ansible-playbook [core 2.17.6]
config file = None
configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/local/lib/python3.12/site-packages/ansible
ansible collection location = /tmp/collections-r8g
executable location = /usr/local/bin/ansible-playbook
python version = 3.12.6 (main, Sep 9 2024, 00:00:00) [GCC 11.5.0 20240719 (Red Hat 11.5.0-2)] (/usr/bin/python3.12)
jinja version = 3.1.4
libyaml = True
No config file found; using defaults
running playbook inside collection fedora.linux_system_roles
redirecting (type: callback) ansible.builtin.debug to ansible.posix.debug
redirecting (type: callback) ansible.builtin.debug to ansible.posix.debug
redirecting (type: callback) ansible.builtin.profile_tasks to ansible.posix.profile_tasks
Skipping callback 'default', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.
PLAYBOOK: tests_certificate_runafter.yml ***************************************
1 plays in /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tests_certificate_runafter.yml
PLAY [Test certificate issuance with run_after shell script] *******************
TASK [Gathering Facts] *********************************************************
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tests_certificate_runafter.yml:6
Saturday 16 November 2024 11:35:38 -0500 (0:00:00.009) 0:00:00.009 *****
[WARNING]: Platform linux on host managed-node1 is using the discovered Python
interpreter at /usr/bin/python3.9, but future installation of another Python
interpreter could change the meaning of that path. See
https://docs.ansible.com/ansible-
core/2.17/reference_appendices/interpreter_discovery.html for more information.
ok: [managed-node1]
TASK [Install cockpit] *********************************************************
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tests_certificate_runafter.yml:9
Saturday 16 November 2024 11:35:39 -0500 (0:00:01.185) 0:00:01.195 *****
included: fedora.linux_system_roles.cockpit for managed-node1
TASK [fedora.linux_system_roles.cockpit : Ensure ansible_facts and variables used by role] ***
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/tasks/main.yml:2
Saturday 16 November 2024 11:35:39 -0500 (0:00:00.064) 0:00:01.259 *****
included: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/tasks/set_vars.yml for managed-node1
TASK [fedora.linux_system_roles.cockpit : Ensure ansible_facts used by role] ***
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/tasks/set_vars.yml:2
Saturday 16 November 2024 11:35:39 -0500 (0:00:00.025) 0:00:01.285 *****
skipping: [managed-node1] => {
"changed": false,
"false_condition": "__cockpit_required_facts | difference(ansible_facts.keys() | list) | length > 0",
"skip_reason": "Conditional result was False"
}
TASK [fedora.linux_system_roles.cockpit : Check if system is ostree] ***********
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/tasks/set_vars.yml:10
Saturday 16 November 2024 11:35:39 -0500 (0:00:00.041) 0:00:01.327 *****
ok: [managed-node1] => {
"changed": false,
"stat": {
"exists": false
}
}
TASK [fedora.linux_system_roles.cockpit : Set flag to indicate system is ostree] ***
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/tasks/set_vars.yml:15
Saturday 16 November 2024 11:35:40 -0500 (0:00:00.490) 0:00:01.817 *****
ok: [managed-node1] => {
"ansible_facts": {
"__cockpit_is_ostree": false
},
"changed": false
}
TASK [fedora.linux_system_roles.cockpit : Check if transactional-update exists in /sbin] ***
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/tasks/set_vars.yml:22
Saturday 16 November 2024 11:35:40 -0500 (0:00:00.026) 0:00:01.844 *****
ok: [managed-node1] => {
"changed": false,
"stat": {
"exists": false
}
}
