ansible-playbook [core 2.12.6] config file = /etc/ansible/ansible.cfg configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python3.9/site-packages/ansible ansible collection location = /tmp/tmpt8vnebz7 executable location = /usr/bin/ansible-playbook python version = 3.9.13 (main, May 18 2022, 00:00:00) [GCC 11.3.1 20220421 (Red Hat 11.3.1-2)] jinja version = 2.11.3 libyaml = True Using /etc/ansible/ansible.cfg as config file Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: rhel-8_setup.yml ***************************************************** 1 plays in /cache/rhel-8_setup.yml PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /cache/rhel-8_setup.yml:5 Wednesday 06 July 2022 22:32:25 +0000 (0:00:00.019) 0:00:00.019 ******** changed: [/cache/rhel-8.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-8.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-8.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-8.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-8.qcow2 : ok=1 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 Wednesday 06 July 2022 22:32:26 +0000 (0:00:01.415) 0:00:01.434 ******** =============================================================================== set up internal repositories -------------------------------------------- 1.42s /cache/rhel-8_setup.yml:5 ----------------------------------------------------- statically imported: /tmp/tmplpebei7w/tests/tasks/setup_ipa.yml PLAYBOOK: tests_basic_ipa.yml ************************************************** 3 plays in /tmp/tmplpebei7w/tests/tests_basic_ipa.yml PLAY [Install IPA server] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmplpebei7w/tests/tests_basic_ipa.yml:2 Wednesday 06 July 2022 22:32:26 +0000 (0:00:00.027) 0:00:01.462 ******** ok: [/cache/rhel-8.qcow2] META: ran handlers TASK [Set __is_beaker_env] ***************************************************** task path: /tmp/tmplpebei7w/tests/tasks/setup_ipa.yml:2 Wednesday 06 July 2022 22:32:27 +0000 (0:00:01.133) 0:00:02.596 ******** ok: [/cache/rhel-8.qcow2] => { "ansible_facts": { "__is_beaker_env": false }, "changed": false } TASK [Install ansible-freeipa] ************************************************* task path: /tmp/tmplpebei7w/tests/tasks/setup_ipa.yml:6 Wednesday 06 July 2022 22:32:27 +0000 (0:00:00.060) 0:00:02.656 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [Clone ansible-freeipa repo] ********************************************** task path: /tmp/tmplpebei7w/tests/tasks/setup_ipa.yml:12 Wednesday 06 July 2022 22:32:27 +0000 (0:00:00.034) 0:00:02.691 ******** changed: [/cache/rhel-8.qcow2 -> 127.0.0.1] => { "after": "9dcff9a3084c57f77f710f63f9729e8010b8bdc3", "before": null, "changed": true } TASK [Create role symlinks] **************************************************** task path: /tmp/tmplpebei7w/tests/tasks/setup_ipa.yml:21 Wednesday 06 July 2022 22:32:29 +0000 (0:00:01.253) 0:00:03.944 ******** changed: [/cache/rhel-8.qcow2 -> 127.0.0.1] => (item=ipaserver) => { "ansible_loop_var": "item", "changed": true, "dest": "/tmp/tmplpebei7w/tests/roles/ipaserver", "gid": 0, "group": "root", "item": "ipaserver", "mode": "0777", "owner": "root", "size": 34, "src": "/tmp/freeipa-repo/roles/ipaserver/", "state": "link", "uid": 0 } changed: [/cache/rhel-8.qcow2 -> 127.0.0.1] => (item=ipaclient) => { "ansible_loop_var": "item", "changed": true, "dest": "/tmp/tmplpebei7w/tests/roles/ipaclient", "gid": 0, "group": "root", "item": "ipaclient", "mode": "0777", "owner": "root", "size": 34, "src": "/tmp/freeipa-repo/roles/ipaclient/", "state": "link", "uid": 0 } TASK [ensure hostname package is installed] ************************************ task path: /tmp/tmplpebei7w/tests/tasks/setup_ipa.yml:33 Wednesday 06 July 2022 22:32:29 +0000 (0:00:00.521) 0:00:04.465 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false, "rc": 0, "results": [] } MSG: Nothing to do TASK [Set hostname] ************************************************************ task path: /tmp/tmplpebei7w/tests/tasks/setup_ipa.yml:38 Wednesday 06 July 2022 22:32:34 +0000 (0:00:04.783) 0:00:09.248 ******** changed: [/cache/rhel-8.qcow2] => { "ansible_facts": { "ansible_domain": "test.local", "ansible_fqdn": "ipaserver.test.local", "ansible_hostname": "ipaserver", "ansible_nodename": "ipaserver.test.local" }, "changed": true, "name": "ipaserver.test.local" } TASK [Ensure nss package is up-to-date] **************************************** task path: /tmp/tmplpebei7w/tests/tasks/setup_ipa.yml:42 Wednesday 06 July 2022 22:32:35 +0000 (0:00:00.878) 0:00:10.126 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true, "rc": 0, "results": [ "Installed: nspr-4.32.0-1.el8_4.x86_64", "Installed: nss-3.67.0-7.el8_5.x86_64", "Installed: nss-softokn-3.67.0-7.el8_5.x86_64", "Installed: nss-softokn-freebl-3.67.0-7.el8_5.x86_64", "Installed: nss-sysinit-3.67.0-7.el8_5.x86_64", "Installed: nss-util-3.67.0-7.el8_5.x86_64" ] } TASK [Include ipaserver role] ************************************************** task path: /tmp/tmplpebei7w/tests/tasks/setup_ipa.yml:50 Wednesday 06 July 2022 22:32:37 +0000 (0:00:02.395) 0:00:12.522 ******** TASK [ipaserver : Import variables specific to distribution] ******************* task path: /tmp/freeipa-repo/roles/ipaserver/tasks/main.yml:4 Wednesday 06 July 2022 22:32:37 +0000 (0:00:00.032) 0:00:12.554 ******** ok: [/cache/rhel-8.qcow2] => (item=/tmp/freeipa-repo/roles/ipaserver/vars/RedHat-8.yml) => { "ansible_facts": { "ipaserver_packages": [ "@idm:DL1/server" ], "ipaserver_packages_adtrust": [ "@idm:DL1/adtrust" ], "ipaserver_packages_dns": [ "@idm:DL1/dns" ], "ipaserver_packages_firewalld": [ "firewalld" ] }, "ansible_included_var_files": [ "/tmp/freeipa-repo/roles/ipaserver/vars/RedHat-8.yml" ], "ansible_loop_var": "item", "changed": false, "item": "/tmp/freeipa-repo/roles/ipaserver/vars/RedHat-8.yml" } TASK [ipaserver : Install IPA server] ****************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/main.yml:19 Wednesday 06 July 2022 22:32:37 +0000 (0:00:00.073) 0:00:12.628 ******** included: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml for /cache/rhel-8.qcow2 TASK [ipaserver : Install - Ensure that IPA server packages are installed] ***** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:5 Wednesday 06 July 2022 22:32:37 +0000 (0:00:00.070) 0:00:12.699 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true, "rc": 0, "results": [ "Module idm:DL1/server installed.", "Installed: python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "Installed: libwbclient-4.15.5-5.el8.x86_64", "Installed: 389-ds-base-1.4.3.28-6.module+el8.6.0+14129+983ceada.x86_64", "Installed: sssd-common-pac-2.6.2-3.el8.x86_64", "Installed: sssd-dbus-2.6.2-3.el8.x86_64", "Installed: 389-ds-base-libs-1.4.3.28-6.module+el8.6.0+14129+983ceada.x86_64", "Installed: sssd-ipa-2.6.2-3.el8.x86_64", "Installed: sssd-krb5-common-2.6.2-3.el8.x86_64", "Installed: python3-pip-9.0.3-22.el8.noarch", "Installed: python3-pki-10.12.0-2.module+el8.6.0+14115+8b467244.noarch", "Installed: augeas-libs-1.12.0-6.el8.x86_64", "Installed: libxslt-1.1.32-6.el8.x86_64", "Installed: autofs-1:5.1.4-82.el8.x86_64", "Installed: perl-IO-Socket-IP-0.39-5.el8.noarch", "Installed: sssd-tools-2.6.2-3.el8.x86_64", "Installed: python3-psutil-5.4.3-11.el8.x86_64", "Installed: lksctp-tools-1.0.18-3.el8.x86_64", "Installed: perl-IO-Socket-SSL-2.066-4.module+el8.3.0+6446+594cad75.noarch", "Installed: python3-pyasn1-0.3.7-6.el8.noarch", "Installed: copy-jdk-configs-4.0-2.el8.noarch", "Installed: python3-pyasn1-modules-0.3.7-6.el8.noarch", "Installed: avahi-libs-0.7-20.el8.x86_64", "Installed: bash-completion-1:2.7-5.el8.noarch", "Installed: python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch", "Installed: python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch", "Installed: harfbuzz-1.7.5-3.el8.x86_64", "Installed: hicolor-icon-theme-0.17-2.el8.noarch", "Installed: mailcap-2.1.48-3.el8.noarch", "Installed: pango-1.42.4-8.el8.x86_64", "Installed: httpcomponents-client-4.5.5-5.module+el8.6.0+13298+7b5243c0.noarch", "Installed: httpcomponents-core-4.4.10-3.module+el8+2452+b359bfcd.noarch", "Installed: httpd-2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64", "Installed: alsa-lib-1.2.6.1-3.el8.x86_64", "Installed: httpd-filesystem-2.4.37-47.module+el8.6.0+14529+083145da.1.noarch", "Installed: httpd-tools-2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64", "Installed: custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch", "Installed: python3-webencodings-0.5.1-6.el8.noarch", "Installed: lua-5.3.4-12.el8.x86_64", "Installed: python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch", "Installed: cups-libs-1:2.2.6-44.el8.x86_64", "Installed: python36-3.6.8-38.module+el8.5.0+12207+5c5719bc.x86_64", "Installed: ldapjdk-4.23.0-1.module+el8.5.0+11983+6ba118b4.noarch", "Installed: gdk-pixbuf2-modules-2.36.12-5.el8.x86_64", "Installed: cyrus-sasl-gssapi-2.1.27-6.el8_5.x86_64", "Installed: words-3.0-28.el8.noarch", "Installed: cyrus-sasl-md5-2.1.27-6.el8_5.x86_64", "Installed: cyrus-sasl-plain-2.1.27-6.el8_5.x86_64", "Installed: xmlrpc-c-1.51.0-6.el8.x86_64", "Installed: xmlrpc-c-client-1.51.0-6.el8.x86_64", "Installed: ant-1.10.5-1.module+el8+2438+c99a8a1e.noarch", "Installed: ant-lib-1.10.5-1.module+el8+2438+c99a8a1e.noarch", "Installed: perl-Mozilla-CA-20160104-7.module+el8.3.0+6498+9eecfe51.noarch", "Installed: krb5-pkinit-1.18.2-14.el8.x86_64", "Installed: apache-commons-cli-1.4-4.module+el8+2452+b359bfcd.noarch", "Installed: krb5-server-1.18.2-14.el8.x86_64", "Installed: apache-commons-codec-1.11-3.module+el8+2452+b359bfcd.noarch", "Installed: krb5-workstation-1.18.2-14.el8.x86_64", "Installed: apache-commons-io-1:2.6-3.module+el8+2452+b359bfcd.noarch", "Installed: pki-acme-10.12.0-2.module+el8.6.0+14115+8b467244.noarch", "Installed: pki-base-10.12.0-2.module+el8.6.0+14115+8b467244.noarch", "Installed: pki-base-java-10.12.0-2.module+el8.6.0+14115+8b467244.noarch", "Installed: apache-commons-lang3-3.7-3.module+el8+2452+b359bfcd.noarch", "Installed: libXcomposite-0.4.4-14.el8.x86_64", "Installed: apache-commons-logging-1.2-13.module+el8+2452+b359bfcd.noarch", "Installed: apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch", "Installed: libXcursor-1.1.15-3.el8.x86_64", "Installed: pki-ca-10.12.0-2.module+el8.6.0+14115+8b467244.noarch", "Installed: pki-kra-10.12.0-2.module+el8.6.0+14115+8b467244.noarch", "Installed: giflib-5.1.4-3.el8.x86_64", "Installed: libXdamage-1.1.4-14.el8.x86_64", "Installed: pki-server-10.12.0-2.module+el8.6.0+14115+8b467244.noarch", "Installed: pki-servlet-4.0-api-1:9.0.30-3.module+el8.5.0+11388+9e95fe00.noarch", "Installed: apr-1.6.3-12.el8.x86_64", "Installed: perl-Net-SSLeay-1.88-2.module+el8.6.0+13392+f0897f98.x86_64", "Installed: pki-symkey-10.12.0-2.module+el8.6.0+14115+8b467244.x86_64", "Installed: pki-tools-10.12.0-2.module+el8.6.0+14115+8b467244.x86_64", "Installed: apr-util-1.6.1-6.el8.x86_64", "Installed: openldap-clients-2.4.46-18.el8.x86_64", "Installed: apr-util-bdb-1.6.1-6.el8.x86_64", "Installed: libXfixes-5.0.3-7.el8.x86_64", "Installed: apr-util-openssl-1.6.1-6.el8.x86_64", "Installed: libXft-2.3.3-1.el8.x86_64", "Installed: libXi-1.7.10-1.el8.x86_64", "Installed: openssl-perl-1:1.1.1k-6.el8_5.x86_64", "Installed: libXinerama-1.1.4-1.el8.x86_64", "Installed: glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "Installed: glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "Installed: glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "Installed: glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "Installed: glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "Installed: slapi-nis-0.56.6-4.module+el8.6.0+12936+736896b2.x86_64", "Installed: slf4j-1.7.25-4.module+el8+2452+b359bfcd.noarch", "Installed: tomcatjss-7.7.1-1.module+el8.6.0+13291+248751b1.noarch", "Installed: slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "Installed: libXrandr-1.5.2-1.el8.x86_64", "Installed: atk-2.28.1-1.el8.x86_64", "Installed: softhsm-2.6.0-5.module+el8.4.0+10227+076cd560.x86_64", "Installed: libXtst-1.2.3-7.el8.x86_64", "Installed: ttmkfdir-3.0.9-54.el8.x86_64", "Installed: tzdata-java-2022a-1.el8.noarch", "Installed: perl-Algorithm-Diff-1.1903-9.el8.noarch", "Installed: mod_auth_gssapi-1.6.1-7.1.el8.x86_64", "Installed: perl-Archive-Tar-2.30-1.el8.noarch", "Installed: perl-Carp-1.42-396.el8.noarch", "Installed: perl-Compress-Raw-Bzip2-2.081-1.el8.x86_64", "Installed: perl-Compress-Raw-Zlib-2.081-1.el8.x86_64", "Installed: perl-Data-Dumper-2.167-399.el8.x86_64", "Installed: mod_http2-1.15.7-5.module+el8.6.0+13996+01710940.x86_64", "Installed: perl-Encode-4:2.97-3.el8.x86_64", "Installed: perl-Errno-1.28-421.el8.x86_64", "Installed: mod_lookup_identity-1.0.0-4.el8.x86_64", "Installed: perl-Exporter-5.72-396.el8.noarch", "Installed: perl-File-Path-2.15-2.el8.noarch", "Installed: perl-File-Temp-0.230.600-1.el8.noarch", "Installed: perl-Getopt-Long-1:2.50-4.el8.noarch", "Installed: perl-HTTP-Tiny-0.074-1.el8.noarch", "Installed: mod_session-2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64", "Installed: mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64", "Installed: perl-IO-1.38-421.el8.x86_64", "Installed: perl-IO-Compress-2.081-1.el8.noarch", "Installed: perl-IO-Zlib-1:1.10-421.el8.noarch", "Installed: perl-MIME-Base64-3.15-396.el8.x86_64", "Installed: perl-PathTools-3.74-1.el8.x86_64", "Installed: perl-Pod-Escapes-1:1.07-395.el8.noarch", "Installed: perl-Pod-Perldoc-3.28-396.el8.noarch", "Installed: perl-Pod-Simple-1:3.35-395.el8.noarch", "Installed: perl-Pod-Usage-4:1.69-395.el8.noarch", "Installed: perl-Scalar-List-Utils-3:1.49-2.el8.x86_64", "Installed: perl-Socket-4:2.027-3.el8.x86_64", "Installed: perl-Storable-1:3.11-3.el8.x86_64", "Installed: bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "Installed: perl-Term-ANSIColor-4.06-396.el8.noarch", "Installed: perl-Term-Cap-1.17-395.el8.noarch", "Installed: stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "Installed: perl-Text-Diff-1.45-2.el8.noarch", "Installed: perl-Text-ParseWords-3.30-395.el8.noarch", "Installed: perl-Text-Tabs+Wrap-2013.0523-395.el8.noarch", "Installed: bind-libs-32:9.11.36-3.el8.x86_64", "Installed: perl-Time-Local-1:1.280-1.el8.noarch", "Installed: bind-libs-lite-32:9.11.36-3.el8.x86_64", "Installed: bind-license-32:9.11.36-3.el8.noarch", "Installed: perl-Unicode-Normalize-1.25-396.el8.x86_64", "Installed: perl-constant-1.33-396.el8.noarch", "Installed: perl-interpreter-4:5.26.3-421.el8.x86_64", "Installed: perl-libs-4:5.26.3-421.el8.x86_64", "Installed: perl-macros-4:5.26.3-421.el8.x86_64", "Installed: perl-parent-1:0.237-1.el8.noarch", "Installed: perl-podlators-4.11-1.el8.noarch", "Installed: perl-threads-1:2.21-2.el8.x86_64", "Installed: perl-threads-shared-1.58-2.el8.x86_64", "Installed: bind-utils-32:9.11.36-3.el8.x86_64", "Installed: libicu-60.3-2.el8_1.x86_64", "Installed: libipa_hbac-2.6.2-3.el8.x86_64", "Installed: libkadm5-1.18.2-14.el8.x86_64", "Installed: perl-DB_File-1.842-1.el8.x86_64", "Installed: protobuf-c-1.3.0-6.el8.x86_64", "Installed: libdatrie-0.2.9-7.el8.x86_64", "Installed: publicsuffix-list-20180723-1.el8.noarch", "Installed: python3-asn1crypto-0.24.0-3.el8.noarch", "Installed: python3-dns-1.15.0-10.el8.noarch", "Installed: perl-Digest-1.17-395.el8.noarch", "Installed: redhat-logos-ipa-84.5-1.el8.noarch", "Installed: perl-Digest-MD5-2.55-396.el8.x86_64", "Installed: fontawesome-fonts-4.7.0-4.el8.noarch", "Installed: perl-URI-1.73-3.el8.noarch", "Installed: python3-libipa_hbac-2.6.2-3.el8.x86_64", "Installed: ipa-client-4.9.8-7.module+el8.6.0+14337+19b76db2.x86_64", "Installed: xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "Installed: ipa-client-common-4.9.8-7.module+el8.6.0+14337+19b76db2.noarch", "Installed: ipa-common-4.9.8-7.module+el8.6.0+14337+19b76db2.noarch", "Installed: ipa-healthcheck-0.7-10.module+el8.6.0+14292+18b36d36.noarch", "Installed: ipa-healthcheck-core-0.7-10.module+el8.6.0+14292+18b36d36.noarch", "Installed: ipa-selinux-4.9.8-7.module+el8.6.0+14337+19b76db2.noarch", "Installed: ipa-server-4.9.8-7.module+el8.6.0+14337+19b76db2.x86_64", "Installed: ipa-server-common-4.9.8-7.module+el8.6.0+14337+19b76db2.noarch", "Installed: relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "Installed: libfontenc-1.1.3-8.el8.x86_64", "Installed: resteasy-3.0.26-6.module+el8.4.0+8891+bb8828ef.noarch", "Installed: xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "Installed: fribidi-1.0.4-8.el8.x86_64", "Installed: xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "Installed: xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "Installed: fstrm-0.6.1-2.el8.x86_64", "Installed: python3-setuptools-39.2.0-6.el8.noarch", "Installed: libthai-0.1.27-2.el8.x86_64", "Installed: libtiff-4.0.9-21.el8.x86_64", "Installed: istack-commons-runtime-2.21-9.el8+7.noarch", "Installed: xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "Installed: python3-sss-2.6.2-3.el8.x86_64", "Installed: jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "Installed: jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "Installed: jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "Installed: jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "Installed: jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "Installed: jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "Installed: python3-sss-murmur-2.6.2-3.el8.x86_64", "Installed: python3-sssdconfig-2.6.2-3.el8.noarch", "Installed: pki-servlet-engine-1:9.0.30-3.module+el8.5.0+11388+9e95fe00.noarch", "Installed: python3-argcomplete-1.9.3-6.el8.noarch", "Installed: jasper-libs-2.0.14-5.el8.x86_64", "Installed: java-1.8.0-openjdk-1:1.8.0.322.b06-11.el8.x86_64", "Installed: python3-augeas-0.5.0-12.el8.noarch", "Installed: xorg-x11-font-utils-1:7.5-41.el8.x86_64", "Installed: java-1.8.0-openjdk-devel-1:1.8.0.322.b06-11.el8.x86_64", "Installed: java-1.8.0-openjdk-headless-1:1.8.0.322.b06-11.el8.x86_64", "Installed: python3-bind-32:9.11.36-3.el8.noarch", "Installed: xorg-x11-fonts-Type1-7.5-19.el8.noarch", "Installed: redhat-logos-httpd-84.5-1.el8.noarch", "Installed: perl-libnet-3.11-3.el8.noarch", "Installed: certmonger-0.79.13-5.el8.x86_64", "Installed: python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch", "Installed: javapackages-filesystem-5.3.0-1.module+el8+2447+6f56d9a6.noarch", "Installed: javapackages-tools-5.3.0-1.module+el8+2447+6f56d9a6.noarch", "Installed: python3-distro-1.4.0-2.module+el8.1.0+3334+5cb623d7.noarch", "Installed: libsss_simpleifp-2.6.2-3.el8.x86_64", "Installed: jbigkit-libs-2.1-14.el8.x86_64", "Installed: jboss-annotations-1.2-api-1.0.0-4.el8.noarch", "Installed: jboss-jaxrs-2.0-api-1.0.0-6.el8.noarch", "Installed: jboss-logging-3.3.0-5.el8.noarch", "Installed: graphite2-1.3.10-10.el8.x86_64", "Installed: jboss-logging-tools-2.0.1-6.el8.noarch", "Installed: xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "Installed: samba-client-libs-4.15.5-5.el8.x86_64", "Installed: jdeparser-2.0.0-5.el8.noarch", "Installed: python3-gssapi-1.5.1-5.el8.x86_64", "Installed: python3-html5lib-1:0.999999999-6.el8.noarch", "Installed: samba-common-4.15.5-5.el8.noarch", "Installed: samba-common-libs-4.15.5-5.el8.x86_64", "Installed: python3-ipaclient-4.9.8-7.module+el8.6.0+14337+19b76db2.noarch", "Installed: python3-ipalib-4.9.8-7.module+el8.6.0+14337+19b76db2.noarch", "Installed: python3-ipaserver-4.9.8-7.module+el8.6.0+14337+19b76db2.noarch", "Installed: nss-tools-3.67.0-7.el8_5.x86_64", "Installed: python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch", "Installed: python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch", "Installed: jss-4.9.3-1.module+el8.6.0+14244+60d461b7.x86_64", "Installed: python3-ldap-3.3.1-2.el8.x86_64", "Installed: python3-lib389-1.4.3.28-6.module+el8.6.0+14129+983ceada.noarch", "Installed: libjpeg-turbo-1.5.3-12.el8.x86_64", "Installed: gtk-update-icon-cache-3.22.30-10.el8.x86_64", "Installed: open-sans-fonts-1.10-6.el8.noarch", "Installed: gtk2-2.24.32-5.el8.x86_64", "Installed: python3-lxml-4.2.3-4.el8.x86_64", "Installed: python3-mod_wsgi-4.6.4-4.el8.x86_64", "Installed: python3-netaddr-0.7.19-8.el8.noarch" ] } TASK [ipaserver : Install - Ensure that IPA server packages for dns are installed] *** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:10 Wednesday 06 July 2022 22:33:34 +0000 (0:00:56.176) 0:01:08.875 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true, "rc": 0, "results": [ "Installed: ldns-1.7.0-21.el8.x86_64", "Installed: bind-pkcs11-32:9.11.36-3.el8.x86_64", "Installed: opencryptoki-3.17.0-3.el8.x86_64", "Installed: opencryptoki-icsftok-3.17.0-3.el8.x86_64", "Installed: bind-pkcs11-libs-32:9.11.36-3.el8.x86_64", "Installed: bind-pkcs11-utils-32:9.11.36-3.el8.x86_64", "Installed: opencryptoki-libs-3.17.0-3.el8.x86_64", "Installed: ipa-server-dns-4.9.8-7.module+el8.6.0+14337+19b76db2.noarch", "Installed: sqlite-3.26.0-15.el8.x86_64", "Installed: bind-32:9.11.36-3.el8.x86_64", "Installed: opendnssec-2.1.7-1.module+el8.4.0+9007+5084bdd8.x86_64", "Installed: bind-dyndb-ldap-11.6-3.module+el8.6.0+13728+d9324aaf.x86_64" ] } TASK [ipaserver : Install - Ensure that IPA server packages for adtrust are installed] *** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:16 Wednesday 06 July 2022 22:33:38 +0000 (0:00:04.670) 0:01:13.546 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaserver : Install - Ensure that firewall packages installed] *********** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:22 Wednesday 06 July 2022 22:33:38 +0000 (0:00:00.037) 0:01:13.583 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true, "rc": 0, "results": [ "Installed: python3-slip-0.6.4-11.el8.noarch", "Installed: python3-slip-dbus-0.6.4-11.el8.noarch", "Installed: ipset-7.1-1.el8.x86_64", "Installed: libnetfilter_conntrack-1.0.6-5.el8.x86_64", "Installed: ipset-libs-7.1-1.el8.x86_64", "Installed: python3-nftables-1:0.9.3-25.el8.x86_64", "Installed: python3-firewall-0.9.3-13.el8.noarch", "Installed: