META: role_complete for /cache/rhel-7.qcow2 TASK [caller : assert] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/roles/caller/tasks/main.yml:7 Monday 22 November 2021 17:06:40 +0000 (0:00:00.019) 0:00:09.445 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed META: role_complete for /cache/rhel-7.qcow2 META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=7 changed=3 unreachable=0 failed=0 skipped=6 rescued=0 ignored=0 Monday 22 November 2021 17:06:40 +0000 (0:00:00.029) 0:00:09.475 ******* =============================================================================== fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed --- 4.85s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:15 create var file in caller that can override the one in called role ------ 2.01s /tmp/tmpv0mqm1w9/tests/certificate/tests_include_vars_from_parent.yml:3 ------- set up internal repositories -------------------------------------------- 1.37s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ Gathering Facts --------------------------------------------------------- 0.99s /tmp/tmpv0mqm1w9/tests/certificate/tests_include_vars_from_parent.yml:1 ------- include_role : {{ roletoinclude }} -------------------------------------- 0.03s /tmp/tmpv0mqm1w9/tests/certificate/roles/caller/tasks/main.yml:4 -------------- caller : assert --------------------------------------------------------- 0.03s /tmp/tmpv0mqm1w9/tests/certificate/roles/caller/tasks/main.yml:7 -------------- fedora.linux_system_roles.certificate : Set version specific variables --- 0.03s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:2 fail -------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists --- 0.02s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:57 fedora.linux_system_roles.certificate : Ensure certificate requests ----- 0.02s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:84 fedora.linux_system_roles.certificate : Ensure provider packages are installed --- 0.02s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:32 fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists --- 0.02s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:43 fedora.linux_system_roles.certificate : Ensure provider service is running --- 0.02s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:74 debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- + cd /tmp/tmpv0mqm1w9/tests/certificate; TEST_SSHD_USEDNS_NO=True TEST_SUBJECTS=/cache/rhel-7.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-103-b309c26-rhel-7-3xzp9nbc/artifacts ANSIBLE_COLLECTIONS_PATHS=/tmp/tmpvzmns1ns:~/.ansible/collections:/usr/share/ansible/collections ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 --skip-tags=tests::cleanup,tests::nvme /tmp/tmpcx8fxgbp/_setup.yml /tmp/tmpv0mqm1w9/tests/certificate/tests_key_size.yml ansible-playbook [core 2.12.0.post0] config file = None configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.8/site-packages/ansible ansible collection location = /tmp/tmpvzmns1ns:/home/runner/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.8.8 (default, Aug 25 2021, 16:13:02) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] jinja version = 2.10.3 libyaml = True No config file found; using defaults Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 2 plays in /tmp/tmpcx8fxgbp/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpcx8fxgbp/_setup.yml:5 Monday 22 November 2021 17:06:55 +0000 (0:00:00.011) 0:00:00.011 ******* ok: [/cache/rhel-7.qcow2] => { "groups": { "all": [ "/cache/rhel-7.qcow2" ], "localhost": [ "/cache/rhel-7.qcow2" ], "subjects": [ "/cache/rhel-7.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:6 Monday 22 November 2021 17:06:55 +0000 (0:00:00.017) 0:00:00.029 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:13 Monday 22 November 2021 17:06:55 +0000 (0:00:00.026) 0:00:00.056 ******* changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 17:06:56 +0000 (0:00:01.374) 0:00:01.430 ******* =============================================================================== set up internal repositories -------------------------------------------- 1.37s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ fail -------------------------------------------------------------------- 0.03s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- PLAYBOOK: tests_key_size.yml *************************************************** 2 plays in /tmp/tmpv0mqm1w9/tests/certificate/tests_key_size.yml PLAY [Issue simple self-signed certificate] ************************************ TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_key_size.yml:2 Monday 22 November 2021 17:06:56 +0000 (0:00:00.017) 0:00:01.448 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [fedora.linux_system_roles.certificate : Set version specific variables] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:2 Monday 22 November 2021 17:06:57 +0000 (0:00:01.001) 0:00:02.450 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/vars/RedHat_7.yml" ], "changed": false } TASK [fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:15 Monday 22 November 2021 17:06:57 +0000 (0:00:00.035) 0:00:02.486 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python-pyasn1", "python-cryptography" ] }, "rc": 0, "results": [ "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 rhel 503 k\n python2-pyasn1 noarch 0.1.9-7.el7 rhel 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 rhel 218 k\n python-enum34 noarch 1.0.4-1.el7 rhel 52 k\n python-idna noarch 2.4-1.el7 rhel 94 k\n python-ply noarch 3.4-11.el7 rhel 123 k\n python-pycparser noarch 2.14-1.el7 rhel 105 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 9.6 MB/s | 1.2 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n" ] } TASK [fedora.linux_system_roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:32 Monday 22 November 2021 17:07:02 +0000 (0:00:04.851) 0:00:07.337 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": { "installed": [ "certmonger" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-14.el7 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository\n Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-14.el7 rhel 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 rhel 33 k\n libtevent x86_64 0.9.39-1.el7 rhel 41 k\n psmisc x86_64 22.20-17.el7 rhel 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 rhel 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 rhel 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 980 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 12 MB/s | 980 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-14.el7.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 2/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 3/6 \n Verifying : certmonger-0.78.4-14.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-14.el7 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n" ] } TASK [fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:43 Monday 22 November 2021 17:07:04 +0000 (0:00:02.145) 0:00:09.483 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:57 Monday 22 November 2021 17:07:05 +0000 (0:00:00.500) 0:00:09.983 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure provider service is running] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:74 Monday 22 November 2021 17:07:05 +0000 (0:00:00.338) 0:00:10.321 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "systemd-journald.socket syslog.target basic.target system.slice dbus.service network.target", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14968", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14968", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "system.slice basic.target", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0" } } TASK [fedora.linux_system_roles.certificate : Ensure certificate requests] ***** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:84 Monday 22 November 2021 17:07:06 +0000 (0:00:00.820) 0:00:11.142 ******* changed: [/cache/rhel-7.qcow2] => (item={'name': 'mycert', 'dns': 'www.example.com', 'ca': 'self-sign', 'key_size': 4096}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.com", "key_size": 4096, "name": "mycert" } } MSG: Certificate requested (new). META: role_complete for /cache/rhel-7.qcow2 META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_key_size.yml:14 Monday 22 November 2021 17:07:07 +0000 (0:00:01.607) 0:00:12.750 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_key_size.yml:29 Monday 22 November 2021 17:07:08 +0000 (0:00:00.693) 0:00:13.443 ******* included: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml for /cache/rhel-7.qcow2 => (item={'path': '/etc/pki/tls/certs/mycert.crt', 'key_path': '/etc/pki/tls/private/mycert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}], 'key_size': 4096}) TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:2 Monday 22 November 2021 17:07:08 +0000 (0:00:00.029) 0:00:13.473 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:6 Monday 22 November 2021 17:07:08 +0000 (0:00:00.014) 0:00:13.487 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python3" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-17.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-17.el7 for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-17.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-17.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-17.el7 rhel 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-17.el7 rhel 6.9 M\n python3-pip noarch 9.0.3-8.el7 rhel 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 rhel 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 63 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Installing : python3-libs-3.6.8-17.el7.x86_64 2/4 \n Installing : python3-3.6.8-17.el7.x86_64 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 1/4 \n Verifying : python3-3.6.8-17.el7.x86_64 2/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Verifying : python3-libs-3.6.8-17.el7.x86_64 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-17.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-17.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:11 Monday 22 November 2021 17:07:13 +0000 (0:00:04.464) 0:00:17.952 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting pip Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB) Installing collected packages: pip Found existing installation: pip 9.0.3 Uninstalling pip-9.0.3: Successfully uninstalled pip-9.0.3 Successfully installed pip-21.3.1 TASK [Install certreader] ****************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:18 Monday 22 November 2021 17:07:17 +0000 (0:00:04.575) 0:00:22.527 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting cryptography<35 Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB) Collecting certreader>=0.1.1 Downloading certreader-0.1.1.tar.gz (4.4 kB) Preparing metadata (setup.py): started Preparing metadata (setup.py): finished with status 'done' Collecting cffi>=1.12 Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB) Collecting pyasn1 Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB) Collecting pyyaml Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB) Collecting pycparser Downloading pycparser-2.21-py2.py3-none-any.whl (118 kB) Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed. Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader Running setup.py install for certreader: started Running setup.py install for certreader: finished with status 'done' Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.21 pyyaml-6.0 TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:26 Monday 22 November 2021 17:07:20 +0000 (0:00:03.123) 0:00:25.650 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600827.0286872, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "a122571fb469285724520d96e822cd25822e4e95", "ctime": 1637600827.0256872, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12986548, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637600827.0256872, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1659, "uid": 0, "version": "1248519871", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:31 Monday 22 November 2021 17:07:21 +0000 (0:00:00.441) 0:00:26.091 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:37 Monday 22 November 2021 17:07:21 +0000 (0:00:00.022) 0:00:26.113 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:43 Monday 22 November 2021 17:07:21 +0000 (0:00:00.037) 0:00:26.151 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:49 Monday 22 November 2021 17:07:21 +0000 (0:00:00.035) 0:00:26.187 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600826.9746873, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "95cab4eb682750c92ca3d1beba47e2c4904987c0", "ctime": 1637600827.0256872, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12986547, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637600827.0256872, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 3268, "uid": 0, "version": "18446744072774736010", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:54 Monday 22 November 2021 17:07:21 +0000 (0:00:00.321) 0:00:26.508 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:60 Monday 22 November 2021 17:07:21 +0000 (0:00:00.024) 0:00:26.533 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:66 Monday 22 November 2021 17:07:21 +0000 (0:00:00.044) 0:00:26.577 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt" ], "delta": "0:00:00.282764", "end": "2021-11-22 12:07:21.686439", "rc": 0, "start": "2021-11-22 12:07:21.403675" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.com" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "B6:9A:DE:65:42:3D:3B:3B:33:61:9D:F6:F9:F7:30:32:E8:7D:7E:17", "critical": false }, "authorityKeyIdentifier": { "value": "37:56:DF:0D:5E:F7:0C:8A:E8:F9:83:BC:72:32:6A:E9:31:72:FB:39", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "46:25:98:B0:C5:C8:D8:4B:08:EC:E3:6D:57:CE:E9:3B:88:33:7E:78:3F:3A:06:A0:8A:9E:4E:02:C2:61:29:78:C6:50:52:0D:D3:8B:71:1F:44:4F:C7:24:C1:5B:BC:1E:E4:81:AA:44:EF:EC:1E:3E:DE:4F:3D:0B:64:11:CC:D2:5A:F8:FB:20:93:79:AC:77:85:B3:78:3A:98:A5:3F:74:D1:D4:85:6A:49:1F:7A:47:F9:95:A0:D0:E7:79:F0:7D:7D:F0:F3:25:70:84:5B:17:16:E6:EE:75:F0:9A:3E:0C:CA:D0:85:AB:CE:21:5B:5B:7F:49:E1:0B:F3:43:36:D8:E7:24:0D:37:B0:58:E2:5F:42:D6:B2:8B:6C:A5:AE:99:8F:3D:58:61:2C:60:4C:48:3F:F3:1B:9A:C7:F1:C9:7B:FA:74:D8:0F:E9:EA:8E:AC:31:68:C4:01:91:5C:EE:90:25:E3:C3:59:92:11:A6:6E:64:58:93:31:FD:C9:16:4B:03:67:2B:02:D2:F4:89:AD:F1:1E:0A:8C:7E:AF:F6:69:4E:B8:D9:69:8F:93:83:57:9F:B0:54:DF:5A:49:4B:72:70:9B:48:87:04:7E:5B:EB:C6:2D:78:EE:85:58:EE:94:F5:CD:1A:8E:92:B7:38:8E:E8:09:3D:E9:88:4F:07:EE" }, "key_size": 4096, "validity": { "not_valid_after": "2022-11-22 17:07:05", "not_valid_before": "2021-11-22 17:07:07" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:71 Monday 22 November 2021 17:07:22 +0000 (0:00:00.722) 0:00:27.300 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "37:56:DF:0D:5E:F7:0C:8A:E8:F9:83:BC:72:32:6A:E9:31:72:FB:39" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "B6:9A:DE:65:42:3D:3B:3B:33:61:9D:F6:F9:F7:30:32:E8:7D:7E:17" } }, "key_size": 4096, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "46:25:98:B0:C5:C8:D8:4B:08:EC:E3:6D:57:CE:E9:3B:88:33:7E:78:3F:3A:06:A0:8A:9E:4E:02:C2:61:29:78:C6:50:52:0D:D3:8B:71:1F:44:4F:C7:24:C1:5B:BC:1E:E4:81:AA:44:EF:EC:1E:3E:DE:4F:3D:0B:64:11:CC:D2:5A:F8:FB:20:93:79:AC:77:85:B3:78:3A:98:A5:3F:74:D1:D4:85:6A:49:1F:7A:47:F9:95:A0:D0:E7:79:F0:7D:7D:F0:F3:25:70:84:5B:17:16:E6:EE:75:F0:9A:3E:0C:CA:D0:85:AB:CE:21:5B:5B:7F:49:E1:0B:F3:43:36:D8:E7:24:0D:37:B0:58:E2:5F:42:D6:B2:8B:6C:A5:AE:99:8F:3D:58:61:2C:60:4C:48:3F:F3:1B:9A:C7:F1:C9:7B:FA:74:D8:0F:E9:EA:8E:AC:31:68:C4:01:91:5C:EE:90:25:E3:C3:59:92:11:A6:6E:64:58:93:31:FD:C9:16:4B:03:67:2B:02:D2:F4:89:AD:F1:1E:0A:8C:7E:AF:F6:69:4E:B8:D9:69:8F:93:83:57:9F:B0:54:DF:5A:49:4B:72:70:9B:48:87:04:7E:5B:EB:C6:2D:78:EE:85:58:EE:94:F5:CD:1A:8E:92:B7:38:8E:E8:09:3D:E9:88:4F:07:EE" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "2022-11-22 17:07:05", "not_valid_before": "2021-11-22 17:07:07" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:75 Monday 22 November 2021 17:07:22 +0000 (0:00:00.034) 0:00:27.334 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:80 Monday 22 November 2021 17:07:22 +0000 (0:00:00.035) 0:00:27.370 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:85 Monday 22 November 2021 17:07:22 +0000 (0:00:00.022) 0:00:27.392 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:90 Monday 22 November 2021 17:07:22 +0000 (0:00:00.035) 0:00:27.428 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:99 Monday 22 November 2021 17:07:22 +0000 (0:00:00.034) 0:00:27.463 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:110 Monday 22 November 2021 17:07:22 +0000 (0:00:00.036) 0:00:27.499 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.041540", "end": "2021-11-22 12:07:22.237099", "rc": 0, "start": "2021-11-22 12:07:22.195559" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:115 Monday 22 November 2021 17:07:22 +0000 (0:00:00.349) 0:00:27.849 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=32 changed=10 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 17:07:23 +0000 (0:00:00.040) 0:00:27.890 ******* =============================================================================== fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed --- 4.85s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:15 Install the package, force upgrade -------------------------------------- 4.58s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:11 - Ensure python3 is installed --------------------------------------------- 4.46s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:6 -- Install certreader ------------------------------------------------------ 3.12s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:18 - fedora.linux_system_roles.certificate : Ensure provider packages are installed --- 2.15s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:32 fedora.linux_system_roles.certificate : Ensure certificate requests ----- 1.61s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:84 set up internal repositories -------------------------------------------- 1.37s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ Gathering Facts --------------------------------------------------------- 1.00s /tmp/tmpv0mqm1w9/tests/certificate/tests_key_size.yml:2 ----------------------- fedora.linux_system_roles.certificate : Ensure provider service is running --- 0.82s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:74 Parse certificate ------------------------------------------------------- 0.72s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:66 - Gathering Facts --------------------------------------------------------- 0.69s /tmp/tmpv0mqm1w9/tests/certificate/tests_key_size.yml:14 ---------------------- fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists --- 0.50s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:43 Retrieve certificate file stats ----------------------------------------- 0.44s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:26 - Retrieve auto-renew flag ------------------------------------------------ 0.35s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:110 fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists --- 0.34s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:57 Retrieve key file stats ------------------------------------------------- 0.32s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:49 - Verify key file owner and group ----------------------------------------- 0.04s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:60 - Verify certificate auto-renew flag -------------------------------------- 0.04s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:115 Verify certificate file owner and group --------------------------------- 0.04s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:37 - Verify certificate Extended Key Usage ----------------------------------- 0.04s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:99 - + cd /tmp/tmpv0mqm1w9/tests/certificate; TEST_SSHD_USEDNS_NO=True TEST_SUBJECTS=/cache/rhel-7.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-103-b309c26-rhel-7-3xzp9nbc/artifacts ANSIBLE_COLLECTIONS_PATHS=/tmp/tmpvzmns1ns:~/.ansible/collections:/usr/share/ansible/collections ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 --skip-tags=tests::cleanup,tests::nvme /tmp/tmpcx8fxgbp/_setup.yml /tmp/tmpv0mqm1w9/tests/certificate/tests_key_usage_and_extended_key_usage.yml ansible-playbook [core 2.12.0.post0] config file = None configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.8/site-packages/ansible ansible collection location = /tmp/tmpvzmns1ns:/home/runner/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.8.8 (default, Aug 25 2021, 16:13:02) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] jinja version = 2.10.3 libyaml = True No config file found; using defaults Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 2 plays in /tmp/tmpcx8fxgbp/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpcx8fxgbp/_setup.yml:5 Monday 22 November 2021 17:07:37 +0000 (0:00:00.011) 0:00:00.011 ******* ok: [/cache/rhel-7.qcow2] => { "groups": { "all": [ "/cache/rhel-7.qcow2" ], "localhost": [ "/cache/rhel-7.qcow2" ], "subjects": [ "/cache/rhel-7.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:6 Monday 22 November 2021 17:07:37 +0000 (0:00:00.017) 0:00:00.028 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:13 Monday 22 November 2021 17:07:37 +0000 (0:00:00.024) 0:00:00.053 ******* changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 17:07:38 +0000 (0:00:01.326) 0:00:01.380 ******* =============================================================================== set up internal repositories -------------------------------------------- 1.33s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ fail -------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- PLAYBOOK: tests_key_usage_and_extended_key_usage.yml *************************** 2 plays in /tmp/tmpv0mqm1w9/tests/certificate/tests_key_usage_and_extended_key_usage.yml PLAY [Issue simple self-signed certificate] ************************************ TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_key_usage_and_extended_key_usage.yml:2 Monday 22 November 2021 17:07:38 +0000 (0:00:00.019) 0:00:01.399 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [fedora.linux_system_roles.certificate : Set version specific variables] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:2 Monday 22 November 2021 17:07:39 +0000 (0:00:00.951) 0:00:02.350 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/vars/RedHat_7.yml" ], "changed": false } TASK [fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:15 Monday 22 November 2021 17:07:39 +0000 (0:00:00.027) 0:00:02.378 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python-pyasn1", "python-cryptography" ] }, "rc": 0, "results": [ "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 rhel 503 k\n python2-pyasn1 noarch 0.1.9-7.el7 rhel 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 rhel 218 k\n python-enum34 noarch 1.0.4-1.el7 rhel 52 k\n python-idna noarch 2.4-1.el7 rhel 94 k\n python-ply noarch 3.4-11.el7 rhel 123 k\n python-pycparser noarch 2.14-1.el7 rhel 105 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 2.0 MB/s | 1.2 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n" ] } TASK [fedora.linux_system_roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:32 Monday 22 November 2021 17:07:44 +0000 (0:00:05.208) 0:00:07.587 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": { "installed": [ "certmonger" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-14.el7 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository\n Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-14.el7 rhel 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 rhel 33 k\n libtevent x86_64 0.9.39-1.el7 rhel 41 k\n psmisc x86_64 22.20-17.el7 rhel 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 rhel 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 rhel 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 980 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 14 MB/s | 980 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-14.el7.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 2/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 3/6 \n Verifying : certmonger-0.78.4-14.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-14.el7 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n" ] } TASK [fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:43 Monday 22 November 2021 17:07:46 +0000 (0:00:02.098) 0:00:09.686 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:57 Monday 22 November 2021 17:07:47 +0000 (0:00:00.490) 0:00:10.177 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure provider service is running] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:74 Monday 22 November 2021 17:07:47 +0000 (0:00:00.336) 0:00:10.513 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "syslog.target systemd-journald.socket dbus.service basic.target system.slice network.target", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14968", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14968", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "basic.target system.slice", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0" } } TASK [fedora.linux_system_roles.certificate : Ensure certificate requests] ***** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:84 Monday 22 November 2021 17:07:48 +0000 (0:00:00.817) 0:00:11.330 ******* changed: [/cache/rhel-7.qcow2] => (item={'name': 'mycert', 'dns': 'www.example.com', 'key_usage': ['digitalSignature', 'nonRepudiation', 'keyEncipherment'], 'extended_key_usage': ['id-kp-clientAuth', 'id-kp-serverAuth', 'id-kp-ipsecTunnel', '1.3.6.1.5.2.3.5'], 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.com", "extended_key_usage": [ "id-kp-clientAuth", "id-kp-serverAuth", "id-kp-ipsecTunnel", "1.3.6.1.5.2.3.5" ], "key_usage": [ "digitalSignature", "nonRepudiation", "keyEncipherment" ], "name": "mycert" } } MSG: Certificate requested (new). META: role_complete for /cache/rhel-7.qcow2 META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_key_usage_and_extended_key_usage.yml:22 Monday 22 November 2021 17:07:49 +0000 (0:00:00.874) 0:00:12.204 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_key_usage_and_extended_key_usage.yml:49 Monday 22 November 2021 17:07:50 +0000 (0:00:00.684) 0:00:12.889 ******* included: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml for /cache/rhel-7.qcow2 => (item={'path': '/etc/pki/tls/certs/mycert.crt', 'key_path': '/etc/pki/tls/private/mycert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}], 'key_usage': ['digital_signature', 'content_commitment', 'key_encipherment'], 'extended_key_usage': [{'name': 'id-kp-clientAuth', 'oid': '1.3.6.1.5.5.7.3.2'}, {'name': 'id-kp-serverAuth', 'oid': '1.3.6.1.5.5.7.3.1'}, {'name': 'id-kp-ipsecTunnel', 'oid': '1.3.6.1.5.5.7.3.6'}, {'name': None, 'oid': '1.3.6.1.5.2.3.5'}]}) TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:2 Monday 22 November 2021 17:07:50 +0000 (0:00:00.030) 0:00:12.920 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:6 Monday 22 November 2021 17:07:50 +0000 (0:00:00.015) 0:00:12.935 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python3" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-17.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-17.el7 for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-17.