TASK [fedora.linux_system_roles.cockpit : Set flag if transactional-update exists] ***
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/tasks/set_vars.yml:27
Saturday 16 November 2024 11:35:40 -0500 (0:00:00.365) 0:00:02.210 *****
ok: [managed-node1] => {
"ansible_facts": {
"__cockpit_is_transactional": false
},
"changed": false
}
TASK [fedora.linux_system_roles.cockpit : Set version specific variables] ******
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/tasks/set_vars.yml:31
Saturday 16 November 2024 11:35:40 -0500 (0:00:00.027) 0:00:02.237 *****
ok: [managed-node1] => (item=/tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/vars/CentOS-9.yml) => {
"ansible_facts": {
"__cockpit_packages": {
"default": "{{ __cockpit_packages_minimal + __cockpit_packages_default }}",
"full": "{{ __cockpit_packages_minimal + __cockpit_packages_default + __cockpit_packages_full }}",
"minimal": "{{ __cockpit_packages_minimal }}"
},
"__cockpit_packages_default": [
"cockpit",
"cockpit-networkmanager",
"cockpit-packagekit",
"cockpit-selinux",
"cockpit-storaged"
],
"__cockpit_packages_exclude": [
"cockpit-docker",
"cockpit-ostree",
"cockpit-tests"
],
"__cockpit_packages_full": [
"cockpit-*"
],
"__cockpit_packages_minimal": [
"cockpit-system",
"cockpit-ws"
]
},
"ansible_included_var_files": [
"/tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/vars/CentOS-9.yml"
],
"ansible_loop_var": "item",
"changed": false,
"item": "/tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/vars/CentOS-9.yml"
}
TASK [fedora.linux_system_roles.cockpit : List active RHEL repositories] *******
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/tasks/main.yml:11
Saturday 16 November 2024 11:35:40 -0500 (0:00:00.029) 0:00:02.267 *****
skipping: [managed-node1] => {
"changed": false,
"false_condition": "ansible_distribution == 'RedHat'",
"skip_reason": "Conditional result was False"
}
TASK [fedora.linux_system_roles.cockpit : Enable RHEL repositories] ************
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/tasks/main.yml:18
Saturday 16 November 2024 11:35:40 -0500 (0:00:00.016) 0:00:02.284 *****
skipping: [managed-node1] => {
"changed": false,
"false_condition": "ansible_distribution == 'RedHat'",
"skip_reason": "Conditional result was False"
}
TASK [fedora.linux_system_roles.cockpit : Manage cockpit packages using platform specific package manager if applicable] ***
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/tasks/main.yml:23
Saturday 16 November 2024 11:35:40 -0500 (0:00:00.016) 0:00:02.300 *****
included: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/tasks/setup-dnf.yml for managed-node1 => (item=/tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/tasks/setup-dnf.yml)
TASK [fedora.linux_system_roles.cockpit : If choosing custom package set, ensure minimal cockpit is included] ***
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/tasks/setup-dnf.yml:2
Saturday 16 November 2024 11:35:40 -0500 (0:00:00.057) 0:00:02.357 *****
ok: [managed-node1] => {
"ansible_facts": {
"cockpit_packages": "minimal"
},
"changed": false
}
TASK [fedora.linux_system_roles.cockpit : Ensure Cockpit Web Console packages are installed.] ***
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/tasks/setup-dnf.yml:7
Saturday 16 November 2024 11:35:40 -0500 (0:00:00.027) 0:00:02.385 *****
changed: [managed-node1] => {
"changed": true,
"rc": 0,
"results": [
"Installed: cockpit-ws-327-1.el9.x86_64",
"Installed: cockpit-bridge-327-1.el9.x86_64",
"Installed: cockpit-system-327-1.el9.noarch"
]
}
lsrpackages: cockpit-system cockpit-ws
TASK [fedora.linux_system_roles.cockpit : Ensure full package list is installed] ***
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/tasks/setup-dnf.yml:15