iptables-1.8.4-22.el8.x86_64", "Installed: libnfnetlink-1.0.1-13.el8.x86_64", "Installed: iptables-ebtables-1.8.4-22.el8.x86_64", "Installed: iptables-libs-1.8.4-22.el8.x86_64", "Installed: libnftnl-1.1.5-5.el8.x86_64", "Installed: firewalld-0.9.3-13.el8.noarch", "Installed: firewalld-filesystem-0.9.3-13.el8.noarch", "Installed: nftables-1:0.9.3-25.el8.x86_64" ] } TASK [ipaserver : Firewalld service - Ensure that firewalld is running] ******** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:31 Wednesday 06 July 2022 22:33:41 +0000 (0:00:03.115) 0:01:16.699 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true, "enabled": true, "name": "firewalld", "state": "started", "status": { "ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "dbus.socket sysinit.target dbus.service polkit.service basic.target system.slice", "AllowIsolate": "no", "AllowedCPUs": "", "AllowedMemoryNodes": "", "AmbientCapabilities": "", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "shutdown.target multi-user.target network-pre.target", "BlockIOAccounting": "no", "BlockIOWeight": "[not set]", "BusName": "org.fedoraproject.FirewallD1", "CPUAccounting": "no", "CPUAffinity": "", "CPUAffinityFromNUMA": "no", "CPUQuotaPerSecUSec": "infinity", "CPUQuotaPeriodUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "[not set]", "CPUUsageNSec": "[not set]", "CPUWeight": "[not set]", "CacheDirectoryMode": "0755", "CanFreeze": "yes", "CanIsolate": "no", "CanReload": "yes", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "cap_chown cap_dac_override cap_dac_read_search cap_fowner cap_fsetid cap_kill cap_setgid cap_setuid cap_setpcap cap_linux_immutable cap_net_bind_service cap_net_broadcast cap_net_admin cap_net_raw cap_ipc_lock cap_ipc_owner cap_sys_module cap_sys_rawio cap_sys_chroot cap_sys_ptrace cap_sys_pacct cap_sys_admin cap_sys_boot cap_sys_nice cap_sys_resource cap_sys_time cap_sys_tty_config cap_mknod cap_lease cap_audit_write cap_audit_control cap_setfcap cap_mac_override cap_mac_admin cap_syslog cap_wake_alarm cap_block_suspend cap_audit_read cap_perfmon cap_bpf", "CollectMode": "inactive", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "ConfigurationDirectoryMode": "0755", "Conflicts": "ebtables.service ip6tables.service ipset.service shutdown.target nftables.service iptables.service", "ControlPID": "0", "DefaultDependencies": "yes", "DefaultMemoryLow": "0", "DefaultMemoryMin": "0", "Delegate": "no", "Description": "firewalld - dynamic firewall daemon", "DevicePolicy": "auto", "Documentation": "man:firewalld(1)", "DynamicUser": "no", "EffectiveCPUs": "", "EffectiveMemoryNodes": "", "EnvironmentFiles": "/etc/sysconfig/firewalld (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecReload": "{ path=/bin/kill ; argv[]=/bin/kill -HUP $MAINPID ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "ExecStart": "{ path=/usr/sbin/firewalld ; argv[]=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/firewalld.service", "FreezerState": "running", "GID": "[not set]", "GuessMainPID": "yes", "IOAccounting": "no", "IOSchedulingClass": "0", "IOSchedulingPriority": "0", "IOWeight": "[not set]", "IPAccounting": "no", "IPEgressBytes": "18446744073709551615", "IPEgressPackets": "18446744073709551615", "IPIngressBytes": "18446744073709551615", "IPIngressPackets": "18446744073709551615", "Id": "firewalld.service", "IgnoreOnIsolate": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobRunningTimeoutUSec": "infinity", "JobTimeoutAction": "none", "JobTimeoutUSec": "infinity", "KeyringMode": "private", "KillMode": "mixed", "KillSignal": "15", "LimitAS": "infinity", "LimitASSoft": "infinity", "LimitCORE": "infinity", "LimitCORESoft": "0", "LimitCPU": "infinity", "LimitCPUSoft": "infinity", "LimitDATA": "infinity", "LimitDATASoft": "infinity", "LimitFSIZE": "infinity", "LimitFSIZESoft": "infinity", "LimitLOCKS": "infinity", "LimitLOCKSSoft": "infinity", "LimitMEMLOCK": "65536", "LimitMEMLOCKSoft": "65536", "LimitMSGQUEUE": "819200", "LimitMSGQUEUESoft": "819200", "LimitNICE": "0", "LimitNICESoft": "0", "LimitNOFILE": "262144", "LimitNOFILESoft": "1024", "LimitNPROC": "14648", "LimitNPROCSoft": "14648", "LimitRSS": "infinity", "LimitRSSSoft": "infinity", "LimitRTPRIO": "0", "LimitRTPRIOSoft": "0", "LimitRTTIME": "infinity", "LimitRTTIMESoft": "infinity", "LimitSIGPENDING": "14648", "LimitSIGPENDINGSoft": "14648", "LimitSTACK": "infinity", "LimitSTACKSoft": "8388608", "LoadState": "loaded", "LockPersonality": "no", "LogLevelMax": "-1", "LogRateLimitBurst": "0", "LogRateLimitIntervalUSec": "0", "LogsDirectoryMode": "0755", "MainPID": "0", "MemoryAccounting": "yes", "MemoryCurrent": "[not set]", "MemoryDenyWriteExecute": "no", "MemoryHigh": "infinity", "MemoryLimit": "infinity", "MemoryLow": "0", "MemoryMax": "infinity", "MemoryMin": "0", "MemorySwapMax": "infinity", "MountAPIVFS": "no", "MountFlags": "", "NFileDescriptorStore": "0", "NRestarts": "0", "NUMAMask": "", "NUMAPolicy": "n/a", "Names": "firewalld.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PermissionsStartOnly": "no", "Perpetual": "no", "PrivateDevices": "no", "PrivateMounts": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "PrivateUsers": "no", "ProtectControlGroups": "no", "ProtectHome": "no", "ProtectKernelModules": "no", "ProtectKernelTunables": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "RemoveIPC": "no", "Requires": "sysinit.target dbus.socket system.slice", "Restart": "no", "RestartUSec": "100ms", "RestrictNamespaces": "no", "RestrictRealtime": "no", "RestrictSUIDSGID": "no", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "RuntimeDirectoryPreserve": "no", "RuntimeMaxUSec": "infinity", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "null", "StandardInput": "null", "StandardInputData": "", "StandardOutput": "null", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitIntervalUSec": "10s", "StartupBlockIOWeight": "[not set]", "StartupCPUShares": "[not set]", "StartupCPUWeight": "[not set]", "StartupIOWeight": "[not set]", "StateChangeTimestampMonotonic": "0", "StateDirectoryMode": "0755", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SuccessAction": "none", "SyslogFacility": "3", "SyslogLevel": "6", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "yes", "TasksCurrent": "[not set]", "TasksMax": "23436", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UID": "[not set]", "UMask": "0022", "UnitFilePreset": "enabled", "UnitFileState": "enabled", "UtmpMode": "init", "WantedBy": "multi-user.target", "Wants": "network-pre.target", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0" } } TASK [ipaserver : Firewalld - Verify runtime zone "{{ ipaserver_firewalld_zone }}"] *** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:37 Wednesday 06 July 2022 22:33:43 +0000 (0:00:01.106) 0:01:17.805 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaserver : Firewalld - Verify permanent zone "{{ ipaserver_firewalld_zone }}"] *** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:44 Wednesday 06 July 2022 22:33:43 +0000 (0:00:00.035) 0:01:17.841 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaserver : include_tasks] *********************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:54 Wednesday 06 July 2022 22:33:43 +0000 (0:00:00.033) 0:01:17.875 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaserver : Install - Server installation test] ************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:60 Wednesday 06 July 2022 22:33:43 +0000 (0:00:00.037) 0:01:17.912 ******** ok: [/cache/rhel-8.qcow2] => { "_dirsrv_ca_cert": null, "_dirsrv_pkcs12_info": null, "_hostname_overridden": true, "_http_ca_cert": null, "_http_pkcs12_info": null, "_installation_cleanup": true, "_pkinit_ca_cert": null, "_pkinit_pkcs12_info": null, "changed": false, "domain": "test.local", "domainlevel": 1, "external_ca": false, "external_ca_profile": null, "external_ca_type": null, "hostname": "ipaserver.test.local", "idmax": 652199999, "idstart": 652000000, "ipa_python_version": 40908, "no_host_dns": true, "no_pkinit": false, "ntp_pool": null, "ntp_servers": null, "realm": "TEST.LOCAL", "rid_base": 1000, "secondary_rid_base": 100000000, "setup_adtrust": false, "setup_ca": true, "setup_kra": false } TASK [ipaserver : Install - Master password creation] ************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:138 Wednesday 06 July 2022 22:33:44 +0000 (0:00:01.421) 0:01:19.334 ******** changed: [/cache/rhel-8.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } TASK [ipaserver : Install - Use new master password] *************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:145 Wednesday 06 July 2022 22:33:45 +0000 (0:00:01.176) 0:01:20.510 ******** ok: [/cache/rhel-8.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } TASK [ipaserver : Install - Server preparation] ******************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:153 Wednesday 06 July 2022 22:33:45 +0000 (0:00:00.072) 0:01:20.583 ******** changed: [/cache/rhel-8.qcow2] => { "_ca_subject": "CN=Certificate Authority,O=TEST.LOCAL", "_random_serial_numbers": null, "_subject_base": "O=TEST.LOCAL", "adtrust_netbios_name": null, "adtrust_reset_netbios_name": false, "ca_subject": "CN=Certificate Authority,O=TEST.LOCAL", "changed": true, "dns_ip_addresses": [ "fec0::5054:ff:fe12:3456", "10.0.2.15" ], "dns_reverse_zones": [], "forward_policy": "only", "forwarders": [ "10.0.2.3" ], "ip_addresses": [ "fec0::5054:ff:fe12:3456", "10.0.2.15" ], "no_dnssec_validation": true, "reverse_zones": [], "subject_base": "O=TEST.LOCAL" } TASK [ipaserver : Install - Setup NTP] ***************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:198 Wednesday 06 July 2022 22:33:48 +0000 (0:00:02.474) 0:01:23.057 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true } TASK [ipaserver : Install - Setup DS] ****************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:205 Wednesday 06 July 2022 22:33:58 +0000 (0:00:10.552) 0:01:33.610 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true } TASK [ipaserver : Install - Setup KRB] ***************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:234 Wednesday 06 July 2022 22:34:15 +0000 (0:00:16.709) 0:01:50.319 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true } TASK [ipaserver : Install - Setup custodia] ************************************ task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:261 Wednesday 06 July 2022 22:34:21 +0000 (0:00:06.005) 0:01:56.325 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true } TASK [ipaserver : Install - Setup CA] ****************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:267 Wednesday 06 July 2022 22:34:25 +0000 (0:00:04.298) 0:02:00.624 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true, "csr_generated": false } TASK [ipaserver : Copy /root/ipa.csr to "/cache/rhel-8.qcow2-ipa.csr"] ********* task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:309 Wednesday 06 July 2022 22:36:49 +0000 (0:02:23.975) 0:04:24.599 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaserver : Install - Setup otpd] **************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:318 Wednesday 06 July 2022 22:36:49 +0000 (0:00:00.044) 0:04:24.644 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true } TASK [ipaserver : Install - Setup HTTP] **************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:324 Wednesday 06 July 2022 22:36:52 +0000 (0:00:02.780) 0:04:27.424 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true } TASK [ipaserver : Install - Setup KRA] ***************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:356 Wednesday 06 July 2022 22:39:23 +0000 (0:02:30.381) 0:06:57.806 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaserver : Install - Setup DNS] ***************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:367 Wednesday 06 July 2022 22:39:23 +0000 (0:00:00.045) 0:06:57.851 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true } TASK [ipaserver : Install - Setup ADTRUST] ************************************* task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:384 Wednesday 06 July 2022 22:39:32 +0000 (0:00:09.266) 0:07:07.118 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaserver : Install - Set DS password] *********************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:399 Wednesday 06 July 2022 22:39:32 +0000 (0:00:00.041) 0:07:07.159 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true } TASK [Install - Setup client] ************************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:416 Wednesday 06 July 2022 22:39:34 +0000 (0:00:02.281) 0:07:09.441 ******** TASK [ipaclient : Import variables specific to distribution] ******************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/main.yml:4 Wednesday 06 July 2022 22:39:34 +0000 (0:00:00.105) 0:07:09.546 ******** ok: [/cache/rhel-8.qcow2] => (item=/tmp/freeipa-repo/roles/ipaclient/vars/RedHat-8.yml) => { "ansible_facts": { "ipaclient_packages": [ "@idm:DL1/client" ] }, "ansible_included_var_files": [ "/tmp/freeipa-repo/roles/ipaclient/vars/RedHat-8.yml" ], "ansible_loop_var": "item", "changed": false, "item": "/tmp/freeipa-repo/roles/ipaclient/vars/RedHat-8.yml" } TASK [ipaclient : Install IPA client] ****************************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/main.yml:19 Wednesday 06 July 2022 22:39:34 +0000 (0:00:00.068) 0:07:09.614 ******** included: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml for /cache/rhel-8.qcow2 TASK [ipaclient : Install - Ensure that IPA client packages are installed] ***** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:4 Wednesday 06 July 2022 22:39:34 +0000 (0:00:00.075) 0:07:09.690 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false, "rc": 0, "results": [] } MSG: Nothing to do TASK [ipaclient : Install - Set ipaclient_servers] ***************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:10 Wednesday 06 July 2022 22:39:36 +0000 (0:00:01.562) 0:07:11.253 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Set ipaclient_servers from cluster inventory] ****** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:15 Wednesday 06 July 2022 22:39:36 +0000 (0:00:00.040) 0:07:11.293 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Check that either principal or keytab is set] ****** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:21 Wednesday 06 July 2022 22:39:36 +0000 (0:00:00.039) 0:07:11.333 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Set default principal if no keytab is given] ******* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:25 Wednesday 06 July 2022 22:39:36 +0000 (0:00:00.037) 0:07:11.371 ******** ok: [/cache/rhel-8.qcow2] => { "ansible_facts": { "ipaadmin_principal": "admin" }, "changed": false } TASK [ipaclient : Install - IPA client test] *********************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:30 Wednesday 06 July 2022 22:39:36 +0000 (0:00:00.050) 0:07:11.421 ******** ok: [/cache/rhel-8.qcow2] => { "basedn": "dc=test,dc=local", "changed": false, "client_already_configured": false, "client_domain": "test.local", "dnsok": false, "domain": "test.local", "hostname": "ipaserver.test.local", "ipa_python_version": 40908, "kdc": "ipaserver.test.local", "nosssd_files": {}, "ntp_pool": null, "ntp_servers": null, "realm": "TEST.LOCAL", "servers": [ "ipaserver.test.local" ], "sssd": true } TASK [ipaclient : Install - Cleanup leftover ccache] *************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:56 Wednesday 06 July 2022 22:39:37 +0000 (0:00:00.928) 0:07:12.350 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false, "path": "/etc/ipa/.dns_ccache", "state": "absent" } TASK [ipaclient : Install - Configure NTP] ************************************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:61 Wednesday 06 July 2022 22:39:38 +0000 (0:00:00.401) 0:07:12.751 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } TASK [ipaclient : Install - Make sure One-Time Password is enabled if it's already defined] *** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:73 Wednesday 06 July 2022 22:39:38 +0000 (0:00:00.848) 0:07:13.599 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Disable One-Time Password for on_master] *********** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:78 Wednesday 06 July 2022 22:39:38 +0000 (0:00:00.041) 0:07:13.641 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Test if IPA client has working krb5.keytab] ******** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:83 Wednesday 06 July 2022 22:39:38 +0000 (0:00:00.041) 0:07:13.682 ******** ok: [/cache/rhel-8.qcow2] => { "ca_crt_exists": true, "changed": false, "krb5_conf_ok": true, "krb5_keytab_ok": true, "ping_test_ok": true } TASK [ipaclient : Install - Disable One-Time Password for client with working krb5.keytab] *** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:93 Wednesday 06 July 2022 22:39:40 +0000 (0:00:01.600) 0:07:15.282 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Keytab or password is required for getting otp] **** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:109 Wednesday 06 July 2022 22:39:40 +0000 (0:00:00.045) 0:07:15.328 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Get One-Time Password for client enrollment] ******* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:113 Wednesday 06 July 2022 22:39:40 +0000 (0:00:00.052) 0:07:15.381 ******** skipping: [/cache/rhel-8.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } TASK [ipaclient : Install - Report error for OTP generation] ******************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:132 Wednesday 06 July 2022 22:39:40 +0000 (0:00:00.042) 0:07:15.424 ******** skipping: [/cache/rhel-8.qcow2] => {} TASK [ipaclient : Install - Store the previously obtained OTP] ***************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:138 Wednesday 06 July 2022 22:39:40 +0000 (0:00:00.042) 0:07:15.466 ******** skipping: [/cache/rhel-8.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } TASK [ipaclient : Store predefined OTP in admin_password] ********************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:147 Wednesday 06 July 2022 22:39:40 +0000 (0:00:00.043) 0:07:15.510 ******** skipping: [/cache/rhel-8.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } TASK [ipaclient : Install - Check if principal and keytab are set] ************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:163 Wednesday 06 July 2022 22:39:40 +0000 (0:00:00.038) 0:07:15.549 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Check if one of password or keytabs are set] ******* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:167 Wednesday 06 July 2022 22:39:40 +0000 (0:00:00.041) 0:07:15.590 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Purge TEST.LOCAL from host keytab] ***************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:175 Wednesday 06 July 2022 22:39:40 +0000 (0:00:00.046) 0:07:15.637 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Backup and set hostname] *************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:192 Wednesday 06 July 2022 22:39:40 +0000 (0:00:00.041) 0:07:15.678 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Join IPA] ****************************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:197 Wednesday 06 July 2022 22:39:40 +0000 (0:00:00.040) 0:07:15.718 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : krb5 configuration not correct] ****************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:219 Wednesday 06 July 2022 22:39:41 +0000 (0:00:00.043) 0:07:15.762 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : IPA test failed] ********************************************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:225 Wednesday 06 July 2022 22:39:41 +0000 (0:00:00.052) 0:07:15.814 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : ca.crt file is missing] ************************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:229 Wednesday 06 July 2022 22:39:41 +0000 (0:00:00.042) 0:07:15.857 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Configure IPA default.conf] ************************ task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:242 Wednesday 06 July 2022 22:39:41 +0000 (0:00:00.043) 0:07:15.901 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Configure SSSD] ************************************ task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:251 Wednesday 06 July 2022 22:39:41 +0000 (0:00:00.048) 0:07:15.949 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true } TASK [ipaclient : Install - Configure krb5 for IPA realm] ********************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:273 Wednesday 06 July 2022 22:39:42 +0000 (0:00:00.866) 0:07:16.816 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - IPA API calls for remaining enrollment parts] ****** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:287 Wednesday 06 July 2022 22:39:42 +0000 (0:00:00.045) 0:07:16.862 ******** changed: [/cache/rhel-8.qcow2] => { "ca_enabled": true, "changed": true, "subject_base": "O=TEST.LOCAL" } TASK [ipaclient : Install - Fix IPA ca] **************************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:295 Wednesday 06 July 2022 22:39:44 +0000 (0:00:02.308) 0:07:19.171 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Create IPA NSS database] *************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:305 Wednesday 06 July 2022 22:39:44 +0000 (0:00:00.044) 0:07:19.215 ******** changed: [/cache/rhel-8.qcow2] => { "ca_enabled_ra": true, "changed": true } TASK [ipaclient : Install - Configure SSH and SSHD] **************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:337 Wednesday 06 July 2022 22:39:48 +0000 (0:00:04.210) 0:07:23.426 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true } TASK [ipaclient : Install - Configure automount] ******************************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:345 Wednesday 06 July 2022 22:39:49 +0000 (0:00:00.890) 0:07:24.316 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true } TASK [ipaclient : Install - Configure firefox] ********************************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:351 Wednesday 06 July 2022 22:39:50 +0000 (0:00:00.843) 0:07:25.159 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Configure NIS] ************************************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:357 Wednesday 06 July 2022 22:39:50 +0000 (0:00:00.043) 0:07:25.203 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true } TASK [ipaclient : Install - Restore original admin password if overwritten by OTP] *** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:375 Wednesday 06 July 2022 22:39:51 +0000 (0:00:00.997) 0:07:26.201 ******** skipping: [/cache/rhel-8.