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-17.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-17.el7 rhel 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-17.el7 rhel 6.9 M\n python3-pip noarch 9.0.3-8.el7 rhel 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 rhel 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 64 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Installing : python3-libs-3.6.8-17.el7.x86_64 2/4 \n Installing : python3-3.6.8-17.el7.x86_64 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 1/4 \n Verifying : python3-3.6.8-17.el7.x86_64 2/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Verifying : python3-libs-3.6.8-17.el7.x86_64 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-17.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-17.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:11 Monday 22 November 2021 17:07:54 +0000 (0:00:04.353) 0:00:17.288 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting pip Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB) Installing collected packages: pip Found existing installation: pip 9.0.3 Uninstalling pip-9.0.3: Successfully uninstalled pip-9.0.3 Successfully installed pip-21.3.1 TASK [Install certreader] ****************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:18 Monday 22 November 2021 17:07:59 +0000 (0:00:04.557) 0:00:21.845 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting cryptography<35 Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB) Collecting certreader>=0.1.1 Downloading certreader-0.1.1.tar.gz (4.4 kB) Preparing metadata (setup.py): started Preparing metadata (setup.py): finished with status 'done' Collecting cffi>=1.12 Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB) Collecting pyasn1 Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB) Collecting pyyaml Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB) Collecting pycparser Downloading pycparser-2.21-py2.py3-none-any.whl (118 kB) Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed. Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader Running setup.py install for certreader: started Running setup.py install for certreader: finished with status 'done' Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.21 pyyaml-6.0 TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:26 Monday 22 November 2021 17:08:02 +0000 (0:00:03.109) 0:00:24.955 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600869.0105054, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "93d73be12fa2ebe9f0295800eecfac935a216d2f", "ctime": 1637600869.0085056, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12584399, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637600869.0085056, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1338, "uid": 0, "version": "18446744073535763361", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:31 Monday 22 November 2021 17:08:02 +0000 (0:00:00.483) 0:00:25.439 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:37 Monday 22 November 2021 17:08:02 +0000 (0:00:00.020) 0:00:25.460 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:43 Monday 22 November 2021 17:08:02 +0000 (0:00:00.037) 0:00:25.497 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:49 Monday 22 November 2021 17:08:02 +0000 (0:00:00.034) 0:00:25.531 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600868.9695055, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "23c4c38298980e5918614b32c1c817def8420fcb", "ctime": 1637600869.0085056, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12584398, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637600869.0085056, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "18446744072893984152", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:54 Monday 22 November 2021 17:08:03 +0000 (0:00:00.335) 0:00:25.867 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:60 Monday 22 November 2021 17:08:03 +0000 (0:00:00.021) 0:00:25.888 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:66 Monday 22 November 2021 17:08:03 +0000 (0:00:00.034) 0:00:25.922 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt" ], "delta": "0:00:00.258800", "end": "2021-11-22 12:08:03.562513", "rc": 0, "start": "2021-11-22 12:08:03.303713" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "content_commitment", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.com" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" }, { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-ipsecTunnel", "oid": "1.3.6.1.5.5.7.3.6" }, { "name": null, "oid": "1.3.6.1.5.2.3.5" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "62:2A:C1:7E:8A:7F:53:27:54:91:AE:79:F6:A4:CB:2A:F5:D5:D1:46", "critical": false }, "authorityKeyIdentifier": { "value": "89:D1:92:45:8B:E9:03:6B:A0:62:3A:05:BF:FE:E3:3F:32:09:99:80", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "C2:34:95:01:D6:38:A7:CF:97:97:11:90:74:7C:D5:26:6D:49:BC:9F:A9:A1:C5:24:45:C9:E6:21:F6:73:E1:06:91:B9:4C:20:E8:08:D9:1D:14:7A:60:96:41:87:69:FD:7A:3D:BF:4B:F2:1B:D7:19:60:BA:ED:27:72:0B:A1:A6:15:9A:08:59:D3:D6:9B:C1:23:79:11:99:88:F4:40:81:0C:7A:14:94:C0:77:18:AE:DB:AD:93:19:0A:48:E4:8A:67:6F:CA:0C:AA:AC:C9:CC:FD:89:01:63:8C:08:D8:C6:40:13:03:0B:52:8C:EC:3E:F5:81:BE:9E:28:FA:24:F3:66:3B:3A:5C:99:09:5D:BD:6A:15:D9:AE:95:FB:28:92:A3:1A:43:C9:AE:FF:D6:62:2F:60:08:58:DC:79:49:5E:12:96:AF:A4:7E:7E:52:6E:BB:D0:DA:70:AB:49:FA:BE:E3:5A:5E:10:AE:EC:1C:76:2A:84:78:0F:5D:0D:DE:60:6A:FB:B8:2B:10:03:71:47:03:E2:FB:ED:68:21:19:DE:5D:CD:8E:2D:32:05:02:59:54:0B:00:D3:DE:EE:8B:3E:1F:4B:5D:E2:04:E7:63:FD:9B:BA:71:32:65:9D:63:24:A1:47:D4:32:58:E9:BB:F5:70:A0:5C:5C:F8:BF:36:67" }, "key_size": 2048, "validity": { "not_valid_after": "2022-11-22 17:07:48", "not_valid_before": "2021-11-22 17:07:49" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:71 Monday 22 November 2021 17:08:03 +0000 (0:00:00.722) 0:00:26.644 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "89:D1:92:45:8B:E9:03:6B:A0:62:3A:05:BF:FE:E3:3F:32:09:99:80" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" }, { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-ipsecTunnel", "oid": "1.3.6.1.5.5.7.3.6" }, { "name": null, "oid": "1.3.6.1.5.2.3.5" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "content_commitment", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "62:2A:C1:7E:8A:7F:53:27:54:91:AE:79:F6:A4:CB:2A:F5:D5:D1:46" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "C2:34:95:01:D6:38:A7:CF:97:97:11:90:74:7C:D5:26:6D:49:BC:9F:A9:A1:C5:24:45:C9:E6:21:F6:73:E1:06:91:B9:4C:20:E8:08:D9:1D:14:7A:60:96:41:87:69:FD:7A:3D:BF:4B:F2:1B:D7:19:60:BA:ED:27:72:0B:A1:A6:15:9A:08:59:D3:D6:9B:C1:23:79:11:99:88:F4:40:81:0C:7A:14:94:C0:77:18:AE:DB:AD:93:19:0A:48:E4:8A:67:6F:CA:0C:AA:AC:C9:CC:FD:89:01:63:8C:08:D8:C6:40:13:03:0B:52:8C:EC:3E:F5:81:BE:9E:28:FA:24:F3:66:3B:3A:5C:99:09:5D:BD:6A:15:D9:AE:95:FB:28:92:A3:1A:43:C9:AE:FF:D6:62:2F:60:08:58:DC:79:49:5E:12:96:AF:A4:7E:7E:52:6E:BB:D0:DA:70:AB:49:FA:BE:E3:5A:5E:10:AE:EC:1C:76:2A:84:78:0F:5D:0D:DE:60:6A:FB:B8:2B:10:03:71:47:03:E2:FB:ED:68:21:19:DE:5D:CD:8E:2D:32:05:02:59:54:0B:00:D3:DE:EE:8B:3E:1F:4B:5D:E2:04:E7:63:FD:9B:BA:71:32:65:9D:63:24:A1:47:D4:32:58:E9:BB:F5:70:A0:5C:5C:F8:BF:36:67" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "2022-11-22 17:07:48", "not_valid_before": "2021-11-22 17:07:49" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:75 Monday 22 November 2021 17:08:03 +0000 (0:00:00.033) 0:00:26.678 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:80 Monday 22 November 2021 17:08:03 +0000 (0:00:00.035) 0:00:26.713 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:85 Monday 22 November 2021 17:08:03 +0000 (0:00:00.021) 0:00:26.735 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:90 Monday 22 November 2021 17:08:04 +0000 (0:00:00.031) 0:00:26.767 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:99 Monday 22 November 2021 17:08:04 +0000 (0:00:00.035) 0:00:26.802 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:110 Monday 22 November 2021 17:08:04 +0000 (0:00:00.037) 0:00:26.840 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.038234", "end": "2021-11-22 12:08:04.107525", "rc": 0, "start": "2021-11-22 12:08:04.069291" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:115 Monday 22 November 2021 17:08:04 +0000 (0:00:00.348) 0:00:27.188 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=32 changed=10 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 17:08:04 +0000 (0:00:00.041) 0:00:27.229 ******* =============================================================================== fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed --- 5.21s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:15 Install the package, force upgrade -------------------------------------- 4.56s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:11 - Ensure python3 is installed --------------------------------------------- 4.35s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:6 -- Install certreader ------------------------------------------------------ 3.11s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:18 - fedora.linux_system_roles.certificate : Ensure provider packages are installed --- 2.10s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:32 set up internal repositories -------------------------------------------- 1.33s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ Gathering Facts --------------------------------------------------------- 0.95s /tmp/tmpv0mqm1w9/tests/certificate/tests_key_usage_and_extended_key_usage.yml:2 fedora.linux_system_roles.certificate : Ensure certificate requests ----- 0.87s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:84 fedora.linux_system_roles.certificate : Ensure provider service is running --- 0.82s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:74 Parse certificate ------------------------------------------------------- 0.72s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:66 - Gathering Facts --------------------------------------------------------- 0.68s /tmp/tmpv0mqm1w9/tests/certificate/tests_key_usage_and_extended_key_usage.yml:22 fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists --- 0.49s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:43 Retrieve certificate file stats ----------------------------------------- 0.48s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:26 - Retrieve auto-renew flag ------------------------------------------------ 0.35s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:110 fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists --- 0.34s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:57 Retrieve key file stats ------------------------------------------------- 0.34s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:49 - Verify certificate auto-renew flag -------------------------------------- 0.04s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:115 Verify certificate Extended Key Usage ----------------------------------- 0.04s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:99 - Verify certificate file owner and group --------------------------------- 0.04s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:37 - Verify certificate Key Usage -------------------------------------------- 0.04s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:90 - + cd /tmp/tmpv0mqm1w9/tests/certificate; TEST_SSHD_USEDNS_NO=True TEST_SUBJECTS=/cache/rhel-7.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-103-b309c26-rhel-7-3xzp9nbc/artifacts ANSIBLE_COLLECTIONS_PATHS=/tmp/tmpvzmns1ns:~/.ansible/collections:/usr/share/ansible/collections ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 --skip-tags=tests::cleanup,tests::nvme /tmp/tmpcx8fxgbp/_setup.yml /tmp/tmpv0mqm1w9/tests/certificate/tests_many_self_signed.yml ansible-playbook [core 2.12.0.post0] config file = None configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.8/site-packages/ansible ansible collection location = /tmp/tmpvzmns1ns:/home/runner/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.8.8 (default, Aug 25 2021, 16:13:02) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] jinja version = 2.10.3 libyaml = True No config file found; using defaults Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 2 plays in /tmp/tmpcx8fxgbp/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpcx8fxgbp/_setup.yml:5 Monday 22 November 2021 17:08:18 +0000 (0:00:00.010) 0:00:00.011 ******* ok: [/cache/rhel-7.qcow2] => { "groups": { "all": [ "/cache/rhel-7.qcow2" ], "localhost": [ "/cache/rhel-7.qcow2" ], "subjects": [ "/cache/rhel-7.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:6 Monday 22 November 2021 17:08:18 +0000 (0:00:00.017) 0:00:00.028 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:13 Monday 22 November 2021 17:08:18 +0000 (0:00:00.024) 0:00:00.053 ******* changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 17:08:20 +0000 (0:00:01.375) 0:00:01.429 ******* =============================================================================== set up internal repositories -------------------------------------------- 1.38s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ fail -------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- PLAYBOOK: tests_many_self_signed.yml ******************************************* 2 plays in /tmp/tmpv0mqm1w9/tests/certificate/tests_many_self_signed.yml PLAY [Issue many self-signed certificates] ************************************* TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_many_self_signed.yml:2 Monday 22 November 2021 17:08:20 +0000 (0:00:00.018) 0:00:01.447 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [fedora.linux_system_roles.certificate : Set version specific variables] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:2 Monday 22 November 2021 17:08:21 +0000 (0:00:01.004) 0:00:02.452 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/vars/RedHat_7.yml" ], "changed": false } TASK [fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:15 Monday 22 November 2021 17:08:21 +0000 (0:00:00.029) 0:00:02.481 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python-pyasn1", "python-cryptography" ] }, "rc": 0, "results": [ "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 rhel 503 k\n python2-pyasn1 noarch 0.1.9-7.el7 rhel 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 rhel 218 k\n python-enum34 noarch 1.0.4-1.el7 rhel 52 k\n python-idna noarch 2.4-1.el7 rhel 94 k\n python-ply noarch 3.4-11.el7 rhel 123 k\n python-pycparser noarch 2.14-1.el7 rhel 105 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 14 MB/s | 1.2 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n" ] } TASK [fedora.linux_system_roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:32 Monday 22 November 2021 17:08:25 +0000 (0:00:04.843) 0:00:07.325 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": { "installed": [ "certmonger" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-14.el7 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository\n Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-14.el7 rhel 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 rhel 33 k\n libtevent x86_64 0.9.39-1.el7 rhel 41 k\n psmisc x86_64 22.20-17.el7 rhel 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 rhel 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 rhel 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 980 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 13 MB/s | 980 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-14.el7.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 2/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 3/6 \n Verifying : certmonger-0.78.4-14.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-14.el7 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n" ] } TASK [fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:43 Monday 22 November 2021 17:08:28 +0000 (0:00:02.162) 0:00:09.487 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:57 Monday 22 November 2021 17:08:28 +0000 (0:00:00.521) 0:00:10.009 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure provider service is running] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:74 Monday 22 November 2021 17:08:28 +0000 (0:00:00.340) 0:00:10.349 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "basic.target system.slice syslog.target network.target dbus.service systemd-journald.socket", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14968", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14968", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "system.slice basic.target", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0" } } TASK [fedora.linux_system_roles.certificate : Ensure certificate requests] ***** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:84 Monday 22 November 2021 17:08:29 +0000 (0:00:00.859) 0:00:11.209 ******* changed: [/cache/rhel-7.qcow2] => (item={'name': 'mycert', 'dns': 'www.example.com', 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.com", "name": "mycert" } } MSG: Certificate requested (new). changed: [/cache/rhel-7.qcow2] => (item={'name': 'other-cert', 'dns': 'www.example.org', 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.org", "name": "other-cert" } } MSG: Certificate requested (new). changed: [/cache/rhel-7.qcow2] => (item={'name': 'another-cert', 'dns': 'www.example.net', 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.net", "name": "another-cert" } } MSG: Certificate requested (new). META: role_complete for /cache/rhel-7.qcow2 META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_many_self_signed.yml:18 Monday 22 November 2021 17:08:31 +0000 (0:00:02.095) 0:00:13.304 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_many_self_signed.yml:50 Monday 22 November 2021 17:08:32 +0000 (0:00:00.689) 0:00:13.994 ******* included: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml for /cache/rhel-7.qcow2 => (item={'path': '/etc/pki/tls/certs/mycert.crt', 'key_path': '/etc/pki/tls/private/mycert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}]}) included: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml for /cache/rhel-7.qcow2 => (item={'path': '/etc/pki/tls/certs/other-cert.crt', 'key_path': '/etc/pki/tls/private/other-cert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.org'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.org'}]}) included: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml for /cache/rhel-7.qcow2 => (item={'path': '/etc/pki/tls/certs/another-cert.crt', 'key_path': '/etc/pki/tls/private/another-cert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.net'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.net'}]}) TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:2 Monday 22 November 2021 17:08:32 +0000 (0:00:00.043) 0:00:14.038 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:6 Monday 22 November 2021 17:08:32 +0000 (0:00:00.016) 0:00:14.054 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python3" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-17.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-17.el7 for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-17.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-17.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-17.el7 rhel 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-17.el7 rhel 6.9 M\n python3-pip noarch 9.0.3-8.el7 rhel 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 rhel 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 67 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Installing : python3-libs-3.6.8-17.el7.x86_64 2/4 \n Installing : python3-3.6.8-17.el7.x86_64 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 1/4 \n Verifying : python3-3.6.8-17.el7.x86_64 2/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Verifying : python3-libs-3.6.8-17.el7.x86_64 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-17.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-17.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:11 Monday 22 November 2021 17:08:37 +0000 (0:00:04.449) 0:00:18.504 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting pip Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB) Installing collected packages: pip Found existing installation: pip 9.0.3 Uninstalling pip-9.0.3: Successfully uninstalled pip-9.0.3 Successfully installed pip-21.3.1 TASK [Install certreader] ****************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:18 Monday 22 November 2021 17:08:41 +0000 (0:00:04.702) 0:00:23.206 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting cryptography<35 Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB) Collecting certreader>=0.1.1 Downloading certreader-0.1.1.tar.gz (4.4 kB) Preparing metadata (setup.py): started Preparing metadata (setup.py): finished with status 'done' Collecting cffi>=1.12 Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB) Collecting pyasn1 Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB) Collecting pyyaml Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB) Collecting pycparser Downloading pycparser-2.21-py2.py3-none-any.whl (118 kB) Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed. Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader Running setup.py install for certreader: started Running setup.py install for certreader: finished with status 'done' Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.21 pyyaml-6.0 TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:26 Monday 22 November 2021 17:08:44 +0000 (0:00:03.167) 0:00:26.374 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600909.795542, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "2dc6d44653541c8593c3be976bd2a469330bad7f", "ctime": 1637600909.792542, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12584399, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637600909.792542, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1310, "uid": 0, "version": "1561895172", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:31 Monday 22 November 2021 17:08:45 +0000 (0:00:00.429) 0:00:26.803 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:37 Monday 22 November 2021 17:08:45 +0000 (0:00:00.019) 0:00:26.823 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:43 Monday 22 November 2021 17:08:45 +0000 (0:00:00.032) 0:00:26.855 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:49 Monday 22 November 2021 17:08:45 +0000 (0:00:00.029) 0:00:26.885 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600909.752542, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "37772e2b52778654826aa764533b585cc496be0d", "ctime": 1637600909.792542, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12584398, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637600909.792542, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "55937578", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:54 Monday 22 November 2021 17:08:45 +0000 (0:00:00.291) 0:00:27.176 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:60 Monday 22 November 2021 17:08:45 +0000 (0:00:00.019) 0:00:27.196 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:66 Monday 22 November 2021 17:08:45 +0000 (0:00:00.034) 0:00:27.231 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt" ], "delta": "0:00:00.266762", "end": "2021-11-22 12:08:45.813568", "rc": 0, "start": "2021-11-22 12:08:45.546806" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.com" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "66:9F:8F:3B:2F:61:07:7F:FA:D8:83:36:7C:C4:BF:AC:3E:32:FC:F0", "critical": false }, "authorityKeyIdentifier": { "value": "C4:8F:6D:6F:90:90:E9:92:50:4B:6A:55:35:EA:E8:F5:35:07:30:0B", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "8E:95:E9:C0:30:BB:16:EE:D3:E1:9D:66:19:86:AE:D9:4A:CF:92:71:F9:F1:38:FF:29:18:77:FF:A7:C1:27:6B:B6:04:EE:F4:AD:B6:EF:AE:4C:9D:99:AD:C4:9A:3B:91:3C:39:E2:C1:42:59:91:4A:8D:9E:16:BF:F8:50:EF:AA:01:73:DD:35:AD:37:2D:6F:98:E8:8A:22:D4:0B:5A:CE:20:EA:53:E6:7B:68:44:7C:A6:3D:91:77:F0:CE:7C:0C:5A:8E:E6:27:ED:A4:FA:AC:9A:C1:A9:45:7B:A5:95:72:1C:B5:D7:8D:5A:57:BF:DD:5F:DD:EC:82:C3:65:D5:91:21:A2:64:F9:3B:84:3F:05:E7:F4:E2:C0:22:3D:FF:79:E5:36:3F:54:04:83:09:21:E6:C5:4D:F2:28:F9:1F:7C:4D:88:69:E7:0D:32:6B:92:12:A8:DB:6E:B3:BA:5C:AE:D6:4C:B8:2B:32:FF:E9:0B:D2:08:EA:53:F5:91:0E:06:19:60:A5:B8:8C:32:07:FF:D2:19:B0:61:38:D9:9E:AD:48:39:4A:0A:BF:6F:7A:CB:E2:06:4B:2D:36:A5:13:45:66:2A:19:F9:12:F4:48:49:34:4D:EA:90:3F:EF:C9:F6:68:F7:69:51:27:EE:56:22:49:EB:8F:17:FB:3B:4E:85" }, "key_size": 2048, "validity": { "not_valid_after": "2022-11-22 17:08:29", "not_valid_before": "2021-11-22 17:08:29" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:71 Monday 22 November 2021 17:08:46 +0000 (0:00:00.694) 0:00:27.925 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "C4:8F:6D:6F:90:90:E9:92:50:4B:6A:55:35:EA:E8:F5:35:07:30:0B" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "66:9F:8F:3B:2F:61:07:7F:FA:D8:83:36:7C:C4:BF:AC:3E:32:FC:F0" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "8E:95:E9:C0:30:BB:16:EE:D3:E1:9D:66:19:86:AE:D9:4A:CF:92:71:F9:F1:38:FF:29:18:77:FF:A7:C1:27:6B:B6:04:EE:F4:AD:B6:EF:AE:4C:9D:99:AD:C4:9A:3B:91:3C:39:E2:C1:42:59:91:4A:8D:9E:16:BF:F8:50:EF:AA:01:73:DD:35:AD:37:2D:6F:98:E8:8A:22:D4:0B:5A:CE:20:EA:53:E6:7B:68:44:7C:A6:3D:91:77:F0:CE:7C:0C:5A:8E:E6:27:ED:A4:FA:AC:9A:C1:A9:45:7B:A5:95:72:1C:B5:D7:8D:5A:57:BF:DD:5F:DD:EC:82:C3:65:D5:91:21:A2:64:F9:3B:84:3F:05:E7:F4:E2:C0:22:3D:FF:79:E5:36:3F:54:04:83:09:21:E6:C5:4D:F2:28:F9:1F:7C:4D:88:69:E7:0D:32:6B:92:12:A8:DB:6E:B3:BA:5C:AE:D6:4C:B8:2B:32:FF:E9:0B:D2:08:EA:53:F5:91:0E:06:19:60:A5:B8:8C:32:07:FF:D2:19:B0:61:38:D9:9E:AD:48:39:4A:0A:BF:6F:7A:CB:E2:06:4B:2D:36:A5:13:45:66:2A:19:F9:12:F4:48:49:34:4D:EA:90:3F:EF:C9:F6:68:F7:69:51:27:EE:56:22:49:EB:8F:17:FB:3B:4E:85" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "2022-11-22 17:08:29", "not_valid_before": "2021-11-22 17:08:29" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:75 Monday 22 November 2021 17:08:46 +0000 (0:00:00.035) 0:00:27.960 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:80 Monday 22 November 2021 17:08:46 +0000 (0:00:00.035) 0:00:27.995 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:85 Monday 22 November 2021 17:08:46 +0000 (0:00:00.022) 0:00:28.018 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:90 Monday 22 November 2021 17:08:46 +0000 (0:00:00.034) 0:00:28.052 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:99 Monday 22 November 2021 17:08:46 +0000 (0:00:00.033) 0:00:28.085 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:110 Monday 22 November 2021 17:08:46 +0000 (0:00:00.032) 0:00:28.118 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.041225", "end": "2021-11-22 12:08:46.351085", "rc": 0, "start": "2021-11-22 12:08:46.309860" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:115 Monday 22 November 2021 17:08:47 +0000 (0:00:00.340) 0:00:28.458 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:2 Monday 22 November 2021 17:08:47 +0000 (0:00:00.034) 0:00:28.493 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:6 Monday 22 November 2021 17:08:47 +0000 (0:00:00.015) 0:00:28.509 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0, "results": [ "python3-3.6.8-17.el7.x86_64 providing python3 is already installed" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:11 Monday 22 November 2021 17:08:47 +0000 (0:00:00.515) 0:00:29.024 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1) TASK [Install certreader] ****************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:18 Monday 22 November 2021 17:08:48 +0000 (0:00:00.948) 0:00:29.973 