Saturday 16 November 2024 11:35:55 -0500 (0:00:14.116) 0:00:16.502 *****
skipping: [managed-node1] => {
"changed": false,
"false_condition": "'cockpit-*' in __pkgs",
"skip_reason": "Conditional result was False"
}
TASK [fedora.linux_system_roles.cockpit : Configure firewall] ******************
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/tasks/main.yml:32
Saturday 16 November 2024 11:35:55 -0500 (0:00:00.020) 0:00:16.522 *****
included: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/tasks/firewall.yml for managed-node1
TASK [Ensure the cockpit service is enabled] ***********************************
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/tasks/firewall.yml:3
Saturday 16 November 2024 11:35:55 -0500 (0:00:00.023) 0:00:16.545 *****
skipping: [managed-node1] => {
"changed": false,
"false_condition": "cockpit_manage_firewall | bool",
"skip_reason": "Conditional result was False"
}
TASK [fedora.linux_system_roles.cockpit : Configure selinux] *******************
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/tasks/main.yml:35
Saturday 16 November 2024 11:35:55 -0500 (0:00:00.037) 0:00:16.583 *****
included: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/tasks/selinux.yml for managed-node1
TASK [Ensure the service and the ports status with the selinux role] ***********
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/tasks/selinux.yml:3
Saturday 16 November 2024 11:35:55 -0500 (0:00:00.024) 0:00:16.607 *****
skipping: [managed-node1] => {
"changed": false,
"false_condition": "cockpit_manage_selinux | bool",
"skip_reason": "Conditional result was False"
}
TASK [fedora.linux_system_roles.cockpit : Create custom port configuration file directory] ***
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/tasks/main.yml:38
Saturday 16 November 2024 11:35:55 -0500 (0:00:00.038) 0:00:16.645 *****
skipping: [managed-node1] => {
"changed": false,
"false_condition": "cockpit_port is not none",
"skip_reason": "Conditional result was False"
}
TASK [fedora.linux_system_roles.cockpit : Create custom port configuration file] ***
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/tasks/main.yml:47
Saturday 16 November 2024 11:35:55 -0500 (0:00:00.023) 0:00:16.669 *****
skipping: [managed-node1] => {
"changed": false,
"false_condition": "cockpit_port is not none",
"skip_reason": "Conditional result was False"
}
TASK [fedora.linux_system_roles.cockpit : Clean up port configuration file for undefined custom port] ***
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/tasks/main.yml:62
Saturday 16 November 2024 11:35:55 -0500 (0:00:00.021) 0:00:16.691 *****
ok: [managed-node1] => {
"changed": false,
"path": "/etc/systemd/system/cockpit.socket.d/listen.conf",
"state": "absent"
}
TASK [fedora.linux_system_roles.cockpit : Ensure Cockpit Web Console is started/stopped and enabled/disabled] ***
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/tasks/main.yml:71
Saturday 16 November 2024 11:35:55 -0500 (0:00:00.500) 0:00:17.191 *****
changed: [managed-node1] => {
"changed": true,
"enabled": true,
"name": "cockpit.socket",
"state": "started",
"status": {
"Accept": "no",
"AccessSELinuxContext": "system_u:object_r:cockpit_unit_file_t:s0",
"ActiveEnterTimestampMonotonic": "0",
"ActiveExitTimestampMonotonic": "0",
"ActiveState": "inactive",
"After": "sysinit.target systemd-journald.socket system.slice",
"AllowIsolate": "no",
"AssertResult": "no",
"AssertTimestampMonotonic": "0",
"Backlog": "4096",
"Before": "shutdown.target cockpit.service cockpit-motd.service sockets.target",
"BindIPv6Only": "default",
"BlockIOAccounting": "no",
"BlockIOWeight": "[not set]",
"Broadcast": "no",
"CPUAccounting": "yes",