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } TASK [ipaclient : Cleanup leftover ccache] ************************************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:381 Wednesday 06 July 2022 22:39:51 +0000 (0:00:00.042) 0:07:26.244 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false, "path": "/etc/ipa/.dns_ccache", "state": "absent" } TASK [ipaclient : Uninstall IPA client] **************************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/main.yml:23 Wednesday 06 July 2022 22:39:51 +0000 (0:00:00.419) 0:07:26.663 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: role_complete for /cache/rhel-8.qcow2 TASK [ipaserver : Install - Enable IPA] **************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:431 Wednesday 06 July 2022 22:39:51 +0000 (0:00:00.046) 0:07:26.710 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true } TASK [ipaserver : Install - Cleanup root IPA cache] **************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:438 Wednesday 06 July 2022 22:39:57 +0000 (0:00:05.247) 0:07:31.958 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false, "path": "/root/.ipa_cache", "state": "absent" } TASK [ipaserver : Install - Configure firewalld] ******************************* task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:444 Wednesday 06 July 2022 22:39:57 +0000 (0:00:00.408) 0:07:32.366 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true, "cmd": [ "firewall-cmd", "--permanent", "--zone=", "--add-service=freeipa-ldap", "--add-service=freeipa-ldaps", "--add-service=dns", "--add-service=ntp" ], "delta": "0:00:00.340324", "end": "2022-07-06 18:39:57.952601", "rc": 0, "start": "2022-07-06 18:39:57.612277" } STDOUT: success TASK [ipaserver : Install - Configure firewalld runtime] *********************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:458 Wednesday 06 July 2022 22:39:58 +0000 (0:00:00.896) 0:07:33.263 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true, "cmd": [ "firewall-cmd", "--zone=", "--add-service=freeipa-ldap", "--add-service=freeipa-ldaps", "--add-service=dns", "--add-service=ntp" ], "delta": "0:00:00.276502", "end": "2022-07-06 18:39:58.627141", "rc": 0, "start": "2022-07-06 18:39:58.350639" } STDOUT: success TASK [ipaserver : Cleanup temporary files] ************************************* task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:474 Wednesday 06 July 2022 22:39:59 +0000 (0:00:00.672) 0:07:33.936 ******** ok: [/cache/rhel-8.qcow2] => (item=/etc/ipa/.tmp_pkcs12_dirsrv) => { "ansible_loop_var": "item", "changed": false, "item": "/etc/ipa/.tmp_pkcs12_dirsrv", "path": "/etc/ipa/.tmp_pkcs12_dirsrv", "state": "absent" } ok: [/cache/rhel-8.qcow2] => (item=/etc/ipa/.tmp_pkcs12_http) => { "ansible_loop_var": "item", "changed": false, "item": "/etc/ipa/.tmp_pkcs12_http", "path": "/etc/ipa/.tmp_pkcs12_http", "state": "absent" } ok: [/cache/rhel-8.qcow2] => (item=/etc/ipa/.tmp_pkcs12_pkinit) => { "ansible_loop_var": "item", "changed": false, "item": "/etc/ipa/.tmp_pkcs12_pkinit", "path": "/etc/ipa/.tmp_pkcs12_pkinit", "state": "absent" } TASK [ipaserver : Uninstall IPA server] **************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/main.yml:23 Wednesday 06 July 2022 22:40:00 +0000 (0:00:01.122) 0:07:35.058 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: role_complete for /cache/rhel-8.qcow2 META: ran handlers META: ran handlers PLAY [Issue IPA signed certificates] ******************************************* TASK [Gathering Facts] ********************************************************* task path: /tmp/tmplpebei7w/tests/tests_basic_ipa.yml:11 Wednesday 06 July 2022 22:40:00 +0000 (0:00:00.063) 0:07:35.122 ******** ok: [/cache/rhel-8.qcow2] META: ran handlers TASK [linux-system-roles.certificate : Set version specific variables] ********* task path: /tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/main.yml:2 Wednesday 06 July 2022 22:40:01 +0000 (0:00:00.828) 0:07:35.951 ******** included: /tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/set_vars.yml for /cache/rhel-8.qcow2 TASK [linux-system-roles.certificate : Ensure ansible_facts used by role] ****** task path: /tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/set_vars.yml:2 Wednesday 06 July 2022 22:40:01 +0000 (0:00:00.026) 0:07:35.977 ******** ok: [/cache/rhel-8.qcow2] TASK [linux-system-roles.certificate : Set platform/version specific variables] *** task path: /tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/set_vars.yml:8 Wednesday 06 July 2022 22:40:01 +0000 (0:00:00.509) 0:07:36.487 ******** skipping: [/cache/rhel-8.qcow2] => (item=RedHat.yml) => { "ansible_loop_var": "item", "changed": false, "item": "RedHat.yml", "skip_reason": "Conditional result was False" } skipping: [/cache/rhel-8.qcow2] => (item=RedHat.yml) => { "ansible_loop_var": "item", "changed": false, "item": "RedHat.yml", "skip_reason": "Conditional result was False" } skipping: [/cache/rhel-8.qcow2] => (item=RedHat_8.yml) => { "ansible_loop_var": "item", "changed": false, "item": "RedHat_8.yml", "skip_reason": "Conditional result was False" } skipping: [/cache/rhel-8.qcow2] => (item=RedHat_8.6.yml) => { "ansible_loop_var": "item", "changed": false, "item": "RedHat_8.6.yml", "skip_reason": "Conditional result was False" } TASK [linux-system-roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/main.yml:5 Wednesday 06 July 2022 22:40:01 +0000 (0:00:00.042) 0:07:36.529 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false, "rc": 0, "results": [] } MSG: Nothing to do TASK [linux-system-roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/main.yml:22 Wednesday 06 July 2022 22:40:03 +0000 (0:00:01.444) 0:07:37.974 ******** ok: [/cache/rhel-8.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "rc": 0, "results": [] } MSG: Nothing to do TASK [linux-system-roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/main.yml:33 Wednesday 06 July 2022 22:40:04 +0000 (0:00:01.335) 0:07:39.310 ******** changed: [/cache/rhel-8.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/main.yml:59 Wednesday 06 July 2022 22:40:05 +0000 (0:00:00.413) 0:07:39.723 ******** changed: [/cache/rhel-8.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [linux-system-roles.certificate : Ensure provider service is running] ***** task path: /tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/main.yml:88 Wednesday 06 July 2022 22:40:05 +0000 (0:00:00.415) 0:07:40.139 ******** ok: [/cache/rhel-8.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestamp": "Wed 2022-07-06 18:36:04 EDT", "ActiveEnterTimestampMonotonic": "228945850", "ActiveExitTimestampMonotonic": "0", "ActiveState": "active", "After": "sysinit.target dbus.service dbus.socket syslog.target network.target system.slice systemd-journald.socket basic.target", "AllowIsolate": "no", "AllowedCPUs": "", "AllowedMemoryNodes": "", "AmbientCapabilities": "", "AssertResult": "yes", "AssertTimestamp": "Wed 2022-07-06 18:36:04 EDT", "AssertTimestampMonotonic": "228933431", "Before": "multi-user.target shutdown.target", "BlockIOAccounting": "no", "BlockIOWeight": "[not set]", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUAffinity": "", "CPUAffinityFromNUMA": "no", "CPUQuotaPerSecUSec": "infinity", "CPUQuotaPeriodUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "[not set]", "CPUUsageNSec": "[not set]", "CPUWeight": "[not set]", "CacheDirectoryMode": "0755", "CanFreeze": "yes", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "cap_chown cap_dac_override cap_dac_read_search cap_fowner cap_fsetid cap_kill cap_setgid cap_setuid cap_setpcap cap_linux_immutable cap_net_bind_service cap_net_broadcast cap_net_admin cap_net_raw cap_ipc_lock cap_ipc_owner cap_sys_module cap_sys_rawio cap_sys_chroot cap_sys_ptrace cap_sys_pacct cap_sys_admin cap_sys_boot cap_sys_nice cap_sys_resource cap_sys_time cap_sys_tty_config cap_mknod cap_lease cap_audit_write cap_audit_control cap_setfcap cap_mac_override cap_mac_admin cap_syslog cap_wake_alarm cap_block_suspend cap_audit_read cap_perfmon cap_bpf", "CollectMode": "inactive", "ConditionResult": "yes", "ConditionTimestamp": "Wed 2022-07-06 18:36:04 EDT", "ConditionTimestampMonotonic": "228933431", "ConfigurationDirectoryMode": "0755", "Conflicts": "shutdown.target", "ControlGroup": "/system.slice/certmonger.service", "ControlPID": "0", "DefaultDependencies": "yes", "DefaultMemoryLow": "0", "DefaultMemoryMin": "0", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "DynamicUser": "no", "EffectiveCPUs": "", "EffectiveMemoryNodes": "", "EnvironmentFiles": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "23911", "ExecMainStartTimestamp": "Wed 2022-07-06 18:36:04 EDT", "ExecMainStartTimestampMonotonic": "228934830", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "FreezerState": "running", "GID": "[not set]", "GuessMainPID": "yes", "IOAccounting": "no", "IOSchedulingClass": "0", "IOSchedulingPriority": "0", "IOWeight": "[not set]", "IPAccounting": "no", "IPEgressBytes": "18446744073709551615", "IPEgressPackets": "18446744073709551615", "IPIngressBytes": "18446744073709551615", "IPIngressPackets": "18446744073709551615", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestamp": "Wed 2022-07-06 18:36:04 EDT", "InactiveExitTimestampMonotonic": "228934872", "InvocationID": "73d85d6be97a474c9524444a92253530", "JobRunningTimeoutUSec": "infinity", "JobTimeoutAction": "none", "JobTimeoutUSec": "infinity", "KeyringMode": "private", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "infinity", "LimitASSoft": "infinity", "LimitCORE": "infinity", "LimitCORESoft": "0", "LimitCPU": "infinity", "LimitCPUSoft": "infinity", "LimitDATA": "infinity", "LimitDATASoft": "infinity", "LimitFSIZE": "infinity", "LimitFSIZESoft": "infinity", "LimitLOCKS": "infinity", "LimitLOCKSSoft": "infinity", "LimitMEMLOCK": "65536", "LimitMEMLOCKSoft": "65536", "LimitMSGQUEUE": "819200", "LimitMSGQUEUESoft": "819200", "LimitNICE": "0", "LimitNICESoft": "0", "LimitNOFILE": "262144", "LimitNOFILESoft": "1024", "LimitNPROC": "14648", "LimitNPROCSoft": "14648", "LimitRSS": "infinity", "LimitRSSSoft": "infinity", "LimitRTPRIO": "0", "LimitRTPRIOSoft": "0", "LimitRTTIME": "infinity", "LimitRTTIMESoft": "infinity", "LimitSIGPENDING": "14648", "LimitSIGPENDINGSoft": "14648", "LimitSTACK": "infinity", "LimitSTACKSoft": "8388608", "LoadState": "loaded", "LockPersonality": "no", "LogLevelMax": "-1", "LogRateLimitBurst": "0", "LogRateLimitIntervalUSec": "0", "LogsDirectoryMode": "0755", "MainPID": "23911", "MemoryAccounting": "yes", "MemoryCurrent": "3596288", "MemoryDenyWriteExecute": "no", "MemoryHigh": "infinity", "MemoryLimit": "infinity", "MemoryLow": "0", "MemoryMax": "infinity", "MemoryMin": "0", "MemorySwapMax": "infinity", "MountAPIVFS": "no", "MountFlags": "", "NFileDescriptorStore": "0", "NRestarts": "0", "NUMAMask": "", "NUMAPolicy": "n/a", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/run/certmonger.pid", "PartOf": "dbus.service", "PermissionsStartOnly": "no", "Perpetual": "no", "PrivateDevices": "no", "PrivateMounts": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "PrivateUsers": "no", "ProtectControlGroups": "no", "ProtectHome": "no", "ProtectKernelModules": "no", "ProtectKernelTunables": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "RemoveIPC": "no", "Requires": "sysinit.target system.slice dbus.socket", "Restart": "no", "RestartUSec": "100ms", "RestrictNamespaces": "no", "RestrictRealtime": "no", "RestrictSUIDSGID": "no", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "RuntimeDirectoryPreserve": "no", "RuntimeMaxUSec": "infinity", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardInputData": "", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitIntervalUSec": "10s", "StartupBlockIOWeight": "[not set]", "StartupCPUShares": "[not set]", "StartupCPUWeight": "[not set]", "StartupIOWeight": "[not set]", "StateChangeTimestamp": "Wed 2022-07-06 18:36:04 EDT", "StateChangeTimestampMonotonic": "228945850", "StateDirectoryMode": "0755", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "running", "SuccessAction": "none", "SyslogFacility": "3", "SyslogLevel": "6", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "yes", "TasksCurrent": "1", "TasksMax": "23436", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UID": "[not set]", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "enabled", "UtmpMode": "init", "WantedBy": "multi-user.target", "WatchdogTimestamp": "Wed 2022-07-06 18:36:04 EDT", "WatchdogTimestampMonotonic": "228945849", "WatchdogUSec": "0" } } TASK [linux-system-roles.certificate : Ensure certificate requests] ************ task path: /tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/main.yml:100 Wednesday 06 July 2022 22:40:05 +0000 (0:00:00.524) 0:07:40.663 ******** changed: [/cache/rhel-8.qcow2] => (item={'name': 'mycert_basic_ipa', 'dns': 'ipaserver.test.local', 'principal': 'HTTP/ipaserver.test.local@TEST.LOCAL', 'ca': 'ipa'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "ipa", "dns": "ipaserver.test.local", "name": "mycert_basic_ipa", "principal": "HTTP/ipaserver.test.local@TEST.LOCAL" } } MSG: Certificate requested (new). changed: [/cache/rhel-8.qcow2] => (item={'name': 'groupcert', 'dns': 'ipaserver.test.local', 'principal': 'HTTP/ipaserver.test.local@TEST.LOCAL', 'ca': 'ipa', 'group': 'ftp'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "ipa", "dns": "ipaserver.test.local", "group": "ftp", "name": "groupcert", "principal": "HTTP/ipaserver.test.local@TEST.LOCAL" } } MSG: Certificate requested (new). File attributes updated. META: role_complete for /cache/rhel-8.qcow2 META: ran handlers META: ran handlers PLAY [Verify certificates] ***************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmplpebei7w/tests/tests_basic_ipa.yml:31 Wednesday 06 July 2022 22:40:10 +0000 (0:00:04.952) 0:07:45.616 ******** ok: [/cache/rhel-8.qcow2] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmplpebei7w/tests/tests_basic_ipa.yml:90 Wednesday 06 July 2022 22:40:11 +0000 (0:00:00.803) 0:07:46.419 ******** included: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml for /cache/rhel-8.qcow2 => (item={'path': '/etc/pki/tls/certs/mycert_basic_ipa.crt', 'key_path': '/etc/pki/tls/private/mycert_basic_ipa.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'ipaserver.test.local'}, {'name': 'organizationName', 'oid': '2.5.4.10', 'value': 'TEST.LOCAL'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'ipaserver.test.local'}, {'name': 'Universal Principal Name (UPN)', 'oid': '1.3.6.1.4.1.311.20.2.3', 'value': 'HTTP/ipaserver.test.local@TEST.LOCAL'}, {'name': 'Kerberos principalname', 'oid': '1.3.6.1.5.2.2', 'value': 'HTTP/ipaserver.test.local@TEST.LOCAL'}], 'key_usage': ['digital_signature', 'content_commitment', 'key_encipherment', 'data_encipherment']}) included: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml for /cache/rhel-8.qcow2 => (item={'path': '/etc/pki/tls/certs/groupcert.crt', 'key_path': '/etc/pki/tls/private/groupcert.key', 'owner': 'root', 'group': 'ftp', 'mode': '0640', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'ipaserver.test.local'}, {'name': 'organizationName', 'oid': '2.5.4.10', 'value': 'TEST.LOCAL'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'ipaserver.test.local'}, {'name': 'Universal Principal Name (UPN)', 'oid': '1.3.6.1.4.1.311.20.2.3', 'value': 'HTTP/ipaserver.test.local@TEST.LOCAL'}, {'name': 'Kerberos principalname', 'oid': '1.3.6.1.5.2.2', 'value': 'HTTP/ipaserver.test.local@TEST.LOCAL'}], 'key_usage': ['digital_signature', 'content_commitment', 'key_encipherment', 'data_encipherment']}) TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:2 Wednesday 06 July 2022 22:40:11 +0000 (0:00:00.047) 0:07:46.467 ******** ok: [/cache/rhel-8.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:6 Wednesday 06 July 2022 22:40:11 +0000 (0:00:00.063) 0:07:46.531 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false, "rc": 0, "results": [] } MSG: Nothing to do TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:11 Wednesday 06 July 2022 22:40:13 +0000 (0:00:01.361) 0:07:47.892 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip3", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting pip Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB) Installing collected packages: pip Found existing installation: pip 9.0.3 Uninstalling pip-9.0.3: Successfully uninstalled pip-9.0.3 Successfully installed pip-21.3.1 STDERR: You are using pip version 21.3.1, however version 22.1.2 is available. You should consider upgrading via the 'pip install --upgrade pip' command. TASK [Install certreader] ****************************************************** task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:18 Wednesday 06 July 2022 22:40:17 +0000 (0:00:04.143) 0:07:52.036 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip3", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting cryptography<35 Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_24_x86_64.whl (3.0 MB) Collecting certreader>=0.1.1 Downloading certreader-0.1.1.tar.gz (4.4 kB) Preparing metadata (setup.py): started Preparing metadata (setup.py): finished with status 'done' Collecting cffi>=1.12 Downloading cffi-1.15.1-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (402 kB) Collecting pyasn1 Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB) Collecting pyyaml Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB) Collecting pycparser Downloading pycparser-2.21-py2.py3-none-any.whl (118 kB) Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed. Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader Running setup.py install for certreader: started Running setup.py install for certreader: finished with status 'done' Successfully installed certreader-0.1.1 cffi-1.15.1 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.21 pyyaml-6.0 TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:26 Wednesday 06 July 2022 22:40:20 +0000 (0:00:03.221) 0:07:55.257 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false, "stat": { "atime": 1657147208.7619798, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "36502740a7e1f9f63a96262bab50c4dbf36b3ad4", "ctime": 1657147208.7589798, "dev": 64515, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 1526605, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1657147208.7589798, "nlink": 1, "path": "/etc/pki/tls/certs/mycert_basic_ipa.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1854, "uid": 0, "version": "3081332352", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:31 Wednesday 06 July 2022 22:40:21 +0000 (0:00:00.558) 0:07:55.816 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:37 Wednesday 06 July 2022 22:40:21 +0000 (0:00:00.034) 0:07:55.850 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:49 Wednesday 06 July 2022 22:40:21 +0000 (0:00:00.075) 0:07:55.925 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:55 Wednesday 06 July 2022 22:40:21 +0000 (0:00:00.049) 0:07:55.975 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false, "stat": { "atime": 1657147206.1559799, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "b1f79d7dd77c4f253a7238eae26002e7daf590de", "ctime": 1657147208.7589798, "dev": 64515, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 8388741, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1657147208.7589798, "nlink": 1, "path": "/etc/pki/tls/private/mycert_basic_ipa.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "2344431704", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:60 Wednesday 06 July 2022 22:40:21 +0000 (0:00:00.401) 0:07:56.376 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:66 Wednesday 06 July 2022 22:40:21 +0000 (0:00:00.034) 0:07:56.411 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:78 Wednesday 06 July 2022 22:40:21 +0000 (0:00:00.048) 0:07:56.459 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert_basic_ipa.crt" ], "delta": "0:00:00.253439", "end": "2022-07-06 18:40:21.789441", "rc": 0, "start": "2022-07-06 18:40:21.536002" } STDOUT: { "subject": [ { "name": "organizationName", "oid": "2.5.4.10", "value": "TEST.LOCAL" }, { "name": "commonName", "oid": "2.5.4.3", "value": "ipaserver.test.local" } ], "extensions": { "authorityKeyIdentifier": { "value": "D9:29:52:EE:C6:E7:49:33:19:DB:74:C1:D2:44:A1:DB:6C:3B:DE:CB", "critical": false }, "authorityInfoAccess": { "value": [ { "method": "OCSP", "location": "http://ipa-ca.test.local/ca/ocsp" } ], "critical": false }, "keyUsage": { "value": [ "digital_signature", "content_commitment", "key_encipherment", "data_encipherment" ], "critical": true }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "cRLDistributionPoints": { "value": [ { "full_name": [ "http://ipa-ca.test.local/ipa/crl/MasterCRL.bin" ], "crl_issuer": [ { "organizationName": "ipaca", "commonName": "Certificate Authority" } ] } ], "critical": false }, "subjectKeyIdentifier": { "value": "6D:C1:40:D8:C2:F1:B9:37:67:53:74:32:CF:56:36:09:5C:1F:CD:DF", "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "ipaserver.test.local" }, { "name": "Universal Principal Name (UPN)", "value": "HTTP/ipaserver.test.local@TEST.LOCAL", "oid": "1.3.6.1.4.1.311.20.2.3" }, { "name": "Kerberos principalname", "value": "HTTP/ipaserver.test.local@TEST.LOCAL", "oid": "1.3.6.1.5.2.2" } ], "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "00:B6:17:62:7A:07:69:B0:29:F8:AB:E6:D9:B1:55:EF:E1:93:7D:5C:FB:FB:17:74:FC:08:AB:AE:95:07:17:4A:5F:AE:85:47:23:87:B1:D6:D4:27:61:36:7E:39:E5:44:22:B5:25:DB:F6:9E:23:B2:AF:06:12:0F:9E:E9:6B:8A:73:AC:73:26:EB:E0:30:73:12:84:1A:51:3F:40:89:AC:92:55:1B:AF:3E:FB:7F:20:EB:1D:D1:D9:CC:38:BA:F2:E0:33:D7:17:3A:1D:F2:52:FB:71:AF:FC:1D:64:3D:95:A5:89:2E:EB:65:81:00:7B:74:EC:05:49:BF:55:E4:D4:8D:89:BB:F8:46:67:15:16:74:75:24:A5:0B:1A:58:FA:4E:4E:05:F2:F3:69:7A:8B:08:6F:F2:BF:E8:35:21:A1:37:0E:D7:35:CA:32:2C:AC:DC:1C:AB:BE:90:3A:28:EE:8C:44:15:89:F5:7B:36:78:E0:E9:01:A8:FC:42:79:94:88:E4:D1:9A:A9:DD:93:00:4B:AE:24:A7:38:AC:7E:4C:20:E5:23:C2:2A:F2:79:C1:71:B2:09:6E:19:A8:8E:2A:ED:BF:E2:59:66:44:BC:B0:D9:DD:EE:2D:D7:13:AB:74:C1:76:14:3C:DA:4D:1C:90:FD:A6:22:A7:94:1A:A5:C7:21:F3:33:BD:46:62:CA:3F:E8:6A:1A:2C:AA:17:6F:92:B1:9B:AF:D5:DB:74:4D:4E:19:B5:9C:F0:EE:B6:4D:5F:68:16:2A:45:FB:13:8E:C5:4D:67:F1:6F:15:14:73:00:AA:11:9D:17:02:4C:37:C8:EF:34:7C:04:E5:38:ED:A6:68:2F:92:56:0B:FD:99:65:13:FF:D5:C0:4D:71:5F:10:77:CF:FB:AB:9D:3C:14:6B:97:08:FE:01:CB:0D:71:66:B8:CA:B5:D3:27:98:DA:45:1A:56:0C:50:77:9D:D0:19:B9:9B:A7:2E:E0:65:CB:51:7A:E2:E6:EC:97:B5:C0:71" }, "key_size": 2048, "validity": { "not_valid_after": "2024-07-06 22:40:07", "not_valid_before": "2022-07-06 22:40:07" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:83 Wednesday 06 July 2022 22:40:22 +0000 (0:00:00.640) 0:07:57.099 ******** ok: [/cache/rhel-8.