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8) Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1) Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.0) Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8) Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0) Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21) TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:26 Monday 22 November 2021 17:08:49 +0000 (0:00:00.816) 0:00:30.789 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600910.324542, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "82d810ae35ad4e43515ca3deb2adc886fccbc2da", "ctime": 1637600910.321542, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12584403, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637600910.321542, "nlink": 1, "path": "/etc/pki/tls/certs/other-cert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1310, "uid": 0, "version": "138086009", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:31 Monday 22 November 2021 17:08:49 +0000 (0:00:00.333) 0:00:31.123 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:37 Monday 22 November 2021 17:08:49 +0000 (0:00:00.021) 0:00:31.144 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:43 Monday 22 November 2021 17:08:49 +0000 (0:00:00.036) 0:00:31.180 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:49 Monday 22 November 2021 17:08:49 +0000 (0:00:00.034) 0:00:31.215 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600910.282542, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "dba46dcf52634cb075d39aa62014bbb05e8cc660", "ctime": 1637600910.321542, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12584402, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637600910.321542, "nlink": 1, "path": "/etc/pki/tls/private/other-cert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1708, "uid": 0, "version": "18446744073279144763", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:54 Monday 22 November 2021 17:08:50 +0000 (0:00:00.328) 0:00:31.543 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:60 Monday 22 November 2021 17:08:50 +0000 (0:00:00.021) 0:00:31.564 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:66 Monday 22 November 2021 17:08:50 +0000 (0:00:00.036) 0:00:31.601 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/other-cert.crt" ], "delta": "0:00:00.260219", "end": "2021-11-22 12:08:50.063682", "rc": 0, "start": "2021-11-22 12:08:49.803463" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.org" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.org" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "AD:93:44:AE:36:0A:FC:DC:4D:80:4B:97:EA:70:61:F3:82:5C:54:75", "critical": false }, "authorityKeyIdentifier": { "value": "C4:8F:6D:6F:90:90:E9:92:50:4B:6A:55:35:EA:E8:F5:35:07:30:0B", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "18:80:25:42:EA:A7:85:4D:6E:D1:1F:8D:95:D2:B7:86:84:C9:46:69:15:50:06:6B:0C:EA:44:30:39:29:80:24:19:05:FC:CC:0A:40:51:14:05:66:65:8A:EB:3A:84:2D:60:70:DC:A0:B7:E6:8D:DE:BA:B3:5F:0B:9F:80:37:91:4A:A0:A0:D9:9A:76:3B:48:FA:8F:CB:27:60:CB:C4:52:F2:BD:47:DA:D3:EC:EC:EC:48:DB:35:71:75:F1:74:17:41:D4:67:D2:DF:D4:39:59:EC:42:71:3D:83:FA:AC:5B:9A:FB:E2:DA:2E:42:3F:BF:E4:0A:6B:C6:17:21:07:82:B4:51:BF:5B:C5:56:01:A6:D3:85:38:B1:EF:4B:10:CB:7E:49:77:FC:FE:79:20:E7:D8:87:42:FE:C2:DA:04:73:6F:60:11:19:F8:5E:77:4E:41:23:6B:51:66:88:46:C7:8E:DF:DF:36:7D:53:2F:3D:CC:8F:B2:FE:E8:50:EC:3C:F7:D6:93:A8:F0:6C:EF:A5:17:D9:33:4C:6B:1A:0B:82:42:95:1E:DF:DC:08:98:45:0A:60:D2:A0:8F:DD:B8:00:56:54:2F:B0:FC:9E:DC:9C:B1:44:F6:E0:DE:74:2E:27:B2:14:CF:5F:3B:43:42:72:B8:BD:F4:5A:A1:1F:6D:82" }, "key_size": 2048, "validity": { "not_valid_after": "2022-11-22 17:08:29", "not_valid_before": "2021-11-22 17:08:30" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:71 Monday 22 November 2021 17:08:50 +0000 (0:00:00.573) 0:00:32.174 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "C4:8F:6D:6F:90:90:E9:92:50:4B:6A:55:35:EA:E8:F5:35:07:30:0B" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.org" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "AD:93:44:AE:36:0A:FC:DC:4D:80:4B:97:EA:70:61:F3:82:5C:54:75" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "18:80:25:42:EA:A7:85:4D:6E:D1:1F:8D:95:D2:B7:86:84:C9:46:69:15:50:06:6B:0C:EA:44:30:39:29:80:24:19:05:FC:CC:0A:40:51:14:05:66:65:8A:EB:3A:84:2D:60:70:DC:A0:B7:E6:8D:DE:BA:B3:5F:0B:9F:80:37:91:4A:A0:A0:D9:9A:76:3B:48:FA:8F:CB:27:60:CB:C4:52:F2:BD:47:DA:D3:EC:EC:EC:48:DB:35:71:75:F1:74:17:41:D4:67:D2:DF:D4:39:59:EC:42:71:3D:83:FA:AC:5B:9A:FB:E2:DA:2E:42:3F:BF:E4:0A:6B:C6:17:21:07:82:B4:51:BF:5B:C5:56:01:A6:D3:85:38:B1:EF:4B:10:CB:7E:49:77:FC:FE:79:20:E7:D8:87:42:FE:C2:DA:04:73:6F:60:11:19:F8:5E:77:4E:41:23:6B:51:66:88:46:C7:8E:DF:DF:36:7D:53:2F:3D:CC:8F:B2:FE:E8:50:EC:3C:F7:D6:93:A8:F0:6C:EF:A5:17:D9:33:4C:6B:1A:0B:82:42:95:1E:DF:DC:08:98:45:0A:60:D2:A0:8F:DD:B8:00:56:54:2F:B0:FC:9E:DC:9C:B1:44:F6:E0:DE:74:2E:27:B2:14:CF:5F:3B:43:42:72:B8:BD:F4:5A:A1:1F:6D:82" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.org" } ], "validity": { "not_valid_after": "2022-11-22 17:08:29", "not_valid_before": "2021-11-22 17:08:30" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:75 Monday 22 November 2021 17:08:50 +0000 (0:00:00.032) 0:00:32.207 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:80 Monday 22 November 2021 17:08:50 +0000 (0:00:00.033) 0:00:32.240 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:85 Monday 22 November 2021 17:08:50 +0000 (0:00:00.019) 0:00:32.260 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:90 Monday 22 November 2021 17:08:50 +0000 (0:00:00.035) 0:00:32.295 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:99 Monday 22 November 2021 17:08:50 +0000 (0:00:00.034) 0:00:32.329 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:110 Monday 22 November 2021 17:08:50 +0000 (0:00:00.034) 0:00:32.364 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/other-cert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.041528", "end": "2021-11-22 12:08:50.606403", "rc": 0, "start": "2021-11-22 12:08:50.564875" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:115 Monday 22 November 2021 17:08:51 +0000 (0:00:00.353) 0:00:32.717 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:2 Monday 22 November 2021 17:08:51 +0000 (0:00:00.034) 0:00:32.751 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:6 Monday 22 November 2021 17:08:51 +0000 (0:00:00.018) 0:00:32.770 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0, "results": [ "python3-3.6.8-17.el7.x86_64 providing python3 is already installed" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:11 Monday 22 November 2021 17:08:51 +0000 (0:00:00.552) 0:00:33.322 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1) TASK [Install certreader] ****************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:18 Monday 22 November 2021 17:08:52 +0000 (0:00:00.967) 0:00:34.289 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8) Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1) Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.0) Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8) Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0) Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21) TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:26 Monday 22 November 2021 17:08:53 +0000 (0:00:00.810) 0:00:35.100 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600911.115542, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "8b7a9ec1688cbc71518299d8d4c2bed0a3309545", "ctime": 1637600911.1135418, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12584401, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637600911.1135418, "nlink": 1, "path": "/etc/pki/tls/certs/another-cert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1310, "uid": 0, "version": "18446744073700096624", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:31 Monday 22 November 2021 17:08:54 +0000 (0:00:00.313) 0:00:35.413 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:37 Monday 22 November 2021 17:08:54 +0000 (0:00:00.021) 0:00:35.434 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:43 Monday 22 November 2021 17:08:54 +0000 (0:00:00.035) 0:00:35.470 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:49 Monday 22 November 2021 17:08:54 +0000 (0:00:00.033) 0:00:35.504 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600911.074542, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "b3a4eafab90391532f28e15d33e6597ba4c03ffb", "ctime": 1637600911.1135418, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12584400, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637600911.1135418, "nlink": 1, "path": "/etc/pki/tls/private/another-cert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1708, "uid": 0, "version": "535188158", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:54 Monday 22 November 2021 17:08:54 +0000 (0:00:00.313) 0:00:35.817 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:60 Monday 22 November 2021 17:08:54 +0000 (0:00:00.021) 0:00:35.839 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:66 Monday 22 November 2021 17:08:54 +0000 (0:00:00.036) 0:00:35.875 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/another-cert.crt" ], "delta": "0:00:00.269944", "end": "2021-11-22 12:08:54.342968", "rc": 0, "start": "2021-11-22 12:08:54.073024" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.net" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.net" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "93:D6:CF:ED:A6:E6:BC:FB:82:2A:01:61:C8:94:13:D0:86:1A:78:48", "critical": false }, "authorityKeyIdentifier": { "value": "C4:8F:6D:6F:90:90:E9:92:50:4B:6A:55:35:EA:E8:F5:35:07:30:0B", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "13:F2:65:2E:73:38:6C:13:19:D4:39:CC:85:61:C3:77:38:C1:7F:10:03:4D:C2:52:2F:F8:85:B0:25:82:93:85:42:FF:39:0D:F5:C4:F8:C7:7B:C9:CA:DC:55:89:04:60:7D:E3:B0:9E:2A:CE:0E:37:60:C9:83:CE:3F:3E:82:04:26:9B:6B:1A:BC:9D:92:65:F2:7B:25:85:94:47:8F:B0:0A:13:12:99:64:95:F6:AD:B1:0E:1A:8D:19:EF:C0:3A:AF:FE:2E:32:EB:32:03:B3:99:78:B3:B6:12:77:89:AD:88:F3:70:3E:31:1C:C8:1A:AE:EC:17:0D:29:AA:26:4C:8E:A4:E8:5B:C8:8A:A8:CF:C0:DE:5E:CF:A2:D7:9A:75:DF:0A:10:9C:92:94:3E:4D:8F:42:C4:7B:3F:73:2A:6A:87:86:7C:3A:61:23:21:12:E4:52:9D:71:71:78:72:3C:6B:6E:27:D6:DC:61:E6:B3:16:62:28:6E:C0:CB:A4:D0:FC:FB:84:17:4A:73:30:C3:6A:5E:35:30:A5:18:99:EE:9D:3F:21:A9:38:1C:E7:43:44:9C:A8:3C:37:B2:40:9A:6A:21:3F:FC:D6:AA:B6:4C:7B:82:F9:95:0C:02:8D:8A:8F:2C:BC:CE:78:70:B9:3F:C9:0D:68:B4:A1:82:09:6F" }, "key_size": 2048, "validity": { "not_valid_after": "2022-11-22 17:08:29", "not_valid_before": "2021-11-22 17:08:31" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:71 Monday 22 November 2021 17:08:55 +0000 (0:00:00.579) 0:00:36.455 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "C4:8F:6D:6F:90:90:E9:92:50:4B:6A:55:35:EA:E8:F5:35:07:30:0B" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.net" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "93:D6:CF:ED:A6:E6:BC:FB:82:2A:01:61:C8:94:13:D0:86:1A:78:48" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "13:F2:65:2E:73:38:6C:13:19:D4:39:CC:85:61:C3:77:38:C1:7F:10:03:4D:C2:52:2F:F8:85:B0:25:82:93:85:42:FF:39:0D:F5:C4:F8:C7:7B:C9:CA:DC:55:89:04:60:7D:E3:B0:9E:2A:CE:0E:37:60:C9:83:CE:3F:3E:82:04:26:9B:6B:1A:BC:9D:92:65:F2:7B:25:85:94:47:8F:B0:0A:13:12:99:64:95:F6:AD:B1:0E:1A:8D:19:EF:C0:3A:AF:FE:2E:32:EB:32:03:B3:99:78:B3:B6:12:77:89:AD:88:F3:70:3E:31:1C:C8:1A:AE:EC:17:0D:29:AA:26:4C:8E:A4:E8:5B:C8:8A:A8:CF:C0:DE:5E:CF:A2:D7:9A:75:DF:0A:10:9C:92:94:3E:4D:8F:42:C4:7B:3F:73:2A:6A:87:86:7C:3A:61:23:21:12:E4:52:9D:71:71:78:72:3C:6B:6E:27:D6:DC:61:E6:B3:16:62:28:6E:C0:CB:A4:D0:FC:FB:84:17:4A:73:30:C3:6A:5E:35:30:A5:18:99:EE:9D:3F:21:A9:38:1C:E7:43:44:9C:A8:3C:37:B2:40:9A:6A:21:3F:FC:D6:AA:B6:4C:7B:82:F9:95:0C:02:8D:8A:8F:2C:BC:CE:78:70:B9:3F:C9:0D:68:B4:A1:82:09:6F" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.net" } ], "validity": { "not_valid_after": "2022-11-22 17:08:29", "not_valid_before": "2021-11-22 17:08:31" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:75 Monday 22 November 2021 17:08:55 +0000 (0:00:00.034) 0:00:36.489 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:80 Monday 22 November 2021 17:08:55 +0000 (0:00:00.034) 0:00:36.523 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:85 Monday 22 November 2021 17:08:55 +0000 (0:00:00.023) 0:00:36.547 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:90 Monday 22 November 2021 17:08:55 +0000 (0:00:00.033) 0:00:36.580 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:99 Monday 22 November 2021 17:08:55 +0000 (0:00:00.034) 0:00:36.615 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:110 Monday 22 November 2021 17:08:55 +0000 (0:00:00.033) 0:00:36.648 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/another-cert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.043739", "end": "2021-11-22 12:08:54.885958", "rc": 0, "start": "2021-11-22 12:08:54.842219" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:115 Monday 22 November 2021 17:08:55 +0000 (0:00:00.349) 0:00:36.998 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=74 changed=10 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 17:08:55 +0000 (0:00:00.037) 0:00:37.035 ******* =============================================================================== fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed --- 4.84s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:15 Install the package, force upgrade -------------------------------------- 4.70s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:11 - Ensure python3 is installed --------------------------------------------- 4.45s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:6 -- Install certreader ------------------------------------------------------ 3.17s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:18 - fedora.linux_system_roles.certificate : Ensure provider packages are installed --- 2.16s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:32 fedora.linux_system_roles.certificate : Ensure certificate requests ----- 2.10s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:84 set up internal repositories -------------------------------------------- 1.38s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ Gathering Facts --------------------------------------------------------- 1.00s /tmp/tmpv0mqm1w9/tests/certificate/tests_many_self_signed.yml:2 --------------- Install the package, force upgrade -------------------------------------- 0.97s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:11 - Install the package, force upgrade -------------------------------------- 0.95s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:11 - fedora.linux_system_roles.certificate : Ensure provider service is running --- 0.86s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:74 Install certreader ------------------------------------------------------ 0.82s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:18 - Install certreader ------------------------------------------------------ 0.81s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:18 - Parse certificate ------------------------------------------------------- 0.69s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:66 - Gathering Facts --------------------------------------------------------- 0.69s /tmp/tmpv0mqm1w9/tests/certificate/tests_many_self_signed.yml:18 -------------- Parse certificate ------------------------------------------------------- 0.58s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:66 - Parse certificate ------------------------------------------------------- 0.57s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:66 - Ensure python3 is installed --------------------------------------------- 0.55s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:6 -- fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists --- 0.52s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:43 Ensure python3 is installed --------------------------------------------- 0.52s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:6 -- + cd /tmp/tmpv0mqm1w9/tests/certificate; TEST_SSHD_USEDNS_NO=True TEST_SUBJECTS=/cache/rhel-7.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-103-b309c26-rhel-7-3xzp9nbc/artifacts ANSIBLE_COLLECTIONS_PATHS=/tmp/tmpvzmns1ns:~/.ansible/collections:/usr/share/ansible/collections ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 --skip-tags=tests::cleanup,tests::nvme /tmp/tmpcx8fxgbp/_setup.yml /tmp/tmpv0mqm1w9/tests/certificate/tests_no_auto_renew.yml ansible-playbook [core 2.12.0.post0] config file = None configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.8/site-packages/ansible ansible collection location = /tmp/tmpvzmns1ns:/home/runner/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.8.8 (default, Aug 25 2021, 16:13:02) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] jinja version = 2.10.3 libyaml = True No config file found; using defaults Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 2 plays in /tmp/tmpcx8fxgbp/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpcx8fxgbp/_setup.yml:5 Monday 22 November 2021 17:09:09 +0000 (0:00:00.011) 0:00:00.011 ******* ok: [/cache/rhel-7.qcow2] => { "groups": { "all": [ "/cache/rhel-7.qcow2" ], "localhost": [ "/cache/rhel-7.qcow2" ], "subjects": [ "/cache/rhel-7.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:6 Monday 22 November 2021 17:09:10 +0000 (0:00:00.020) 0:00:00.032 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:13 Monday 22 November 2021 17:09:10 +0000 (0:00:00.025) 0:00:00.057 ******* changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 17:09:11 +0000 (0:00:01.394) 0:00:01.451 ******* =============================================================================== set up internal repositories -------------------------------------------- 1.39s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ fail -------------------------------------------------------------------- 0.03s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- PLAYBOOK: tests_no_auto_renew.yml ********************************************** 2 plays in /tmp/tmpv0mqm1w9/tests/certificate/tests_no_auto_renew.yml PLAY [Issue simple self-signed certificate] ************************************ TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_no_auto_renew.yml:2 Monday 22 November 2021 17:09:11 +0000 (0:00:00.020) 0:00:01.472 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [fedora.linux_system_roles.certificate : Set version specific variables] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:2 Monday 22 November 2021 17:09:12 +0000 (0:00:01.051) 0:00:02.524 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/vars/RedHat_7.yml" ], "changed": false } TASK [fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:15 Monday 22 November 2021 17:09:12 +0000 (0:00:00.030) 0:00:02.554 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python-pyasn1", "python-cryptography" ] }, "rc": 0, "results": [ "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 rhel 503 k\n python2-pyasn1 noarch 0.1.9-7.el7 rhel 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 rhel 218 k\n python-enum34 noarch 1.0.4-1.el7 rhel 52 k\n python-idna noarch 2.4-1.el7 rhel 94 k\n python-ply noarch 3.4-11.el7 rhel 123 k\n python-pycparser noarch 2.14-1.el7 rhel 105 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 16 MB/s | 1.2 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n" ] } TASK [fedora.linux_system_roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:32 Monday 22 November 2021 17:09:17 +0000 (0:00:05.352) 0:00:07.907 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": { "installed": [ "certmonger" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-14.el7 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository\n Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-14.el7 rhel 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 rhel 33 k\n libtevent x86_64 0.9.39-1.el7 rhel 41 k\n psmisc x86_64 22.20-17.el7 rhel 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 rhel 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 rhel 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 980 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 13 MB/s | 980 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-14.el7.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 2/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 3/6 \n Verifying : certmonger-0.78.4-14.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-14.el7 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n" ] } TASK [fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:43 Monday 22 November 2021 17:09:20 +0000 (0:00:02.112) 0:00:10.020 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:57 Monday 22 November 2021 17:09:20 +0000 (0:00:00.503) 0:00:10.523 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure provider service is running] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:74 Monday 22 November 2021 17:09:20 +0000 (0:00:00.331) 0:00:10.855 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "systemd-journald.socket syslog.target system.slice basic.target network.target dbus.service", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14968", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14968", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "basic.target system.slice", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0" } } TASK [fedora.linux_system_roles.certificate : Ensure certificate requests] ***** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:84 Monday 22 November 2021 17:09:21 +0000 (0:00:00.808) 0:00:11.663 ******* changed: [/cache/rhel-7.qcow2] => (item={'name': 'mycert', 'dns': 'www.example.com', 'ca': 'self-sign', 'auto_renew': False}) => { "ansible_loop_var": "item", "changed": true, "item": { "auto_renew": false, "ca": "self-sign", "dns": "www.example.com", "name": "mycert" } } MSG: Certificate requested (new). changed: [/cache/rhel-7.qcow2] => (item={'name': 'defaultcert', 'dns': 'www.example.com', 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.com", "name": "defaultcert" } } MSG: Certificate requested (new). META: role_complete for /cache/rhel-7.qcow2 META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_no_auto_renew.yml:17 Monday 22 November 2021 17:09:23 +0000 (0:00:01.431) 0:00:13.095 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_no_auto_renew.yml:42 Monday 22 November 2021 17:09:24 +0000 (0:00:00.955) 0:00:14.050 ******* included: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml for /cache/rhel-7.qcow2 => (item={'path': '/etc/pki/tls/certs/mycert.crt', 'key_path': '/etc/pki/tls/private/mycert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}], 'auto_renew': False}) included: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml for /cache/rhel-7.qcow2 => (item={'path': '/etc/pki/tls/certs/defaultcert.crt', 'key_path': '/etc/pki/tls/private/defaultcert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}], 'auto_renew': True}) TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:2 Monday 22 November 2021 17:09:24 +0000 (0:00:00.040) 0:00:14.091 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:6 Monday 22 November 2021 17:09:24 +0000 (0:00:00.019) 0:00:14.110 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python3" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-17.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-17.el7 for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-17.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-17.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-17.el7 rhel 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-17.el7 rhel 6.9 M\n python3-pip noarch 9.0.3-8.el7 rhel 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 rhel 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 62 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Installing : python3-libs-3.6.8-17.el7.x86_64 2/4 \n Installing : python3-3.6.8-17.el7.x86_64 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 1/4 \n Verifying : python3-3.6.8-17.el7.x86_64 2/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Verifying : python3-libs-3.6.8-17.el7.x86_64 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-17.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-17.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:11 Monday 22 November 2021 17:09:28 +0000 (0:00:04.376) 0:00:18.487 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting pip Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB) Installing collected packages: pip Found existing installation: pip 9.0.3 Uninstalling pip-9.0.3: Successfully uninstalled pip-9.0.3 Successfully installed pip-21.3.1 TASK [Install certreader] ****************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:18 Monday 22 November 2021 17:09:33 +0000 (0:00:04.595) 0:00:23.083 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting cryptography<35 Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB) Collecting certreader>=0.1.1 Downloading certreader-0.1.1.tar.gz (4.4 kB) Preparing metadata (setup.py): started Preparing metadata (setup.py): finished with status 'done' Collecting cffi>=1.12 Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB) Collecting pyasn1 Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB) Collecting pyyaml Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB) Collecting pycparser Downloading pycparser-2.21-py2.py3-none-any.whl (118 kB) Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed. Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader Running setup.py install for certreader: started Running setup.py install for certreader: finished with status 'done' Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.21 pyyaml-6.0 TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:26 Monday 22 November 2021 17:09:36 +0000 (0:00:03.147) 0:00:26.231 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600961.5181458, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "4d26f6e208d76e17168567be7037803f27ee1a1d", "ctime": 1637600961.5151458, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12986546, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637600961.5151458, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1310, "uid": 0, "version": "18446744072120285287", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:31 Monday 22 November 2021 17:09:36 +0000 (0:00:00.486) 0:00:26.717 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:37 Monday 22 November 2021 17:09:36 +0000 (0:00:00.023) 0:00:26.740 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:43 Monday 22 November 2021 17:09:36 +0000 (0:00:00.035) 0:00:26.775 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:49 Monday 22 November 2021 17:09:36 +0000 (0:00:00.037) 0:00:26.813 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600961.4751458, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "ebe602e3672541e71ee88740045fc42a896e54a8", "ctime": 1637600961.5151458, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12986545, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637600961.5151458, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "1684613172", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:54 Monday 22 November 2021 17:09:37 +0000 (0:00:00.336) 0:00:27.149 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:60 Monday 22 November 2021 17:09:37 +0000 (0:00:00.018) 0:00:27.168 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:66 Monday 22 November 2021 17:09:37 +0000 (0:00:00.035) 0:00:27.203 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt" ], "delta": "0:00:00.265665", "end": "2021-11-22 12:09:37.029597", "rc": 0, "start": "2021-11-22 12:09:36.763932" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.com" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "69:56:B4:E3:AA:F2:49:C7:CF:3D:47:EA:B1:30:77:EF:C0:9D:FB:B5", "critical": false }, "authorityKeyIdentifier": { "value": "F1:5E:C8:38:2D:5C:19:37:6F:82:40:BF:99:B5:FF:56:DD:4E:B5:8B", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "2A:89:F8:88:3F:F4:E7:D0:D2:49:3C:68:93:CC:4C:B2:56:2B:D3:B1:0A:F3:E0:D5:A8:0D:15:14:9B:A4:31:5C:39:02:D2:96:B9:DC:50:3F:5F:A2:C0:3D:36:67:D7:8B:57:AF:32:75:F1:A4:59:A4:BB:19:10:54:32:98:63:B3:8F:29:DF:7F:D4:8C:CC:26:49:65:9D:4A:49:99:D9:C2:7C:4A:0D:02:33:1F:CF:9B:96:6F:FD:7F:77:D7:79:D6:D9:6B:13:C0:73:37:FE:7B:FC:B3:94:E1:23:B5:64:9F:A9:78:6E:3C:72:78:1E:DB:F4:34:3D:99:D6:24:AF:79:A5:15:6B:7A:C2:7F:FA:B1:01:59:10:00:4E:95:62:95:9D:29:EB:1D:B8:55:78:0B:01:F0:54:1B:6A:69:02:55:F1:73:E8:6C:6A:B5:4F:4B:38:C3:B9:20:CE:8A:EF:E2:66:27:3E:26:6E:FC:62:6E:2E:A0:4F:5A:8D:7D:DF:F4:42:CA:71:DA:7F:5D:D9:0C:EE:83:B9:CC:3B:2F:57:80:10:AD:5D:09:72:C6:BB:C2:DD:ED:1A:D4:8C:DE:74:79:5C:19:35:C3:75:BF:13:F4:87:13:1B:19:C5:2C:DF:69:1F:90:01:A0:A2:CF:75:42:C3:17:91:15:02:72:B0:18" }, "key_size": 2048, "validity": { "not_valid_after": "2022-11-22 17:09:20", "not_valid_before": "2021-11-22 17:09:21" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:71 Monday 22 November 2021 17:09:37 +0000 (0:00:00.702) 0:00:27.906 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "F1:5E:C8:38:2D:5C:19:37:6F:82:40:BF:99:B5:FF:56:DD:4E:B5:8B" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "69:56:B4:E3:AA:F2:49:C7:CF:3D:47:EA:B1:30:77:EF:C0:9D:FB:B5" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "2A:89:F8:88:3F:F4:E7:D0:D2:49:3C:68:93:CC:4C:B2:56:2B:D3:B1:0A:F3:E0:D5:A8:0D:15:14:9B:A4:31:5C:39:02:D2:96:B9:DC:50:3F:5F:A2:C0:3D:36:67:D7:8B:57:AF:32:75:F1:A4:59:A4:BB:19:10:54:32:98:63:B3:8F:29:DF:7F:D4:8C:CC:26:49:65:9D:4A:49:99:D9:C2:7C:4A:0D:02:33:1F:CF:9B:96:6F:FD:7F:77:D7:79:D6:D9:6B:13:C0:73:37:FE:7B:FC:B3:94:E1:23:B5:64:9F:A9:78:6E:3C:72:78:1E:DB:F4:34:3D:99:D6:24:AF:79:A5:15:6B:7A:C2:7F:FA:B1:01:59:10:00:4E:95:62:95:9D:29:EB:1D:B8:55:78:0B:01:F0:54:1B:6A:69:02:55:F1:73:E8:6C:6A:B5:4F:4B:38:C3:B9:20:CE:8A:EF:E2:66:27:3E:26:6E:FC:62:6E:2E:A0:4F:5A:8D:7D:DF:F4:42:CA:71:DA:7F:5D:D9:0C:EE:83:B9:CC:3B:2F:57:80:10:AD:5D:09:72:C6:BB:C2:DD:ED:1A:D4:8C:DE:74:79:5C:19:35:C3:75:BF:13:F4:87:13:1B:19:C5:2C:DF:69:1F:90:01:A0:A2:CF:75:42:C3:17:91:15:02:72:B0:18" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "2022-11-22 17:09:20", "not_valid_before": "2021-11-22 17:09:21" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:75 Monday 22 November 2021 17:09:37 +0000 (0:00:00.032) 0:00:27.938 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:80 Monday 22 November 2021 17:09:37 +0000 (0:00:00.032) 0:00:27.971 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:85 Monday 22 November 2021 17:09:37 +0000 (0:00:00.023) 0:00:27.994 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:90 Monday 22 November 2021 17:09:38 +0000 (0:00:00.045) 0:00:28.040 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:99 Monday 22 November 2021 17:09:38 +0000 (0:00:00.034) 0:00:28.075 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:110 Monday 22 November 2021 17:09:38 +0000 (0:00:00.033) 0:00:28.109 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.044073", "end": "2021-11-22 12:09:37.587701", "rc": 0, "start": "2021-11-22 12:09:37.543628" } STDOUT: no TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:115 Monday 22 November 2021 17:09:38 +0000 (0:00:00.357) 0:00:28.467 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:2 Monday 22 November 2021 17:09:38 +0000 (0:00:00.034) 0:00:28.502 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:6 Monday 22 November 2021 17:09:38 +0000 (0:00:00.016) 0:00:28.518 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0, "results": [ "python3-3.6.8-17.el7.x86_64 providing python3 is already installed" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:11 Monday 22 November 2021 17:09:39 +0000 (0:00:00.551) 0:00:29.070 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1) TASK [Install certreader] ****************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:18 Monday 22 November 2021 17:09:39 +0000 (0:00:00.939) 0:00:30.010 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8) Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1) Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.0) Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8) Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0) Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21) TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:26 Monday 22 November 2021 17:09:40 +0000 (0:00:00.790) 0:00:30.801 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600962.1531458, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "88897dffdeb6b41e7fa36cc05d62cce42ff7c990", "ctime": 1637600962.1501458, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12986550, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637600962.1501458, "nlink": 1, "path": "/etc/pki/tls/certs/defaultcert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1310, "uid": 0, "version": "773226388", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:31 Monday 22 November 2021 17:09:41 +0000 (0:00:00.316) 0:00:31.117 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:37 Monday 22 November 2021 17:09:41 +0000 (0:00:00.022) 0:00:31.139 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:43 Monday 22 November 2021 17:09:41 +0000 (0:00:00.036) 0:00:31.176 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:49 Monday 22 November 2021 17:09:41 +0000 (0:00:00.034) 0:00:31.211 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637600962.111146, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "76f34f3074bcabb74757d54918da48f6b15437e6", "ctime": 1637600962.1501458, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12986549, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637600962.1501458, "nlink": 1, "path": "/etc/pki/tls/private/defaultcert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "1562946850", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:54 Monday 22 November 2021 17:09:41 +0000 (0:00:00.325) 0:00:31.537 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:60 Monday 22 November 2021 17:09:41 +0000 (0:00:00.022) 0:00:31.559 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:66 Monday 22 November 2021 17:09:41 +0000 (0:00:00.036) 0:00:31.596 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/defaultcert.crt" ], "delta": "0:00:00.256697", "end": "2021-11-22 12:09:41.294933", "rc": 0, "start": "2021-11-22 12:09:41.038236" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.com" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "A6:74:5E:C5:D0:10:B7:9E:46:27:87:36:27:D0:26:79:82:9E:73:4B", "critical": false }, "authorityKeyIdentifier": { "value": "F1:5E:C8:38:2D:5C:19:37:6F:82:40:BF:99:B5:FF:56:DD:4E:B5:8B", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "39:F3:8B:C0:0D:44:77:58:2E:97:EF:A3:C8:0B:84:67:C8:06:CC:16:4D:1B:37:E4:DE:53:AA:54:4D:E0:81:97:BA:70:66:DE:F3:86:F4:F2:D7:23:B7:AC:7E:AB:5F:67:BD:17:81:D8:A2:71:6D:8B:FB:60:BA:B5:D1:4E:DE:D3:74:A5:A3:4F:CC:AF:B5:45:6D:36:91:0F:18:42:B5:1B:53:CC:73:25:A6:4F:FE:D3:F8:36:B8:46:F1:97:D5:D6:4A:71:45:8B:FC:DF:46:9D:C0:71:C4:46:11:2E:DE:C2:70:F3:3B:EC:CB:EB:7B:AA:51:3B:B0:24:4C:3A:43:59:4A:6E:59:5A:2C:95:D3:3C:FE:FF:B9:9A:F6:36:C0:A6:FA:5A:4F:42:EC:47:FB:F5:F7:27:BE:8E:26:3B:9A:44:70:39:BE:5B:7E:9A:28:72:1B:9D:B1:2E:8F:5A:27:7C:67:F4:E3:85:D1:6C:80:AE:4F:79:FC:0C:37:5B:92:D2:73:6F:DA:69:BA:EB:71:DD:74:5A:43:E5:71:C1:50:73:BD:91:A1:30:A0:A5:86:6B:A3:B0:66:A0:C7:F3:0B:F1:F3:3C:98:48:6B:C7:22:D3:E6:A6:87:F8:77:21:42:C4:EE:96:3F:1A:DE:2E:B6:8B:E1:6B:CF:61:EC:E4:E6:07" }, "key_size": 2048, "validity": { "not_valid_after": "2022-11-22 17:09:20", "not_valid_before": "2021-11-22 17:09:22" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:71 Monday 22 November 2021 17:09:42 +0000 (0:00:00.573) 0:00:32.169 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "F1:5E:C8:38:2D:5C:19:37:6F:82:40:BF:99:B5:FF:56:DD:4E:B5:8B" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "A6:74:5E:C5:D0:10:B7:9E:46:27:87:36:27:D0:26:79:82:9E:73:4B" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "39:F3:8B:C0:0D:44:77:58:2E:97:EF:A3:C8:0B:84:67:C8:06:CC:16:4D:1B:37:E4:DE:53:AA:54:4D:E0:81:97:BA:70:66:DE:F3:86:F4:F2:D7:23:B7:AC:7E:AB:5F:67:BD:17:81:D8:A2:71:6D:8B:FB:60:BA:B5:D1:4E:DE:D3:74:A5:A3:4F:CC:AF:B5:45:6D:36:91:0F:18:42:B5:1B:53:CC:73:25:A6:4F:FE:D3:F8:36:B8:46:F1:97:D5:D6:4A:71:45:8B:FC:DF:46:9D:C0:71:C4:46:11:2E:DE:C2:70:F3:3B:EC:CB:EB:7B:AA:51:3B:B0:24:4C:3A:43:59:4A:6E:59:5A:2C:95:D3:3C:FE:FF:B9:9A:F6:36:C0:A6:FA:5A:4F:42:EC:47:FB:F5:F7:27:BE:8E:26:3B:9A:44:70:39:BE:5B:7E:9A:28:72:1B:9D:B1:2E:8F:5A:27:7C:67:F4:E3:85:D1:6C:80:AE:4F:79:FC:0C:37:5B:92:D2:73:6F:DA:69:BA:EB:71:DD:74:5A:43:E5:71:C1:50:73:BD:91:A1:30:A0:A5:86:6B:A3:B0:66:A0:C7:F3:0B:F1:F3:3C:98:48:6B:C7:22:D3:E6:A6:87:F8:77:21:42:C4:EE:96:3F:1A:DE:2E:B6:8B:E1:6B:CF:61:EC:E4:E6:07" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "2022-11-22 17:09:20", "not_valid_before": "2021-11-22 17:09:22" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:75 Monday 22 November 2021 17:09:42 +0000 (0:00:00.033) 0:00:32.203 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:80 Monday 22 November 2021 17:09:42 +0000 (0:00:00.035) 0:00:32.238 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:85 Monday 22 November 2021 17:09:42 +0000 (0:00:00.021) 0:00:32.260 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:90 Monday 22 November 2021 17:09:42 +0000 (0:00:00.033) 0:00:32.294 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:99 Monday 22 November 2021 17:09:42 +0000 (0:00:00.034) 0:00:32.329 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:110 Monday 22 November 2021 17:09:42 +0000 (0:00:00.105) 0:00:32.434 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/defaultcert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.040238", "end": "2021-11-22 12:09:41.901865", "rc": 0, "start": "2021-11-22 12:09:41.861627" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:115 Monday 22 November 2021 17:09:42 +0000 (0:00:00.342) 0:00:32.776 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=53 changed=10 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 17:09:42 +0000 (0:00:00.037) 0:00:32.814 ******* =============================================================================== fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed --- 5.35s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:15 Install the package, force upgrade -------------------------------------- 4.60s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:11 - Ensure python3 is installed --------------------------------------------- 4.38s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:6 -- Install certreader ------------------------------------------------------ 3.15s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:18 - fedora.linux_system_roles.certificate : Ensure provider packages are installed --- 2.11s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:32 fedora.linux_system_roles.certificate : Ensure certificate requests ----- 1.43s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:84 set up internal repositories -------------------------------------------- 1.39s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ Gathering Facts --------------------------------------------------------- 1.05s /tmp/tmpv0mqm1w9/tests/certificate/tests_no_auto_renew.yml:2 ------------------ Gathering Facts --------------------------------------------------------- 0.96s /tmp/tmpv0mqm1w9/tests/certificate/tests_no_auto_renew.yml:17 ----------------- Install the package, force upgrade -------------------------------------- 0.94s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:11 - fedora.linux_system_roles.certificate : Ensure provider service is running --- 0.81s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:74 Install certreader ------------------------------------------------------ 0.79s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:18 - Parse certificate ------------------------------------------------------- 0.70s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:66 - Parse certificate ------------------------------------------------------- 0.57s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:66 - Ensure python3 is installed --------------------------------------------- 0.55s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:6 -- fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists --- 0.50s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:43 Retrieve certificate file stats ----------------------------------------- 0.49s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:26 - Retrieve auto-renew flag ------------------------------------------------ 0.36s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:110 Retrieve auto-renew flag ------------------------------------------------ 0.34s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:110 Retrieve key file stats ------------------------------------------------- 0.34s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:49 - + cd /tmp/tmpv0mqm1w9/tests/certificate; TEST_SSHD_USEDNS_NO=True TEST_SUBJECTS=/cache/rhel-7.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-103-b309c26-rhel-7-3xzp9nbc/artifacts ANSIBLE_COLLECTIONS_PATHS=/tmp/tmpvzmns1ns:~/.ansible/collections:/usr/share/ansible/collections ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 --skip-tags=tests::cleanup,tests::nvme /tmp/tmpcx8fxgbp/_setup.yml /tmp/tmpv0mqm1w9/tests/certificate/tests_not_wait_for_cert.yml ansible-playbook [core 2.12.0.post0] config file = None configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.8/site-packages/ansible ansible collection location = /tmp/tmpvzmns1ns:/home/runner/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.8.8 (default, Aug 25 2021, 16:13:02) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] jinja version = 2.10.3 libyaml = True No config file found; using defaults Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 2 plays in /tmp/tmpcx8fxgbp/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpcx8fxgbp/_setup.yml:5 Monday 22 November 2021 17:09:57 +0000 (0:00:00.011) 0:00:00.011 ******* ok: [/cache/rhel-7.qcow2] => { "groups": { "all": [ "/cache/rhel-7.qcow2" ], "localhost": [ "/cache/rhel-7.qcow2" ], "subjects": [ "/cache/rhel-7.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:6 Monday 22 November 2021 17:09:57 +0000 (0:00:00.017) 0:00:00.028 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:13 Monday 22 November 2021 17:09:57 +0000 (0:00:00.026) 0:00:00.055 ******* changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 17:09:58 +0000 (0:00:01.364) 0:00:01.419 ******* =============================================================================== set up internal repositories -------------------------------------------- 1.36s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ fail -------------------------------------------------------------------- 0.03s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- PLAYBOOK: tests_not_wait_for_cert.yml ****************************************** 2 plays in /tmp/tmpv0mqm1w9/tests/certificate/tests_not_wait_for_cert.yml PLAY [Issue simple self-signed certificate] ************************************ TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_not_wait_for_cert.yml:2 Monday 22 November 2021 17:09:58 +0000 (0:00:00.019) 0:00:01.438 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [fedora.linux_system_roles.certificate : Set version specific variables] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:2 Monday 22 November 2021 17:09:59 +0000 (0:00:00.993) 0:00:02.432 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/vars/RedHat_7.yml" ], "changed": false } TASK [fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:15 Monday 22 November 2021 17:09:59 +0000 (0:00:00.028) 0:00:02.461 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python-pyasn1", "python-cryptography" ] }, "rc": 0, "results": [ "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 rhel 503 k\n python2-pyasn1 noarch 0.1.9-7.el7 rhel 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 rhel 218 k\n python-enum34 noarch 1.0.4-1.el7 rhel 52 k\n python-idna noarch 2.4-1.el7 rhel 94 k\n python-ply noarch 3.4-11.el7 rhel 123 k\n python-pycparser noarch 2.14-1.el7 rhel 105 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 3.1 MB/s | 1.2 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n" ] } TASK [fedora.linux_system_roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:32 Monday 22 November 2021 17:10:04 +0000 (0:00:04.905) 0:00:07.366 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": { "installed": [ "certmonger" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-14.el7 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository\n Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-14.el7 rhel 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 rhel 33 k\n libtevent x86_64 0.9.39-1.el7 rhel 41 k\n psmisc x86_64 22.20-17.el7 rhel 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 rhel 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 rhel 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 980 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 13 MB/s | 980 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-14.el7.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 2/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 3/6 \n Verifying : certmonger-0.78.4-14.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-14.el7 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n" ] } TASK [fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:43 Monday 22 November 2021 17:10:06 +0000 (0:00:02.172) 0:00:09.538 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:57 Monday 22 November 2021 17:10:07 +0000 (0:00:00.486) 0:00:10.025 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure provider service is running] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:74 Monday 22 November 2021 17:10:07 +0000 (0:00:00.328) 0:00:10.354 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "system.slice syslog.target systemd-journald.socket network.target basic.target dbus.service", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14968", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14968", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "basic.target system.slice", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0" } } TASK [fedora.linux_system_roles.certificate : Ensure certificate requests] ***** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:84 Monday 22 November 2021 17:10:08 +0000 (0:00:00.822) 0:00:11.176 ******* changed: [/cache/rhel-7.qcow2] => (item={'name': 'mycert', 'dns': 'www.example.com', 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.com", "name": "mycert" } } MSG: Certificate requested (new). META: role_complete for /cache/rhel-7.qcow2 META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_not_wait_for_cert.yml:14 Monday 22 November 2021 17:10:09 +0000 (0:00:00.631) 0:00:11.808 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [Wait for certificate] **************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_not_wait_for_cert.yml:28 Monday 22 November 2021 17:10:09 +0000 (0:00:00.680) 0:00:12.488 ******* ok: [/cache/rhel-7.qcow2] => (item={'path': '/etc/pki/tls/certs/mycert.crt', 'key_path': '/etc/pki/tls/private/mycert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}]}) => { "ansible_loop_var": "item", "changed": false, "elapsed": 0, "gid": 0, "group": "root", "item": { "key_path": "/etc/pki/tls/private/mycert.key", "path": "/etc/pki/tls/certs/mycert.crt", "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "subject_alt_name": [ { "name": "DNS", "value": "www.example.com" } ] }, "match_groupdict": {}, "match_groups": [], "mode": "0600", "owner": "root", "path": "/etc/pki/tls/certs/mycert.crt", "port": null, "search_regex": null, "secontext": "system_u:object_r:cert_t:s0", "size": 1310, "state": "file", "uid": 0 } TASK [Verify each certificate] ************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_not_wait_for_cert.yml:34 Monday 22 November 2021 17:10:10 +0000 (0:00:00.438) 0:00:12.926 ******* included: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml for /cache/rhel-7.qcow2 => (item={'path': '/etc/pki/tls/certs/mycert.crt', 'key_path': '/etc/pki/tls/private/mycert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}]}) TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:2 Monday 22 November 2021 17:10:10 +0000 (0:00:00.030) 0:00:12.956 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:6 Monday 22 November 2021 17:10:10 +0000 (0:00:00.014) 0:00:12.971 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python3" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-17.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-17.el7 for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-17.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-17.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-17.el7 rhel 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-17.el7 rhel 6.9 M\n python3-pip noarch 9.0.3-8.el7 rhel 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 rhel 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 61 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Installing : python3-libs-3.6.8-17.el7.x86_64 2/4 \n Installing : python3-3.6.8-17.el7.x86_64 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 1/4 \n Verifying : python3-3.6.8-17.el7.x86_64 2/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Verifying : python3-libs-3.6.8-17.el7.x86_64 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-17.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-17.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:11 Monday 22 November 2021 17:10:14 +0000 (0:00:04.369) 0:00:17.341 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting pip Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB) Installing collected packages: pip Found existing installation: pip 9.0.3 Uninstalling pip-9.0.3: Successfully uninstalled pip-9.0.3 Successfully installed pip-21.3.1 TASK [Install certreader] ****************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:18 Monday 22 November 2021 17:10:19 +0000 (0:00:04.656) 0:00:21.997 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting cryptography<35 Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB) Collecting certreader>=0.1.1 Downloading certreader-0.1.1.tar.gz (4.4 kB) Preparing metadata (setup.py): started Preparing metadata (setup.py): finished with status 'done' Collecting cffi>=1.12 Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB) Collecting pyasn1 Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB) Collecting pyyaml Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB) Collecting pycparser Downloading pycparser-2.21-py2.py3-none-any.whl (118 kB) Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed. Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader Running setup.py install for certreader: started Running setup.py install for certreader: finished with status 'done' Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.21 pyyaml-6.0 TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:26 Monday 22 November 2021 17:10:22 +0000 (0:00:03.107) 0:00:25.105 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637601008.337681, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "d5d3b3aa52bc0a43f7165a0f237bfa9dc2251ccc", "ctime": 1637601008.334681, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12986542, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637601008.334681, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1310, "uid": 0, "version": "145227796", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:31 Monday 22 November 2021 17:10:22 +0000 (0:00:00.464) 0:00:25.569 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:37 Monday 22 November 2021 17:10:22 +0000 (0:00:00.021) 0:00:25.591 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:43 Monday 22 November 2021 17:10:22 +0000 (0:00:00.034) 0:00:25.625 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:49 Monday 22 November 2021 17:10:22 +0000 (0:00:00.033) 0:00:25.658 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637601008.295681, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "6c2275b54842f2dcca18e3a7bbab29a8ea4d8c21", "ctime": 1637601008.334681, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12986539, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637601008.334681, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "404256500", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:54 Monday 22 November 2021 17:10:23 +0000 (0:00:00.321) 0:00:25.979 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:60 Monday 22 November 2021 17:10:23 +0000 (0:00:00.021) 0:00:26.001 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:66 Monday 22 November 2021 17:10:23 +0000 (0:00:00.037) 0:00:26.039 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt" ], "delta": "0:00:00.274175", "end": "2021-11-22 12:10:23.000800", "rc": 0, "start": "2021-11-22 12:10:22.726625" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.com" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "CB:87:4C:3A:59:7B:11:4B:66:A6:8F:02:56:77:AA:55:4E:62:C8:0C", "critical": false }, "authorityKeyIdentifier": { "value": "78:3D:59:D2:30:30:12:F9:4E:8F:7E:56:3B:BC:2D:90:61:77:77:5E", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "3D:1D:C1:58:EC:82:06:97:8C:53:DB:92:50:8E:70:AC:7F:C6:11:FF:0C:95:2F:F7:73:18:3D:E3:A2:86:6F:09:3B:0C:2D:17:AF:49:27:EC:C1:04:0B:79:41:63:58:D7:3B:3B:0E:12:B4:CF:16:B0:D9:1F:1B:89:59:2F:5C:74:25:47:AE:10:0C:53:C6:A2:C8:5A:10:68:4C:45:24:4E:A9:56:32:36:A8:10:99:BD:A7:04:35:74:C0:3B:DC:72:95:37:93:74:50:6A:F7:D6:15:41:A6:8A:3A:44:EC:A3:43:96:D2:A2:1B:44:B6:1E:91:52:69:EC:21:4F:A0:B2:1A:67:BC:DE:1B:55:23:E7:AE:21:FF:F7:78:72:11:17:9C:CF:9C:91:53:E7:A9:38:FC:A4:70:61:DD:69:21:55:20:39:25:F4:06:DA:FE:3B:8A:91:BC:ED:56:43:9F:A6:34:FF:42:42:6D:43:63:59:F7:DB:02:A4:68:3B:8A:90:AE:9A:6D:8F:08:C0:4B:10:D1:5C:44:34:6B:9E:E8:4E:82:DC:D3:7E:00:33:F5:EF:C3:8D:65:4B:8A:0C:81:A6:F6:78:3C:C4:F3:D0:C3:B0:7B:B4:84:82:CC:4E:8F:13:52:3E:25:CC:30:07:B8:C6:AD:AC:60:A8:18:88:2D:E0" }, "key_size": 2048, "validity": { "not_valid_after": "2022-11-22 17:10:07", "not_valid_before": "2021-11-22 17:10:08" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:71 Monday 22 November 2021 17:10:24 +0000 (0:00:00.717) 0:00:26.757 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "78:3D:59:D2:30:30:12:F9:4E:8F:7E:56:3B:BC:2D:90:61:77:77:5E" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "CB:87:4C:3A:59:7B:11:4B:66:A6:8F:02:56:77:AA:55:4E:62:C8:0C" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "3D:1D:C1:58:EC:82:06:97:8C:53:DB:92:50:8E:70:AC:7F:C6:11:FF:0C:95:2F:F7:73:18:3D:E3:A2:86:6F:09:3B:0C:2D:17:AF:49:27:EC:C1:04:0B:79:41:63:58:D7:3B:3B:0E:12:B4:CF:16:B0:D9:1F:1B:89:59:2F:5C:74:25:47:AE:10:0C:53:C6:A2:C8:5A:10:68:4C:45:24:4E:A9:56:32:36:A8:10:99:BD:A7:04:35:74:C0:3B:DC:72:95:37:93:74:50:6A:F7:D6:15:41:A6:8A:3A:44:EC:A3:43:96:D2:A2:1B:44:B6:1E:91:52:69:EC:21:4F:A0:B2:1A:67:BC:DE:1B:55:23:E7:AE:21:FF:F7:78:72:11:17:9C:CF:9C:91:53:E7:A9:38:FC:A4:70:61:DD:69:21:55:20:39:25:F4:06:DA:FE:3B:8A:91:BC:ED:56:43:9F:A6:34:FF:42:42:6D:43:63:59:F7:DB:02:A4:68:3B:8A:90:AE:9A:6D:8F:08:C0:4B:10:D1:5C:44:34:6B:9E:E8:4E:82:DC:D3:7E:00:33:F5:EF:C3:8D:65:4B:8A:0C:81:A6:F6:78:3C:C4:F3:D0:C3:B0:7B:B4:84:82:CC:4E:8F:13:52:3E:25:CC:30:07:B8:C6:AD:AC:60:A8:18:88:2D:E0" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "2022-11-22 