"CPUAffinityFromNUMA": "no",
"CPUQuotaPerSecUSec": "infinity",
"CPUQuotaPeriodUSec": "infinity",
"CPUSchedulingPolicy": "0",
"CPUSchedulingPriority": "0",
"CPUSchedulingResetOnFork": "no",
"CPUShares": "[not set]",
"CPUUsageNSec": "[not set]",
"CPUWeight": "[not set]",
"CacheDirectoryMode": "0755",
"CanFreeze": "no",
"CanIsolate": "no",
"CanReload": "no",
"CanStart": "yes",
"CanStop": "yes",
"CapabilityBoundingSet": "cap_chown cap_dac_override cap_dac_read_search cap_fowner cap_fsetid cap_kill cap_setgid cap_setuid cap_setpcap cap_linux_immutable cap_net_bind_service cap_net_broadcast cap_net_admin cap_net_raw cap_ipc_lock cap_ipc_owner cap_sys_module cap_sys_rawio cap_sys_chroot cap_sys_ptrace cap_sys_pacct cap_sys_admin cap_sys_boot cap_sys_nice cap_sys_resource cap_sys_time cap_sys_tty_config cap_mknod cap_lease cap_audit_write cap_audit_control cap_setfcap cap_mac_override cap_mac_admin cap_syslog cap_wake_alarm cap_block_suspend cap_audit_read cap_perfmon cap_bpf cap_checkpoint_restore",
"CollectMode": "inactive",
"ConditionResult": "no",
"ConditionTimestampMonotonic": "0",
"ConfigurationDirectoryMode": "0755",
"Conflicts": "shutdown.target",
"ControlGroupId": "0",
"ControlPID": "0",
"CoredumpFilter": "0x33",
"DefaultDependencies": "yes",
"DefaultMemoryLow": "0",
"DefaultMemoryMin": "0",
"DeferAcceptUSec": "0",
"Delegate": "no",
"Description": "Cockpit Web Service Socket",
"DevicePolicy": "auto",
"DirectoryMode": "0755",
"Documentation": "\"man:cockpit-ws(8)\"",
"DynamicUser": "no",
"ExecStartPost": "{ path=/bin/ln ; argv[]=/bin/ln -snf active.motd /run/cockpit/motd ; ignore_errors=yes ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }",
"ExecStopPost": "{ path=/bin/ln ; argv[]=/bin/ln -snf inactive.motd /run/cockpit/motd ; ignore_errors=yes ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }",
"FailureAction": "none",
"FileDescriptorName": "cockpit.socket",
"FinalKillSignal": "9",
"FlushPending": "no",
"FragmentPath": "/usr/lib/systemd/system/cockpit.socket",
"FreeBind": "no",
"FreezerState": "running",
"GID": "[not set]",
"IOAccounting": "no",
"IOReadBytes": "18446744073709551615",
"IOReadOperations": "18446744073709551615",
"IOSchedulingClass": "2",
"IOSchedulingPriority": "4",
"IOWeight": "[not set]",
"IOWriteBytes": "18446744073709551615",
"IOWriteOperations": "18446744073709551615",
"IPAccounting": "no",
"IPEgressBytes": "[no data]",
"IPEgressPackets": "[no data]",
"IPIngressBytes": "[no data]",
"IPIngressPackets": "[no data]",
"IPTOS": "-1",
"IPTTL": "-1",
"Id": "cockpit.socket",
"IgnoreOnIsolate": "no",
"IgnoreSIGPIPE": "yes",
"InactiveEnterTimestampMonotonic": "0",
"InactiveExitTimestampMonotonic": "0",
"JobRunningTimeoutUSec": "infinity",
"JobTimeoutAction": "none",
"JobTimeoutUSec": "infinity",
"KeepAlive": "no",
"KeepAliveIntervalUSec": "0",
"KeepAliveProbes": "0",
"KeepAliveTimeUSec": "0",
"KeyringMode": "shared",
"KillMode": "control-group",
"KillSignal": "15",
"LimitAS": "infinity",
"LimitASSoft": "infinity",
"LimitCORE": "infinity",
"LimitCORESoft": "infinity",
"LimitCPU": "infinity",
"LimitCPUSoft": "infinity",
"LimitDATA": "infinity",
"LimitDATASoft": "infinity",
"LimitFSIZE": "infinity",
"LimitFSIZESoft": "infinity",
"LimitLOCKS": "infinity",
"LimitLOCKSSoft": "infinity",
"LimitMEMLOCK": "8388608",
"LimitMEMLOCKSoft": "8388608",
"LimitMSGQUEUE": "819200",
"LimitMSGQUEUESoft": "819200",
"LimitNICE": "0",
"LimitNICESoft": "0",
"LimitNOFILE": "524288",
"LimitNOFILESoft": "1024",
"LimitNPROC": "13956",
"LimitNPROCSoft": "13956",
"LimitRSS": "infinity",
"LimitRSSSoft": "infinity",
"LimitRTPRIO": "0",
"LimitRTPRIOSoft": "0",
"LimitRTTIME": "infinity",
"LimitRTTIMESoft": "infinity",
"LimitSIGPENDING": "13956",