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityInfoAccess": { "critical": false, "value": [ { "location": "http://ipa-ca.test.local/ca/ocsp", "method": "OCSP" } ] }, "authorityKeyIdentifier": { "critical": false, "value": "D9:29:52:EE:C6:E7:49:33:19:DB:74:C1:D2:44:A1:DB:6C:3B:DE:CB" }, "cRLDistributionPoints": { "critical": false, "value": [ { "crl_issuer": [ { "commonName": "Certificate Authority", "organizationName": "ipaca" } ], "full_name": [ "http://ipa-ca.test.local/ipa/crl/MasterCRL.bin" ] } ] }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": true, "value": [ "digital_signature", "content_commitment", "key_encipherment", "data_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "ipaserver.test.local" }, { "name": "Universal Principal Name (UPN)", "oid": "1.3.6.1.4.1.311.20.2.3", "value": "HTTP/ipaserver.test.local@TEST.LOCAL" }, { "name": "Kerberos principalname", "oid": "1.3.6.1.5.2.2", "value": "HTTP/ipaserver.test.local@TEST.LOCAL" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "6D:C1:40:D8:C2:F1:B9:37:67:53:74:32:CF:56:36:09:5C:1F:CD:DF" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "00:B6:17:62:7A:07:69:B0:29:F8:AB:E6:D9:B1:55:EF:E1:93:7D:5C:FB:FB:17:74:FC:08:AB:AE:95:07:17:4A:5F:AE:85:47:23:87:B1:D6:D4:27:61:36:7E:39:E5:44:22:B5:25:DB:F6:9E:23:B2:AF:06:12:0F:9E:E9:6B:8A:73:AC:73:26:EB:E0:30:73:12:84:1A:51:3F:40:89:AC:92:55:1B:AF:3E:FB:7F:20:EB:1D:D1:D9:CC:38:BA:F2:E0:33:D7:17:3A:1D:F2:52:FB:71:AF:FC:1D:64:3D:95:A5:89:2E:EB:65:81:00:7B:74:EC:05:49:BF:55:E4:D4:8D:89:BB:F8:46:67:15:16:74:75:24:A5:0B:1A:58:FA:4E:4E:05:F2:F3:69:7A:8B:08:6F:F2:BF:E8:35:21:A1:37:0E:D7:35:CA:32:2C:AC:DC:1C:AB:BE:90:3A:28:EE:8C:44:15:89:F5:7B:36:78:E0:E9:01:A8:FC:42:79:94:88:E4:D1:9A:A9:DD:93:00:4B:AE:24:A7:38:AC:7E:4C:20:E5:23:C2:2A:F2:79:C1:71:B2:09:6E:19:A8:8E:2A:ED:BF:E2:59:66:44:BC:B0:D9:DD:EE:2D:D7:13:AB:74:C1:76:14:3C:DA:4D:1C:90:FD:A6:22:A7:94:1A:A5:C7:21:F3:33:BD:46:62:CA:3F:E8:6A:1A:2C:AA:17:6F:92:B1:9B:AF:D5:DB:74:4D:4E:19:B5:9C:F0:EE:B6:4D:5F:68:16:2A:45:FB:13:8E:C5:4D:67:F1:6F:15:14:73:00:AA:11:9D:17:02:4C:37:C8:EF:34:7C:04:E5:38:ED:A6:68:2F:92:56:0B:FD:99:65:13:FF:D5:C0:4D:71:5F:10:77:CF:FB:AB:9D:3C:14:6B:97:08:FE:01:CB:0D:71:66:B8:CA:B5:D3:27:98:DA:45:1A:56:0C:50:77:9D:D0:19:B9:9B:A7:2E:E0:65:CB:51:7A:E2:E6:EC:97:B5:C0:71" }, "subject": [ { "name": "organizationName", "oid": "2.5.4.10", "value": "TEST.LOCAL" }, { "name": "commonName", "oid": "2.5.4.3", "value": "ipaserver.test.local" } ], "validity": { "not_valid_after": "2024-07-06 22:40:07", "not_valid_before": "2022-07-06 22:40:07" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:87 Wednesday 06 July 2022 22:40:22 +0000 (0:00:00.052) 0:07:57.151 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:96 Wednesday 06 July 2022 22:40:22 +0000 (0:00:00.050) 0:07:57.202 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:105 Wednesday 06 July 2022 22:40:22 +0000 (0:00:00.034) 0:07:57.237 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:112 Wednesday 06 July 2022 22:40:22 +0000 (0:00:00.045) 0:07:57.282 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:125 Wednesday 06 July 2022 22:40:22 +0000 (0:00:00.046) 0:07:57.329 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:141 Wednesday 06 July 2022 22:40:22 +0000 (0:00:00.046) 0:07:57.375 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert_basic_ipa.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.067009", "end": "2022-07-06 18:40:22.502144", "rc": 0, "start": "2022-07-06 18:40:22.435135" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:150 Wednesday 06 July 2022 22:40:23 +0000 (0:00:00.432) 0:07:57.808 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:2 Wednesday 06 July 2022 22:40:23 +0000 (0:00:00.046) 0:07:57.854 ******** ok: [/cache/rhel-8.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:6 Wednesday 06 July 2022 22:40:23 +0000 (0:00:00.029) 0:07:57.884 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false, "rc": 0, "results": [] } MSG: Nothing to do TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:11 Wednesday 06 July 2022 22:40:24 +0000 (0:00:01.432) 0:07:59.316 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip3", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1) TASK [Install certreader] ****************************************************** task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:18 Wednesday 06 July 2022 22:40:25 +0000 (0:00:01.043) 0:08:00.360 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip3", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8) Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1) Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.1) Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8) Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0) Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21) TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:26 Wednesday 06 July 2022 22:40:26 +0000 (0:00:00.898) 0:08:01.258 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false, "stat": { "atime": 1657147210.2289798, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "160ffb45f5f65103553ebf4d6283d3bc58b27ea8", "ctime": 1657147210.27098, "dev": 64515, "device_type": 0, "executable": false, "exists": true, "gid": 50, "gr_name": "ftp", "inode": 1526603, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0640", "mtime": 1657147210.2259798, "nlink": 1, "path": "/etc/pki/tls/certs/groupcert.crt", "pw_name": "root", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 1854, "uid": 0, "version": "2639894799", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:31 Wednesday 06 July 2022 22:40:26 +0000 (0:00:00.396) 0:08:01.655 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:37 Wednesday 06 July 2022 22:40:26 +0000 (0:00:00.035) 0:08:01.690 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:49 Wednesday 06 July 2022 22:40:27 +0000 (0:00:00.049) 0:08:01.739 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:55 Wednesday 06 July 2022 22:40:27 +0000 (0:00:00.046) 0:08:01.785 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false, "stat": { "atime": 1657147209.4599798, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "3f2c295a46033116e6561b8bf7a83c0a88171f1f", "ctime": 1657147210.27098, "dev": 64515, "device_type": 0, "executable": false, "exists": true, "gid": 50, "gr_name": "ftp", "inode": 9518637, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0640", "mtime": 1657147210.2259798, "nlink": 1, "path": "/etc/pki/tls/private/groupcert.key", "pw_name": "root", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "3832266466", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:60 Wednesday 06 July 2022 22:40:27 +0000 (0:00:00.386) 0:08:02.172 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:66 Wednesday 06 July 2022 22:40:27 +0000 (0:00:00.032) 0:08:02.205 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:78 Wednesday 06 July 2022 22:40:27 +0000 (0:00:00.049) 0:08:02.254 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/groupcert.crt" ], "delta": "0:00:00.226073", "end": "2022-07-06 18:40:27.537013", "rc": 0, "start": "2022-07-06 18:40:27.310940" } STDOUT: { "subject": [ { "name": "organizationName", "oid": "2.5.4.10", "value": "TEST.LOCAL" }, { "name": "commonName", "oid": "2.5.4.3", "value": "ipaserver.test.local" } ], "extensions": { "authorityKeyIdentifier": { "value": "D9:29:52:EE:C6:E7:49:33:19:DB:74:C1:D2:44:A1:DB:6C:3B:DE:CB", "critical": false }, "authorityInfoAccess": { "value": [ { "method": "OCSP", "location": "http://ipa-ca.test.local/ca/ocsp" } ], "critical": false }, "keyUsage": { "value": [ "digital_signature", "content_commitment", "key_encipherment", "data_encipherment" ], "critical": true }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "cRLDistributionPoints": { "value": [ { "full_name": [ "http://ipa-ca.test.local/ipa/crl/MasterCRL.bin" ], "crl_issuer": [ { "organizationName": "ipaca", "commonName": "Certificate Authority" } ] } ], "critical": false }, "subjectKeyIdentifier": { "value": "D5:68:25:E8:8C:93:45:D5:43:D8:F5:A5:08:81:57:6A:E0:AC:28:A2", "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "ipaserver.test.local" }, { "name": "Universal Principal Name (UPN)", "value": "HTTP/ipaserver.test.local@TEST.LOCAL", "oid": "1.3.6.1.4.1.311.20.2.3" }, { "name": "Kerberos principalname", "value": "HTTP/ipaserver.test.local@TEST.LOCAL", "oid": "1.3.6.1.5.2.2" } ], "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "CD:0B:88:36:85:79:94:F0:1B:22:31:14:14:88:1A:D7:73:89:1E:D1:B0:46:1A:C1:48:B0:30:05:D2:0B:FD:3A:B6:1E:72:95:6F:63:AD:E5:61:E2:BD:2E:47:CD:30:D0:6C:0B:9C:F4:6C:D3:29:BD:D7:87:EB:D3:0C:81:70:06:C9:BE:31:E9:B2:20:39:15:33:C0:C2:C8:17:79:26:07:CE:7B:E4:9E:DC:F6:1F:A4:05:95:15:17:FB:38:F8:A9:94:9A:89:34:65:A3:A9:A3:0D:56:74:F7:DA:6C:D1:CE:3E:53:17:65:3F:C5:E8:62:0D:71:A3:75:FB:DF:DA:53:6F:97:BF:39:48:E2:6E:16:3C:84:94:97:BD:EE:AE:ED:C6:1D:0A:EF:2E:33:45:36:6D:04:11:A0:DF:3C:3B:D8:1C:60:7E:23:05:A0:EB:2C:A6:56:00:04:E2:D4:DD:3D:0C:7C:E5:13:BA:B1:E2:1F:35:41:2A:46:03:83:15:CB:A4:08:89:AB:28:4B:14:F2:FA:6E:ED:F8:08:7D:9E:FA:E2:43:5A:A1:DA:95:40:66:7E:E1:7C:F2:E3:CF:A1:FC:CF:A4:C8:79:47:75:66:01:CD:D4:00:44:FB:B1:BF:C5:B3:60:CD:28:A0:B4:FF:0F:8C:94:68:0F:CD:31:B3:6F:32:CB:52:F5:D8:95:3F:D3:56:E3:20:EE:D2:09:96:CD:02:02:0B:C2:0C:99:09:F4:70:B1:3C:7F:2D:90:2A:B1:CC:92:F3:CD:A0:CE:F7:38:71:DC:00:03:B7:44:BF:26:19:C1:EB:D3:50:5E:E0:DE:78:87:C8:EE:CE:5E:2D:41:AE:85:25:10:2E:C3:D7:07:68:2A:DA:E0:D1:1B:56:AC:73:BC:1C:EA:F1:BD:FE:D7:EF:08:D4:B0:8C:B8:54:CC:E8:FC:FB:A2:B9:B2:46:9F:7F:22:2D:6D:39:D5:D1:24:B8:3B:A3:0C:45:1E:A3:58:57:E3:97:D0:EE:F3:7F:C2" }, "key_size": 2048, "validity": { "not_valid_after": "2024-07-06 22:40:09", "not_valid_before": "2022-07-06 22:40:09" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:83 Wednesday 06 July 2022 22:40:28 +0000 (0:00:00.591) 0:08:02.846 ******** ok: [/cache/rhel-8.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityInfoAccess": { "critical": false, "value": [ { "location": "http://ipa-ca.test.local/ca/ocsp", "method": "OCSP" } ] }, "authorityKeyIdentifier": { "critical": false, "value": "D9:29:52:EE:C6:E7:49:33:19:DB:74:C1:D2:44:A1:DB:6C:3B:DE:CB" }, "cRLDistributionPoints": { "critical": false, "value": [ { "crl_issuer": [ { "commonName": "Certificate Authority", "organizationName": "ipaca" } ], "full_name": [ "http://ipa-ca.test.local/ipa/crl/MasterCRL.bin" ] } ] }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": true, "value": [ "digital_signature", "content_commitment", "key_encipherment", "data_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "ipaserver.test.local" }, { "name": "Universal Principal Name (UPN)", "oid": "1.3.6.1.4.1.311.20.2.3", "value": "HTTP/ipaserver.test.local@TEST.LOCAL" }, { "name": "Kerberos principalname", "oid": "1.3.6.1.5.2.2", "value": "HTTP/ipaserver.test.local@TEST.LOCAL" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "D5:68:25:E8:8C:93:45:D5:43:D8:F5:A5:08:81:57:6A:E0:AC:28:A2" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "CD:0B:88:36:85:79:94:F0:1B:22:31:14:14:88:1A:D7:73:89:1E:D1:B0:46:1A:C1:48:B0:30:05:D2:0B:FD:3A:B6:1E:72:95:6F:63:AD:E5:61:E2:BD:2E:47:CD:30:D0:6C:0B:9C:F4:6C:D3:29:BD:D7:87:EB:D3:0C:81:70:06:C9:BE:31:E9:B2:20:39:15:33:C0:C2:C8:17:79:26:07:CE:7B:E4:9E:DC:F6:1F:A4:05:95:15:17:FB:38:F8:A9:94:9A:89:34:65:A3:A9:A3:0D:56:74:F7:DA:6C:D1:CE:3E:53:17:65:3F:C5:E8:62:0D:71:A3:75:FB:DF:DA:53:6F:97:BF:39:48:E2:6E:16:3C:84:94:97:BD:EE:AE:ED:C6:1D:0A:EF:2E:33:45:36:6D:04:11:A0:DF:3C:3B:D8:1C:60:7E:23:05:A0:EB:2C:A6:56:00:04:E2:D4:DD:3D:0C:7C:E5:13:BA:B1:E2:1F:35:41:2A:46:03:83:15:CB:A4:08:89:AB:28:4B:14:F2:FA:6E:ED:F8:08:7D:9E:FA:E2:43:5A:A1:DA:95:40:66:7E:E1:7C:F2:E3:CF:A1:FC:CF:A4:C8:79:47:75:66:01:CD:D4:00:44:FB:B1:BF:C5:B3:60:CD:28:A0:B4:FF:0F:8C:94:68:0F:CD:31:B3:6F:32:CB:52:F5:D8:95:3F:D3:56:E3:20:EE:D2:09:96:CD:02:02:0B:C2:0C:99:09:F4:70:B1:3C:7F:2D:90:2A:B1:CC:92:F3:CD:A0:CE:F7:38:71:DC:00:03:B7:44:BF:26:19:C1:EB:D3:50:5E:E0:DE:78:87:C8:EE:CE:5E:2D:41:AE:85:25:10:2E:C3:D7:07:68:2A:DA:E0:D1:1B:56:AC:73:BC:1C:EA:F1:BD:FE:D7:EF:08:D4:B0:8C:B8:54:CC:E8:FC:FB:A2:B9:B2:46:9F:7F:22:2D:6D:39:D5:D1:24:B8:3B:A3:0C:45:1E:A3:58:57:E3:97:D0:EE:F3:7F:C2" }, "subject": [ { "name": "organizationName", "oid": "2.5.4.10", "value": "TEST.LOCAL" }, { "name": "commonName", "oid": "2.5.4.3", "value": "ipaserver.test.local" } ], "validity": { "not_valid_after": "2024-07-06 22:40:09", "not_valid_before": "2022-07-06 22:40:09" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:87 Wednesday 06 July 2022 22:40:28 +0000 (0:00:00.045) 0:08:02.891 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:96 Wednesday 06 July 2022 22:40:28 +0000 (0:00:00.045) 0:08:02.936 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:105 Wednesday 06 July 2022 22:40:28 +0000 (0:00:00.033) 0:08:02.970 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:112 Wednesday 06 July 2022 22:40:28 +0000 (0:00:00.044) 0:08:03.014 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:125 Wednesday 06 July 2022 22:40:28 +0000 (0:00:00.047) 0:08:03.062 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:141 Wednesday 06 July 2022 22:40:28 +0000 (0:00:00.046) 0:08:03.108 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/groupcert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.060958", "end": "2022-07-06 18:40:28.227554", "rc": 0, "start": "2022-07-06 18:40:28.166596" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:150 Wednesday 06 July 2022 22:40:28 +0000 (0:00:00.428) 0:08:03.537 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-8.qcow2 : ok=99 changed=34 unreachable=0 failed=0 skipped=35 rescued=0 ignored=0 Wednesday 06 July 2022 22:40:28 +0000 (0:00:00.053) 0:08:03.590 ******** =============================================================================== ipaserver : Install - Setup HTTP -------------------------------------- 150.38s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:324 ----------------------- ipaserver : Install - Setup CA ---------------------------------------- 143.98s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:267 ----------------------- ipaserver : Install - Ensure that IPA server packages are installed ---- 56.18s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:5 ------------------------- ipaserver : Install - Setup DS ----------------------------------------- 16.71s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:205 ----------------------- ipaserver : Install - Setup NTP ---------------------------------------- 10.55s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:198 ----------------------- ipaserver : Install - Setup DNS ----------------------------------------- 9.27s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:367 ----------------------- ipaserver : Install - Setup KRB ----------------------------------------- 6.01s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:234 ----------------------- ipaserver : Install - Enable IPA ---------------------------------------- 5.25s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:431 ----------------------- linux-system-roles.certificate : Ensure certificate requests ------------ 4.95s /tmp/tmplpebei7w/tests/roles/linux-system-roles.certificate/tasks/main.yml:100 ensure hostname package is installed ------------------------------------ 4.78s /tmp/tmplpebei7w/tests/tasks/setup_ipa.yml:33 --------------------------------- ipaserver : Install - Ensure that IPA server packages for dns are installed --- 4.67s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:10 ------------------------ ipaserver : Install - Setup custodia ------------------------------------ 4.30s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:261 ----------------------- ipaclient : Install - Create IPA NSS database --------------------------- 4.21s /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:305 ----------------------- Install the package, force upgrade -------------------------------------- 4.14s /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:11 ------------- Install certreader ------------------------------------------------------ 3.22s /tmp/tmplpebei7w/tests/tasks/assert_certificate_parameters.yml:18 ------------- ipaserver : Install - Ensure that firewall packages installed ----------- 3.12s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:22 ------------------------ ipaserver : Install - Setup otpd ---------------------------------------- 2.78s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:318 ----------------------- ipaserver : Install - Server preparation -------------------------------- 2.47s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:153 ----------------------- Ensure nss package is up-to-date ---------------------------------------- 2.40s /tmp/tmplpebei7w/tests/tasks/setup_ipa.yml:42 --------------------------------- ipaclient : Install - IPA API calls for remaining enrollment parts ------ 2.31s /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:287 ----------------------- ansible-playbook [core 2.12.6] config file = /etc/ansible/ansible.cfg configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python3.9/site-packages/ansible ansible collection location = /tmp/tmpt8vnebz7 executable location = /usr/bin/ansible-playbook python version = 3.9.13 (main, May 18 2022, 00:00:00) [GCC 11.3.1 20220421 (Red Hat 11.3.1-2)] jinja version = 2.11.3 libyaml = True Using /etc/ansible/ansible.cfg as config file Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: rhel-8_setup.yml ***************************************************** 1 plays in /cache/rhel-8_setup.yml PLAY [Setup repos] ************************************************************* META: ran handlers TASK [set up internal repositories] ******************************************** task path: /cache/rhel-8_setup.yml:5 Wednesday 06 July 2022 22:45:08 +0000 (0:00:00.017) 0:00:00.017 ******** changed: [/cache/rhel-8.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-8.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-8.qcow2] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } changed: [/cache/rhel-8.