17:10:07", "not_valid_before": "2021-11-22 17:10:08" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:75 Monday 22 November 2021 17:10:24 +0000 (0:00:00.032) 0:00:26.789 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:80 Monday 22 November 2021 17:10:24 +0000 (0:00:00.033) 0:00:26.823 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:85 Monday 22 November 2021 17:10:24 +0000 (0:00:00.020) 0:00:26.843 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:90 Monday 22 November 2021 17:10:24 +0000 (0:00:00.031) 0:00:26.875 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:99 Monday 22 November 2021 17:10:24 +0000 (0:00:00.032) 0:00:26.907 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:110 Monday 22 November 2021 17:10:24 +0000 (0:00:00.034) 0:00:26.941 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.039926", "end": "2021-11-22 12:10:23.524292", "rc": 0, "start": "2021-11-22 12:10:23.484366" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:115 Monday 22 November 2021 17:10:24 +0000 (0:00:00.337) 0:00:27.279 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=33 changed=10 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 17:10:24 +0000 (0:00:00.040) 0:00:27.320 ******* =============================================================================== fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed --- 4.91s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:15 Install the package, force upgrade -------------------------------------- 4.66s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:11 - Ensure python3 is installed --------------------------------------------- 4.37s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:6 -- Install certreader ------------------------------------------------------ 3.11s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:18 - fedora.linux_system_roles.certificate : Ensure provider packages are installed --- 2.17s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:32 set up internal repositories -------------------------------------------- 1.36s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ Gathering Facts --------------------------------------------------------- 0.99s /tmp/tmpv0mqm1w9/tests/certificate/tests_not_wait_for_cert.yml:2 -------------- fedora.linux_system_roles.certificate : Ensure provider service is running --- 0.82s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:74 Parse certificate ------------------------------------------------------- 0.72s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:66 - Gathering Facts --------------------------------------------------------- 0.68s /tmp/tmpv0mqm1w9/tests/certificate/tests_not_wait_for_cert.yml:14 ------------- fedora.linux_system_roles.certificate : Ensure certificate requests ----- 0.63s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:84 fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists --- 0.49s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:43 Retrieve certificate file stats ----------------------------------------- 0.46s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:26 - Wait for certificate ---------------------------------------------------- 0.44s /tmp/tmpv0mqm1w9/tests/certificate/tests_not_wait_for_cert.yml:28 ------------- Retrieve auto-renew flag ------------------------------------------------ 0.34s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:110 fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists --- 0.33s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:57 Retrieve key file stats ------------------------------------------------- 0.32s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:49 - Verify certificate auto-renew flag -------------------------------------- 0.04s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:115 Verify key file owner and group ----------------------------------------- 0.04s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:60 - Verify certificate file owner and group --------------------------------- 0.03s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:37 - + cd /tmp/tmpv0mqm1w9/tests/certificate; TEST_SSHD_USEDNS_NO=True TEST_SUBJECTS=/cache/rhel-7.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-103-b309c26-rhel-7-3xzp9nbc/artifacts ANSIBLE_COLLECTIONS_PATHS=/tmp/tmpvzmns1ns:~/.ansible/collections:/usr/share/ansible/collections ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 --skip-tags=tests::cleanup,tests::nvme /tmp/tmpcx8fxgbp/_setup.yml /tmp/tmpv0mqm1w9/tests/certificate/tests_principal.yml ansible-playbook [core 2.12.0.post0] config file = None configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.8/site-packages/ansible ansible collection location = /tmp/tmpvzmns1ns:/home/runner/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.8.8 (default, Aug 25 2021, 16:13:02) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] jinja version = 2.10.3 libyaml = True No config file found; using defaults Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 2 plays in /tmp/tmpcx8fxgbp/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpcx8fxgbp/_setup.yml:5 Monday 22 November 2021 17:10:38 +0000 (0:00:00.011) 0:00:00.011 ******* ok: [/cache/rhel-7.qcow2] => { "groups": { "all": [ "/cache/rhel-7.qcow2" ], "localhost": [ "/cache/rhel-7.qcow2" ], "subjects": [ "/cache/rhel-7.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:6 Monday 22 November 2021 17:10:38 +0000 (0:00:00.018) 0:00:00.029 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:13 Monday 22 November 2021 17:10:38 +0000 (0:00:00.025) 0:00:00.055 ******* changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 17:10:40 +0000 (0:00:01.334) 0:00:01.389 ******* =============================================================================== set up internal repositories -------------------------------------------- 1.33s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ fail -------------------------------------------------------------------- 0.03s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- PLAYBOOK: tests_principal.yml ************************************************** 3 plays in /tmp/tmpv0mqm1w9/tests/certificate/tests_principal.yml PLAY [Test issuing certificate with principal.] ******************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_principal.yml:2 Monday 22 November 2021 17:10:40 +0000 (0:00:00.028) 0:00:01.418 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [fedora.linux_system_roles.certificate : Set version specific variables] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:2 Monday 22 November 2021 17:10:41 +0000 (0:00:00.969) 0:00:02.387 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/vars/RedHat_7.yml" ], "changed": false } TASK [fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:15 Monday 22 November 2021 17:10:41 +0000 (0:00:00.028) 0:00:02.416 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python-pyasn1", "python-cryptography" ] }, "rc": 0, "results": [ "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 rhel 503 k\n python2-pyasn1 noarch 0.1.9-7.el7 rhel 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 rhel 218 k\n python-enum34 noarch 1.0.4-1.el7 rhel 52 k\n python-idna noarch 2.4-1.el7 rhel 94 k\n python-ply noarch 3.4-11.el7 rhel 123 k\n python-pycparser noarch 2.14-1.el7 rhel 105 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 16 MB/s | 1.2 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n" ] } TASK [fedora.linux_system_roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:32 Monday 22 November 2021 17:10:46 +0000 (0:00:04.863) 0:00:07.279 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": { "installed": [ "certmonger" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-14.el7 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository\n Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-14.el7 rhel 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 rhel 33 k\n libtevent x86_64 0.9.39-1.el7 rhel 41 k\n psmisc x86_64 22.20-17.el7 rhel 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 rhel 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 rhel 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 980 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 14 MB/s | 980 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-14.el7.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 2/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 3/6 \n Verifying : certmonger-0.78.4-14.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-14.el7 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n" ] } TASK [fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:43 Monday 22 November 2021 17:10:48 +0000 (0:00:02.089) 0:00:09.369 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:57 Monday 22 November 2021 17:10:48 +0000 (0:00:00.505) 0:00:09.874 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure provider service is running] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:74 Monday 22 November 2021 17:10:49 +0000 (0:00:00.343) 0:00:10.218 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "system.slice network.target dbus.service systemd-journald.socket basic.target syslog.target", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14968", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14968", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "basic.target system.slice", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0" } } TASK [fedora.linux_system_roles.certificate : Ensure certificate requests] ***** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:84 Monday 22 November 2021 17:10:49 +0000 (0:00:00.877) 0:00:11.096 ******* changed: [/cache/rhel-7.qcow2] => (item={'name': 'mycert', 'dns': 'www.example.com', 'principal': 'HTTP/www.example.com@EXAMPLE.COM', 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.com", "name": "mycert", "principal": "HTTP/www.example.com@EXAMPLE.COM" } } MSG: Certificate requested (new). META: role_complete for /cache/rhel-7.qcow2 META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_principal.yml:13 Monday 22 November 2021 17:10:50 +0000 (0:00:00.878) 0:00:11.975 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_principal.yml:33 Monday 22 November 2021 17:10:51 +0000 (0:00:00.725) 0:00:12.701 ******* included: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml for /cache/rhel-7.qcow2 => (item={'path': '/etc/pki/tls/certs/mycert.crt', 'key_path': '/etc/pki/tls/private/mycert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}, {'name': 'Universal Principal Name (UPN)', 'value': 'HTTP/www.example.com@EXAMPLE.COM', 'oid': '1.3.6.1.4.1.311.20.2.3'}, {'name': 'Kerberos principalname', 'value': 'HTTP/www.example.com@EXAMPLE.COM', 'oid': '1.3.6.1.5.2.2'}]}) TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:2 Monday 22 November 2021 17:10:51 +0000 (0:00:00.030) 0:00:12.732 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:6 Monday 22 November 2021 17:10:51 +0000 (0:00:00.015) 0:00:12.747 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python3" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-17.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-17.el7 for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-17.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-17.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-17.el7 rhel 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-17.el7 rhel 6.9 M\n python3-pip noarch 9.0.3-8.el7 rhel 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 rhel 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 63 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Installing : python3-libs-3.6.8-17.el7.x86_64 2/4 \n Installing : python3-3.6.8-17.el7.x86_64 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 1/4 \n Verifying : python3-3.6.8-17.el7.x86_64 2/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Verifying : python3-libs-3.6.8-17.el7.x86_64 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-17.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-17.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:11 Monday 22 November 2021 17:10:56 +0000 (0:00:04.400) 0:00:17.148 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting pip Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB) Installing collected packages: pip Found existing installation: pip 9.0.3 Uninstalling pip-9.0.3: Successfully uninstalled pip-9.0.3 Successfully installed pip-21.3.1 TASK [Install certreader] ****************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:18 Monday 22 November 2021 17:11:00 +0000 (0:00:04.621) 0:00:21.769 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting cryptography<35 Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB) Collecting certreader>=0.1.1 Downloading certreader-0.1.1.tar.gz (4.4 kB) Preparing metadata (setup.py): started Preparing metadata (setup.py): finished with status 'done' Collecting cffi>=1.12 Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB) Collecting pyasn1 Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB) Collecting pyyaml Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB) Collecting pycparser Downloading pycparser-2.21-py2.py3-none-any.whl (118 kB) Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed. Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader Running setup.py install for certreader: started Running setup.py install for certreader: finished with status 'done' Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.21 pyyaml-6.0 TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:26 Monday 22 November 2021 17:11:03 +0000 (0:00:03.319) 0:00:25.089 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637601049.828611, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "84395c512d51b969b6b2c1022a6a496af344b321", "ctime": 1637601049.8256109, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12986546, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637601049.8256109, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1472, "uid": 0, "version": "1299039673", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:31 Monday 22 November 2021 17:11:04 +0000 (0:00:00.460) 0:00:25.549 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:37 Monday 22 November 2021 17:11:04 +0000 (0:00:00.021) 0:00:25.570 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:43 Monday 22 November 2021 17:11:04 +0000 (0:00:00.037) 0:00:25.607 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:49 Monday 22 November 2021 17:11:04 +0000 (0:00:00.034) 0:00:25.641 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637601049.784611, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "a6edf2612c291da3c9544f209e3f9bbb7d45076a", "ctime": 1637601049.8256109, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12986545, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637601049.8256109, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "18446744072173526987", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:54 Monday 22 November 2021 17:11:04 +0000 (0:00:00.320) 0:00:25.961 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:60 Monday 22 November 2021 17:11:04 +0000 (0:00:00.020) 0:00:25.981 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:66 Monday 22 November 2021 17:11:04 +0000 (0:00:00.036) 0:00:26.018 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt" ], "delta": "0:00:00.272998", "end": "2021-11-22 12:11:04.720090", "rc": 0, "start": "2021-11-22 12:11:04.447092" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.com" }, { "name": "Universal Principal Name (UPN)", "value": "HTTP/www.example.com@EXAMPLE.COM", "oid": "1.3.6.1.4.1.311.20.2.3" }, { "name": "Kerberos principalname", "value": "HTTP/www.example.com@EXAMPLE.COM", "oid": "1.3.6.1.5.2.2" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "41:25:3E:BC:11:48:35:45:B0:D8:28:A0:76:72:28:F0:DA:D5:05:63", "critical": false }, "authorityKeyIdentifier": { "value": "B9:C6:BA:6A:86:7B:7C:CB:1F:1B:64:F4:CF:7D:CF:19:89:00:68:AE", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "72:32:C1:B0:BB:85:5B:65:27:D4:15:EE:33:B7:CD:D2:61:10:BB:93:27:74:5D:AE:82:C2:96:71:82:8E:E3:7F:40:5B:E7:F3:09:ED:89:8B:82:FC:87:22:5D:DC:FD:F3:11:A5:E6:A2:43:30:0C:4E:FA:8C:FD:F5:8C:BE:03:5F:A9:92:7C:C4:95:53:8D:AF:5B:1C:66:3D:38:5A:72:A4:8C:26:C1:BB:96:5D:3D:72:BA:A1:23:30:74:16:72:AC:BE:0B:C1:98:A8:CC:81:E7:50:40:F6:33:9E:D8:21:E0:97:7A:0A:66:83:1E:9E:40:AA:61:D5:9D:A7:6A:8B:DA:7B:34:23:6C:CF:00:EE:60:29:AE:F2:A3:56:70:AB:99:18:CF:73:99:7C:F9:2A:6B:A2:9B:44:1A:39:24:5F:8A:58:73:33:ED:F7:4C:CF:BB:01:A1:EB:33:C7:CE:91:98:2D:74:C2:48:D7:A3:53:9F:AA:6C:86:1E:F1:49:27:63:8F:8C:0D:EF:4F:48:C9:71:A7:F0:B7:1C:75:26:98:7C:B5:A8:55:E3:39:C8:23:04:F0:98:EC:8C:DA:4C:57:CF:99:00:CC:4D:26:35:57:FC:69:DD:3C:E2:89:88:AF:B9:5A:5B:7D:5D:0A:3E:C8:CE:68:4D:09:A3:E9:02:14:BD" }, "key_size": 2048, "validity": { "not_valid_after": "2022-11-22 17:10:49", "not_valid_before": "2021-11-22 17:10:49" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:71 Monday 22 November 2021 17:11:05 +0000 (0:00:00.715) 0:00:26.733 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "B9:C6:BA:6A:86:7B:7C:CB:1F:1B:64:F4:CF:7D:CF:19:89:00:68:AE" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" }, { "name": "Universal Principal Name (UPN)", "oid": "1.3.6.1.4.1.311.20.2.3", "value": "HTTP/www.example.com@EXAMPLE.COM" }, { "name": "Kerberos principalname", "oid": "1.3.6.1.5.2.2", "value": "HTTP/www.example.com@EXAMPLE.COM" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "41:25:3E:BC:11:48:35:45:B0:D8:28:A0:76:72:28:F0:DA:D5:05:63" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "72:32:C1:B0:BB:85:5B:65:27:D4:15:EE:33:B7:CD:D2:61:10:BB:93:27:74:5D:AE:82:C2:96:71:82:8E:E3:7F:40:5B:E7:F3:09:ED:89:8B:82:FC:87:22:5D:DC:FD:F3:11:A5:E6:A2:43:30:0C:4E:FA:8C:FD:F5:8C:BE:03:5F:A9:92:7C:C4:95:53:8D:AF:5B:1C:66:3D:38:5A:72:A4:8C:26:C1:BB:96:5D:3D:72:BA:A1:23:30:74:16:72:AC:BE:0B:C1:98:A8:CC:81:E7:50:40:F6:33:9E:D8:21:E0:97:7A:0A:66:83:1E:9E:40:AA:61:D5:9D:A7:6A:8B:DA:7B:34:23:6C:CF:00:EE:60:29:AE:F2:A3:56:70:AB:99:18:CF:73:99:7C:F9:2A:6B:A2:9B:44:1A:39:24:5F:8A:58:73:33:ED:F7:4C:CF:BB:01:A1:EB:33:C7:CE:91:98:2D:74:C2:48:D7:A3:53:9F:AA:6C:86:1E:F1:49:27:63:8F:8C:0D:EF:4F:48:C9:71:A7:F0:B7:1C:75:26:98:7C:B5:A8:55:E3:39:C8:23:04:F0:98:EC:8C:DA:4C:57:CF:99:00:CC:4D:26:35:57:FC:69:DD:3C:E2:89:88:AF:B9:5A:5B:7D:5D:0A:3E:C8:CE:68:4D:09:A3:E9:02:14:BD" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "2022-11-22 17:10:49", "not_valid_before": "2021-11-22 17:10:49" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:75 Monday 22 November 2021 17:11:05 +0000 (0:00:00.032) 0:00:26.766 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:80 Monday 22 November 2021 17:11:05 +0000 (0:00:00.033) 0:00:26.799 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:85 Monday 22 November 2021 17:11:05 +0000 (0:00:00.019) 0:00:26.819 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:90 Monday 22 November 2021 17:11:05 +0000 (0:00:00.030) 0:00:26.849 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:99 Monday 22 November 2021 17:11:05 +0000 (0:00:00.032) 0:00:26.882 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:110 Monday 22 November 2021 17:11:05 +0000 (0:00:00.032) 0:00:26.914 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.039832", "end": "2021-11-22 12:11:05.246514", "rc": 0, "start": "2021-11-22 12:11:05.206682" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:115 Monday 22 November 2021 17:11:06 +0000 (0:00:00.343) 0:00:27.258 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY [Test issuing certificate with invalid principal.] ************************ TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_principal.yml:40 Monday 22 November 2021 17:11:06 +0000 (0:00:00.043) 0:00:27.301 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [fedora.linux_system_roles.certificate : Set version specific variables] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:2 Monday 22 November 2021 17:11:06 +0000 (0:00:00.685) 0:00:27.987 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/vars/RedHat_7.yml" ], "changed": false } TASK [fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:15 Monday 22 November 2021 17:11:06 +0000 (0:00:00.029) 0:00:28.016 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "rc": 0, "results": [ "python2-pyasn1-0.1.9-7.el7.noarch providing python-pyasn1 is already installed", "python2-cryptography-1.7.2-2.el7.x86_64 providing python-cryptography is already installed", "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed" ] } TASK [fedora.linux_system_roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:32 Monday 22 November 2021 17:11:07 +0000 (0:00:00.881) 0:00:28.898 ******* ok: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "rc": 0, "results": [ "certmonger-0.78.4-14.el7.x86_64 providing certmonger is already installed" ] } TASK [fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:43 Monday 22 November 2021 17:11:08 +0000 (0:00:00.542) 0:00:29.441 ******* ok: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:57 Monday 22 November 2021 17:11:08 +0000 (0:00:00.344) 0:00:29.785 ******* ok: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure provider service is running] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:74 Monday 22 November 2021 17:11:08 +0000 (0:00:00.330) 0:00:30.115 ******* ok: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestamp": "Mon 2021-11-22 12:10:49 EST", "ActiveEnterTimestampMonotonic": "21488690", "ActiveExitTimestampMonotonic": "0", "ActiveState": "active", "After": "network.target system.slice dbus.service basic.target syslog.target systemd-journald.socket", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "yes", "AssertTimestamp": "Mon 2021-11-22 12:10:49 EST", "AssertTimestampMonotonic": "21446454", "Before": "multi-user.target shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "yes", "ConditionTimestamp": "Mon 2021-11-22 12:10:49 EST", "ConditionTimestampMonotonic": "21446453", "Conflicts": "shutdown.target", "ControlGroup": "/system.slice/certmonger.service", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "8288", "ExecMainStartTimestamp": "Mon 2021-11-22 12:10:49 EST", "ExecMainStartTimestampMonotonic": "21447903", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[Mon 2021-11-22 12:10:49 EST] ; stop_time=[n/a] ; pid=8288 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestamp": "Mon 2021-11-22 12:10:49 EST", "InactiveExitTimestampMonotonic": "21448851", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14968", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14968", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "8288", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "basic.target system.slice", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "running", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "enabled", "WantedBy": "multi-user.target", "WatchdogTimestamp": "Mon 2021-11-22 12:10:49 EST", "WatchdogTimestampMonotonic": "21488660", "WatchdogUSec": "0" } } TASK [fedora.linux_system_roles.certificate : Ensure certificate requests] ***** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:84 Monday 22 November 2021 17:11:09 +0000 (0:00:00.395) 0:00:30.510 ******* failed: [/cache/rhel-7.qcow2] (item={'name': 'mycertinvalid', 'dns': 'www.example.com', 'principal': 'HTTP/abc', 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": false, "item": { "ca": "self-sign", "dns": "www.example.com", "name": "mycertinvalid", "principal": "HTTP/abc" } } MSG: Invalid principal 'HTTP/abc'. It should be formatted as 'primary/instance@REALM' TASK [assert...] *************************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_principal.yml:58 Monday 22 November 2021 17:11:09 +0000 (0:00:00.403) 0:00:30.914 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=40 changed=10 unreachable=0 failed=0 skipped=1 rescued=1 ignored=0 Monday 22 November 2021 17:11:09 +0000 (0:00:00.025) 0:00:30.939 ******* =============================================================================== fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed --- 4.86s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:15 Install the package, force upgrade -------------------------------------- 4.62s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:11 - Ensure python3 is installed --------------------------------------------- 4.40s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:6 -- Install certreader ------------------------------------------------------ 3.32s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:18 - fedora.linux_system_roles.certificate : Ensure provider packages are installed --- 2.09s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:32 set up internal repositories -------------------------------------------- 1.33s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ Gathering Facts --------------------------------------------------------- 0.97s /tmp/tmpv0mqm1w9/tests/certificate/tests_principal.yml:2 ---------------------- fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed --- 0.88s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:15 fedora.linux_system_roles.certificate : Ensure certificate requests ----- 0.88s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:84 fedora.linux_system_roles.certificate : Ensure provider service is running --- 0.88s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:74 Gathering Facts --------------------------------------------------------- 0.73s /tmp/tmpv0mqm1w9/tests/certificate/tests_principal.yml:13 --------------------- Parse certificate ------------------------------------------------------- 0.72s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:66 - Gathering Facts --------------------------------------------------------- 0.69s /tmp/tmpv0mqm1w9/tests/certificate/tests_principal.yml:40 --------------------- fedora.linux_system_roles.certificate : Ensure provider packages are installed --- 0.54s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:32 fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists --- 0.51s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:43 Retrieve certificate file stats ----------------------------------------- 0.46s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:26 - fedora.linux_system_roles.certificate : Ensure certificate requests ----- 0.40s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:84 fedora.linux_system_roles.certificate : Ensure provider service is running --- 0.40s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:74 fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists --- 0.34s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:43 fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists --- 0.34s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:57 + cd /tmp/tmpv0mqm1w9/tests/certificate; TEST_SSHD_USEDNS_NO=True TEST_SUBJECTS=/cache/rhel-7.