"LimitSIGPENDINGSoft": "13956",
"LimitSTACK": "infinity",
"LimitSTACKSoft": "8388608",
"Listen": "[::]:9090 (Stream)",
"LoadState": "loaded",
"LockPersonality": "no",
"LogLevelMax": "-1",
"LogRateLimitBurst": "0",
"LogRateLimitIntervalUSec": "0",
"LogsDirectoryMode": "0755",
"ManagedOOMMemoryPressure": "auto",
"ManagedOOMMemoryPressureLimit": "0",
"ManagedOOMPreference": "none",
"ManagedOOMSwap": "auto",
"Mark": "-1",
"MaxConnections": "64",
"MaxConnectionsPerSource": "0",
"MemoryAccounting": "yes",
"MemoryAvailable": "infinity",
"MemoryCurrent": "[not set]",
"MemoryDenyWriteExecute": "no",
"MemoryHigh": "infinity",
"MemoryLimit": "infinity",
"MemoryLow": "0",
"MemoryMax": "infinity",
"MemoryMin": "0",
"MemorySwapMax": "infinity",
"MessageQueueMaxMessages": "0",
"MessageQueueMessageSize": "0",
"MountAPIVFS": "no",
"NAccepted": "0",
"NConnections": "0",
"NRefused": "0",
"NUMAPolicy": "n/a",
"Names": "cockpit.socket",
"NeedDaemonReload": "no",
"Nice": "0",
"NoDelay": "no",
"NoNewPrivileges": "no",
"NonBlocking": "no",
"OOMScoreAdjust": "0",
"OnFailureJobMode": "replace",
"OnSuccessJobMode": "fail",
"PassCredentials": "no",
"PassPacketInfo": "no",
"PassSecurity": "no",
"Perpetual": "no",
"PipeSize": "0",
"Priority": "-1",
"PrivateDevices": "no",
"PrivateIPC": "no",
"PrivateMounts": "no",
"PrivateNetwork": "no",
"PrivateTmp": "no",
"PrivateUsers": "no",
"ProcSubset": "all",
"ProtectClock": "no",
"ProtectControlGroups": "no",
"ProtectHome": "no",
"ProtectHostname": "no",
"ProtectKernelLogs": "no",
"ProtectKernelModules": "no",
"ProtectKernelTunables": "no",
"ProtectProc": "default",
"ProtectSystem": "no",
"ReceiveBuffer": "0",
"RefuseManualStart": "no",
"RefuseManualStop": "no",
"RemoveIPC": "no",
"RemoveOnStop": "no",
"RequiredBy": "cockpit.service",
"Requires": "system.slice sysinit.target",
"RestartKillSignal": "15",
"RestrictNamespaces": "no",
"RestrictRealtime": "no",
"RestrictSUIDSGID": "no",
"Result": "success",
"ReusePort": "no",
"RuntimeDirectoryMode": "0755",
"RuntimeDirectoryPreserve": "no",
"SameProcessGroup": "no",
"SecureBits": "0",
"SendBuffer": "0",
"SendSIGHUP": "no",
"SendSIGKILL": "yes",
"Slice": "system.slice",
"SocketMode": "0666",
"SocketProtocol": "0",
"StandardError": "inherit",
"StandardInput": "null",
"StandardOutput": "journal",
"StartLimitAction": "none",
"StartLimitBurst": "5",
"StartLimitIntervalUSec": "10s",
"StartupBlockIOWeight": "[not set]",
"StartupCPUShares": "[not set]",
"StartupCPUWeight": "[not set]",
"StartupIOWeight": "[not set]",
"StateChangeTimestampMonotonic": "0",
"StateDirectoryMode": "0755",
"StopWhenUnneeded": "no",
"SubState": "dead",
"SuccessAction": "none",
"SyslogFacility": "3",
"SyslogLevel": "6",
"SyslogLevelPrefix": "yes",
"SyslogPriority": "30",
"SystemCallErrorNumber": "2147483646",
"TTYReset": "no",
"TTYVHangup": "no",
"TTYVTDisallocate": "no",
"TasksAccounting": "yes",
"TasksCurrent": "[not set]",
"TasksMax": "22329",
"TimeoutCleanUSec": "infinity",
"TimeoutUSec": "1min 30s",
"TimerSlackNSec": "50000",
"Timestamping": "off",
"Transient": "no",
"Transparent": "no",
"TriggerLimitBurst": "20",
"TriggerLimitIntervalUSec": "2s",
"Triggers": "cockpit.service",
"UID": "[not set]",
"UMask": "0022",
"UnitFilePreset": "disabled",
"UnitFileState": "disabled",
"UtmpMode": "init",
"Wants": "cockpit-motd.service",
"WatchdogSignal": "6",
"Writable": "no"
}
}
TASK [fedora.linux_system_roles.cockpit : Create cockpit.conf configuration file] ***
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/tasks/main.yml:77
Saturday 16 November 2024 11:35:56 -0500 (0:00:01.084) 0:00:18.275 *****
skipping: [managed-node1] => {
"changed": false,
"false_condition": "cockpit_config is defined",
"skip_reason": "Conditional result was False"