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-8.qcow2 : ok=1 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 Wednesday 06 July 2022 22:45:09 +0000 (0:00:01.329) 0:00:01.347 ******** =============================================================================== set up internal repositories -------------------------------------------- 1.33s /cache/rhel-8_setup.yml:5 ----------------------------------------------------- statically imported: /tmp/tmp0buh2ky5/tests/certificate/tasks/setup_ipa.yml PLAYBOOK: tests_basic_ipa.yml ************************************************** 3 plays in /tmp/tmp0buh2ky5/tests/certificate/tests_basic_ipa.yml PLAY [Install IPA server] ****************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmp0buh2ky5/tests/certificate/tests_basic_ipa.yml:2 Wednesday 06 July 2022 22:45:09 +0000 (0:00:00.048) 0:00:01.395 ******** ok: [/cache/rhel-8.qcow2] META: ran handlers TASK [Set __is_beaker_env] ***************************************************** task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/setup_ipa.yml:2 Wednesday 06 July 2022 22:45:11 +0000 (0:00:01.332) 0:00:02.727 ******** ok: [/cache/rhel-8.qcow2] => { "ansible_facts": { "__is_beaker_env": false }, "changed": false } TASK [Install ansible-freeipa] ************************************************* task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/setup_ipa.yml:6 Wednesday 06 July 2022 22:45:11 +0000 (0:00:00.053) 0:00:02.781 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [Clone ansible-freeipa repo] ********************************************** task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/setup_ipa.yml:12 Wednesday 06 July 2022 22:45:11 +0000 (0:00:00.025) 0:00:02.806 ******** ok: [/cache/rhel-8.qcow2 -> 127.0.0.1] => { "after": "9dcff9a3084c57f77f710f63f9729e8010b8bdc3", "before": "9dcff9a3084c57f77f710f63f9729e8010b8bdc3", "changed": false, "remote_url_changed": false } TASK [Create role symlinks] **************************************************** task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/setup_ipa.yml:21 Wednesday 06 July 2022 22:45:11 +0000 (0:00:00.738) 0:00:03.544 ******** changed: [/cache/rhel-8.qcow2 -> 127.0.0.1] => (item=ipaserver) => { "ansible_loop_var": "item", "changed": true, "dest": "/tmp/tmp0buh2ky5/tests/certificate/roles/ipaserver", "gid": 0, "group": "root", "item": "ipaserver", "mode": "0777", "owner": "root", "size": 34, "src": "/tmp/freeipa-repo/roles/ipaserver/", "state": "link", "uid": 0 } changed: [/cache/rhel-8.qcow2 -> 127.0.0.1] => (item=ipaclient) => { "ansible_loop_var": "item", "changed": true, "dest": "/tmp/tmp0buh2ky5/tests/certificate/roles/ipaclient", "gid": 0, "group": "root", "item": "ipaclient", "mode": "0777", "owner": "root", "size": 34, "src": "/tmp/freeipa-repo/roles/ipaclient/", "state": "link", "uid": 0 } TASK [ensure hostname package is installed] ************************************ task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/setup_ipa.yml:33 Wednesday 06 July 2022 22:45:12 +0000 (0:00:00.536) 0:00:04.081 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false, "rc": 0, "results": [] } MSG: Nothing to do TASK [Set hostname] ************************************************************ task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/setup_ipa.yml:38 Wednesday 06 July 2022 22:45:16 +0000 (0:00:04.632) 0:00:08.713 ******** changed: [/cache/rhel-8.qcow2] => { "ansible_facts": { "ansible_domain": "test.local", "ansible_fqdn": "ipaserver.test.local", "ansible_hostname": "ipaserver", "ansible_nodename": "ipaserver.test.local" }, "changed": true, "name": "ipaserver.test.local" } TASK [Ensure nss package is up-to-date] **************************************** task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/setup_ipa.yml:42 Wednesday 06 July 2022 22:45:17 +0000 (0:00:00.831) 0:00:09.545 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true, "rc": 0, "results": [ "Installed: nspr-4.32.0-1.el8_4.x86_64", "Installed: nss-3.67.0-7.el8_5.x86_64", "Installed: nss-softokn-3.67.0-7.el8_5.x86_64", "Installed: nss-softokn-freebl-3.67.0-7.el8_5.x86_64", "Installed: nss-sysinit-3.67.0-7.el8_5.x86_64", "Installed: nss-util-3.67.0-7.el8_5.x86_64" ] } TASK [Include ipaserver role] ************************************************** task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/setup_ipa.yml:50 Wednesday 06 July 2022 22:45:20 +0000 (0:00:02.178) 0:00:11.723 ******** TASK [ipaserver : Import variables specific to distribution] ******************* task path: /tmp/freeipa-repo/roles/ipaserver/tasks/main.yml:4 Wednesday 06 July 2022 22:45:20 +0000 (0:00:00.034) 0:00:11.757 ******** ok: [/cache/rhel-8.qcow2] => (item=/tmp/freeipa-repo/roles/ipaserver/vars/RedHat-8.yml) => { "ansible_facts": { "ipaserver_packages": [ "@idm:DL1/server" ], "ipaserver_packages_adtrust": [ "@idm:DL1/adtrust" ], "ipaserver_packages_dns": [ "@idm:DL1/dns" ], "ipaserver_packages_firewalld": [ "firewalld" ] }, "ansible_included_var_files": [ "/tmp/freeipa-repo/roles/ipaserver/vars/RedHat-8.yml" ], "ansible_loop_var": "item", "changed": false, "item": "/tmp/freeipa-repo/roles/ipaserver/vars/RedHat-8.yml" } TASK [ipaserver : Install IPA server] ****************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/main.yml:19 Wednesday 06 July 2022 22:45:20 +0000 (0:00:00.043) 0:00:11.800 ******** included: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml for /cache/rhel-8.qcow2 TASK [ipaserver : Install - Ensure that IPA server packages are installed] ***** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:5 Wednesday 06 July 2022 22:45:20 +0000 (0:00:00.068) 0:00:11.869 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true, "rc": 0, "results": [ "Module idm:DL1/server installed.", "Installed: python3-nss-1.0.1-10.module+el8.1.0+3366+6dfb954c.x86_64", "Installed: libwbclient-4.15.5-5.el8.x86_64", "Installed: 389-ds-base-1.4.3.28-6.module+el8.6.0+14129+983ceada.x86_64", "Installed: sssd-common-pac-2.6.2-3.el8.x86_64", "Installed: sssd-dbus-2.6.2-3.el8.x86_64", "Installed: 389-ds-base-libs-1.4.3.28-6.module+el8.6.0+14129+983ceada.x86_64", "Installed: sssd-ipa-2.6.2-3.el8.x86_64", "Installed: sssd-krb5-common-2.6.2-3.el8.x86_64", "Installed: python3-pip-9.0.3-22.el8.noarch", "Installed: python3-pki-10.12.0-2.module+el8.6.0+14115+8b467244.noarch", "Installed: augeas-libs-1.12.0-6.el8.x86_64", "Installed: libxslt-1.1.32-6.el8.x86_64", "Installed: autofs-1:5.1.4-82.el8.x86_64", "Installed: perl-IO-Socket-IP-0.39-5.el8.noarch", "Installed: sssd-tools-2.6.2-3.el8.x86_64", "Installed: python3-psutil-5.4.3-11.el8.x86_64", "Installed: lksctp-tools-1.0.18-3.el8.x86_64", "Installed: perl-IO-Socket-SSL-2.066-4.module+el8.3.0+6446+594cad75.noarch", "Installed: python3-pyasn1-0.3.7-6.el8.noarch", "Installed: copy-jdk-configs-4.0-2.el8.noarch", "Installed: python3-pyasn1-modules-0.3.7-6.el8.noarch", "Installed: avahi-libs-0.7-20.el8.x86_64", "Installed: bash-completion-1:2.7-5.el8.noarch", "Installed: python3-pyusb-1.0.0-9.module+el8.1.0+4098+f286395e.noarch", "Installed: python3-qrcode-core-5.1-12.module+el8.1.0+4098+f286395e.noarch", "Installed: harfbuzz-1.7.5-3.el8.x86_64", "Installed: hicolor-icon-theme-0.17-2.el8.noarch", "Installed: mailcap-2.1.48-3.el8.noarch", "Installed: pango-1.42.4-8.el8.x86_64", "Installed: httpcomponents-client-4.5.5-5.module+el8.6.0+13298+7b5243c0.noarch", "Installed: httpcomponents-core-4.4.10-3.module+el8+2452+b359bfcd.noarch", "Installed: httpd-2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64", "Installed: alsa-lib-1.2.6.1-3.el8.x86_64", "Installed: httpd-filesystem-2.4.37-47.module+el8.6.0+14529+083145da.1.noarch", "Installed: httpd-tools-2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64", "Installed: custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch", "Installed: python3-webencodings-0.5.1-6.el8.noarch", "Installed: lua-5.3.4-12.el8.x86_64", "Installed: python3-yubico-1.3.2-9.module+el8.1.0+4098+f286395e.noarch", "Installed: cups-libs-1:2.2.6-44.el8.x86_64", "Installed: python36-3.6.8-38.module+el8.5.0+12207+5c5719bc.x86_64", "Installed: ldapjdk-4.23.0-1.module+el8.5.0+11983+6ba118b4.noarch", "Installed: gdk-pixbuf2-modules-2.36.12-5.el8.x86_64", "Installed: cyrus-sasl-gssapi-2.1.27-6.el8_5.x86_64", "Installed: words-3.0-28.el8.noarch", "Installed: cyrus-sasl-md5-2.1.27-6.el8_5.x86_64", "Installed: cyrus-sasl-plain-2.1.27-6.el8_5.x86_64", "Installed: xmlrpc-c-1.51.0-6.el8.x86_64", "Installed: xmlrpc-c-client-1.51.0-6.el8.x86_64", "Installed: ant-1.10.5-1.module+el8+2438+c99a8a1e.noarch", "Installed: ant-lib-1.10.5-1.module+el8+2438+c99a8a1e.noarch", "Installed: perl-Mozilla-CA-20160104-7.module+el8.3.0+6498+9eecfe51.noarch", "Installed: krb5-pkinit-1.18.2-14.el8.x86_64", "Installed: apache-commons-cli-1.4-4.module+el8+2452+b359bfcd.noarch", "Installed: krb5-server-1.18.2-14.el8.x86_64", "Installed: apache-commons-codec-1.11-3.module+el8+2452+b359bfcd.noarch", "Installed: krb5-workstation-1.18.2-14.el8.x86_64", "Installed: apache-commons-io-1:2.6-3.module+el8+2452+b359bfcd.noarch", "Installed: pki-acme-10.12.0-2.module+el8.6.0+14115+8b467244.noarch", "Installed: pki-base-10.12.0-2.module+el8.6.0+14115+8b467244.noarch", "Installed: pki-base-java-10.12.0-2.module+el8.6.0+14115+8b467244.noarch", "Installed: apache-commons-lang3-3.7-3.module+el8+2452+b359bfcd.noarch", "Installed: libXcomposite-0.4.4-14.el8.x86_64", "Installed: apache-commons-logging-1.2-13.module+el8+2452+b359bfcd.noarch", "Installed: apache-commons-net-3.6-3.module+el8.3.0+6805+72837426.noarch", "Installed: libXcursor-1.1.15-3.el8.x86_64", "Installed: pki-ca-10.12.0-2.module+el8.6.0+14115+8b467244.noarch", "Installed: pki-kra-10.12.0-2.module+el8.6.0+14115+8b467244.noarch", "Installed: giflib-5.1.4-3.el8.x86_64", "Installed: libXdamage-1.1.4-14.el8.x86_64", "Installed: pki-server-10.12.0-2.module+el8.6.0+14115+8b467244.noarch", "Installed: pki-servlet-4.0-api-1:9.0.30-3.module+el8.5.0+11388+9e95fe00.noarch", "Installed: apr-1.6.3-12.el8.x86_64", "Installed: perl-Net-SSLeay-1.88-2.module+el8.6.0+13392+f0897f98.x86_64", "Installed: pki-symkey-10.12.0-2.module+el8.6.0+14115+8b467244.x86_64", "Installed: pki-tools-10.12.0-2.module+el8.6.0+14115+8b467244.x86_64", "Installed: apr-util-1.6.1-6.el8.x86_64", "Installed: openldap-clients-2.4.46-18.el8.x86_64", "Installed: apr-util-bdb-1.6.1-6.el8.x86_64", "Installed: libXfixes-5.0.3-7.el8.x86_64", "Installed: apr-util-openssl-1.6.1-6.el8.x86_64", "Installed: libXft-2.3.3-1.el8.x86_64", "Installed: libXi-1.7.10-1.el8.x86_64", "Installed: openssl-perl-1:1.1.1k-6.el8_5.x86_64", "Installed: libXinerama-1.1.4-1.el8.x86_64", "Installed: glassfish-fastinfoset-1.2.13-9.module+el8.1.0+3366+6dfb954c.noarch", "Installed: glassfish-jaxb-api-2.2.12-8.module+el8.1.0+3366+6dfb954c.noarch", "Installed: glassfish-jaxb-core-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "Installed: glassfish-jaxb-runtime-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "Installed: glassfish-jaxb-txw2-2.2.11-11.module+el8.1.0+3366+6dfb954c.noarch", "Installed: slapi-nis-0.56.6-4.module+el8.6.0+12936+736896b2.x86_64", "Installed: slf4j-1.7.25-4.module+el8+2452+b359bfcd.noarch", "Installed: tomcatjss-7.7.1-1.module+el8.6.0+13291+248751b1.noarch", "Installed: slf4j-jdk14-1.7.25-4.module+el8.1.0+3366+6dfb954c.noarch", "Installed: libXrandr-1.5.2-1.el8.x86_64", "Installed: atk-2.28.1-1.el8.x86_64", "Installed: softhsm-2.6.0-5.module+el8.4.0+10227+076cd560.x86_64", "Installed: libXtst-1.2.3-7.el8.x86_64", "Installed: ttmkfdir-3.0.9-54.el8.x86_64", "Installed: tzdata-java-2022a-1.el8.noarch", "Installed: perl-Algorithm-Diff-1.1903-9.el8.noarch", "Installed: mod_auth_gssapi-1.6.1-7.1.el8.x86_64", "Installed: perl-Archive-Tar-2.30-1.el8.noarch", "Installed: perl-Carp-1.42-396.el8.noarch", "Installed: perl-Compress-Raw-Bzip2-2.081-1.el8.x86_64", "Installed: perl-Compress-Raw-Zlib-2.081-1.el8.x86_64", "Installed: perl-Data-Dumper-2.167-399.el8.x86_64", "Installed: mod_http2-1.15.7-5.module+el8.6.0+13996+01710940.x86_64", "Installed: perl-Encode-4:2.97-3.el8.x86_64", "Installed: perl-Errno-1.28-421.el8.x86_64", "Installed: mod_lookup_identity-1.0.0-4.el8.x86_64", "Installed: perl-Exporter-5.72-396.el8.noarch", "Installed: perl-File-Path-2.15-2.el8.noarch", "Installed: perl-File-Temp-0.230.600-1.el8.noarch", "Installed: perl-Getopt-Long-1:2.50-4.el8.noarch", "Installed: perl-HTTP-Tiny-0.074-1.el8.noarch", "Installed: mod_session-2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64", "Installed: mod_ssl-1:2.4.37-47.module+el8.6.0+14529+083145da.1.x86_64", "Installed: perl-IO-1.38-421.el8.x86_64", "Installed: perl-IO-Compress-2.081-1.el8.noarch", "Installed: perl-IO-Zlib-1:1.10-421.el8.noarch", "Installed: perl-MIME-Base64-3.15-396.el8.x86_64", "Installed: perl-PathTools-3.74-1.el8.x86_64", "Installed: perl-Pod-Escapes-1:1.07-395.el8.noarch", "Installed: perl-Pod-Perldoc-3.28-396.el8.noarch", "Installed: perl-Pod-Simple-1:3.35-395.el8.noarch", "Installed: perl-Pod-Usage-4:1.69-395.el8.noarch", "Installed: perl-Scalar-List-Utils-3:1.49-2.el8.x86_64", "Installed: perl-Socket-4:2.027-3.el8.x86_64", "Installed: perl-Storable-1:3.11-3.el8.x86_64", "Installed: bea-stax-api-1.2.0-16.module+el8.1.0+3366+6dfb954c.noarch", "Installed: perl-Term-ANSIColor-4.06-396.el8.noarch", "Installed: perl-Term-Cap-1.17-395.el8.noarch", "Installed: stax-ex-1.7.7-8.module+el8.2.0+5723+4574fbff.noarch", "Installed: perl-Text-Diff-1.45-2.el8.noarch", "Installed: perl-Text-ParseWords-3.30-395.el8.noarch", "Installed: perl-Text-Tabs+Wrap-2013.0523-395.el8.noarch", "Installed: bind-libs-32:9.11.36-3.el8.x86_64", "Installed: perl-Time-Local-1:1.280-1.el8.noarch", "Installed: bind-libs-lite-32:9.11.36-3.el8.x86_64", "Installed: bind-license-32:9.11.36-3.el8.noarch", "Installed: perl-Unicode-Normalize-1.25-396.el8.x86_64", "Installed: perl-constant-1.33-396.el8.noarch", "Installed: perl-interpreter-4:5.26.3-421.el8.x86_64", "Installed: perl-libs-4:5.26.3-421.el8.x86_64", "Installed: perl-macros-4:5.26.3-421.el8.x86_64", "Installed: perl-parent-1:0.237-1.el8.noarch", "Installed: perl-podlators-4.11-1.el8.noarch", "Installed: perl-threads-1:2.21-2.el8.x86_64", "Installed: perl-threads-shared-1.58-2.el8.x86_64", "Installed: bind-utils-32:9.11.36-3.el8.x86_64", "Installed: libicu-60.3-2.el8_1.x86_64", "Installed: libipa_hbac-2.6.2-3.el8.x86_64", "Installed: libkadm5-1.18.2-14.el8.x86_64", "Installed: perl-DB_File-1.842-1.el8.x86_64", "Installed: protobuf-c-1.3.0-6.el8.x86_64", "Installed: libdatrie-0.2.9-7.el8.x86_64", "Installed: publicsuffix-list-20180723-1.el8.noarch", "Installed: python3-asn1crypto-0.24.0-3.el8.noarch", "Installed: python3-dns-1.15.0-10.el8.noarch", "Installed: perl-Digest-1.17-395.el8.noarch", "Installed: redhat-logos-ipa-84.5-1.el8.noarch", "Installed: perl-Digest-MD5-2.55-396.el8.x86_64", "Installed: fontawesome-fonts-4.7.0-4.el8.noarch", "Installed: perl-URI-1.73-3.el8.noarch", "Installed: python3-libipa_hbac-2.6.2-3.el8.x86_64", "Installed: ipa-client-4.9.8-7.module+el8.6.0+14337+19b76db2.x86_64", "Installed: xalan-j2-2.7.1-38.module+el8.1.0+3366+6dfb954c.noarch", "Installed: ipa-client-common-4.9.8-7.module+el8.6.0+14337+19b76db2.noarch", "Installed: ipa-common-4.9.8-7.module+el8.6.0+14337+19b76db2.noarch", "Installed: ipa-healthcheck-0.7-10.module+el8.6.0+14292+18b36d36.noarch", "Installed: ipa-healthcheck-core-0.7-10.module+el8.6.0+14292+18b36d36.noarch", "Installed: ipa-selinux-4.9.8-7.module+el8.6.0+14337+19b76db2.noarch", "Installed: ipa-server-4.9.8-7.module+el8.6.0+14337+19b76db2.x86_64", "Installed: ipa-server-common-4.9.8-7.module+el8.6.0+14337+19b76db2.noarch", "Installed: relaxngDatatype-2011.1-7.module+el8.1.0+3366+6dfb954c.noarch", "Installed: libfontenc-1.1.3-8.el8.x86_64", "Installed: resteasy-3.0.26-6.module+el8.4.0+8891+bb8828ef.noarch", "Installed: xerces-j2-2.11.0-34.module+el8.1.0+3366+6dfb954c.noarch", "Installed: fribidi-1.0.4-8.el8.x86_64", "Installed: xml-commons-apis-1.4.01-25.module+el8.1.0+3366+6dfb954c.noarch", "Installed: xml-commons-resolver-1.2-26.module+el8.1.0+3366+6dfb954c.noarch", "Installed: fstrm-0.6.1-2.el8.x86_64", "Installed: python3-setuptools-39.2.0-6.el8.noarch", "Installed: libthai-0.1.27-2.el8.x86_64", "Installed: libtiff-4.0.9-21.el8.x86_64", "Installed: istack-commons-runtime-2.21-9.el8+7.noarch", "Installed: xmlstreambuffer-1.5.4-8.module+el8.2.0+5723+4574fbff.noarch", "Installed: python3-sss-2.6.2-3.el8.x86_64", "Installed: jackson-annotations-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "Installed: jackson-core-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "Installed: jackson-databind-2.10.0-1.module+el8.2.0+5059+3eb3af25.noarch", "Installed: jackson-jaxrs-json-provider-2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "Installed: jackson-jaxrs-providers-2.9.9-1.module+el8.1.0+3832+9784644d.noarch", "Installed: jackson-module-jaxb-annotations-2.7.6-4.module+el8.1.0+3366+6dfb954c.noarch", "Installed: python3-sss-murmur-2.6.2-3.el8.x86_64", "Installed: python3-sssdconfig-2.6.2-3.el8.noarch", "Installed: pki-servlet-engine-1:9.0.30-3.module+el8.5.0+11388+9e95fe00.noarch", "Installed: python3-argcomplete-1.9.3-6.el8.noarch", "Installed: jasper-libs-2.0.14-5.el8.x86_64", "Installed: java-1.8.0-openjdk-1:1.8.0.322.b06-11.el8.x86_64", "Installed: python3-augeas-0.5.0-12.el8.noarch", "Installed: xorg-x11-font-utils-1:7.5-41.el8.x86_64", "Installed: java-1.8.0-openjdk-devel-1:1.8.0.322.b06-11.el8.x86_64", "Installed: java-1.8.0-openjdk-headless-1:1.8.0.322.b06-11.el8.x86_64", "Installed: python3-bind-32:9.11.36-3.el8.noarch", "Installed: xorg-x11-fonts-Type1-7.5-19.el8.noarch", "Installed: redhat-logos-httpd-84.5-1.el8.noarch", "Installed: perl-libnet-3.11-3.el8.noarch", "Installed: certmonger-0.79.13-5.el8.x86_64", "Installed: python3-custodia-0.6.0-3.module+el8.1.0+4098+f286395e.noarch", "Installed: javapackages-filesystem-5.3.0-1.module+el8+2447+6f56d9a6.noarch", "Installed: javapackages-tools-5.3.0-1.module+el8+2447+6f56d9a6.noarch", "Installed: python3-distro-1.4.0-2.module+el8.1.0+3334+5cb623d7.noarch", "Installed: libsss_simpleifp-2.6.2-3.el8.x86_64", "Installed: jbigkit-libs-2.1-14.el8.x86_64", "Installed: jboss-annotations-1.2-api-1.0.0-4.el8.noarch", "Installed: jboss-jaxrs-2.0-api-1.0.0-6.el8.noarch", "Installed: jboss-logging-3.3.0-5.el8.noarch", "Installed: graphite2-1.3.10-10.el8.x86_64", "Installed: jboss-logging-tools-2.0.1-6.el8.noarch", "Installed: xsom-0-19.20110809svn.module+el8.1.0+3366+6dfb954c.noarch", "Installed: samba-client-libs-4.15.5-5.el8.x86_64", "Installed: jdeparser-2.0.0-5.el8.noarch", "Installed: python3-gssapi-1.5.1-5.el8.x86_64", "Installed: python3-html5lib-1:0.999999999-6.el8.noarch", "Installed: samba-common-4.15.5-5.el8.noarch", "Installed: samba-common-libs-4.15.5-5.el8.x86_64", "Installed: python3-ipaclient-4.9.8-7.module+el8.6.0+14337+19b76db2.noarch", "Installed: python3-ipalib-4.9.8-7.module+el8.6.0+14337+19b76db2.noarch", "Installed: python3-ipaserver-4.9.8-7.module+el8.6.0+14337+19b76db2.noarch", "Installed: nss-tools-3.67.0-7.el8_5.x86_64", "Installed: python3-jwcrypto-0.5.0-1.module+el8.1.0+4098+f286395e.noarch", "Installed: python3-kdcproxy-0.4-5.module+el8.2.0+4691+a05b2456.noarch", "Installed: jss-4.9.3-1.module+el8.6.0+14244+60d461b7.x86_64", "Installed: python3-ldap-3.3.1-2.el8.x86_64", "Installed: python3-lib389-1.4.3.28-6.module+el8.6.0+14129+983ceada.noarch", "Installed: libjpeg-turbo-1.5.3-12.el8.x86_64", "Installed: gtk-update-icon-cache-3.22.30-10.el8.x86_64", "Installed: open-sans-fonts-1.10-6.el8.noarch", "Installed: gtk2-2.24.32-5.el8.x86_64", "Installed: python3-lxml-4.2.3-4.el8.x86_64", "Installed: python3-mod_wsgi-4.6.4-4.el8.x86_64", "Installed: python3-netaddr-0.7.19-8.el8.noarch" ] } TASK [ipaserver : Install - Ensure that IPA server packages for dns are installed] *** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:10 Wednesday 06 July 2022 22:46:10 +0000 (0:00:50.095) 0:01:01.964 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true, "rc": 0, "results": [ "Installed: ldns-1.7.0-21.el8.x86_64", "Installed: bind-pkcs11-32:9.11.36-3.el8.x86_64", "Installed: opencryptoki-3.17.0-3.el8.x86_64", "Installed: opencryptoki-icsftok-3.17.0-3.el8.x86_64", "Installed: bind-pkcs11-libs-32:9.11.36-3.el8.x86_64", "Installed: bind-pkcs11-utils-32:9.11.36-3.el8.x86_64", "Installed: opencryptoki-libs-3.17.0-3.el8.x86_64", "Installed: ipa-server-dns-4.9.8-7.module+el8.6.0+14337+19b76db2.noarch", "Installed: sqlite-3.26.0-15.el8.x86_64", "Installed: bind-32:9.11.36-3.el8.x86_64", "Installed: opendnssec-2.1.7-1.module+el8.4.0+9007+5084bdd8.x86_64", "Installed: bind-dyndb-ldap-11.6-3.module+el8.6.0+13728+d9324aaf.x86_64" ] } TASK [ipaserver : Install - Ensure that IPA server packages for adtrust are installed] *** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:16 Wednesday 06 July 2022 22:46:14 +0000 (0:00:04.359) 0:01:06.324 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaserver : Install - Ensure that firewall packages installed] *********** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:22 Wednesday 06 July 2022 22:46:14 +0000 (0:00:00.035) 0:01:06.359 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true, "rc": 0, "results": [ "Installed: python3-slip-0.6.4-11.el8.noarch", "Installed: python3-slip-dbus-0.6.4-11.el8.noarch", "Installed: ipset-7.1-1.el8.x86_64", "Installed: libnetfilter_conntrack-1.0.6-5.el8.x86_64", "Installed: ipset-libs-7.1-1.el8.x86_64", "Installed: python3-nftables-1:0.9.3-25.el8.x86_64", "Installed: python3-firewall-0.9.3-13.el8.noarch", "Installed: iptables-1.8.4-22.el8.x86_64", "Installed: libnfnetlink-1.0.1-13.el8.x86_64", "Installed: iptables-ebtables-1.8.4-22.el8.x86_64", "Installed: iptables-libs-1.8.4-22.el8.x86_64", "Installed: libnftnl-1.1.5-5.el8.x86_64", "Installed: firewalld-0.9.3-13.el8.noarch", "Installed: firewalld-filesystem-0.9.3-13.el8.noarch", "Installed: nftables-1:0.9.3-25.el8.x86_64" ] } TASK [ipaserver : Firewalld service - Ensure that firewalld is running] ******** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:31 Wednesday 06 July 2022 22:46:17 +0000 (0:00:02.968) 0:01:09.328 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true, "enabled": true, "name": "firewalld", "state": "started", "status": { "ActiveEnterTimestampMonotonic": "0", "ActiveExitTimestampMonotonic": "0", "ActiveState": "inactive", "After": "basic.target dbus.socket polkit.service dbus.service sysinit.target system.slice", "AllowIsolate": "no", "AllowedCPUs": "", "AllowedMemoryNodes": "", "AmbientCapabilities": "", "AssertResult": "no", "AssertTimestampMonotonic": "0", "Before": "multi-user.target shutdown.target network-pre.target", "BlockIOAccounting": "no", "BlockIOWeight": "[not set]", "BusName": "org.fedoraproject.FirewallD1", "CPUAccounting": "no", "CPUAffinity": "", "CPUAffinityFromNUMA": "no", "CPUQuotaPerSecUSec": "infinity", "CPUQuotaPeriodUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "[not set]", "CPUUsageNSec": "[not set]", "CPUWeight": "[not set]", "CacheDirectoryMode": "0755", "CanFreeze": "yes", "CanIsolate": "no", "CanReload": "yes", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "cap_chown cap_dac_override cap_dac_read_search cap_fowner cap_fsetid cap_kill cap_setgid cap_setuid cap_setpcap cap_linux_immutable cap_net_bind_service cap_net_broadcast cap_net_admin cap_net_raw cap_ipc_lock cap_ipc_owner cap_sys_module cap_sys_rawio cap_sys_chroot cap_sys_ptrace cap_sys_pacct cap_sys_admin cap_sys_boot cap_sys_nice cap_sys_resource cap_sys_time cap_sys_tty_config cap_mknod cap_lease cap_audit_write cap_audit_control cap_setfcap cap_mac_override cap_mac_admin cap_syslog cap_wake_alarm cap_block_suspend cap_audit_read cap_perfmon cap_bpf", "CollectMode": "inactive", "ConditionResult": "no", "ConditionTimestampMonotonic": "0", "ConfigurationDirectoryMode": "0755", "Conflicts": "nftables.service ipset.service ebtables.service iptables.service ip6tables.service shutdown.target", "ControlPID": "0", "DefaultDependencies": "yes", "DefaultMemoryLow": "0", "DefaultMemoryMin": "0", "Delegate": "no", "Description": "firewalld - dynamic firewall daemon", "DevicePolicy": "auto", "Documentation": "man:firewalld(1)", "DynamicUser": "no", "EffectiveCPUs": "", "EffectiveMemoryNodes": "", "EnvironmentFiles": "/etc/sysconfig/firewalld (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "0", "ExecMainStartTimestampMonotonic": "0", "ExecMainStatus": "0", "ExecReload": "{ path=/bin/kill ; argv[]=/bin/kill -HUP $MAINPID ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "ExecStart": "{ path=/usr/sbin/firewalld ; argv[]=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/firewalld.service", "FreezerState": "running", "GID": "[not set]", "GuessMainPID": "yes", "IOAccounting": "no", "IOSchedulingClass": "0", "IOSchedulingPriority": "0", "IOWeight": "[not set]", "IPAccounting": "no", "IPEgressBytes": "18446744073709551615", "IPEgressPackets": "18446744073709551615", "IPIngressBytes": "18446744073709551615", "IPIngressPackets": "18446744073709551615", "Id": "firewalld.service", "IgnoreOnIsolate": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestampMonotonic": "0", "JobRunningTimeoutUSec": "infinity", "JobTimeoutAction": "none", "JobTimeoutUSec": "infinity", "KeyringMode": "private", "KillMode": "mixed", "KillSignal": "15", "LimitAS": "infinity", "LimitASSoft": "infinity", "LimitCORE": "infinity", "LimitCORESoft": "0", "LimitCPU": "infinity", "LimitCPUSoft": "infinity", "LimitDATA": "infinity", "LimitDATASoft": "infinity", "LimitFSIZE": "infinity", "LimitFSIZESoft": "infinity", "LimitLOCKS": "infinity", "LimitLOCKSSoft": "infinity", "LimitMEMLOCK": "65536", "LimitMEMLOCKSoft": "65536", "LimitMSGQUEUE": "819200", "LimitMSGQUEUESoft": "819200", "LimitNICE": "0", "LimitNICESoft": "0", "LimitNOFILE": "262144", "LimitNOFILESoft": "1024", "LimitNPROC": "14648", "LimitNPROCSoft": "14648", "LimitRSS": "infinity", "LimitRSSSoft": "infinity", "LimitRTPRIO": "0", "LimitRTPRIOSoft": "0", "LimitRTTIME": "infinity", "LimitRTTIMESoft": "infinity", "LimitSIGPENDING": "14648", "LimitSIGPENDINGSoft": "14648", "LimitSTACK": "infinity", "LimitSTACKSoft": "8388608", "LoadState": "loaded", "LockPersonality": "no", "LogLevelMax": "-1", "LogRateLimitBurst": "0", "LogRateLimitIntervalUSec": "0", "LogsDirectoryMode": "0755", "MainPID": "0", "MemoryAccounting": "yes", "MemoryCurrent": "[not set]", "MemoryDenyWriteExecute": "no", "MemoryHigh": "infinity", "MemoryLimit": "infinity", "MemoryLow": "0", "MemoryMax": "infinity", "MemoryMin": "0", "MemorySwapMax": "infinity", "MountAPIVFS": "no", "MountFlags": "", "NFileDescriptorStore": "0", "NRestarts": "0", "NUMAMask": "", "NUMAPolicy": "n/a", "Names": "firewalld.