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-103-b309c26-rhel-7-3xzp9nbc/artifacts ANSIBLE_COLLECTIONS_PATHS=/tmp/tmpvzmns1ns:~/.ansible/collections:/usr/share/ansible/collections ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 --skip-tags=tests::cleanup,tests::nvme /tmp/tmpcx8fxgbp/_setup.yml /tmp/tmpv0mqm1w9/tests/certificate/tests_provider.yml ansible-playbook [core 2.12.0.post0] config file = None configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.8/site-packages/ansible ansible collection location = /tmp/tmpvzmns1ns:/home/runner/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.8.8 (default, Aug 25 2021, 16:13:02) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] jinja version = 2.10.3 libyaml = True No config file found; using defaults Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 2 plays in /tmp/tmpcx8fxgbp/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpcx8fxgbp/_setup.yml:5 Monday 22 November 2021 17:11:24 +0000 (0:00:00.010) 0:00:00.010 ******* ok: [/cache/rhel-7.qcow2] => { "groups": { "all": [ "/cache/rhel-7.qcow2" ], "localhost": [ "/cache/rhel-7.qcow2" ], "subjects": [ "/cache/rhel-7.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:6 Monday 22 November 2021 17:11:24 +0000 (0:00:00.017) 0:00:00.028 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:13 Monday 22 November 2021 17:11:24 +0000 (0:00:00.023) 0:00:00.051 ******* changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 17:11:25 +0000 (0:00:01.418) 0:00:01.470 ******* =============================================================================== set up internal repositories -------------------------------------------- 1.42s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ fail -------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- PLAYBOOK: tests_provider.yml *************************************************** 2 plays in /tmp/tmpv0mqm1w9/tests/certificate/tests_provider.yml PLAY [Test issuing certificate with certmonger provider] *********************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_provider.yml:2 Monday 22 November 2021 17:11:25 +0000 (0:00:00.026) 0:00:01.496 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [fedora.linux_system_roles.certificate : Set version specific variables] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:2 Monday 22 November 2021 17:11:26 +0000 (0:00:00.984) 0:00:02.481 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/vars/RedHat_7.yml" ], "changed": false } TASK [fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:15 Monday 22 November 2021 17:11:26 +0000 (0:00:00.027) 0:00:02.508 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python-pyasn1", "python-cryptography" ] }, "rc": 0, "results": [ "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 rhel 503 k\n python2-pyasn1 noarch 0.1.9-7.el7 rhel 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 rhel 218 k\n python-enum34 noarch 1.0.4-1.el7 rhel 52 k\n python-idna noarch 2.4-1.el7 rhel 94 k\n python-ply noarch 3.4-11.el7 rhel 123 k\n python-pycparser noarch 2.14-1.el7 rhel 105 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 15 MB/s | 1.2 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n" ] } TASK [fedora.linux_system_roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:32 Monday 22 November 2021 17:11:31 +0000 (0:00:04.877) 0:00:07.385 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": { "installed": [ "certmonger" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-14.el7 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository\n Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-14.el7 rhel 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 rhel 33 k\n libtevent x86_64 0.9.39-1.el7 rhel 41 k\n psmisc x86_64 22.20-17.el7 rhel 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 rhel 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 rhel 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 980 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 13 MB/s | 980 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-14.el7.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 2/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 3/6 \n Verifying : certmonger-0.78.4-14.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-14.el7 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n" ] } TASK [fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:43 Monday 22 November 2021 17:11:33 +0000 (0:00:02.143) 0:00:09.529 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:57 Monday 22 November 2021 17:11:34 +0000 (0:00:00.484) 0:00:10.014 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure provider service is running] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:74 Monday 22 November 2021 17:11:34 +0000 (0:00:00.346) 0:00:10.360 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "basic.target systemd-journald.socket dbus.service syslog.target network.target system.slice", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14968", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14968", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "system.slice basic.target", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0" } } TASK [fedora.linux_system_roles.certificate : Ensure certificate requests] ***** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:84 Monday 22 November 2021 17:11:35 +0000 (0:00:00.887) 0:00:11.248 ******* changed: [/cache/rhel-7.qcow2] => (item={'name': 'mycert', 'dns': 'www.example.com', 'ca': 'self-sign', 'provider': 'certmonger'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.com", "name": "mycert", "provider": "certmonger" } } MSG: Certificate requested (new). META: role_complete for /cache/rhel-7.qcow2 META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_provider.yml:13 Monday 22 November 2021 17:11:36 +0000 (0:00:00.913) 0:00:12.161 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_provider.yml:27 Monday 22 November 2021 17:11:37 +0000 (0:00:00.746) 0:00:12.907 ******* included: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml for /cache/rhel-7.qcow2 => (item={'path': '/etc/pki/tls/certs/mycert.crt', 'key_path': '/etc/pki/tls/private/mycert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}]}) TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:2 Monday 22 November 2021 17:11:37 +0000 (0:00:00.031) 0:00:12.939 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:6 Monday 22 November 2021 17:11:37 +0000 (0:00:00.016) 0:00:12.955 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python3" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-17.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-17.el7 for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-17.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-17.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-17.el7 rhel 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-17.el7 rhel 6.9 M\n python3-pip noarch 9.0.3-8.el7 rhel 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 rhel 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 61 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Installing : python3-libs-3.6.8-17.el7.x86_64 2/4 \n Installing : python3-3.6.8-17.el7.x86_64 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 1/4 \n Verifying : python3-3.6.8-17.el7.x86_64 2/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Verifying : python3-libs-3.6.8-17.el7.x86_64 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-17.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-17.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:11 Monday 22 November 2021 17:11:41 +0000 (0:00:04.486) 0:00:17.442 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting pip Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB) Installing collected packages: pip Found existing installation: pip 9.0.3 Uninstalling pip-9.0.3: Successfully uninstalled pip-9.0.3 Successfully installed pip-21.3.1 TASK [Install certreader] ****************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:18 Monday 22 November 2021 17:11:46 +0000 (0:00:04.748) 0:00:22.191 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting cryptography<35 Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB) Collecting certreader>=0.1.1 Downloading certreader-0.1.1.tar.gz (4.4 kB) Preparing metadata (setup.py): started Preparing metadata (setup.py): finished with status 'done' Collecting cffi>=1.12 Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB) Collecting pyasn1 Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB) Collecting pyyaml Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB) Collecting pycparser Downloading pycparser-2.21-py2.py3-none-any.whl (118 kB) Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed. Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader Running setup.py install for certreader: started Running setup.py install for certreader: finished with status 'done' Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.21 pyyaml-6.0 TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:26 Monday 22 November 2021 17:11:49 +0000 (0:00:03.127) 0:00:25.318 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637601095.1969666, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "a614a6a6867cf456c158f3c5913a56f8d680a542", "ctime": 1637601095.1939666, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12584399, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637601095.1939666, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1310, "uid": 0, "version": "1963061745", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:31 Monday 22 November 2021 17:11:49 +0000 (0:00:00.478) 0:00:25.797 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:37 Monday 22 November 2021 17:11:49 +0000 (0:00:00.022) 0:00:25.819 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:43 Monday 22 November 2021 17:11:49 +0000 (0:00:00.037) 0:00:25.857 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:49 Monday 22 November 2021 17:11:50 +0000 (0:00:00.035) 0:00:25.892 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637601095.1529667, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "5daa16fa4ca5da01f38c4f20edf575fdf1660be3", "ctime": 1637601095.1939666, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12584398, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637601095.1939666, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "18446744073071447824", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:54 Monday 22 November 2021 17:11:50 +0000 (0:00:00.332) 0:00:26.224 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:60 Monday 22 November 2021 17:11:50 +0000 (0:00:00.023) 0:00:26.247 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:66 Monday 22 November 2021 17:11:50 +0000 (0:00:00.037) 0:00:26.284 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt" ], "delta": "0:00:00.279950", "end": "2021-11-22 12:11:50.167365", "rc": 0, "start": "2021-11-22 12:11:49.887415" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.com" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "38:02:A8:62:52:18:F7:6D:C0:8C:E3:21:9F:8A:CE:D0:9A:7F:5E:76", "critical": false }, "authorityKeyIdentifier": { "value": "4D:43:9A:FE:95:D4:B1:CC:49:D3:3E:BB:69:0C:35:61:23:32:5B:AB", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "59:3E:11:DA:37:B7:CD:E7:C4:F9:AA:E3:36:2F:CF:80:8D:69:B6:F7:70:9F:94:46:80:C4:FC:CA:43:C1:57:20:43:08:CB:47:94:E5:FE:05:A9:83:1B:E6:33:04:10:E0:1A:27:01:92:A0:8E:63:90:D3:7A:50:61:B7:43:11:69:CB:65:4D:43:D2:E9:0E:C4:66:FE:82:68:C7:63:23:F1:5A:76:AD:88:CD:29:A1:99:70:9F:6F:F8:6E:D7:0D:9F:37:FB:D5:B7:4D:02:34:B4:1B:5C:14:5A:C7:48:3D:EF:B4:04:B7:2D:E8:D6:8E:93:3C:D1:28:12:EC:26:11:37:DD:92:31:8E:4C:01:4B:A4:AE:A2:84:3D:56:29:BA:E0:8B:78:FB:E7:10:F5:F5:A1:09:6B:F1:65:2A:22:FE:B4:F7:0D:BF:51:B4:36:2B:D1:9B:9C:A9:8A:08:A4:88:9E:4F:25:FF:46:92:22:9E:FD:D9:00:A5:E5:18:03:DD:09:07:34:F9:9F:48:7E:B2:67:22:A0:2E:5D:10:37:DF:14:B9:2D:35:24:62:FC:99:36:7D:A5:F7:7B:7F:6C:F0:B6:54:4F:FE:EE:FB:13:45:6E:0C:5E:3B:24:35:06:44:18:92:DC:D9:8B:F9:3D:D8:66:F0:85:89:2D:EF:63:5C:0A" }, "key_size": 2048, "validity": { "not_valid_after": "2022-11-22 17:11:34", "not_valid_before": "2021-11-22 17:11:35" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:71 Monday 22 November 2021 17:11:51 +0000 (0:00:00.731) 0:00:27.016 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "4D:43:9A:FE:95:D4:B1:CC:49:D3:3E:BB:69:0C:35:61:23:32:5B:AB" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "38:02:A8:62:52:18:F7:6D:C0:8C:E3:21:9F:8A:CE:D0:9A:7F:5E:76" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "59:3E:11:DA:37:B7:CD:E7:C4:F9:AA:E3:36:2F:CF:80:8D:69:B6:F7:70:9F:94:46:80:C4:FC:CA:43:C1:57:20:43:08:CB:47:94:E5:FE:05:A9:83:1B:E6:33:04:10:E0:1A:27:01:92:A0:8E:63:90:D3:7A:50:61:B7:43:11:69:CB:65:4D:43:D2:E9:0E:C4:66:FE:82:68:C7:63:23:F1:5A:76:AD:88:CD:29:A1:99:70:9F:6F:F8:6E:D7:0D:9F:37:FB:D5:B7:4D:02:34:B4:1B:5C:14:5A:C7:48:3D:EF:B4:04:B7:2D:E8:D6:8E:93:3C:D1:28:12:EC:26:11:37:DD:92:31:8E:4C:01:4B:A4:AE:A2:84:3D:56:29:BA:E0:8B:78:FB:E7:10:F5:F5:A1:09:6B:F1:65:2A:22:FE:B4:F7:0D:BF:51:B4:36:2B:D1:9B:9C:A9:8A:08:A4:88:9E:4F:25:FF:46:92:22:9E:FD:D9:00:A5:E5:18:03:DD:09:07:34:F9:9F:48:7E:B2:67:22:A0:2E:5D:10:37:DF:14:B9:2D:35:24:62:FC:99:36:7D:A5:F7:7B:7F:6C:F0:B6:54:4F:FE:EE:FB:13:45:6E:0C:5E:3B:24:35:06:44:18:92:DC:D9:8B:F9:3D:D8:66:F0:85:89:2D:EF:63:5C:0A" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "2022-11-22 17:11:34", "not_valid_before": "2021-11-22 17:11:35" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:75 Monday 22 November 2021 17:11:51 +0000 (0:00:00.034) 0:00:27.050 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:80 Monday 22 November 2021 17:11:51 +0000 (0:00:00.035) 0:00:27.086 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:85 Monday 22 November 2021 17:11:51 +0000 (0:00:00.020) 0:00:27.106 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:90 Monday 22 November 2021 17:11:51 +0000 (0:00:00.031) 0:00:27.138 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:99 Monday 22 November 2021 17:11:51 +0000 (0:00:00.032) 0:00:27.171 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:110 Monday 22 November 2021 17:11:51 +0000 (0:00:00.032) 0:00:27.203 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.041084", "end": "2021-11-22 12:11:50.713030", "rc": 0, "start": "2021-11-22 12:11:50.671946" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:115 Monday 22 November 2021 17:11:51 +0000 (0:00:00.355) 0:00:27.558 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=32 changed=10 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 17:11:51 +0000 (0:00:00.039) 0:00:27.598 ******* =============================================================================== fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed --- 4.88s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:15 Install the package, force upgrade -------------------------------------- 4.75s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:11 - Ensure python3 is installed --------------------------------------------- 4.49s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:6 -- Install certreader ------------------------------------------------------ 3.13s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:18 - fedora.linux_system_roles.certificate : Ensure provider packages are installed --- 2.14s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:32 set up internal repositories -------------------------------------------- 1.42s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ Gathering Facts --------------------------------------------------------- 0.98s /tmp/tmpv0mqm1w9/tests/certificate/tests_provider.yml:2 ----------------------- fedora.linux_system_roles.certificate : Ensure certificate requests ----- 0.91s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:84 fedora.linux_system_roles.certificate : Ensure provider service is running --- 0.89s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:74 Gathering Facts --------------------------------------------------------- 0.75s /tmp/tmpv0mqm1w9/tests/certificate/tests_provider.yml:13 ---------------------- Parse certificate ------------------------------------------------------- 0.73s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:66 - fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists --- 0.48s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:43 Retrieve certificate file stats ----------------------------------------- 0.48s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:26 - Retrieve auto-renew flag ------------------------------------------------ 0.36s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:110 fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists --- 0.35s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:57 Retrieve key file stats ------------------------------------------------- 0.33s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:49 - Verify certificate auto-renew flag -------------------------------------- 0.04s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:115 Verify certificate file owner and group --------------------------------- 0.04s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:37 - Verify key file owner and group ----------------------------------------- 0.04s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:60 - Verify certificate subject ---------------------------------------------- 0.04s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:75 - + cd /tmp/tmpv0mqm1w9/tests/certificate; TEST_SSHD_USEDNS_NO=True TEST_SUBJECTS=/cache/rhel-7.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-103-b309c26-rhel-7-3xzp9nbc/artifacts ANSIBLE_COLLECTIONS_PATHS=/tmp/tmpvzmns1ns:~/.ansible/collections:/usr/share/ansible/collections ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 --skip-tags=tests::cleanup,tests::nvme /tmp/tmpcx8fxgbp/_setup.yml /tmp/tmpv0mqm1w9/tests/certificate/tests_run_hooks.yml ansible-playbook [core 2.12.0.post0] config file = None configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.8/site-packages/ansible ansible collection location = /tmp/tmpvzmns1ns:/home/runner/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.8.8 (default, Aug 25 2021, 16:13:02) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] jinja version = 2.10.3 libyaml = True No config file found; using defaults Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 2 plays in /tmp/tmpcx8fxgbp/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpcx8fxgbp/_setup.yml:5 Monday 22 November 2021 17:12:06 +0000 (0:00:00.011) 0:00:00.011 ******* ok: [/cache/rhel-7.qcow2] => { "groups": { "all": [ "/cache/rhel-7.qcow2" ], "localhost": [ "/cache/rhel-7.qcow2" ], "subjects": [ "/cache/rhel-7.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:6 Monday 22 November 2021 17:12:06 +0000 (0:00:00.019) 0:00:00.031 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:13 Monday 22 November 2021 17:12:06 +0000 (0:00:00.025) 0:00:00.056 ******* changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 17:12:07 +0000 (0:00:01.412) 0:00:01.468 ******* =============================================================================== set up internal repositories -------------------------------------------- 1.41s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ fail -------------------------------------------------------------------- 0.03s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- PLAYBOOK: tests_run_hooks.yml ************************************************** 2 plays in /tmp/tmpv0mqm1w9/tests/certificate/tests_run_hooks.yml PLAY [Issue simple self-signed certificate] ************************************ TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_run_hooks.yml:2 Monday 22 November 2021 17:12:07 +0000 (0:00:00.020) 0:00:01.488 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [fedora.linux_system_roles.certificate : Set version specific variables] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:2 Monday 22 November 2021 17:12:08 +0000 (0:00:00.980) 0:00:02.469 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/vars/RedHat_7.yml" ], "changed": false } TASK [fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:15 Monday 22 November 2021 17:12:08 +0000 (0:00:00.032) 0:00:02.502 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python-pyasn1", "python-cryptography" ] }, "rc": 0, "results": [ "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 rhel 503 k\n python2-pyasn1 noarch 0.1.9-7.el7 rhel 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 rhel 218 k\n python-enum34 noarch 1.0.4-1.el7 rhel 52 k\n python-idna noarch 2.4-1.el7 rhel 94 k\n python-ply noarch 3.4-11.el7 rhel 123 k\n python-pycparser noarch 2.14-1.el7 rhel 105 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 15 MB/s | 1.2 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n" ] } TASK [fedora.linux_system_roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:32 Monday 22 November 2021 17:12:13 +0000 (0:00:04.876) 0:00:07.378 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": { "installed": [ "certmonger" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-14.el7 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository\n Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-14.el7 rhel 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 rhel 33 k\n libtevent x86_64 0.9.39-1.el7 rhel 41 k\n psmisc x86_64 22.20-17.el7 rhel 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 rhel 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 rhel 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 980 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 13 MB/s | 980 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-14.el7.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 2/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 3/6 \n Verifying : certmonger-0.78.4-14.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-14.el7 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n" ] } TASK [fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:43 Monday 22 November 2021 17:12:15 +0000 (0:00:02.142) 0:00:09.521 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:57 Monday 22 November 2021 17:12:16 +0000 (0:00:00.486) 0:00:10.008 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure provider service is running] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:74 Monday 22 November 2021 17:12:16 +0000 (0:00:00.347) 0:00:10.356 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "syslog.target system.slice systemd-journald.socket network.target dbus.service basic.target", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14968", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14968", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "basic.target system.slice", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0" } } TASK [fedora.linux_system_roles.certificate : Ensure certificate requests] ***** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:84 Monday 22 November 2021 17:12:17 +0000 (0:00:00.807) 0:00:11.163 ******* changed: [/cache/rhel-7.qcow2] => (item={'name': 'mycert', 'dns': 'www.example.com', 'ca': 'self-sign', 'run_before': 'touch /etc/pki/before_cert.tmp\n', 'run_after': 'touch /etc/pki/after_cert.tmp\n'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "dns": "www.example.com", "name": "mycert", "run_after": "touch /etc/pki/after_cert.tmp\n", "run_before": "touch /etc/pki/before_cert.tmp\n" } } MSG: Certificate requested (new). Pre/Post run hooks updated. META: role_complete for /cache/rhel-7.qcow2 META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_run_hooks.yml:15 Monday 22 November 2021 17:12:18 +0000 (0:00:00.986) 0:00:12.150 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_run_hooks.yml:29 Monday 22 November 2021 17:12:18 +0000 (0:00:00.704) 0:00:12.854 ******* included: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml for /cache/rhel-7.qcow2 => (item={'path': '/etc/pki/tls/certs/mycert.crt', 'key_path': '/etc/pki/tls/private/mycert.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'www.example.com'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}]}) TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:2 Monday 22 November 2021 17:12:18 +0000 (0:00:00.042) 0:00:12.896 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:6 Monday 22 November 2021 17:12:19 +0000 (0:00:00.019) 0:00:12.916 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python3" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-17.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-17.el7 for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-17.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-17.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-17.el7 rhel 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-17.el7 rhel 6.9 M\n python3-pip noarch 9.0.3-8.el7 rhel 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 rhel 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 65 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Installing : python3-libs-3.6.8-17.el7.x86_64 2/4 \n Installing : python3-3.6.8-17.el7.x86_64 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 1/4 \n Verifying : python3-3.6.8-17.el7.x86_64 2/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Verifying : python3-libs-3.6.8-17.el7.x86_64 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-17.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-17.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:11 Monday 22 November 2021 17:12:23 +0000 (0:00:04.368) 0:00:17.285 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting pip Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB) Installing collected packages: pip Found existing installation: pip 9.0.3 Uninstalling pip-9.0.3: Successfully uninstalled pip-9.0.3 Successfully installed pip-21.3.1 TASK [Install certreader] ****************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:18 Monday 22 November 2021 17:12:27 +0000 (0:00:04.600) 0:00:21.885 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting cryptography<35 Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB) Collecting certreader>=0.1.1 Downloading certreader-0.1.1.tar.gz (4.4 kB) Preparing metadata (setup.py): started Preparing metadata (setup.py): finished with status 'done' Collecting cffi>=1.12 Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB) Collecting pyasn1 Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB) Collecting pyyaml Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB) Collecting pycparser Downloading pycparser-2.21-py2.py3-none-any.whl (118 kB) Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed. Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader Running setup.py install for certreader: started Running setup.py install for certreader: finished with status 'done' Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.21 pyyaml-6.0 TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:26 Monday 22 November 2021 17:12:31 +0000 (0:00:03.129) 0:00:25.015 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637601137.0356514, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "6adb73e0b82be06a3144b1822785f358251a38aa", "ctime": 1637601137.0326514, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12584432, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637601137.0326514, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1310, "uid": 0, "version": "18446744072725236303", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:31 Monday 22 November 2021 17:12:31 +0000 (0:00:00.449) 0:00:25.464 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:37 Monday 22 November 2021 17:12:31 +0000 (0:00:00.019) 0:00:25.484 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:43 Monday 22 November 2021 17:12:31 +0000 (0:00:00.033) 0:00:25.518 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:49 Monday 22 November 2021 17:12:31 +0000 (0:00:00.030) 0:00:25.548 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637601136.9876513, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "1c0fff07059f83c24be076baf7d63cf2702fd370", "ctime": 1637601137.0326514, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12584431, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637601137.0326514, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "46747044", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:54 Monday 22 November 2021 17:12:31 +0000 (0:00:00.309) 0:00:25.857 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:60 Monday 22 November 2021 17:12:31 +0000 (0:00:00.019) 0:00:25.877 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:66 Monday 22 November 2021 17:12:31 +0000 (0:00:00.034) 0:00:25.911 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt" ], "delta": "0:00:00.267974", "end": "2021-11-22 12:12:31.664944", "rc": 0, "start": "2021-11-22 12:12:31.396970" } STDOUT: { "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.com" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "E6:62:21:0D:81:99:F7:DE:46:90:63:A3:A2:E9:2F:E1:03:B0:CA:90", "critical": false }, "authorityKeyIdentifier": { "value": "54:64:58:6F:04:C0:D7:33:43:25:60:28:18:3A:F6:B9:9C:12:7F:76", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "9A:D5:46:62:2E:31:69:3D:E8:AC:B5:4F:7B:EB:28:87:43:CE:E7:33:CA:A3:C1:C1:BC:D3:07:9D:F7:9B:3C:F7:5D:A7:92:99:9D:13:99:68:52:8B:19:7D:04:41:5A:DC:9D:52:A7:D8:D4:11:79:BD:18:83:06:4E:6B:13:AC:A4:D9:C2:15:95:7B:B7:A6:FB:98:3D:84:FC:0F:FE:91:A3:FC:DF:27:9F:18:23:94:23:36:79:48:40:92:78:D0:EC:38:D3:C2:73:B9:1D:C0:C7:7C:78:A6:F1:3E:6C:83:44:CF:4D:5B:59:BF:D5:DC:6E:8F:59:95:23:98:0A:1C:61:59:FB:BB:D9:81:DF:3F:D2:3F:6B:B7:E6:25:98:D9:38:EC:76:14:51:98:FE:5D:39:46:DE:05:D9:A6:54:6B:7E:8E:76:05:F1:67:CA:5A:61:07:89:77:E3:88:D1:03:AC:07:C7:43:60:F6:A7:DF:8B:02:4A:13:5C:8B:22:A0:F8:CA:C4:DA:4D:14:1B:5D:8F:C5:05:BA:01:20:D4:88:DC:61:90:06:2C:26:A0:25:5B:2D:19:36:E0:A9:21:B6:65:CA:AE:3D:DA:CE:59:45:82:C3:90:BB:46:7D:BC:CA:C8:3A:D7:E1:A3:AF:66:28:1E:01:D3:3C:6B:DD:A1:60:05" }, "key_size": 2048, "validity": { "not_valid_after": "2022-11-22 17:12:16", "not_valid_before": "2021-11-22 17:12:17" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:71 Monday 22 November 2021 17:12:32 +0000 (0:00:00.700) 0:00:26.612 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "54:64:58:6F:04:C0:D7:33:43:25:60:28:18:3A:F6:B9:9C:12:7F:76" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "E6:62:21:0D:81:99:F7:DE:46:90:63:A3:A2:E9:2F:E1:03:B0:CA:90" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "9A:D5:46:62:2E:31:69:3D:E8:AC:B5:4F:7B:EB:28:87:43:CE:E7:33:CA:A3:C1:C1:BC:D3:07:9D:F7:9B:3C:F7:5D:A7:92:99:9D:13:99:68:52:8B:19:7D:04:41:5A:DC:9D:52:A7:D8:D4:11:79:BD:18:83:06:4E:6B:13:AC:A4:D9:C2:15:95:7B:B7:A6:FB:98:3D:84:FC:0F:FE:91:A3:FC:DF:27:9F:18:23:94:23:36:79:48:40:92:78:D0:EC:38:D3:C2:73:B9:1D:C0:C7:7C:78:A6:F1:3E:6C:83:44:CF:4D:5B:59:BF:D5:DC:6E:8F:59:95:23:98:0A:1C:61:59:FB:BB:D9:81:DF:3F:D2:3F:6B:B7:E6:25:98:D9:38:EC:76:14:51:98:FE:5D:39:46:DE:05:D9:A6:54:6B:7E:8E:76:05:F1:67:CA:5A:61:07:89:77:E3:88:D1:03:AC:07:C7:43:60:F6:A7:DF:8B:02:4A:13:5C:8B:22:A0:F8:CA:C4:DA:4D:14:1B:5D:8F:C5:05:BA:01:20:D4:88:DC:61:90:06:2C:26:A0:25:5B:2D:19:36:E0:A9:21:B6:65:CA:AE:3D:DA:CE:59:45:82:C3:90:BB:46:7D:BC:CA:C8:3A:D7:E1:A3:AF:66:28:1E:01:D3:3C:6B:DD:A1:60:05" }, "subject": [ { "name": "commonName", "oid": "2.5.4.3", "value": "www.example.com" } ], "validity": { "not_valid_after": "2022-11-22 17:12:16", "not_valid_before": "2021-11-22 17:12:17" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:75 Monday 22 November 2021 17:12:32 +0000 (0:00:00.033) 0:00:26.646 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:80 Monday 22 November 2021 17:12:32 +0000 (0:00:00.035) 0:00:26.681 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:85 Monday 22 November 2021 17:12:32 +0000 (0:00:00.020) 0:00:26.702 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:90 Monday 22 November 2021 17:12:32 +0000 (0:00:00.032) 0:00:26.734 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:99 Monday 22 November 2021 17:12:32 +0000 (0:00:00.033) 0:00:26.767 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:110 Monday 22 November 2021 17:12:32 +0000 (0:00:00.033) 0:00:26.800 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.040401", "end": "2021-11-22 12:12:32.198973", "rc": 0, "start": "2021-11-22 12:12:32.158572" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:115 Monday 22 November 2021 17:12:33 +0000 (0:00:00.338) 0:00:27.138 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Get certificate timestamp] *********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_run_hooks.yml:37 Monday 22 November 2021 17:12:33 +0000 (0:00:00.034) 0:00:27.173 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637601137.0356514, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "6adb73e0b82be06a3144b1822785f358251a38aa", "ctime": 1637601137.0326514, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12584432, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637601137.0326514, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1310, "uid": 0, "version": "18446744072725236303", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Get pre-run file timestamp] ********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_run_hooks.yml:41 Monday 22 November 2021 17:12:33 +0000 (0:00:00.293) 0:00:27.467 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637601137.0316513, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 0, "charset": "binary", "checksum": "da39a3ee5e6b4b0d3255bfef95601890afd80709", "ctime": 1637601137.0316513, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 8156, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "inode/x-empty", "mode": "0600", "mtime": 1637601137.0316513, "nlink": 1, "path": "/etc/pki/before_cert.tmp", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 0, "uid": 0, "version": "666885147", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Get post-run file timestamp] ********************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_run_hooks.yml:45 Monday 22 November 2021 17:12:33 +0000 (0:00:00.289) 0:00:27.756 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637601137.0606513, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 0, "charset": "binary", "checksum": "da39a3ee5e6b4b0d3255bfef95601890afd80709", "ctime": 1637601137.0606513, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 8155, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "inode/x-empty", "mode": "0600", "mtime": 1637601137.0606513, "nlink": 1, "path": "/etc/pki/after_cert.tmp", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 0, "uid": 0, "version": "899646726", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Assert file created before cert] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_run_hooks.yml:49 Monday 22 November 2021 17:12:34 +0000 (0:00:00.301) 0:00:28.058 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Assert file created after cert] ****************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_run_hooks.yml:54 Monday 22 November 2021 17:12:34 +0000 (0:00:00.021) 0:00:28.079 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=37 changed=10 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 17:12:34 +0000 (0:00:00.023) 0:00:28.103 ******* =============================================================================== fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed --- 4.88s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:15 Install the package, force upgrade -------------------------------------- 4.60s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:11 - Ensure python3 is installed --------------------------------------------- 4.37s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:6 -- Install certreader ------------------------------------------------------ 3.13s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:18 - fedora.linux_system_roles.certificate : Ensure provider packages are installed --- 2.14s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:32 set up internal repositories -------------------------------------------- 1.41s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ fedora.linux_system_roles.certificate : Ensure certificate requests ----- 0.99s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:84 Gathering Facts --------------------------------------------------------- 0.98s /tmp/tmpv0mqm1w9/tests/certificate/tests_run_hooks.yml:2 ---------------------- fedora.linux_system_roles.certificate : Ensure provider service is running --- 0.81s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:74 Gathering Facts --------------------------------------------------------- 0.70s /tmp/tmpv0mqm1w9/tests/certificate/tests_run_hooks.yml:15 --------------------- Parse certificate ------------------------------------------------------- 0.70s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:66 - fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists --- 0.49s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:43 Retrieve certificate file stats ----------------------------------------- 0.45s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:26 - fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists --- 0.35s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:57 Retrieve auto-renew flag ------------------------------------------------ 0.34s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:110 Retrieve key file stats ------------------------------------------------- 0.31s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:49 - Get post-run file timestamp --------------------------------------------- 0.30s /tmp/tmpv0mqm1w9/tests/certificate/tests_run_hooks.yml:45 --------------------- Get certificate timestamp ----------------------------------------------- 0.29s /tmp/tmpv0mqm1w9/tests/certificate/tests_run_hooks.yml:37 --------------------- Get pre-run file timestamp ---------------------------------------------- 0.29s /tmp/tmpv0mqm1w9/tests/certificate/tests_run_hooks.yml:41 --------------------- Verify each certificate ------------------------------------------------- 0.04s /tmp/tmpv0mqm1w9/tests/certificate/tests_run_hooks.yml:29 --------------------- + cd /tmp/tmpv0mqm1w9/tests/certificate; TEST_SSHD_USEDNS_NO=True TEST_SUBJECTS=/cache/rhel-7.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-103-b309c26-rhel-7-3xzp9nbc/artifacts ANSIBLE_COLLECTIONS_PATHS=/tmp/tmpvzmns1ns:~/.ansible/collections:/usr/share/ansible/collections ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 --skip-tags=tests::cleanup,tests::nvme /tmp/tmpcx8fxgbp/_setup.yml /tmp/tmpv0mqm1w9/tests/certificate/tests_subject.yml ansible-playbook [core 2.12.0.post0] config file = None configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.8/site-packages/ansible ansible collection location = /tmp/tmpvzmns1ns:/home/runner/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.8.8 (default, Aug 25 2021, 16:13:02) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] jinja version = 2.10.3 libyaml = True No config file found; using defaults Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 2 plays in /tmp/tmpcx8fxgbp/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpcx8fxgbp/_setup.yml:5 Monday 22 November 2021 17:12:48 +0000 (0:00:00.010) 0:00:00.010 ******* ok: [/cache/rhel-7.qcow2] => { "groups": { "all": [ "/cache/rhel-7.qcow2" ], "localhost": [ "/cache/rhel-7.qcow2" ], "subjects": [ "/cache/rhel-7.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:6 Monday 22 November 2021 17:12:48 +0000 (0:00:00.019) 0:00:00.030 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:13 Monday 22 November 2021 17:12:48 +0000 (0:00:00.024) 0:00:00.054 ******* changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 17:12:50 +0000 (0:00:01.399) 0:00:01.454 ******* =============================================================================== set up internal repositories -------------------------------------------- 1.40s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ fail -------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- PLAYBOOK: tests_subject.yml **************************************************** 2 plays in /tmp/tmpv0mqm1w9/tests/certificate/tests_subject.yml PLAY [Issue simple self-signed certificate] ************************************ TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_subject.yml:2 Monday 22 November 2021 17:12:50 +0000 (0:00:00.018) 0:00:01.472 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [fedora.linux_system_roles.certificate : Set version specific variables] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:2 Monday 22 November 2021 17:12:51 +0000 (0:00:01.011) 0:00:02.484 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/vars/RedHat_7.yml" ], "changed": false } TASK [fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:15 Monday 22 November 2021 17:12:51 +0000 (0:00:00.028) 0:00:02.512 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python-pyasn1", "python-cryptography" ] }, "rc": 0, "results": [ "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 rhel 503 k\n python2-pyasn1 noarch 0.1.9-7.el7 rhel 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 rhel 218 k\n python-enum34 noarch 1.0.4-1.el7 rhel 52 k\n python-idna noarch 2.4-1.el7 rhel 94 k\n python-ply noarch 3.4-11.el7 rhel 123 k\n python-pycparser noarch 2.14-1.el7 rhel 105 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 16 MB/s | 1.2 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n" ] } TASK [fedora.linux_system_roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:32 Monday 22 November 2021 17:12:56 +0000 (0:00:04.850) 0:00:07.363 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": { "installed": [ "certmonger" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-14.el7 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository\n Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-14.el7 rhel 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 rhel 33 k\n libtevent x86_64 0.9.39-1.el7 rhel 41 k\n psmisc x86_64 22.20-17.el7 rhel 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 rhel 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 rhel 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 980 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 12 MB/s | 980 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-14.el7.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 2/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 3/6 \n Verifying : certmonger-0.78.4-14.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-14.el7 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n" ] } TASK [fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:43 Monday 22 November 2021 17:12:58 +0000 (0:00:02.137) 0:00:09.500 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:57 Monday 22 November 2021 17:12:58 +0000 (0:00:00.501) 0:00:10.002 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure provider service is running] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:74 Monday 22 November 2021 17:12:59 +0000 (0:00:00.359) 0:00:10.361 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "dbus.service syslog.target network.target basic.target systemd-journald.socket system.slice", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14968", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14968", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "system.slice basic.target", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0" } } TASK [fedora.linux_system_roles.certificate : Ensure certificate requests] ***** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:84 Monday 22 November 2021 17:12:59 +0000 (0:00:00.843) 0:00:11.205 ******* changed: [/cache/rhel-7.qcow2] => (item={'name': 'mycert', 'dns': 'www.example.com', 'common_name': 'Some other common name', 'country': 'US', 'state': 'NC', 'locality': 'Raleigh', 'organization': 'Red Hat', 'organizational_unit': 'Linux', 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "common_name": "Some other common name", "country": "US", "dns": "www.example.com", "locality": "Raleigh", "name": "mycert", "organization": "Red Hat", "organizational_unit": "Linux", "state": "NC" } } MSG: Certificate requested (new). META: role_complete for /cache/rhel-7.qcow2 META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_subject.yml:19 Monday 22 November 2021 17:13:00 +0000 (0:00:00.878) 0:00:12.084 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_subject.yml:48 Monday 22 November 2021 17:13:01 +0000 (0:00:00.714) 0:00:12.798 ******* included: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml for /cache/rhel-7.qcow2 => (item={'path': '/etc/pki/tls/certs/mycert.crt', 'key_path': '/etc/pki/tls/private/mycert.key', 'subject': [{'name': 'countryName', 'oid': '2.5.4.6', 'value': 'US'}, {'name': 'stateOrProvinceName', 'oid': '2.5.4.8', 'value': 'NC'}, {'name': 'localityName', 'oid': '2.5.4.7', 'value': 'Raleigh'}, {'name': 'organizationName', 'oid': '2.5.4.10', 'value': 'Red Hat'}, {'name': 'organizationalUnitName', 'oid': '2.5.4.11', 'value': 'Linux'}, {'name': 'commonName', 'oid': '2.5.4.3', 'value': 'Some other common name'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}]}) TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:2 Monday 22 November 2021 17:13:01 +0000 (0:00:00.031) 0:00:12.830 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:6 Monday 22 November 2021 17:13:01 +0000 (0:00:00.014) 0:00:12.844 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python3" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python3.x86_64 0:3.6.8-17.el7 will be installed\n--> Processing Dependency: python3-libs(x86-64) = 3.6.8-17.el7 for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-setuptools for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: python3-pip for package: python3-3.6.8-17.el7.x86_64\n--> Processing Dependency: libpython3.6m.so.1.0()(64bit) for package: python3-3.6.8-17.el7.x86_64\n--> Running transaction check\n---> Package python3-libs.x86_64 0:3.6.8-17.el7 will be installed\n---> Package python3-pip.noarch 0:9.0.3-8.el7 will be installed\n---> Package python3-setuptools.noarch 0:39.2.0-10.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python3 x86_64 3.6.8-17.el7 rhel 70 k\nInstalling for dependencies:\n python3-libs x86_64 3.6.8-17.el7 rhel 6.9 M\n python3-pip noarch 9.0.3-8.el7 rhel 1.6 M\n python3-setuptools noarch 39.2.0-10.el7 rhel 629 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+3 Dependent packages)\n\nTotal download size: 9.3 M\nInstalled size: 47 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 40 MB/s | 9.3 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python3-setuptools-39.2.0-10.el7.noarch 1/4 \n Installing : python3-libs-3.6.8-17.el7.x86_64 2/4 \n Installing : python3-3.6.8-17.el7.x86_64 3/4 \n Installing : python3-pip-9.0.3-8.el7.noarch 4/4 \n Verifying : python3-pip-9.0.3-8.el7.noarch 1/4 \n Verifying : python3-3.6.8-17.el7.x86_64 2/4 \n Verifying : python3-setuptools-39.2.0-10.el7.noarch 3/4 \n Verifying : python3-libs-3.6.8-17.el7.x86_64 4/4 \n\nInstalled:\n python3.x86_64 0:3.6.8-17.el7 \n\nDependency Installed:\n python3-libs.x86_64 0:3.6.8-17.el7 python3-pip.noarch 0:9.0.3-8.el7 \n python3-setuptools.noarch 0:39.2.0-10.el7 \n\nComplete!\n" ] } TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:11 Monday 22 November 2021 17:13:06 +0000 (0:00:04.484) 0:00:17.329 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting pip Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB) Installing collected packages: pip Found existing installation: pip 9.0.3 Uninstalling pip-9.0.3: Successfully uninstalled pip-9.0.3 Successfully installed pip-21.3.1 TASK [Install certreader] ****************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:18 Monday 22 November 2021 17:13:10 +0000 (0:00:04.784) 0:00:22.114 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting cryptography<35 Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (3.2 MB) Collecting certreader>=0.1.1 Downloading certreader-0.1.1.tar.gz (4.4 kB) Preparing metadata (setup.py): started Preparing metadata (setup.py): finished with status 'done' Collecting cffi>=1.12 Downloading cffi-1.15.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (405 kB) Collecting pyasn1 Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB) Collecting pyyaml Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB) Collecting pycparser Downloading pycparser-2.21-py2.py3-none-any.whl (118 kB) Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed. Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader Running setup.py install for certreader: started Running setup.py install for certreader: finished with status 'done' Successfully installed certreader-0.1.1 cffi-1.15.0 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.21 pyyaml-6.0 TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:26 Monday 22 November 2021 17:13:14 +0000 (0:00:03.197) 0:00:25.311 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637601179.242913, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "51bf4dccf52972dceaf631c308c7611aa6895af3", "ctime": 1637601179.239913, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12986548, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637601179.239913, "nlink": 1, "path": "/etc/pki/tls/certs/mycert.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1428, "uid": 0, "version": "1203237132", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:31 Monday 22 November 2021 17:13:14 +0000 (0:00:00.446) 0:00:25.758 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:37 Monday 22 November 2021 17:13:14 +0000 (0:00:00.022) 0:00:25.780 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:43 Monday 22 November 2021 17:13:14 +0000 (0:00:00.046) 0:00:25.827 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:49 Monday 22 November 2021 17:13:14 +0000 (0:00:00.035) 0:00:25.862 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "stat": { "atime": 1637601179.199913, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "60f51b899bea747e8403341f5afe5f0a5e53ad18", "ctime": 1637601179.239913, "dev": 64769, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 12986547, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1637601179.239913, "nlink": 1, "path": "/etc/pki/tls/private/mycert.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "18446744072800727352", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:54 Monday 22 November 2021 17:13:14 +0000 (0:00:00.313) 0:00:26.176 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:60 Monday 22 November 2021 17:13:14 +0000 (0:00:00.021) 0:00:26.198 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:66 Monday 22 November 2021 17:13:14 +0000 (0:00:00.037) 0:00:26.235 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert.crt" ], "delta": "0:00:00.274281", "end": "2021-11-22 12:13:14.284996", "rc": 0, "start": "2021-11-22 12:13:14.010715" } STDOUT: { "subject": [ { "name": "localityName", "oid": "2.5.4.7", "value": "Raleigh" }, { "name": "countryName", "oid": "2.5.4.6", "value": "US" }, { "name": "stateOrProvinceName", "oid": "2.5.4.8", "value": "NC" }, { "name": "commonName", "oid": "2.5.4.3", "value": "Some other common name" }, { "name": "organizationName", "oid": "2.5.4.10", "value": "Red Hat" }, { "name": "organizationalUnitName", "oid": "2.5.4.11", "value": "Linux" } ], "extensions": { "keyUsage": { "value": [ "digital_signature", "key_encipherment" ], "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "www.example.com" } ], "critical": false }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "basicConstraints": { "value": { "ca": false }, "critical": true }, "subjectKeyIdentifier": { "value": "84:E7:54:85:3F:B3:3D:FD:C9:D4:C8:18:27:44:10:DD:A6:24:6C:9E", "critical": false }, "authorityKeyIdentifier": { "value": "3F:AA:97:13:DD:C4:51:A0:37:C7:A3:78:C9:2C:AB:73:42:5B:2D:48", "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "48:42:17:EE:D2:F9:79:F7:DB:83:6C:C0:97:28:97:84:02:61:D4:DE:EA:78:30:08:03:F4:04:29:CF:56:25:8A:A5:AB:AA:21:3F:41:8C:62:04:6E:BF:4F:9E:3F:72:4F:89:83:4B:E6:0F:1B:5D:1E:32:17:BE:93:5D:19:47:56:9D:40:32:12:CE:8A:F8:C3:E6:0C:13:6E:D5:AE:12:CA:9B:2C:EA:47:5F:3E:72:2E:8D:55:C5:5B:01:06:9C:29:5E:48:6C:55:E4:AC:84:BA:EF:31:5E:F3:B8:82:B7:0F:93:80:AB:BA:FD:3E:1F:87:5F:BC:CA:E5:53:DD:01:A0:A8:B5:A9:3B:F3:E8:60:A3:3E:AA:4E:9C:D0:46:C1:47:0F:0A:61:1E:E3:C0:7F:82:C0:C2:77:45:FF:EB:4C:70:B5:CA:FA:32:FE:27:E5:20:CC:99:C4:3E:B9:B4:72:9D:28:A8:28:35:57:BE:B4:A1:A3:C6:8D:1F:7F:44:9C:E6:3D:61:82:C5:F6:02:95:87:0A:78:C5:65:9E:3D:4B:7A:CA:F3:EE:C0:7B:5B:AA:1A:7B:5C:65:99:80:60:DF:4E:C3:72:C9:B7:C0:1B:DA:AF:C9:6E:DF:C1:FC:15:69:75:39:B9:A2:33:EB:F7:28:51:E5:BF:94:43:07:0C:BC:06" }, "key_size": 2048, "validity": { "not_valid_after": "2022-11-22 17:12:58", "not_valid_before": "2021-11-22 17:12:59" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:71 Monday 22 November 2021 17:13:15 +0000 (0:00:00.719) 0:00:26.955 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityKeyIdentifier": { "critical": false, "value": "3F:AA:97:13:DD:C4:51:A0:37:C7:A3:78:C9:2C:AB:73:42:5B:2D:48" }, "basicConstraints": { "critical": true, "value": { "ca": false } }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": false, "value": [ "digital_signature", "key_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "www.example.com" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "84:E7:54:85:3F:B3:3D:FD:C9:D4:C8:18:27:44:10:DD:A6:24:6C:9E" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "48:42:17:EE:D2:F9:79:F7:DB:83:6C:C0:97:28:97:84:02:61:D4:DE:EA:78:30:08:03:F4:04:29:CF:56:25:8A:A5:AB:AA:21:3F:41:8C:62:04:6E:BF:4F:9E:3F:72:4F:89:83:4B:E6:0F:1B:5D:1E:32:17:BE:93:5D:19:47:56:9D:40:32:12:CE:8A:F8:C3:E6:0C:13:6E:D5:AE:12:CA:9B:2C:EA:47:5F:3E:72:2E:8D:55:C5:5B:01:06:9C:29:5E:48:6C:55:E4:AC:84:BA:EF:31:5E:F3:B8:82:B7:0F:93:80:AB:BA:FD:3E:1F:87:5F:BC:CA:E5:53:DD:01:A0:A8:B5:A9:3B:F3:E8:60:A3:3E:AA:4E:9C:D0:46:C1:47:0F:0A:61:1E:E3:C0:7F:82:C0:C2:77:45:FF:EB:4C:70:B5:CA:FA:32:FE:27:E5:20:CC:99:C4:3E:B9:B4:72:9D:28:A8:28:35:57:BE:B4:A1:A3:C6:8D:1F:7F:44:9C:E6:3D:61:82:C5:F6:02:95:87:0A:78:C5:65:9E:3D:4B:7A:CA:F3:EE:C0:7B:5B:AA:1A:7B:5C:65:99:80:60:DF:4E:C3:72:C9:B7:C0:1B:DA:AF:C9:6E:DF:C1:FC:15:69:75:39:B9:A2:33:EB:F7:28:51:E5:BF:94:43:07:0C:BC:06" }, "subject": [ { "name": "localityName", "oid": "2.5.4.7", "value": "Raleigh" }, { "name": "countryName", "oid": "2.5.4.6", "value": "US" }, { "name": "stateOrProvinceName", "oid": "2.5.4.8", "value": "NC" }, { "name": "commonName", "oid": "2.5.4.3", "value": "Some other common name" }, { "name": "organizationName", "oid": "2.5.4.10", "value": "Red Hat" }, { "name": "organizationalUnitName", "oid": "2.5.4.11", "value": "Linux" } ], "validity": { "not_valid_after": "2022-11-22 17:12:58", "not_valid_before": "2021-11-22 17:12:59" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:75 Monday 22 November 2021 17:13:15 +0000 (0:00:00.034) 0:00:26.990 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:80 Monday 22 November 2021 17:13:15 +0000 (0:00:00.037) 0:00:27.028 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:85 Monday 22 November 2021 17:13:15 +0000 (0:00:00.024) 0:00:27.052 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:90 Monday 22 November 2021 17:13:15 +0000 (0:00:00.033) 0:00:27.086 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:99 Monday 22 November 2021 17:13:15 +0000 (0:00:00.042) 0:00:27.128 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:110 Monday 22 November 2021 17:13:15 +0000 (0:00:00.034) 0:00:27.162 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.046869", "end": "2021-11-22 12:13:14.854994", "rc": 0, "start": "2021-11-22 12:13:14.808125" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:115 Monday 22 November 2021 17:13:16 +0000 (0:00:00.364) 0:00:27.527 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=32 changed=10 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 17:13:16 +0000 (0:00:00.041) 0:00:27.568 ******* =============================================================================== fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed --- 4.85s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:15 Install the package, force upgrade -------------------------------------- 4.78s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:11 - Ensure python3 is installed --------------------------------------------- 4.48s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:6 -- Install certreader ------------------------------------------------------ 3.20s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:18 - fedora.linux_system_roles.certificate : Ensure provider packages are installed --- 2.14s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:32 set up internal repositories -------------------------------------------- 1.40s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ Gathering Facts --------------------------------------------------------- 1.01s /tmp/tmpv0mqm1w9/tests/certificate/tests_subject.yml:2 ------------------------ fedora.linux_system_roles.certificate : Ensure certificate requests ----- 0.88s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:84 fedora.linux_system_roles.certificate : Ensure provider service is running --- 0.84s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:74 Parse certificate ------------------------------------------------------- 0.72s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:66 - Gathering Facts --------------------------------------------------------- 0.71s /tmp/tmpv0mqm1w9/tests/certificate/tests_subject.yml:19 ----------------------- fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists --- 0.50s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:43 Retrieve certificate file stats ----------------------------------------- 0.45s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:26 - Retrieve auto-renew flag ------------------------------------------------ 0.36s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:110 fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists --- 0.36s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:57 Retrieve key file stats ------------------------------------------------- 0.31s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:49 - Verify certificate file owner and group --------------------------------- 0.05s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:37 - Verify certificate Key Usage -------------------------------------------- 0.04s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:90 - Verify certificate auto-renew flag -------------------------------------- 0.04s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:115 Verify certificate subject ---------------------------------------------- 0.04s /tmp/tmpv0mqm1w9/tests/certificate/tasks/assert_certificate_parameters.yml:75 - + cd /tmp/tmpv0mqm1w9/tests/certificate; TEST_SSHD_USEDNS_NO=True TEST_SUBJECTS=/cache/rhel-7.