}
TASK [fedora.linux_system_roles.cockpit : Check the OS version for self-sign] ***
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/tasks/main.yml:93
Saturday 16 November 2024 11:35:56 -0500 (0:00:00.021) 0:00:18.297 *****
skipping: [managed-node1] => {
"changed": false,
"false_condition": "cockpit_certificates | length > 0",
"skip_reason": "Conditional result was False"
}
TASK [Create certificates using the certificate role] **************************
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/tasks/main.yml:102
Saturday 16 November 2024 11:35:56 -0500 (0:00:00.040) 0:00:18.338 *****
skipping: [managed-node1] => {
"changed": false,
"false_condition": "cockpit_certificates | length > 0",
"skip_reason": "Conditional result was False"
}
TASK [fedora.linux_system_roles.cockpit : Set cockpit_cert and cockpit_private_key] ***
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/tasks/main.yml:108
Saturday 16 November 2024 11:35:56 -0500 (0:00:00.042) 0:00:18.381 *****
skipping: [managed-node1] => {
"changed": false,
"false_condition": "cockpit_certificates | length > 0",
"skip_reason": "Conditional result was False"
}
TASK [fedora.linux_system_roles.cockpit : Link to configured existing certificate] ***
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/tasks/main.yml:114
Saturday 16 November 2024 11:35:56 -0500 (0:00:00.042) 0:00:18.423 *****
skipping: [managed-node1] => {
"changed": false,
"false_condition": "cockpit_cert is defined",
"skip_reason": "Conditional result was False"
}
TASK [fedora.linux_system_roles.cockpit : Link to configured existing certificate key] ***
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/tasks/main.yml:124
Saturday 16 November 2024 11:35:56 -0500 (0:00:00.022) 0:00:18.446 *****
skipping: [managed-node1] => {
"changed": false,
"false_condition": "cockpit_cert is defined",
"skip_reason": "Conditional result was False"
}
TASK [Allow certmonger to write into Cockpit's certificate directory] **********
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tests_certificate_runafter.yml:20
Saturday 16 November 2024 11:35:56 -0500 (0:00:00.025) 0:00:18.471 *****
ok: [managed-node1] => {
"changed": false,
"gid": 0,
"group": "root",
"mode": "0755",
"owner": "root",
"path": "/etc/cockpit/ws-certs.d/",
"secontext": "system_u:object_r:cert_t:s0",
"size": 6,
"state": "directory",
"uid": 0
}
TASK [Get name of cockpit group to use] ****************************************
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tests_certificate_runafter.yml:28
Saturday 16 November 2024 11:35:57 -0500 (0:00:00.378) 0:00:18.849 *****
included: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tasks/get_cockpit_group.yml for managed-node1
TASK [Get name of cockpit group for tests] *************************************
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tasks/get_cockpit_group.yml:3
Saturday 16 November 2024 11:35:57 -0500 (0:00:00.026) 0:00:18.876 *****
ok: [managed-node1] => {
"ansible_facts": {
"getent_group": {
"cockpit-wsinstance": [
"x",
"991",
""
]
}
},
"changed": false
}
TASK [Set __cockpit_test_group] ************************************************
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tasks/get_cockpit_group.yml:9
Saturday 16 November 2024 11:35:57 -0500 (0:00:00.493) 0:00:19.369 *****
ok: [managed-node1] => {
"ansible_facts": {
"__cockpit_test_group": "cockpit-wsinstance"
},
"changed": false
}
TASK [Generate certificate with certificate system role] ***********************
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tests_certificate_runafter.yml:32
Saturday 16 November 2024 11:35:57 -0500 (0:00:00.021) 0:00:19.390 *****