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PermissionsStartOnly": "no", "Perpetual": "no", "PrivateDevices": "no", "PrivateMounts": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "PrivateUsers": "no", "ProtectControlGroups": "no", "ProtectHome": "no", "ProtectKernelModules": "no", "ProtectKernelTunables": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "RemoveIPC": "no", "Requires": "system.slice dbus.socket sysinit.target", "Restart": "no", "RestartUSec": "100ms", "RestrictNamespaces": "no", "RestrictRealtime": "no", "RestrictSUIDSGID": "no", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "RuntimeDirectoryPreserve": "no", "RuntimeMaxUSec": "infinity", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "null", "StandardInput": "null", "StandardInputData": "", "StandardOutput": "null", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitIntervalUSec": "10s", "StartupBlockIOWeight": "[not set]", "StartupCPUShares": "[not set]", "StartupCPUWeight": "[not set]", "StartupIOWeight": "[not set]", "StateChangeTimestampMonotonic": "0", "StateDirectoryMode": "0755", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "dead", "SuccessAction": "none", "SyslogFacility": "3", "SyslogLevel": "6", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "yes", "TasksCurrent": "[not set]", "TasksMax": "23436", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UID": "[not set]", "UMask": "0022", "UnitFilePreset": "enabled", "UnitFileState": "enabled", "UtmpMode": "init", "WantedBy": "multi-user.target", "Wants": "network-pre.target", "WatchdogTimestampMonotonic": "0", "WatchdogUSec": "0" } } TASK [ipaserver : Firewalld - Verify runtime zone "{{ ipaserver_firewalld_zone }}"] *** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:37 Wednesday 06 July 2022 22:46:18 +0000 (0:00:01.078) 0:01:10.406 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaserver : Firewalld - Verify permanent zone "{{ ipaserver_firewalld_zone }}"] *** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:44 Wednesday 06 July 2022 22:46:18 +0000 (0:00:00.037) 0:01:10.444 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaserver : include_tasks] *********************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:54 Wednesday 06 July 2022 22:46:18 +0000 (0:00:00.038) 0:01:10.482 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaserver : Install - Server installation test] ************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:60 Wednesday 06 July 2022 22:46:18 +0000 (0:00:00.035) 0:01:10.518 ******** ok: [/cache/rhel-8.qcow2] => { "_dirsrv_ca_cert": null, "_dirsrv_pkcs12_info": null, "_hostname_overridden": true, "_http_ca_cert": null, "_http_pkcs12_info": null, "_installation_cleanup": true, "_pkinit_ca_cert": null, "_pkinit_pkcs12_info": null, "changed": false, "domain": "test.local", "domainlevel": 1, "external_ca": false, "external_ca_profile": null, "external_ca_type": null, "hostname": "ipaserver.test.local", "idmax": 90399999, "idstart": 90200000, "ipa_python_version": 40908, "no_host_dns": true, "no_pkinit": false, "ntp_pool": null, "ntp_servers": null, "realm": "TEST.LOCAL", "rid_base": 1000, "secondary_rid_base": 100000000, "setup_adtrust": false, "setup_ca": true, "setup_kra": false } TASK [ipaserver : Install - Master password creation] ************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:138 Wednesday 06 July 2022 22:46:20 +0000 (0:00:01.315) 0:01:11.834 ******** changed: [/cache/rhel-8.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": true } TASK [ipaserver : Install - Use new master password] *************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:145 Wednesday 06 July 2022 22:46:21 +0000 (0:00:01.161) 0:01:12.995 ******** ok: [/cache/rhel-8.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } TASK [ipaserver : Install - Server preparation] ******************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:153 Wednesday 06 July 2022 22:46:21 +0000 (0:00:00.041) 0:01:13.037 ******** changed: [/cache/rhel-8.qcow2] => { "_ca_subject": "CN=Certificate Authority,O=TEST.LOCAL", "_random_serial_numbers": null, "_subject_base": "O=TEST.LOCAL", "adtrust_netbios_name": null, "adtrust_reset_netbios_name": false, "ca_subject": "CN=Certificate Authority,O=TEST.LOCAL", "changed": true, "dns_ip_addresses": [ "fec0::5054:ff:fe12:3456", "10.0.2.15" ], "dns_reverse_zones": [], "forward_policy": "only", "forwarders": [ "10.0.2.3" ], "ip_addresses": [ "fec0::5054:ff:fe12:3456", "10.0.2.15" ], "no_dnssec_validation": true, "reverse_zones": [], "subject_base": "O=TEST.LOCAL" } TASK [ipaserver : Install - Setup NTP] ***************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:198 Wednesday 06 July 2022 22:46:23 +0000 (0:00:02.417) 0:01:15.454 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true } TASK [ipaserver : Install - Setup DS] ****************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:205 Wednesday 06 July 2022 22:46:34 +0000 (0:00:10.495) 0:01:25.950 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true } TASK [ipaserver : Install - Setup KRB] ***************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:234 Wednesday 06 July 2022 22:46:49 +0000 (0:00:15.392) 0:01:41.342 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true } TASK [ipaserver : Install - Setup custodia] ************************************ task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:261 Wednesday 06 July 2022 22:46:54 +0000 (0:00:05.237) 0:01:46.579 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true } TASK [ipaserver : Install - Setup CA] ****************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:267 Wednesday 06 July 2022 22:46:59 +0000 (0:00:04.147) 0:01:50.727 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true, "csr_generated": false } TASK [ipaserver : Copy /root/ipa.csr to "/cache/rhel-8.qcow2-ipa.csr"] ********* task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:309 Wednesday 06 July 2022 22:49:21 +0000 (0:02:22.847) 0:04:13.574 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaserver : Install - Setup otpd] **************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:318 Wednesday 06 July 2022 22:49:21 +0000 (0:00:00.036) 0:04:13.611 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true } TASK [ipaserver : Install - Setup HTTP] **************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:324 Wednesday 06 July 2022 22:49:24 +0000 (0:00:02.641) 0:04:16.253 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true } TASK [ipaserver : Install - Setup KRA] ***************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:356 Wednesday 06 July 2022 22:51:52 +0000 (0:02:28.345) 0:06:44.598 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaserver : Install - Setup DNS] ***************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:367 Wednesday 06 July 2022 22:51:52 +0000 (0:00:00.044) 0:06:44.642 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true } TASK [ipaserver : Install - Setup ADTRUST] ************************************* task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:384 Wednesday 06 July 2022 22:52:01 +0000 (0:00:08.371) 0:06:53.014 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaserver : Install - Set DS password] *********************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:399 Wednesday 06 July 2022 22:52:01 +0000 (0:00:00.039) 0:06:53.054 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true } TASK [Install - Setup client] ************************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:416 Wednesday 06 July 2022 22:52:03 +0000 (0:00:02.342) 0:06:55.397 ******** TASK [ipaclient : Import variables specific to distribution] ******************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/main.yml:4 Wednesday 06 July 2022 22:52:03 +0000 (0:00:00.059) 0:06:55.457 ******** ok: [/cache/rhel-8.qcow2] => (item=/tmp/freeipa-repo/roles/ipaclient/vars/RedHat-8.yml) => { "ansible_facts": { "ipaclient_packages": [ "@idm:DL1/client" ] }, "ansible_included_var_files": [ "/tmp/freeipa-repo/roles/ipaclient/vars/RedHat-8.yml" ], "ansible_loop_var": "item", "changed": false, "item": "/tmp/freeipa-repo/roles/ipaclient/vars/RedHat-8.yml" } TASK [ipaclient : Install IPA client] ****************************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/main.yml:19 Wednesday 06 July 2022 22:52:03 +0000 (0:00:00.066) 0:06:55.524 ******** included: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml for /cache/rhel-8.qcow2 TASK [ipaclient : Install - Ensure that IPA client packages are installed] ***** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:4 Wednesday 06 July 2022 22:52:03 +0000 (0:00:00.075) 0:06:55.599 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false, "rc": 0, "results": [] } MSG: Nothing to do TASK [ipaclient : Install - Set ipaclient_servers] ***************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:10 Wednesday 06 July 2022 22:52:05 +0000 (0:00:01.541) 0:06:57.141 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Set ipaclient_servers from cluster inventory] ****** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:15 Wednesday 06 July 2022 22:52:05 +0000 (0:00:00.039) 0:06:57.180 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Check that either principal or keytab is set] ****** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:21 Wednesday 06 July 2022 22:52:05 +0000 (0:00:00.041) 0:06:57.222 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Set default principal if no keytab is given] ******* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:25 Wednesday 06 July 2022 22:52:05 +0000 (0:00:00.037) 0:06:57.259 ******** ok: [/cache/rhel-8.qcow2] => { "ansible_facts": { "ipaadmin_principal": "admin" }, "changed": false } TASK [ipaclient : Install - IPA client test] *********************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:30 Wednesday 06 July 2022 22:52:05 +0000 (0:00:00.051) 0:06:57.311 ******** ok: [/cache/rhel-8.qcow2] => { "basedn": "dc=test,dc=local", "changed": false, "client_already_configured": false, "client_domain": "test.local", "dnsok": false, "domain": "test.local", "hostname": "ipaserver.test.local", "ipa_python_version": 40908, "kdc": "ipaserver.test.local", "nosssd_files": {}, "ntp_pool": null, "ntp_servers": null, "realm": "TEST.LOCAL", "servers": [ "ipaserver.test.local" ], "sssd": true } TASK [ipaclient : Install - Cleanup leftover ccache] *************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:56 Wednesday 06 July 2022 22:52:06 +0000 (0:00:00.867) 0:06:58.179 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false, "path": "/etc/ipa/.dns_ccache", "state": "absent" } TASK [ipaclient : Install - Configure NTP] ************************************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:61 Wednesday 06 July 2022 22:52:06 +0000 (0:00:00.383) 0:06:58.562 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } TASK [ipaclient : Install - Make sure One-Time Password is enabled if it's already defined] *** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:73 Wednesday 06 July 2022 22:52:07 +0000 (0:00:00.828) 0:06:59.391 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Disable One-Time Password for on_master] *********** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:78 Wednesday 06 July 2022 22:52:07 +0000 (0:00:00.042) 0:06:59.433 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Test if IPA client has working krb5.keytab] ******** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:83 Wednesday 06 July 2022 22:52:07 +0000 (0:00:00.040) 0:06:59.474 ******** ok: [/cache/rhel-8.qcow2] => { "ca_crt_exists": true, "changed": false, "krb5_conf_ok": true, "krb5_keytab_ok": true, "ping_test_ok": true } TASK [ipaclient : Install - Disable One-Time Password for client with working krb5.keytab] *** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:93 Wednesday 06 July 2022 22:52:09 +0000 (0:00:01.632) 0:07:01.106 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Keytab or password is required for getting otp] **** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:109 Wednesday 06 July 2022 22:52:09 +0000 (0:00:00.042) 0:07:01.149 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Get One-Time Password for client enrollment] ******* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:113 Wednesday 06 July 2022 22:52:09 +0000 (0:00:00.048) 0:07:01.198 ******** skipping: [/cache/rhel-8.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } TASK [ipaclient : Install - Report error for OTP generation] ******************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:132 Wednesday 06 July 2022 22:52:09 +0000 (0:00:00.043) 0:07:01.241 ******** skipping: [/cache/rhel-8.qcow2] => {} TASK [ipaclient : Install - Store the previously obtained OTP] ***************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:138 Wednesday 06 July 2022 22:52:09 +0000 (0:00:00.039) 0:07:01.280 ******** skipping: [/cache/rhel-8.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } TASK [ipaclient : Store predefined OTP in admin_password] ********************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:147 Wednesday 06 July 2022 22:52:09 +0000 (0:00:00.047) 0:07:01.328 ******** skipping: [/cache/rhel-8.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } TASK [ipaclient : Install - Check if principal and keytab are set] ************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:163 Wednesday 06 July 2022 22:52:09 +0000 (0:00:00.042) 0:07:01.370 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Check if one of password or keytabs are set] ******* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:167 Wednesday 06 July 2022 22:52:09 +0000 (0:00:00.046) 0:07:01.417 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Purge TEST.LOCAL from host keytab] ***************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:175 Wednesday 06 July 2022 22:52:09 +0000 (0:00:00.044) 0:07:01.462 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Backup and set hostname] *************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:192 Wednesday 06 July 2022 22:52:09 +0000 (0:00:00.045) 0:07:01.507 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Join IPA] ****************************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:197 Wednesday 06 July 2022 22:52:09 +0000 (0:00:00.045) 0:07:01.552 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : krb5 configuration not correct] ****************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:219 Wednesday 06 July 2022 22:52:09 +0000 (0:00:00.039) 0:07:01.592 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : IPA test failed] ********************************************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:225 Wednesday 06 July 2022 22:52:09 +0000 (0:00:00.043) 0:07:01.636 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : ca.crt file is missing] ************************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:229 Wednesday 06 July 2022 22:52:09 +0000 (0:00:00.044) 0:07:01.680 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Configure IPA default.conf] ************************ task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:242 Wednesday 06 July 2022 22:52:10 +0000 (0:00:00.047) 0:07:01.727 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Configure SSSD] ************************************ task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:251 Wednesday 06 July 2022 22:52:10 +0000 (0:00:00.045) 0:07:01.773 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true } TASK [ipaclient : Install - Configure krb5 for IPA realm] ********************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:273 Wednesday 06 July 2022 22:52:10 +0000 (0:00:00.866) 0:07:02.639 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - IPA API calls for remaining enrollment parts] ****** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:287 Wednesday 06 July 2022 22:52:10 +0000 (0:00:00.045) 0:07:02.684 ******** changed: [/cache/rhel-8.qcow2] => { "ca_enabled": true, "changed": true, "subject_base": "O=TEST.LOCAL" } TASK [ipaclient : Install - Fix IPA ca] **************************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:295 Wednesday 06 July 2022 22:52:13 +0000 (0:00:02.456) 0:07:05.140 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Create IPA NSS database] *************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:305 Wednesday 06 July 2022 22:52:13 +0000 (0:00:00.045) 0:07:05.186 ******** changed: [/cache/rhel-8.qcow2] => { "ca_enabled_ra": true, "changed": true } TASK [ipaclient : Install - Configure SSH and SSHD] **************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:337 Wednesday 06 July 2022 22:52:17 +0000 (0:00:04.047) 0:07:09.233 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true } TASK [ipaclient : Install - Configure automount] ******************************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:345 Wednesday 06 July 2022 22:52:18 +0000 (0:00:00.947) 0:07:10.181 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true } TASK [ipaclient : Install - Configure firefox] ********************************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:351 Wednesday 06 July 2022 22:52:19 +0000 (0:00:00.807) 0:07:10.989 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [ipaclient : Install - Configure NIS] ************************************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:357 Wednesday 06 July 2022 22:52:19 +0000 (0:00:00.041) 0:07:11.031 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true } TASK [ipaclient : Install - Restore original admin password if overwritten by OTP] *** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:375 Wednesday 06 July 2022 22:52:20 +0000 (0:00:00.968) 0:07:11.999 ******** skipping: [/cache/rhel-8.qcow2] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } TASK [ipaclient : Cleanup leftover ccache] ************************************* task path: /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:381 Wednesday 06 July 2022 22:52:20 +0000 (0:00:00.039) 0:07:12.038 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false, "path": "/etc/ipa/.dns_ccache", "state": "absent" } TASK [ipaclient : Uninstall IPA client] **************************************** task path: /tmp/freeipa-repo/roles/ipaclient/tasks/main.yml:23 Wednesday 06 July 2022 22:52:20 +0000 (0:00:00.368) 0:07:12.407 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: role_complete for /cache/rhel-8.qcow2 TASK [ipaserver : Install - Enable IPA] **************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:431 Wednesday 06 July 2022 22:52:20 +0000 (0:00:00.049) 0:07:12.457 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true } TASK [ipaserver : Install - Cleanup root IPA cache] **************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:438 Wednesday 06 July 2022 22:52:25 +0000 (0:00:04.608) 0:07:17.066 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false, "path": "/root/.ipa_cache", "state": "absent" } TASK [ipaserver : Install - Configure firewalld] ******************************* task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:444 Wednesday 06 July 2022 22:52:25 +0000 (0:00:00.395) 0:07:17.461 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true, "cmd": [ "firewall-cmd", "--permanent", "--zone=", "--add-service=freeipa-ldap", "--add-service=freeipa-ldaps", "--add-service=dns", "--add-service=ntp" ], "delta": "0:00:00.295046", "end": "2022-07-06 18:52:25.154470", "rc": 0, "start": "2022-07-06 18:52:24.859424" } STDOUT: success TASK [ipaserver : Install - Configure firewalld runtime] *********************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:458 Wednesday 06 July 2022 22:52:26 +0000 (0:00:00.829) 0:07:18.290 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true, "cmd": [ "firewall-cmd", "--zone=", "--add-service=freeipa-ldap", "--add-service=freeipa-ldaps", "--add-service=dns", "--add-service=ntp" ], "delta": "0:00:00.263929", "end": "2022-07-06 18:52:25.804927", "rc": 0, "start": "2022-07-06 18:52:25.540998" } STDOUT: success TASK [ipaserver : Cleanup temporary files] ************************************* task path: /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:474 Wednesday 06 July 2022 22:52:27 +0000 (0:00:00.656) 0:07:18.947 ******** ok: [/cache/rhel-8.qcow2] => (item=/etc/ipa/.tmp_pkcs12_dirsrv) => { "ansible_loop_var": "item", "changed": false, "item": "/etc/ipa/.tmp_pkcs12_dirsrv", "path": "/etc/ipa/.tmp_pkcs12_dirsrv", "state": "absent" } ok: [/cache/rhel-8.qcow2] => (item=/etc/ipa/.tmp_pkcs12_http) => { "ansible_loop_var": "item", "changed": false, "item": "/etc/ipa/.tmp_pkcs12_http", "path": "/etc/ipa/.tmp_pkcs12_http", "state": "absent" } ok: [/cache/rhel-8.qcow2] => (item=/etc/ipa/.tmp_pkcs12_pkinit) => { "ansible_loop_var": "item", "changed": false, "item": "/etc/ipa/.tmp_pkcs12_pkinit", "path": "/etc/ipa/.tmp_pkcs12_pkinit", "state": "absent" } TASK [ipaserver : Uninstall IPA server] **************************************** task path: /tmp/freeipa-repo/roles/ipaserver/tasks/main.yml:23 Wednesday 06 July 2022 22:52:28 +0000 (0:00:01.085) 0:07:20.033 ******** skipping: [/cache/rhel-8.qcow2] => { "changed": false, "skip_reason": "Conditional result was False" } META: role_complete for /cache/rhel-8.qcow2 META: ran handlers META: ran handlers PLAY [Issue IPA signed certificates] ******************************************* TASK [Gathering Facts] ********************************************************* task path: /tmp/tmp0buh2ky5/tests/certificate/tests_basic_ipa.yml:11 Wednesday 06 July 2022 22:52:28 +0000 (0:00:00.059) 0:07:20.092 ******** ok: [/cache/rhel-8.qcow2] META: ran handlers TASK [fedora.linux_system_roles.certificate : Set version specific variables] *** task path: /tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:2 Wednesday 06 July 2022 22:52:29 +0000 (0:00:00.780) 0:07:20.873 ******** included: /tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml for /cache/rhel-8.qcow2 TASK [fedora.linux_system_roles.certificate : Ensure ansible_facts used by role] *** task path: /tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml:2 Wednesday 06 July 2022 22:52:29 +0000 (0:00:00.029) 0:07:20.902 ******** ok: [/cache/rhel-8.qcow2] TASK [fedora.linux_system_roles.certificate : Set platform/version specific variables] *** task path: /tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml:7 Wednesday 06 July 2022 22:52:29 +0000 (0:00:00.544) 0:07:21.447 ******** skipping: [/cache/rhel-8.qcow2] => (item=RedHat.yml) => { "ansible_loop_var": "item", "changed": false, "item": "RedHat.yml", "skip_reason": "Conditional result was False" } skipping: [/cache/rhel-8.qcow2] => (item=RedHat.yml) => { "ansible_loop_var": "item", "changed": false, "item": "RedHat.yml", "skip_reason": "Conditional result was False" } skipping: [/cache/rhel-8.qcow2] => (item=RedHat_8.yml) => { "ansible_loop_var": "item", "changed": false, "item": "RedHat_8.yml", "skip_reason": "Conditional result was False" } skipping: [/cache/rhel-8.qcow2] => (item=RedHat_8.6.yml) => { "ansible_loop_var": "item", "changed": false, "item": "RedHat_8.6.yml", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed] *** task path: /tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:5 Wednesday 06 July 2022 22:52:29 +0000 (0:00:00.042) 0:07:21.489 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false, "rc": 0, "results": [] } MSG: Nothing to do TASK [fedora.linux_system_roles.certificate : Ensure provider packages are installed] *** task path: /tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:22 Wednesday 06 July 2022 22:52:31 +0000 (0:00:01.331) 0:07:22.820 ******** ok: [/cache/rhel-8.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "rc": 0, "results": [] } MSG: Nothing to do TASK [fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists] *** task path: /tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:33 Wednesday 06 July 2022 22:52:32 +0000 (0:00:01.343) 0:07:24.164 ******** changed: [/cache/rhel-8.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//pre-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists] *** task path: /tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:59 Wednesday 06 July 2022 22:52:32 +0000 (0:00:00.407) 0:07:24.571 ******** changed: [/cache/rhel-8.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/etc/certmonger//post-scripts", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.certificate : Ensure provider service is running] *** task path: /tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:88 Wednesday 06 July 2022 22:52:33 +0000 (0:00:00.406) 0:07:24.978 ******** ok: [/cache/rhel-8.qcow2] => (item=certmonger) => { "__certificate_provider": "certmonger", "ansible_loop_var": "__certificate_provider", "changed": false, "enabled": true, "name": "certmonger", "state": "started", "status": { "ActiveEnterTimestamp": "Wed 2022-07-06 18:48:34 EDT", "ActiveEnterTimestampMonotonic": "217577643", "ActiveExitTimestampMonotonic": "0", "ActiveState": "active", "After": "dbus.service dbus.socket sysinit.target system.slice basic.target network.target syslog.target systemd-journald.socket", "AllowIsolate": "no", "AllowedCPUs": "", "AllowedMemoryNodes": "", "AmbientCapabilities": "", "AssertResult": "yes", "AssertTimestamp": "Wed 2022-07-06 18:48:34 EDT", "AssertTimestampMonotonic": "217565677", "Before": "shutdown.target multi-user.target", "BlockIOAccounting": "no", "BlockIOWeight": "[not set]", "BusName": "org.fedorahosted.certmonger", "CPUAccounting": "no", "CPUAffinity": "", "CPUAffinityFromNUMA": "no", "CPUQuotaPerSecUSec": "infinity", "CPUQuotaPeriodUSec": "infinity", "CPUSchedulingPolicy": "0", "CPUSchedulingPriority": "0", "CPUSchedulingResetOnFork": "no", "CPUShares": "[not set]", "CPUUsageNSec": "[not set]", "CPUWeight": "[not set]", "CacheDirectoryMode": "0755", "CanFreeze": "yes", "CanIsolate": "no", "CanReload": "no", "CanStart": "yes", "CanStop": "yes", "CapabilityBoundingSet": "cap_chown cap_dac_override cap_dac_read_search cap_fowner cap_fsetid cap_kill cap_setgid cap_setuid cap_setpcap cap_linux_immutable cap_net_bind_service cap_net_broadcast cap_net_admin cap_net_raw cap_ipc_lock cap_ipc_owner cap_sys_module cap_sys_rawio cap_sys_chroot cap_sys_ptrace cap_sys_pacct cap_sys_admin cap_sys_boot cap_sys_nice cap_sys_resource cap_sys_time cap_sys_tty_config cap_mknod cap_lease cap_audit_write cap_audit_control cap_setfcap cap_mac_override cap_mac_admin cap_syslog cap_wake_alarm cap_block_suspend cap_audit_read cap_perfmon cap_bpf", "CollectMode": "inactive", "ConditionResult": "yes", "ConditionTimestamp": "Wed 2022-07-06 18:48:34 EDT", "ConditionTimestampMonotonic": "217565676", "ConfigurationDirectoryMode": "0755", "Conflicts": "shutdown.target", "ControlGroup": "/system.slice/certmonger.service", "ControlPID": "0", "DefaultDependencies": "yes", "DefaultMemoryLow": "0", "DefaultMemoryMin": "0", "Delegate": "no", "Description": "Certificate monitoring and PKI enrollment", "DevicePolicy": "auto", "DynamicUser": "no", "EffectiveCPUs": "", "EffectiveMemoryNodes": "", "EnvironmentFiles": "/etc/sysconfig/certmonger (ignore_errors=yes)", "ExecMainCode": "0", "ExecMainExitTimestampMonotonic": "0", "ExecMainPID": "23914", "ExecMainStartTimestamp": "Wed 2022-07-06 18:48:34 EDT", "ExecMainStartTimestampMonotonic": "217566944", "ExecMainStatus": "0", "ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }", "FailureAction": "none", "FileDescriptorStoreMax": "0", "FragmentPath": "/usr/lib/systemd/system/certmonger.service", "FreezerState": "running", "GID": "[not set]", "GuessMainPID": "yes", "IOAccounting": "no", "IOSchedulingClass": "0", "IOSchedulingPriority": "0", "IOWeight": "[not set]", "IPAccounting": "no", "IPEgressBytes": "18446744073709551615", "IPEgressPackets": "18446744073709551615", "IPIngressBytes": "18446744073709551615", "IPIngressPackets": "18446744073709551615", "Id": "certmonger.service", "IgnoreOnIsolate": "no", "IgnoreSIGPIPE": "yes", "InactiveEnterTimestampMonotonic": "0", "InactiveExitTimestamp": "Wed 2022-07-06 18:48:34 EDT", "InactiveExitTimestampMonotonic": "217566995", "InvocationID": "d54891b3cfa34d7ca4a9f82aac3ff004", "JobRunningTimeoutUSec": "infinity", "JobTimeoutAction": "none", "JobTimeoutUSec": "infinity", "KeyringMode": "private", "KillMode": "control-group", "KillSignal": "15", "LimitAS": "infinity", "LimitASSoft": "infinity", "LimitCORE": "infinity", "LimitCORESoft": "0", "LimitCPU": "infinity", "LimitCPUSoft": "infinity", "LimitDATA": "infinity", "LimitDATASoft": "infinity", "LimitFSIZE": "infinity", "LimitFSIZESoft": "infinity", "LimitLOCKS": "infinity", "LimitLOCKSSoft": "infinity", "LimitMEMLOCK": "65536", "LimitMEMLOCKSoft": "65536", "LimitMSGQUEUE": "819200", "LimitMSGQUEUESoft": "819200", "LimitNICE": "0", "LimitNICESoft": "0", "LimitNOFILE": "262144", "LimitNOFILESoft": "1024", "LimitNPROC": "14648", "LimitNPROCSoft": "14648", "LimitRSS": "infinity", "LimitRSSSoft": "infinity", "LimitRTPRIO": "0", "LimitRTPRIOSoft": "0", "LimitRTTIME": "infinity", "LimitRTTIMESoft": "infinity", "LimitSIGPENDING": "14648", "LimitSIGPENDINGSoft": "14648", "LimitSTACK": "infinity", "LimitSTACKSoft": "8388608", "LoadState": "loaded", "LockPersonality": "no", "LogLevelMax": "-1", "LogRateLimitBurst": "0", "LogRateLimitIntervalUSec": "0", "LogsDirectoryMode": "0755", "MainPID": "23914", "MemoryAccounting": "yes", "MemoryCurrent": "3584000", "MemoryDenyWriteExecute": "no", "MemoryHigh": "infinity", "MemoryLimit": "infinity", "MemoryLow": "0", "MemoryMax": "infinity", "MemoryMin": "0", "MemorySwapMax": "infinity", "MountAPIVFS": "no", "MountFlags": "", "NFileDescriptorStore": "0", "NRestarts": "0", "NUMAMask": "", "NUMAPolicy": "n/a", "Names": "certmonger.service", "NeedDaemonReload": "no", "Nice": "0", "NoNewPrivileges": "no", "NonBlocking": "no", "NotifyAccess": "none", "OOMScoreAdjust": "0", "OnFailureJobMode": "replace", "PIDFile": "/run/certmonger.pid", "PartOf": "dbus.service", "PermissionsStartOnly": "no", "Perpetual": "no", "PrivateDevices": "no", "PrivateMounts": "no", "PrivateNetwork": "no", "PrivateTmp": "no", "PrivateUsers": "no", "ProtectControlGroups": "no", "ProtectHome": "no", "ProtectKernelModules": "no", "ProtectKernelTunables": "no", "ProtectSystem": "no", "RefuseManualStart": "no", "RefuseManualStop": "no", "RemainAfterExit": "no", "RemoveIPC": "no", "Requires": "system.slice dbus.socket sysinit.target", "Restart": "no", "RestartUSec": "100ms", "RestrictNamespaces": "no", "RestrictRealtime": "no", "RestrictSUIDSGID": "no", "Result": "success", "RootDirectoryStartOnly": "no", "RuntimeDirectoryMode": "0755", "RuntimeDirectoryPreserve": "no", "RuntimeMaxUSec": "infinity", "SameProcessGroup": "no", "SecureBits": "0", "SendSIGHUP": "no", "SendSIGKILL": "yes", "Slice": "system.slice", "StandardError": "inherit", "StandardInput": "null", "StandardInputData": "", "StandardOutput": "journal", "StartLimitAction": "none", "StartLimitBurst": "5", "StartLimitIntervalUSec": "10s", "StartupBlockIOWeight": "[not set]", "StartupCPUShares": "[not set]", "StartupCPUWeight": "[not set]", "StartupIOWeight": "[not set]", "StateChangeTimestamp": "Wed 2022-07-06 18:48:34 EDT", "StateChangeTimestampMonotonic": "217577643", "StateDirectoryMode": "0755", "StatusErrno": "0", "StopWhenUnneeded": "no", "SubState": "running", "SuccessAction": "none", "SyslogFacility": "3", "SyslogLevel": "6", "SyslogLevelPrefix": "yes", "SyslogPriority": "30", "SystemCallErrorNumber": "0", "TTYReset": "no", "TTYVHangup": "no", "TTYVTDisallocate": "no", "TasksAccounting": "yes", "TasksCurrent": "1", "TasksMax": "23436", "TimeoutStartUSec": "1min 30s", "TimeoutStopUSec": "1min 30s", "TimerSlackNSec": "50000", "Transient": "no", "Type": "dbus", "UID": "[not set]", "UMask": "0022", "UnitFilePreset": "disabled", "UnitFileState": "enabled", "UtmpMode": "init", "WantedBy": "multi-user.target", "WatchdogTimestamp": "Wed 2022-07-06 18:48:34 EDT", "WatchdogTimestampMonotonic": "217577641", "WatchdogUSec": "0" } } TASK [fedora.linux_system_roles.certificate : Ensure certificate requests] ***** task path: /tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:99 Wednesday 06 July 2022 22:52:33 +0000 (0:00:00.508) 0:07:25.486 ******** changed: [/cache/rhel-8.qcow2] => (item={'name': 'mycert_basic_ipa', 'dns': 'ipaserver.test.local', 'principal': 'HTTP/ipaserver.test.local@TEST.LOCAL', 'ca': 'ipa'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "ipa", "dns": "ipaserver.test.local", "name": "mycert_basic_ipa", "principal": "HTTP/ipaserver.test.local@TEST.LOCAL" } } MSG: Certificate requested (new). changed: [/cache/rhel-8.qcow2] => (item={'name': 'groupcert', 'dns': 'ipaserver.test.local', 'principal': 'HTTP/ipaserver.test.local@TEST.LOCAL', 'ca': 'ipa', 'group': 'ftp'}) => { "ansible_loop_var": "item", "changed": true, "item": { "ca": "ipa", "dns": "ipaserver.test.local", "group": "ftp", "name": "groupcert", "principal": "HTTP/ipaserver.test.local@TEST.LOCAL" } } MSG: Certificate requested (new). File attributes updated. META: role_complete for /cache/rhel-8.qcow2 META: ran handlers META: ran handlers PLAY [Verify certificates] ***************************************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/tmp0buh2ky5/tests/certificate/tests_basic_ipa.yml:31 Wednesday 06 July 2022 22:52:46 +0000 (0:00:12.823) 0:07:38.310 ******** ok: [/cache/rhel-8.qcow2] META: ran handlers TASK [Verify each certificate] ************************************************* task path: /tmp/tmp0buh2ky5/tests/certificate/tests_basic_ipa.yml:90 Wednesday 06 July 2022 22:52:47 +0000 (0:00:00.794) 0:07:39.104 ******** included: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml for /cache/rhel-8.qcow2 => (item={'path': '/etc/pki/tls/certs/mycert_basic_ipa.crt', 'key_path': '/etc/pki/tls/private/mycert_basic_ipa.key', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'ipaserver.test.local'}, {'name': 'organizationName', 'oid': '2.5.4.10', 'value': 'TEST.LOCAL'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'ipaserver.test.local'}, {'name': 'Universal Principal Name (UPN)', 'oid': '1.3.6.1.4.1.311.20.2.3', 'value': 'HTTP/ipaserver.test.local@TEST.LOCAL'}, {'name': 'Kerberos principalname', 'oid': '1.3.6.1.5.2.2', 'value': 'HTTP/ipaserver.test.local@TEST.LOCAL'}], 'key_usage': ['digital_signature', 'content_commitment', 'key_encipherment', 'data_encipherment']}) included: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml for /cache/rhel-8.qcow2 => (item={'path': '/etc/pki/tls/certs/groupcert.crt', 'key_path': '/etc/pki/tls/private/groupcert.key', 'owner': 'root', 'group': 'ftp', 'mode': '0640', 'subject': [{'name': 'commonName', 'oid': '2.5.4.3', 'value': 'ipaserver.test.local'}, {'name': 'organizationName', 'oid': '2.5.4.10', 'value': 'TEST.LOCAL'}], 'subject_alt_name': [{'name': 'DNS', 'value': 'ipaserver.test.local'}, {'name': 'Universal Principal Name (UPN)', 'oid': '1.3.6.1.4.1.311.20.2.3', 'value': 'HTTP/ipaserver.test.local@TEST.LOCAL'}, {'name': 'Kerberos principalname', 'oid': '1.3.6.1.5.2.2', 'value': 'HTTP/ipaserver.test.local@TEST.LOCAL'}], 'key_usage': ['digital_signature', 'content_commitment', 'key_encipherment', 'data_encipherment']}) TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:2 Wednesday 06 July 2022 22:52:47 +0000 (0:00:00.052) 0:07:39.157 ******** ok: [/cache/rhel-8.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:6 Wednesday 06 July 2022 22:52:47 +0000 (0:00:00.030) 0:07:39.188 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false, "rc": 0, "results": [] } MSG: Nothing to do TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:11 Wednesday 06 July 2022 22:52:48 +0000 (0:00:01.332) 0:07:40.520 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip3", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting pip Downloading https://files.pythonhosted.org/packages/a4/6d/6463d49a933f547439d6b5b98b46af8742cc03ae83543e4d7688c2420f8b/pip-21.3.1-py3-none-any.whl (1.7MB) Installing collected packages: pip Found existing installation: pip 9.0.3 Uninstalling pip-9.0.3: Successfully uninstalled pip-9.0.3 Successfully installed pip-21.3.1 STDERR: You are using pip version 21.3.1, however version 22.1.2 is available. You should consider upgrading via the 'pip install --upgrade pip' command. TASK [Install certreader] ****************************************************** task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:18 Wednesday 06 July 2022 22:52:52 +0000 (0:00:04.061) 0:07:44.581 ******** changed: [/cache/rhel-8.qcow2] => { "changed": true, "cmd": [ "/tmp/certificate-tests-venv/bin/pip3", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Collecting cryptography<35 Downloading cryptography-3.4.8-cp36-abi3-manylinux_2_24_x86_64.whl (3.0 MB) Collecting certreader>=0.1.1 Downloading certreader-0.1.1.tar.gz (4.4 kB) Preparing metadata (setup.py): started Preparing metadata (setup.py): finished with status 'done' Collecting cffi>=1.12 Downloading cffi-1.15.1-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.whl (402 kB) Collecting pyasn1 Downloading pyasn1-0.4.8-py2.py3-none-any.whl (77 kB) Collecting pyyaml Downloading PyYAML-6.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl (603 kB) Collecting pycparser Downloading pycparser-2.21-py2.py3-none-any.whl (118 kB) Using legacy 'setup.py install' for certreader, since package 'wheel' is not installed. Installing collected packages: pycparser, cffi, pyyaml, pyasn1, cryptography, certreader Running setup.py install for certreader: started Running setup.py install for certreader: finished with status 'done' Successfully installed certreader-0.1.1 cffi-1.15.1 cryptography-3.4.8 pyasn1-0.4.8 pycparser-2.21 pyyaml-6.0 TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:26 Wednesday 06 July 2022 22:52:56 +0000 (0:00:03.214) 0:07:47.796 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false, "stat": { "atime": 1657147959.758848, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "d669d78543fe00252de788cb64b8dd6557a238c8", "ctime": 1657147959.7568479, "dev": 64515, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 1523982, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1657147959.7568479, "nlink": 1, "path": "/etc/pki/tls/certs/mycert_basic_ipa.crt", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1854, "uid": 0, "version": "581950459", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:31 Wednesday 06 July 2022 22:52:56 +0000 (0:00:00.546) 0:07:48.342 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:37 Wednesday 06 July 2022 22:52:56 +0000 (0:00:00.035) 0:07:48.378 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:47 Wednesday 06 July 2022 22:52:56 +0000 (0:00:00.050) 0:07:48.428 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:53 Wednesday 06 July 2022 22:52:56 +0000 (0:00:00.082) 0:07:48.511 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false, "stat": { "atime": 1657147953.1258478, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "5085085b94dd1d55c4e79c097d903c8a0a27202a", "ctime": 1657147959.7568479, "dev": 64515, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 8388741, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1657147959.7568479, "nlink": 1, "path": "/etc/pki/tls/private/mycert_basic_ipa.key", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 1704, "uid": 0, "version": "4294874371", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:58 Wednesday 06 July 2022 22:52:57 +0000 (0:00:00.393) 0:07:48.905 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:64 Wednesday 06 July 2022 22:52:57 +0000 (0:00:00.033) 0:07:48.939 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:74 Wednesday 06 July 2022 22:52:57 +0000 (0:00:00.079) 0:07:49.018 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/mycert_basic_ipa.crt" ], "delta": "0:00:00.239056", "end": "2022-07-06 18:52:56.534445", "rc": 0, "start": "2022-07-06 18:52:56.295389" } STDOUT: { "subject": [ { "name": "organizationName", "oid": "2.5.4.10", "value": "TEST.LOCAL" }, { "name": "commonName", "oid": "2.5.4.3", "value": "ipaserver.test.local" } ], "extensions": { "authorityKeyIdentifier": { "value": "C2:55:2A:26:08:C1:06:76:D0:6A:4D:EB:05:6D:62:E2:84:47:E4:B0", "critical": false }, "authorityInfoAccess": { "value": [ { "method": "OCSP", "location": "http://ipa-ca.test.local/ca/ocsp" } ], "critical": false }, "keyUsage": { "value": [ "digital_signature", "content_commitment", "key_encipherment", "data_encipherment" ], "critical": true }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "cRLDistributionPoints": { "value": [ { "full_name": [ "http://ipa-ca.test.local/ipa/crl/MasterCRL.bin" ], "crl_issuer": [ { "organizationName": "ipaca", "commonName": "Certificate Authority" } ] } ], "critical": false }, "subjectKeyIdentifier": { "value": "9F:8E:4E:27:FE:CB:6A:70:3F:C2:18:C8:B9:39:20:4F:B7:E2:D8:18", "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "ipaserver.test.local" }, { "name": "Universal Principal Name (UPN)", "value": "HTTP/ipaserver.test.local@TEST.LOCAL", "oid": "1.3.6.1.4.1.311.20.2.3" }, { "name": "Kerberos principalname", "value": "HTTP/ipaserver.test.local@TEST.LOCAL", "oid": "1.3.6.1.5.2.2" } ], "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "2C:D6:04:A3:F0:5E:2E:22:D6:45:91:B9:E1:07:61:75:45:23:86:0B:7D:53:C9:2C:68:4B:FD:B4:A6:6C:14:3F:1F:E7:1A:F5:A6:79:0E:5F:FC:55:95:DE:F9:CA:E8:2C:67:10:F4:77:06:39:80:28:63:C0:60:18:B5:D3:7A:2C:39:A5:AC:D9:9F:34:4C:43:E8:92:9B:C7:28:A3:ED:39:5A:A5:A7:E5:E0:1D:3E:9A:44:61:7A:80:B0:20:9E:C1:CF:DE:0B:08:0B:44:25:80:4C:63:9B:4B:97:63:F3:D0:71:BE:09:A2:33:38:B8:01:35:02:F0:21:55:0D:4F:AB:3A:26:4D:5D:E3:0C:0A:9B:62:41:8F:7A:9F:21:CD:84:50:A9:1C:36:6C:81:2C:2E:34:98:C5:4A:71:54:A3:57:AF:14:5F:9E:D7:4F:7E:D2:9F:A8:C2:1E:57:77:02:27:C2:0F:86:03:F9:CF:E8:6F:2A:E4:A5:B9:48:D0:AD:BB:EB:ED:28:65:05:25:BB:AE:65:6C:C2:2E:B3:F3:D4:7E:EA:04:16:68:B9:64:DA:8F:37:81:A7:C7:77:BB:30:5A:4A:3B:C6:27:48:F9:12:0F:39:2C:09:04:5C:D4:85:43:C0:B8:8B:69:1C:7F:C5:5E:6B:A0:BC:C1:42:E7:D6:4E:63:64:EC:3E:71:6A:43:93:BD:8C:5C:C3:3D:F4:2B:25:9E:E0:ED:BA:AB:FB:B6:AC:3D:70:DF:C2:8D:C8:FC:FE:E9:0F:60:0D:FA:14:48:9C:92:D7:5A:1E:47:83:BD:B9:00:28:0F:15:BB:31:3B:DC:83:9C:95:B3:60:CF:13:A6:CD:43:3E:09:91:E5:84:D1:8A:47:EF:F1:6B:3C:87:7B:27:DE:59:92:22:A0:DB:EC:4C:E3:A4:2D:2E:F9:8D:E4:53:75:D2:8E:B3:62:31:3E:20:21:48:08:AC:A9:72:C3:5B:F7:79:FE:56:0C:88:BF:85:F1:DD:25:A8:02:D0:1F" }, "key_size": 2048, "validity": { "not_valid_after": "2024-07-06 22:52:35", "not_valid_before": "2022-07-06 22:52:35" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:79 Wednesday 06 July 2022 22:52:57 +0000 (0:00:00.660) 0:07:49.678 ******** ok: [/cache/rhel-8.