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-103-b309c26-rhel-7-3xzp9nbc/artifacts ANSIBLE_COLLECTIONS_PATHS=/tmp/tmpvzmns1ns:~/.ansible/collections:/usr/share/ansible/collections ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 --skip-tags=tests::cleanup,tests::nvme /tmp/tmpcx8fxgbp/_setup.yml /tmp/tmpv0mqm1w9/tests/certificate/tests_subject_complex.yml ansible-playbook [core 2.12.0.post0] config file = None configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.8/site-packages/ansible ansible collection location = /tmp/tmpvzmns1ns:/home/runner/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.8.8 (default, Aug 25 2021, 16:13:02) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] jinja version = 2.10.3 libyaml = True No config file found; using defaults Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 2 plays in /tmp/tmpcx8fxgbp/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpcx8fxgbp/_setup.yml:5 Monday 22 November 2021 17:13:30 +0000 (0:00:00.011) 0:00:00.011 ******* ok: [/cache/rhel-7.qcow2] => { "groups": { "all": [ "/cache/rhel-7.qcow2" ], "localhost": [ "/cache/rhel-7.qcow2" ], "subjects": [ "/cache/rhel-7.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:6 Monday 22 November 2021 17:13:30 +0000 (0:00:00.016) 0:00:00.027 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:13 Monday 22 November 2021 17:13:30 +0000 (0:00:00.021) 0:00:00.049 ******* changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 17:13:31 +0000 (0:00:01.352) 0:00:01.401 ******* =============================================================================== set up internal repositories -------------------------------------------- 1.35s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ fail -------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- PLAYBOOK: tests_subject_complex.yml ******************************************** 2 plays in /tmp/tmpv0mqm1w9/tests/certificate/tests_subject_complex.yml PLAY [Issue simple self-signed certificate] ************************************ TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_subject_complex.yml:2 Monday 22 November 2021 17:13:31 +0000 (0:00:00.018) 0:00:01.419 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [fedora.linux_system_roles.certificate : Set version specific variables] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:2 Monday 22 November 2021 17:13:32 +0000 (0:00:00.960) 0:00:02.380 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/vars/RedHat_7.yml" ], "changed": false } TASK [fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:15 Monday 22 November 2021 17:13:32 +0000 (0:00:00.028) 0:00:02.409 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python-pyasn1", "python-cryptography" ] }, "rc": 0, "results": [ "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 rhel 503 k\n python2-pyasn1 noarch 0.1.9-7.el7 rhel 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 rhel 218 k\n python-enum34 noarch 1.0.4-1.el7 rhel 52 k\n python-idna noarch 2.4-1.el7 rhel 94 k\n python-ply noarch 3.4-11.el7 rhel 123 k\n python-pycparser noarch 2.14-1.el7 rhel 105 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 16 MB/s | 1.2 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n" ] } TASK [fedora.linux_system_roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:32 Monday 22 November 2021 17:13:37 +0000 (0:00:04.795) 0:00:07.204 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "changes": { "installed": [ "certmonger" ] }, "rc": 0, "results": [ "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package certmonger.x86_64 0:0.78.4-14.el7 will be installed\n--> Processing Dependency: psmisc for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0(TEVENT_0.9.9)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_util.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc_client.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libxmlrpc.so.3()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtevent.so.0()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Processing Dependency: libtalloc.so.2()(64bit) for package: certmonger-0.78.4-14.el7.x86_64\n--> Running transaction check\n---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed\n---> Package libtevent.x86_64 0:0.9.39-1.el7 will be installed\n---> Package psmisc.x86_64 0:22.20-17.el7 will be installed\n---> Package xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n---> Package xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository\n Size\n================================================================================\nInstalling:\n certmonger x86_64 0.78.4-14.el7 rhel 604 k\nInstalling for dependencies:\n libtalloc x86_64 2.1.16-1.el7 rhel 33 k\n libtevent x86_64 0.9.39-1.el7 rhel 41 k\n psmisc x86_64 22.20-17.el7 rhel 141 k\n xmlrpc-c x86_64 1.32.5-1905.svn2451.el7 rhel 130 k\n xmlrpc-c-client x86_64 1.32.5-1905.svn2451.el7 rhel 32 k\n\nTransaction Summary\n================================================================================\nInstall 1 Package (+5 Dependent packages)\n\nTotal download size: 980 k\nInstalled size: 3.7 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 14 MB/s | 980 kB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Installing : libtalloc-2.1.16-1.el7.x86_64 2/6 \n Installing : libtevent-0.9.39-1.el7.x86_64 3/6 \n Installing : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 4/6 \n Installing : psmisc-22.20-17.el7.x86_64 5/6 \n Installing : certmonger-0.78.4-14.el7.x86_64 6/6 \n Verifying : xmlrpc-c-client-1.32.5-1905.svn2451.el7.x86_64 1/6 \n Verifying : libtevent-0.9.39-1.el7.x86_64 2/6 \n Verifying : libtalloc-2.1.16-1.el7.x86_64 3/6 \n Verifying : certmonger-0.78.4-14.el7.x86_64 4/6 \n Verifying : xmlrpc-c-1.32.5-1905.svn2451.el7.x86_64 5/6 \n Verifying : psmisc-22.20-17.el7.x86_64 6/6 \n\nInstalled:\n certmonger.x86_64 0:0.78.4-14.el7 \n\nDependency Installed:\n libtalloc.x86_64 0:2.1.16-1.el7 \n libtevent.x86_64 0:0.9.39-1.el7 \n psmisc.x86_64 0:22.20-17.el7 \n xmlrpc-c.x86_64 0:1.32.5-1905.svn2451.el7 \n xmlrpc-c-client.x86_64 0:1.32.5-1905.svn2451.el7 \n\nComplete!\n" ] } TASK [fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:43 Monday 22 November 2021 17:13:39 +0000 (0:00:02.154) 0:00:09.359 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:57 Monday 22 November 2021 17:13:40 +0000 (0:00:00.499) 0:00:09.859 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure provider service is running] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:74 Monday 22 November 2021 17:13:40 +0000 (0:00:00.338) 0:00:10.197 ******* changed: [/cache/rhel-7.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "network.target system.slice basic.target dbus.service systemd-journald.socket syslog.target", "AllowIsolate": "no", "AmbientCapabilities": "0", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "18446744073709551615", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUQuotaPerSecUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "18446744073709551615", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "18446744073709551615", "CollectMode": "inactive", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "Conflicts": "shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "EnvironmentFile": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /var/run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "GuessMainPID": "yes", "IOScheduling": "0", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreOnSnapshot": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobTimeoutAction": "none", "JobTimeoutUSec": "0", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "18446744073709551615", "LimitCORE": "18446744073709551615", "LimitCPU": "18446744073709551615", "LimitDATA": "18446744073709551615", "LimitFSIZE": "18446744073709551615", "LimitLOCKS": "18446744073709551615", "LimitMEMLOCK": "65536", "LimitMSGQUEUE": "819200", "LimitNICE": "0", "LimitNOFILE": "4096", "LimitNPROC": "14968", "LimitRSS": "18446744073709551615", "LimitRTPRIO": "0", "LimitRTTIME": "18446744073709551615", "LimitSIGPENDING": "14968", "LimitSTACK": "18446744073709551615", "LoadState": "loaded", "MainPID": "0", "MemoryAccounting": "no", "MemoryCurrent": "18446744073709551615", "MemoryLimit": "18446744073709551615", "MountFlags": "0", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/var/run/certmonger.pid", "PermissionsStartOnly": "no", "PrivateDevices": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "ProtectHome": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "Requires": "system.slice basic.target", "Restart": "no", "RestartUSec": "100ms", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitInterval": "10000000", "StartupBlockIOWeight": "18446744073709551615", "StartupCPUShares": "18446744073709551615", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "no", "TasksCurrent": "18446744073709551615", "TasksMax": "18446744073709551615", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "disabled", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0" } } TASK [fedora.linux_system_roles.certificate : Ensure certificate requests] ***** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:84 Monday 22 November 2021 17:13:41 +0000 (0:00:00.831) 0:00:11.029 ******* changed: [/cache/rhel-7.qcow2] => (item={'name': 'mycert', 'dns': 'www.example.com', 'common_name': '# \\\\Every"thing+that,ne;edsing\\0 ', 'contact_email': 'admin@example.com', 'ca': 'self-sign'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "self-sign", "common_name": "# \\\\Every\"thing+that,ne;edsing\\0 ", "contact_email": "admin@example.com", "dns": "www.example.com", "name": "mycert" } } MSG: Certificate requested (new). META: role_complete for /cache/rhel-7.qcow2 META: ran handlers META: ran handlers PLAY [Verify certificate] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_subject_complex.yml:16 Monday 22 November 2021 17:13:42 +0000 (0:00:00.873) 0:00:11.903 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_subject_complex.yml:36 Monday 22 November 2021 17:13:42 +0000 (0:00:00.677) 0:00:12.580 ******* skipping: [/cache/rhel-7.qcow2] => (item={'path': '/etc/pki/tls/certs/mycert.crt', 'key_path': '/etc/pki/tls/private/mycert.key', 'subject': [{'name': 'emailAddress', 'oid': '1.2.840.113549.1.9.1', 'value': 'admin@example.com'}, {'name': 'commonName', 'oid': '2.5.4.3', 'value': '# \\\\Every"thing+that,ne;edsing\\0 '}], 'subject_alt_name': [{'name': 'DNS', 'value': 'www.example.com'}]}) => { "ansible_loop_var": "cert", "cert": { "key_path": "/etc/pki/tls/private/mycert.key", "path": "/etc/pki/tls/certs/mycert.crt", "subject": [ { "name": "emailAddress", "oid": "1.2.840.113549.1.9.1", "value": "admin@example.com" }, { "name": "commonName", "oid": "2.5.4.3", "value": "# \\\\Every\"thing+that,ne;edsing\\0 " } ], "subject_alt_name": [ { "name": "DNS", "value": "www.example.com" } ] }, "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=11 changed=7 unreachable=0 failed=0 skipped=2 rescued=0 ignored=0 Monday 22 November 2021 17:13:42 +0000 (0:00:00.023) 0:00:12.604 ******* =============================================================================== fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed --- 4.80s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:15 fedora.linux_system_roles.certificate : Ensure provider packages are installed --- 2.15s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:32 set up internal repositories -------------------------------------------- 1.35s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ Gathering Facts --------------------------------------------------------- 0.96s /tmp/tmpv0mqm1w9/tests/certificate/tests_subject_complex.yml:2 ---------------- fedora.linux_system_roles.certificate : Ensure certificate requests ----- 0.87s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:84 fedora.linux_system_roles.certificate : Ensure provider service is running --- 0.83s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:74 Gathering Facts --------------------------------------------------------- 0.68s /tmp/tmpv0mqm1w9/tests/certificate/tests_subject_complex.yml:16 --------------- fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists --- 0.50s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:43 fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists --- 0.34s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:57 fedora.linux_system_roles.certificate : Set version specific variables --- 0.03s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:2 Verify each certificate ------------------------------------------------- 0.02s /tmp/tmpv0mqm1w9/tests/certificate/tests_subject_complex.yml:36 --------------- fail -------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- + cd /tmp/tmpv0mqm1w9/tests/certificate; TEST_SSHD_USEDNS_NO=True TEST_SUBJECTS=/cache/rhel-7.qcow2 TEST_ARTIFACTS=/tmp/linux-system-role-test-work-pull-linux-system-roles_certificate-103-b309c26-rhel-7-3xzp9nbc/artifacts ANSIBLE_COLLECTIONS_PATHS=/tmp/tmpvzmns1ns:~/.ansible/collections:/usr/share/ansible/collections ansible-playbook -vv --inventory=/usr/share/ansible/inventory/standard-inventory-qcow2 --skip-tags=tests::cleanup,tests::nvme /tmp/tmpcx8fxgbp/_setup.yml /tmp/tmpv0mqm1w9/tests/certificate/tests_wrong_provider.yml ansible-playbook [core 2.12.0.post0] config file = None configured module search path = ['/home/runner/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.8/site-packages/ansible ansible collection location = /tmp/tmpvzmns1ns:/home/runner/.ansible/collections:/usr/share/ansible/collections executable location = /usr/local/bin/ansible-playbook python version = 3.8.8 (default, Aug 25 2021, 16:13:02) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)] jinja version = 2.10.3 libyaml = True No config file found; using defaults Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: _setup.yml *********************************************************** 2 plays in /tmp/tmpcx8fxgbp/_setup.yml PLAY [Fail when only localhost is available] *********************************** META: ran handlers TASK [debug] ******************************************************************* task path: /tmp/tmpcx8fxgbp/_setup.yml:5 Monday 22 November 2021 17:13:57 +0000 (0:00:00.011) 0:00:00.011 ******* ok: [/cache/rhel-7.qcow2] => { "groups": { "all": [ "/cache/rhel-7.qcow2" ], "localhost": [ "/cache/rhel-7.qcow2" ], "subjects": [ "/cache/rhel-7.qcow2" ], "ungrouped": [] } } TASK [fail] ******************************************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:6 Monday 22 November 2021 17:13:57 +0000 (0:00:00.016) 0:00:00.027 ******* skipping: [/cache/rhel-7.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: ran handlers META: ran handlers PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /tmp/tmpcx8fxgbp/_setup.yml:13 Monday 22 November 2021 17:13:57 +0000 (0:00:00.029) 0:00:00.056 ******* changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-7.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=2 changed=1 unreachable=0 failed=0 skipped=1 rescued=0 ignored=0 Monday 22 November 2021 17:13:58 +0000 (0:00:01.357) 0:00:01.413 ******* =============================================================================== set up internal repositories -------------------------------------------- 1.36s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ fail -------------------------------------------------------------------- 0.03s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 ------------------------------------------------- PLAYBOOK: tests_wrong_provider.yml ********************************************* 1 plays in /tmp/tmpv0mqm1w9/tests/certificate/tests_wrong_provider.yml PLAY [Test issuing certificate with nonexistent provider] ********************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_wrong_provider.yml:2 Monday 22 November 2021 17:13:58 +0000 (0:00:00.018) 0:00:01.432 ******* ok: [/cache/rhel-7.qcow2] META: ran handlers TASK [fedora.linux_system_roles.certificate : Set version specific variables] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:2 Monday 22 November 2021 17:13:59 +0000 (0:00:00.976) 0:00:02.409 ******* ok: [/cache/rhel-7.qcow2] => { "ansible_facts": { "__certificate_default_directory": "/etc/pki/tls", "__certificate_packages": [ "python-pyasn1", "python-cryptography", "python-dbus" ] }, "ansible_included_var_files": [ "/tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/vars/RedHat_7.yml" ], "changed": false } TASK [fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:15 Monday 22 November 2021 17:13:59 +0000 (0:00:00.027) 0:00:02.436 ******* changed: [/cache/rhel-7.qcow2] => { "changed": true, "changes": { "installed": [ "python-pyasn1", "python-cryptography" ] }, "rc": 0, "results": [ "dbus-python-1.1.1-9.el7.x86_64 providing python-dbus is already installed", "Loaded plugins: search-disabled-repos\nResolving Dependencies\n--> Running transaction check\n---> Package python2-cryptography.x86_64 0:1.7.2-2.el7 will be installed\n--> Processing Dependency: python-idna >= 2.0 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-cffi >= 1.4.1 for package: python2-cryptography-1.7.2-2.el7.x86_64\n--> Processing Dependency: python-enum34 for package: python2-cryptography-1.7.2-2.el7.x86_64\n---> Package python2-pyasn1.noarch 0:0.1.9-7.el7 will be installed\n--> Running transaction check\n---> Package python-cffi.x86_64 0:1.6.0-5.el7 will be installed\n--> Processing Dependency: python-pycparser for package: python-cffi-1.6.0-5.el7.x86_64\n---> Package python-enum34.noarch 0:1.0.4-1.el7 will be installed\n---> Package python-idna.noarch 0:2.4-1.el7 will be installed\n--> Running transaction check\n---> Package python-pycparser.noarch 0:2.14-1.el7 will be installed\n--> Processing Dependency: python-ply for package: python-pycparser-2.14-1.el7.noarch\n--> Running transaction check\n---> Package python-ply.noarch 0:3.4-11.el7 will be installed\n--> Finished Dependency Resolution\n\nDependencies Resolved\n\n================================================================================\n Package Arch Version Repository Size\n================================================================================\nInstalling:\n python2-cryptography x86_64 1.7.2-2.el7 rhel 503 k\n python2-pyasn1 noarch 0.1.9-7.el7 rhel 100 k\nInstalling for dependencies:\n python-cffi x86_64 1.6.0-5.el7 rhel 218 k\n python-enum34 noarch 1.0.4-1.el7 rhel 52 k\n python-idna noarch 2.4-1.el7 rhel 94 k\n python-ply noarch 3.4-11.el7 rhel 123 k\n python-pycparser noarch 2.14-1.el7 rhel 105 k\n\nTransaction Summary\n================================================================================\nInstall 2 Packages (+5 Dependent packages)\n\nTotal download size: 1.2 M\nInstalled size: 6.1 M\nDownloading packages:\n--------------------------------------------------------------------------------\nTotal 2.0 MB/s | 1.2 MB 00:00 \nRunning transaction check\nRunning transaction test\nTransaction test succeeded\nRunning transaction\n Installing : python2-pyasn1-0.1.9-7.el7.noarch 1/7 \n Installing : python-enum34-1.0.4-1.el7.noarch 2/7 \n Installing : python-ply-3.4-11.el7.noarch 3/7 \n Installing : python-pycparser-2.14-1.el7.noarch 4/7 \n Installing : python-cffi-1.6.0-5.el7.x86_64 5/7 \n Installing : python-idna-2.4-1.el7.noarch 6/7 \n Installing : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n Verifying : python-idna-2.4-1.el7.noarch 1/7 \n Verifying : python-pycparser-2.14-1.el7.noarch 2/7 \n Verifying : python-ply-3.4-11.el7.noarch 3/7 \n Verifying : python-cffi-1.6.0-5.el7.x86_64 4/7 \n Verifying : python-enum34-1.0.4-1.el7.noarch 5/7 \n Verifying : python2-pyasn1-0.1.9-7.el7.noarch 6/7 \n Verifying : python2-cryptography-1.7.2-2.el7.x86_64 7/7 \n\nInstalled:\n python2-cryptography.x86_64 0:1.7.2-2.el7 python2-pyasn1.noarch 0:0.1.9-7.el7\n\nDependency Installed:\n python-cffi.x86_64 0:1.6.0-5.el7 python-enum34.noarch 0:1.0.4-1.el7 \n python-idna.noarch 0:2.4-1.el7 python-ply.noarch 0:3.4-11.el7 \n python-pycparser.noarch 0:2.14-1.el7 \n\nComplete!\n" ] } TASK [fedora.linux_system_roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:32 Monday 22 November 2021 17:14:04 +0000 (0:00:05.262) 0:00:07.698 ******* skipping: [/cache/rhel-7.qcow2] => (item=fake-provider) => { "__certificate_provider": "fake-provider", "ansible_loop_var": "__certificate_provider", "changed": false, "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:43 Monday 22 November 2021 17:14:04 +0000 (0:00:00.034) 0:00:07.732 ******* skipping: [/cache/rhel-7.qcow2] => (item=fake-provider) => { "__certificate_provider": "fake-provider", "ansible_loop_var": "__certificate_provider", "changed": false, "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:57 Monday 22 November 2021 17:14:04 +0000 (0:00:00.033) 0:00:07.766 ******* skipping: [/cache/rhel-7.qcow2] => (item=fake-provider) => { "__certificate_provider": "fake-provider", "ansible_loop_var": "__certificate_provider", "changed": false, "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.certificate : Ensure provider service is running] *** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:74 Monday 22 November 2021 17:14:04 +0000 (0:00:00.033) 0:00:07.799 ******* skipping: [/cache/rhel-7.qcow2] => (item=fake-provider) => { "__certificate_provider": "fake-provider", "ansible_loop_var": "__certificate_provider", "changed": false, "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.certificate : Ensure certificate requests] ***** task path: /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:84 Monday 22 November 2021 17:14:04 +0000 (0:00:00.036) 0:00:07.836 ******* failed: [/cache/rhel-7.qcow2] (item={'name': 'mycert', 'dns': 'www.example.com', 'ca': 'self-sign', 'provider': 'fake-provider'}) => { "ansible_loop_var": "item", "changed": false, "item": { "ca": "self-sign", "dns": "www.example.com", "name": "mycert", "provider": "fake-provider" } } MSG: Chosen provider 'fake-provider' is not available. TASK [assert...] *************************************************************** task path: /tmp/tmpv0mqm1w9/tests/certificate/tests_wrong_provider.yml:21 Monday 22 November 2021 17:14:05 +0000 (0:00:00.551) 0:00:08.387 ******* ok: [/cache/rhel-7.qcow2] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-7.qcow2 : ok=6 changed=2 unreachable=0 failed=0 skipped=5 rescued=1 ignored=0 Monday 22 November 2021 17:14:05 +0000 (0:00:00.025) 0:00:08.413 ******* =============================================================================== fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed --- 5.26s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:15 set up internal repositories -------------------------------------------- 1.36s /tmp/tmpcx8fxgbp/_setup.yml:13 ------------------------------------------------ Gathering Facts --------------------------------------------------------- 0.98s /tmp/tmpv0mqm1w9/tests/certificate/tests_wrong_provider.yml:2 ----------------- fedora.linux_system_roles.certificate : Ensure certificate requests ----- 0.55s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:84 fedora.linux_system_roles.certificate : Ensure provider service is running --- 0.04s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:74 fedora.linux_system_roles.certificate : Ensure provider packages are installed --- 0.03s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:32 fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists --- 0.03s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:43 fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists --- 0.03s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:57 fail -------------------------------------------------------------------- 0.03s /tmp/tmpcx8fxgbp/_setup.yml:6 ------------------------------------------------- fedora.linux_system_roles.certificate : Set version specific variables --- 0.03s /tmp/tmpvzmns1ns/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:2 assert... --------------------------------------------------------------- 0.03s /tmp/tmpv0mqm1w9/tests/certificate/tests_wrong_provider.yml:21 ---------------- debug ------------------------------------------------------------------- 0.02s /tmp/tmpcx8fxgbp/_setup.yml:5 -------------------------------------------------