included: fedora.linux_system_roles.certificate for managed-node1
TASK [fedora.linux_system_roles.certificate : Set version specific variables] ***
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:2
Saturday 16 November 2024 11:35:57 -0500 (0:00:00.050) 0:00:19.440 *****
included: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml for managed-node1
TASK [fedora.linux_system_roles.certificate : Ensure ansible_facts used by role] ***
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml:2
Saturday 16 November 2024 11:35:57 -0500 (0:00:00.022) 0:00:19.463 *****
skipping: [managed-node1] => {
"changed": false,
"false_condition": "__certificate_required_facts | difference(ansible_facts.keys() | list) | length > 0",
"skip_reason": "Conditional result was False"
}
TASK [fedora.linux_system_roles.certificate : Check if system is ostree] *******
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml:10
Saturday 16 November 2024 11:35:58 -0500 (0:00:00.044) 0:00:19.507 *****
ok: [managed-node1] => {
"changed": false,
"stat": {
"exists": false
}
}
TASK [fedora.linux_system_roles.certificate : Set flag to indicate system is ostree] ***
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml:15
Saturday 16 November 2024 11:35:58 -0500 (0:00:00.370) 0:00:19.878 *****
ok: [managed-node1] => {
"ansible_facts": {
"__certificate_is_ostree": false
},
"changed": false
}
TASK [fedora.linux_system_roles.certificate : Set platform/version specific variables] ***
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/set_vars.yml:19
Saturday 16 November 2024 11:35:58 -0500 (0:00:00.031) 0:00:19.910 *****
skipping: [managed-node1] => (item=RedHat.yml) => {
"ansible_loop_var": "item",
"changed": false,
"false_condition": "__vars_file is file",
"item": "RedHat.yml",
"skip_reason": "Conditional result was False"
}
skipping: [managed-node1] => (item=CentOS.yml) => {
"ansible_loop_var": "item",
"changed": false,
"false_condition": "__vars_file is file",
"item": "CentOS.yml",
"skip_reason": "Conditional result was False"
}
ok: [managed-node1] => (item=CentOS_9.yml) => {
"ansible_facts": {
"__certificate_certmonger_packages": [
"certmonger",
"python3-packaging"
]
},
"ansible_included_var_files": [
"/tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/certificate/vars/CentOS_9.yml"
],
"ansible_loop_var": "item",
"changed": false,
"item": "CentOS_9.yml"
}
ok: [managed-node1] => (item=CentOS_9.yml) => {
"ansible_facts": {
"__certificate_certmonger_packages": [
"certmonger",
"python3-packaging"
]
},
"ansible_included_var_files": [
"/tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/certificate/vars/CentOS_9.yml"
],
"ansible_loop_var": "item",
"changed": false,
"item": "CentOS_9.yml"
}
TASK [fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed] ***
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:5
Saturday 16 November 2024 11:35:58 -0500 (0:00:00.052) 0:00:19.963 *****
changed: [managed-node1] => {
"changed": true,
"rc": 0,
"results": [
"Installed: python3-cffi-1.14.5-5.el9.x86_64",
"Installed: python3-pyasn1-0.4.8-6.el9.noarch",
"Installed: python3-ply-3.11-14.el9.noarch",
"Installed: python3-pycparser-2.20-6.el9.noarch",
"Installed: python3-cryptography-36.0.1-4.el9.x86_64"
]
}
lsrpackages: python3-cryptography python3-dbus python3-pyasn1
TASK [fedora.linux_system_roles.certificate : Ensure provider packages are installed] ***
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:23
Saturday 16 November 2024 11:36:01 -0500 (0:00:03.145) 0:00:23.108 *****
changed: [managed-node1] => (item=certmonger) => {
"__certificate_provider": "certmonger",
"ansible_loop_var": "__certificate_provider",
"changed": true,
"rc": 0,
"results": [
"Installed: certmonger-0.79.17-2.el9.x86_64",