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityInfoAccess": { "critical": false, "value": [ { "location": "http://ipa-ca.test.local/ca/ocsp", "method": "OCSP" } ] }, "authorityKeyIdentifier": { "critical": false, "value": "C2:55:2A:26:08:C1:06:76:D0:6A:4D:EB:05:6D:62:E2:84:47:E4:B0" }, "cRLDistributionPoints": { "critical": false, "value": [ { "crl_issuer": [ { "commonName": "Certificate Authority", "organizationName": "ipaca" } ], "full_name": [ "http://ipa-ca.test.local/ipa/crl/MasterCRL.bin" ] } ] }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": true, "value": [ "digital_signature", "content_commitment", "key_encipherment", "data_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "ipaserver.test.local" }, { "name": "Universal Principal Name (UPN)", "oid": "1.3.6.1.4.1.311.20.2.3", "value": "HTTP/ipaserver.test.local@TEST.LOCAL" }, { "name": "Kerberos principalname", "oid": "1.3.6.1.5.2.2", "value": "HTTP/ipaserver.test.local@TEST.LOCAL" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "9F:8E:4E:27:FE:CB:6A:70:3F:C2:18:C8:B9:39:20:4F:B7:E2:D8:18" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "2C:D6:04:A3:F0:5E:2E:22:D6:45:91:B9:E1:07:61:75:45:23:86:0B:7D:53:C9:2C:68:4B:FD:B4:A6:6C:14:3F:1F:E7:1A:F5:A6:79:0E:5F:FC:55:95:DE:F9:CA:E8:2C:67:10:F4:77:06:39:80:28:63:C0:60:18:B5:D3:7A:2C:39:A5:AC:D9:9F:34:4C:43:E8:92:9B:C7:28:A3:ED:39:5A:A5:A7:E5:E0:1D:3E:9A:44:61:7A:80:B0:20:9E:C1:CF:DE:0B:08:0B:44:25:80:4C:63:9B:4B:97:63:F3:D0:71:BE:09:A2:33:38:B8:01:35:02:F0:21:55:0D:4F:AB:3A:26:4D:5D:E3:0C:0A:9B:62:41:8F:7A:9F:21:CD:84:50:A9:1C:36:6C:81:2C:2E:34:98:C5:4A:71:54:A3:57:AF:14:5F:9E:D7:4F:7E:D2:9F:A8:C2:1E:57:77:02:27:C2:0F:86:03:F9:CF:E8:6F:2A:E4:A5:B9:48:D0:AD:BB:EB:ED:28:65:05:25:BB:AE:65:6C:C2:2E:B3:F3:D4:7E:EA:04:16:68:B9:64:DA:8F:37:81:A7:C7:77:BB:30:5A:4A:3B:C6:27:48:F9:12:0F:39:2C:09:04:5C:D4:85:43:C0:B8:8B:69:1C:7F:C5:5E:6B:A0:BC:C1:42:E7:D6:4E:63:64:EC:3E:71:6A:43:93:BD:8C:5C:C3:3D:F4:2B:25:9E:E0:ED:BA:AB:FB:B6:AC:3D:70:DF:C2:8D:C8:FC:FE:E9:0F:60:0D:FA:14:48:9C:92:D7:5A:1E:47:83:BD:B9:00:28:0F:15:BB:31:3B:DC:83:9C:95:B3:60:CF:13:A6:CD:43:3E:09:91:E5:84:D1:8A:47:EF:F1:6B:3C:87:7B:27:DE:59:92:22:A0:DB:EC:4C:E3:A4:2D:2E:F9:8D:E4:53:75:D2:8E:B3:62:31:3E:20:21:48:08:AC:A9:72:C3:5B:F7:79:FE:56:0C:88:BF:85:F1:DD:25:A8:02:D0:1F" }, "subject": [ { "name": "organizationName", "oid": "2.5.4.10", "value": "TEST.LOCAL" }, { "name": "commonName", "oid": "2.5.4.3", "value": "ipaserver.test.local" } ], "validity": { "not_valid_after": "2024-07-06 22:52:35", "not_valid_before": "2022-07-06 22:52:35" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:83 Wednesday 06 July 2022 22:52:58 +0000 (0:00:00.074) 0:07:49.753 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:91 Wednesday 06 July 2022 22:52:58 +0000 (0:00:00.046) 0:07:49.800 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:99 Wednesday 06 July 2022 22:52:58 +0000 (0:00:00.033) 0:07:49.833 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:106 Wednesday 06 July 2022 22:52:58 +0000 (0:00:00.078) 0:07:49.912 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:118 Wednesday 06 July 2022 22:52:58 +0000 (0:00:00.076) 0:07:49.989 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:132 Wednesday 06 July 2022 22:52:58 +0000 (0:00:00.079) 0:07:50.068 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/mycert_basic_ipa.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.062331", "end": "2022-07-06 18:52:57.374559", "rc": 0, "start": "2022-07-06 18:52:57.312228" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:141 Wednesday 06 July 2022 22:52:58 +0000 (0:00:00.443) 0:07:50.511 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Set virtualenv_path] ***************************************************** task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:2 Wednesday 06 July 2022 22:52:58 +0000 (0:00:00.074) 0:07:50.586 ******** ok: [/cache/rhel-8.qcow2] => { "ansible_facts": { "__virtualenv_path": "/tmp/certificate-tests-venv" }, "changed": false } TASK [Ensure python3 is installed] ********************************************* task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:6 Wednesday 06 July 2022 22:52:58 +0000 (0:00:00.064) 0:07:50.651 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false, "rc": 0, "results": [] } MSG: Nothing to do TASK [Install the package, force upgrade] ************************************** task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:11 Wednesday 06 July 2022 22:53:00 +0000 (0:00:01.405) 0:07:52.056 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip3", "install", "-U", "pip" ], "name": [ "pip" ], "requirements": null, "state": "latest", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: pip in ./certificate-tests-venv/lib/python3.6/site-packages (21.3.1) TASK [Install certreader] ****************************************************** task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:18 Wednesday 06 July 2022 22:53:01 +0000 (0:00:01.042) 0:07:53.099 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/pip3", "install", "cryptography<35", "certreader>=0.1.1" ], "name": [ "cryptography<35", "certreader>=0.1.1" ], "requirements": null, "state": "present", "version": null, "virtualenv": "/tmp/certificate-tests-venv" } STDOUT: Requirement already satisfied: cryptography<35 in ./certificate-tests-venv/lib/python3.6/site-packages (3.4.8) Requirement already satisfied: certreader>=0.1.1 in ./certificate-tests-venv/lib/python3.6/site-packages (0.1.1) Requirement already satisfied: cffi>=1.12 in ./certificate-tests-venv/lib/python3.6/site-packages (from cryptography<35) (1.15.1) Requirement already satisfied: pyasn1 in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (0.4.8) Requirement already satisfied: pyyaml in ./certificate-tests-venv/lib/python3.6/site-packages (from certreader>=0.1.1) (6.0) Requirement already satisfied: pycparser in ./certificate-tests-venv/lib/python3.6/site-packages (from cffi>=1.12->cryptography<35) (2.21) TASK [Retrieve certificate file stats] ***************************************** task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:26 Wednesday 06 July 2022 22:53:02 +0000 (0:00:00.876) 0:07:53.976 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false, "stat": { "atime": 1657147965.034848, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "1184ef35148924054ff62021f4cdb4eb42d75eef", "ctime": 1657147965.1358478, "dev": 64515, "device_type": 0, "executable": false, "exists": true, "gid": 50, "gr_name": "ftp", "inode": 1523980, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0640", "mtime": 1657147965.031848, "nlink": 1, "path": "/etc/pki/tls/certs/groupcert.crt", "pw_name": "root", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 1854, "uid": 0, "version": "4191965786", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if certificate file exists] *************************************** task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:31 Wednesday 06 July 2022 22:53:02 +0000 (0:00:00.396) 0:07:54.372 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate file owner and group] ********************************* task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:37 Wednesday 06 July 2022 22:53:02 +0000 (0:00:00.033) 0:07:54.406 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate permissions] ****************************************** task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:47 Wednesday 06 July 2022 22:53:02 +0000 (0:00:00.046) 0:07:54.453 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve key file stats] ************************************************* task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:53 Wednesday 06 July 2022 22:53:02 +0000 (0:00:00.041) 0:07:54.495 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false, "stat": { "atime": 1657147960.426848, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "f82ba6312d6d8c3423bec0f58da9e44de13fdd34", "ctime": 1657147965.136848, "dev": 64515, "device_type": 0, "executable": false, "exists": true, "gid": 50, "gr_name": "ftp", "inode": 9518638, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0640", "mtime": 1657147965.031848, "nlink": 1, "path": "/etc/pki/tls/private/groupcert.key", "pw_name": "root", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 1708, "uid": 0, "version": "2899478086", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify if key file exists] *********************************************** task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:58 Wednesday 06 July 2022 22:53:03 +0000 (0:00:00.380) 0:07:54.875 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key file owner and group] ***************************************** task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:64 Wednesday 06 July 2022 22:53:03 +0000 (0:00:00.032) 0:07:54.908 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Parse certificate] ******************************************************* task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:74 Wednesday 06 July 2022 22:53:03 +0000 (0:00:00.049) 0:07:54.957 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false, "cmd": [ "/tmp/certificate-tests-venv/bin/certreader2json", "/etc/pki/tls/certs/groupcert.crt" ], "delta": "0:00:00.224326", "end": "2022-07-06 18:53:02.423309", "rc": 0, "start": "2022-07-06 18:53:02.198983" } STDOUT: { "subject": [ { "name": "organizationName", "oid": "2.5.4.10", "value": "TEST.LOCAL" }, { "name": "commonName", "oid": "2.5.4.3", "value": "ipaserver.test.local" } ], "extensions": { "authorityKeyIdentifier": { "value": "C2:55:2A:26:08:C1:06:76:D0:6A:4D:EB:05:6D:62:E2:84:47:E4:B0", "critical": false }, "authorityInfoAccess": { "value": [ { "method": "OCSP", "location": "http://ipa-ca.test.local/ca/ocsp" } ], "critical": false }, "keyUsage": { "value": [ "digital_signature", "content_commitment", "key_encipherment", "data_encipherment" ], "critical": true }, "extendedKeyUsage": { "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ], "critical": false }, "cRLDistributionPoints": { "value": [ { "full_name": [ "http://ipa-ca.test.local/ipa/crl/MasterCRL.bin" ], "crl_issuer": [ { "organizationName": "ipaca", "commonName": "Certificate Authority" } ] } ], "critical": false }, "subjectKeyIdentifier": { "value": "F4:CE:9B:0B:4F:77:0F:1C:0D:85:E5:FE:E9:94:62:74:18:4E:28:91", "critical": false }, "subjectAltName": { "value": [ { "name": "DNS", "value": "ipaserver.test.local" }, { "name": "Universal Principal Name (UPN)", "value": "HTTP/ipaserver.test.local@TEST.LOCAL", "oid": "1.3.6.1.4.1.311.20.2.3" }, { "name": "Kerberos principalname", "value": "HTTP/ipaserver.test.local@TEST.LOCAL", "oid": "1.3.6.1.5.2.2" } ], "critical": false } }, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "48:5C:35:0A:BB:A5:A6:36:19:DA:BA:96:77:2E:1A:07:1B:BD:DA:1F:00:3B:75:0A:AD:45:AA:68:A2:61:6E:D7:EB:1D:9F:4D:29:5D:5C:AD:0F:F6:CD:0D:96:65:BB:A2:6A:26:C7:39:80:42:BE:52:EE:12:0C:EB:25:61:13:64:D6:D3:C2:06:BE:C9:61:99:48:EB:DB:5C:3C:88:24:81:FD:D5:0D:1D:76:72:54:8B:97:D5:DD:5D:14:12:13:1D:D6:BB:68:AC:79:98:A2:50:DA:BA:D2:18:9F:5A:07:03:BC:3C:45:38:E9:94:D5:FF:03:BD:3A:27:B6:A3:2E:87:B0:50:99:7E:E1:64:06:DA:57:8B:B9:CD:81:1D:98:AA:11:9C:47:17:9B:ED:A9:6E:BA:FA:98:07:6F:B5:0E:F2:37:8A:51:1F:80:02:9D:2C:79:55:EC:53:FC:39:0F:D0:6A:AB:7F:6E:46:0F:36:8A:80:E5:76:2C:F0:B6:12:FC:F7:A3:D6:BC:23:FB:D1:71:4B:F4:DC:C5:64:77:0A:BF:13:7A:53:6F:30:CA:E6:CF:E6:E5:68:49:68:16:69:A9:ED:B1:42:CE:5A:54:7A:4C:0A:97:8A:94:6F:D6:D6:87:E8:0B:AF:07:7F:EA:E8:A4:F9:D2:7D:09:92:10:27:19:06:6F:48:A0:BA:94:7A:FC:B3:1E:7D:55:8C:34:70:88:86:87:62:03:C9:60:A4:51:DC:01:C3:F2:B6:C9:FC:37:A9:E8:E1:66:3A:0F:D3:F3:08:EB:C3:93:04:ED:10:A5:01:68:7A:A6:E5:E1:9D:4A:13:13:10:54:D6:0A:49:02:83:5E:0B:35:D2:91:E2:D9:EE:B0:72:61:DB:1C:D7:50:84:10:17:6B:42:95:03:5F:36:19:23:0C:3C:81:93:18:7D:27:0F:DE:D2:AE:C6:9D:60:10:E1:E9:79:57:97:13:0C:FB:0D:9D:DB:93:9A:1F:0C:A4:F5:71:09:83:9D:2A" }, "key_size": 2048, "validity": { "not_valid_after": "2024-07-06 22:52:40", "not_valid_before": "2022-07-06 22:52:40" } } TASK [Load certificate YAML to cert_issued variable] *************************** task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:79 Wednesday 06 July 2022 22:53:03 +0000 (0:00:00.607) 0:07:55.565 ******** ok: [/cache/rhel-8.qcow2] => { "ansible_facts": { "cert_issued": { "extensions": { "authorityInfoAccess": { "critical": false, "value": [ { "location": "http://ipa-ca.test.local/ca/ocsp", "method": "OCSP" } ] }, "authorityKeyIdentifier": { "critical": false, "value": "C2:55:2A:26:08:C1:06:76:D0:6A:4D:EB:05:6D:62:E2:84:47:E4:B0" }, "cRLDistributionPoints": { "critical": false, "value": [ { "crl_issuer": [ { "commonName": "Certificate Authority", "organizationName": "ipaca" } ], "full_name": [ "http://ipa-ca.test.local/ipa/crl/MasterCRL.bin" ] } ] }, "extendedKeyUsage": { "critical": false, "value": [ { "name": "id-kp-serverAuth", "oid": "1.3.6.1.5.5.7.3.1" }, { "name": "id-kp-clientAuth", "oid": "1.3.6.1.5.5.7.3.2" } ] }, "keyUsage": { "critical": true, "value": [ "digital_signature", "content_commitment", "key_encipherment", "data_encipherment" ] }, "subjectAltName": { "critical": false, "value": [ { "name": "DNS", "value": "ipaserver.test.local" }, { "name": "Universal Principal Name (UPN)", "oid": "1.3.6.1.4.1.311.20.2.3", "value": "HTTP/ipaserver.test.local@TEST.LOCAL" }, { "name": "Kerberos principalname", "oid": "1.3.6.1.5.2.2", "value": "HTTP/ipaserver.test.local@TEST.LOCAL" } ] }, "subjectKeyIdentifier": { "critical": false, "value": "F4:CE:9B:0B:4F:77:0F:1C:0D:85:E5:FE:E9:94:62:74:18:4E:28:91" } }, "key_size": 2048, "signature_algorithm": { "algorithm": "sha256WithRSAEncryption", "signature": "48:5C:35:0A:BB:A5:A6:36:19:DA:BA:96:77:2E:1A:07:1B:BD:DA:1F:00:3B:75:0A:AD:45:AA:68:A2:61:6E:D7:EB:1D:9F:4D:29:5D:5C:AD:0F:F6:CD:0D:96:65:BB:A2:6A:26:C7:39:80:42:BE:52:EE:12:0C:EB:25:61:13:64:D6:D3:C2:06:BE:C9:61:99:48:EB:DB:5C:3C:88:24:81:FD:D5:0D:1D:76:72:54:8B:97:D5:DD:5D:14:12:13:1D:D6:BB:68:AC:79:98:A2:50:DA:BA:D2:18:9F:5A:07:03:BC:3C:45:38:E9:94:D5:FF:03:BD:3A:27:B6:A3:2E:87:B0:50:99:7E:E1:64:06:DA:57:8B:B9:CD:81:1D:98:AA:11:9C:47:17:9B:ED:A9:6E:BA:FA:98:07:6F:B5:0E:F2:37:8A:51:1F:80:02:9D:2C:79:55:EC:53:FC:39:0F:D0:6A:AB:7F:6E:46:0F:36:8A:80:E5:76:2C:F0:B6:12:FC:F7:A3:D6:BC:23:FB:D1:71:4B:F4:DC:C5:64:77:0A:BF:13:7A:53:6F:30:CA:E6:CF:E6:E5:68:49:68:16:69:A9:ED:B1:42:CE:5A:54:7A:4C:0A:97:8A:94:6F:D6:D6:87:E8:0B:AF:07:7F:EA:E8:A4:F9:D2:7D:09:92:10:27:19:06:6F:48:A0:BA:94:7A:FC:B3:1E:7D:55:8C:34:70:88:86:87:62:03:C9:60:A4:51:DC:01:C3:F2:B6:C9:FC:37:A9:E8:E1:66:3A:0F:D3:F3:08:EB:C3:93:04:ED:10:A5:01:68:7A:A6:E5:E1:9D:4A:13:13:10:54:D6:0A:49:02:83:5E:0B:35:D2:91:E2:D9:EE:B0:72:61:DB:1C:D7:50:84:10:17:6B:42:95:03:5F:36:19:23:0C:3C:81:93:18:7D:27:0F:DE:D2:AE:C6:9D:60:10:E1:E9:79:57:97:13:0C:FB:0D:9D:DB:93:9A:1F:0C:A4:F5:71:09:83:9D:2A" }, "subject": [ { "name": "organizationName", "oid": "2.5.4.10", "value": "TEST.LOCAL" }, { "name": "commonName", "oid": "2.5.4.3", "value": "ipaserver.test.local" } ], "validity": { "not_valid_after": "2024-07-06 22:52:40", "not_valid_before": "2022-07-06 22:52:40" } } }, "changed": false } TASK [Verify certificate subject] ********************************************** task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:83 Wednesday 06 July 2022 22:53:03 +0000 (0:00:00.044) 0:07:55.609 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate SAN] ************************************************** task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:91 Wednesday 06 July 2022 22:53:03 +0000 (0:00:00.047) 0:07:55.656 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify key size] ********************************************************* task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:99 Wednesday 06 July 2022 22:53:03 +0000 (0:00:00.035) 0:07:55.692 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Key Usage] ******************************************** task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:106 Wednesday 06 July 2022 22:53:04 +0000 (0:00:00.047) 0:07:55.740 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Verify certificate Extended Key Usage] *********************************** task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:118 Wednesday 06 July 2022 22:53:04 +0000 (0:00:00.047) 0:07:55.788 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed TASK [Retrieve auto-renew flag] ************************************************ task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:132 Wednesday 06 July 2022 22:53:04 +0000 (0:00:00.046) 0:07:55.834 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false, "cmd": "set -euo pipefail; getcert list -f /etc/pki/tls/certs/groupcert.crt | grep 'auto-renew' | sed 's/^\\s\\+auto-renew: //g'", "delta": "0:00:00.062408", "end": "2022-07-06 18:53:03.121579", "rc": 0, "start": "2022-07-06 18:53:03.059171" } STDOUT: yes TASK [Verify certificate auto-renew flag] ************************************** task path: /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:141 Wednesday 06 July 2022 22:53:04 +0000 (0:00:00.422) 0:07:56.257 ******** ok: [/cache/rhel-8.qcow2] => { "changed": false } MSG: All assertions passed META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* /cache/rhel-8.qcow2 : ok=99 changed=33 unreachable=0 failed=0 skipped=35 rescued=0 ignored=0 Wednesday 06 July 2022 22:53:04 +0000 (0:00:00.052) 0:07:56.309 ******** =============================================================================== ipaserver : Install - Setup HTTP -------------------------------------- 148.35s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:324 ----------------------- ipaserver : Install - Setup CA ---------------------------------------- 142.85s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:267 ----------------------- ipaserver : Install - Ensure that IPA server packages are installed ---- 50.10s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:5 ------------------------- ipaserver : Install - Setup DS ----------------------------------------- 15.39s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:205 ----------------------- fedora.linux_system_roles.certificate : Ensure certificate requests ---- 12.82s /tmp/tmpt8vnebz7/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:99 ipaserver : Install - Setup NTP ---------------------------------------- 10.50s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:198 ----------------------- ipaserver : Install - Setup DNS ----------------------------------------- 8.37s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:367 ----------------------- ipaserver : Install - Setup KRB ----------------------------------------- 5.24s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:234 ----------------------- ensure hostname package is installed ------------------------------------ 4.63s /tmp/tmp0buh2ky5/tests/certificate/tasks/setup_ipa.yml:33 --------------------- ipaserver : Install - Enable IPA ---------------------------------------- 4.61s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:431 ----------------------- ipaserver : Install - Ensure that IPA server packages for dns are installed --- 4.36s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:10 ------------------------ ipaserver : Install - Setup custodia ------------------------------------ 4.15s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:261 ----------------------- Install the package, force upgrade -------------------------------------- 4.06s /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:11 - ipaclient : Install - Create IPA NSS database --------------------------- 4.05s /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:305 ----------------------- Install certreader ------------------------------------------------------ 3.21s /tmp/tmp0buh2ky5/tests/certificate/tasks/assert_certificate_parameters.yml:18 - ipaserver : Install - Ensure that firewall packages installed ----------- 2.97s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:22 ------------------------ ipaserver : Install - Setup otpd ---------------------------------------- 2.64s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:318 ----------------------- ipaclient : Install - IPA API calls for remaining enrollment parts ------ 2.46s /tmp/freeipa-repo/roles/ipaclient/tasks/install.yml:287 ----------------------- ipaserver : Install - Server preparation -------------------------------- 2.42s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:153 ----------------------- ipaserver : Install - Set DS password ----------------------------------- 2.34s /tmp/freeipa-repo/roles/ipaserver/tasks/install.yml:399 -----------------------