"Installed: python3-packaging-20.9-5.el9.noarch",
"Installed: python3-pyparsing-2.4.7-9.el9.noarch"
]
}
lsrpackages: certmonger python3-packaging
TASK [fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists] ***
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:35
Saturday 16 November 2024 11:36:04 -0500 (0:00:03.264) 0:00:26.372 *****
changed: [managed-node1] => (item=certmonger) => {
"__certificate_provider": "certmonger",
"ansible_loop_var": "__certificate_provider",
"changed": true,
"gid": 0,
"group": "root",
"mode": "0700",
"owner": "root",
"path": "/etc/certmonger//pre-scripts",
"secontext": "unconfined_u:object_r:etc_t:s0",
"size": 6,
"state": "directory",
"uid": 0
}
TASK [fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists] ***
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:61
Saturday 16 November 2024 11:36:05 -0500 (0:00:00.427) 0:00:26.800 *****
changed: [managed-node1] => (item=certmonger) => {
"__certificate_provider": "certmonger",
"ansible_loop_var": "__certificate_provider",
"changed": true,
"gid": 0,
"group": "root",
"mode": "0700",
"owner": "root",
"path": "/etc/certmonger//post-scripts",
"secontext": "unconfined_u:object_r:etc_t:s0",
"size": 6,
"state": "directory",
"uid": 0
}
TASK [fedora.linux_system_roles.certificate : Ensure provider service is running] ***
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:90
Saturday 16 November 2024 11:36:05 -0500 (0:00:00.421) 0:00:27.221 *****
changed: [managed-node1] => (item=certmonger) => {
"__certificate_provider": "certmonger",
"ansible_loop_var": "__certificate_provider",
"changed": true,
"enabled": true,
"name": "certmonger",
"state": "started",
"status": {
"AccessSELinuxContext": "system_u:object_r:certmonger_unit_file_t:s0",
"ActiveEnterTimestampMonotonic": "0",
"ActiveExitTimestampMonotonic": "0",
"ActiveState": "inactive",
"After": "sysinit.target network.target syslog.target basic.target dbus-broker.service dbus.socket system.slice systemd-journald.socket",
"AllowIsolate": "no",
"AssertResult": "no",
"AssertTimestampMonotonic": "0",
"Before": "shutdown.target",
"BlockIOAccounting": "no",
"BlockIOWeight": "[not set]",
"BusName": "org.fedorahosted.certmonger",
"CPUAccounting": "yes",
"CPUAffinityFromNUMA": "no",
"CPUQuotaPerSecUSec": "infinity",
"CPUQuotaPeriodUSec": "infinity",
"CPUSchedulingPolicy": "0",
"CPUSchedulingPriority": "0",
"CPUSchedulingResetOnFork": "no",
"CPUShares": "[not set]",
"CPUUsageNSec": "[not set]",
"CPUWeight": "[not set]",
"CacheDirectoryMode": "0755",
"CanFreeze": "yes",
"CanIsolate": "no",
"CanReload": "no",
"CanStart": "yes",
"CanStop": "yes",
"CapabilityBoundingSet": "cap_chown cap_dac_override cap_dac_read_search cap_fowner cap_fsetid cap_kill cap_setgid cap_setuid cap_setpcap cap_linux_immutable cap_net_bind_service cap_net_broadcast cap_net_admin cap_net_raw cap_ipc_lock cap_ipc_owner cap_sys_module cap_sys_rawio cap_sys_chroot cap_sys_ptrace cap_sys_pacct cap_sys_admin cap_sys_boot cap_sys_nice cap_sys_resource cap_sys_time cap_sys_tty_config cap_mknod cap_lease cap_audit_write cap_audit_control cap_setfcap cap_mac_override cap_mac_admin cap_syslog cap_wake_alarm cap_block_suspend cap_audit_read cap_perfmon cap_bpf cap_checkpoint_restore",
"CleanResult": "success",
"CollectMode": "inactive",
"ConditionResult": "no",
"ConditionTimestampMonotonic": "0",
"ConfigurationDirectoryMode": "0755",
"Conflicts": "shutdown.target",
"ControlGroupId": "0",
"ControlPID": "0",
"CoredumpFilter": "0x33",
"DefaultDependencies": "yes",
"DefaultMemoryLow": "0",
"DefaultMemoryMin": "0",
"Delegate": "no",
"Description": "Certificate monitoring and PKI enrollment",
"DevicePolicy": "auto",
"DynamicUser": "no",
"EnvironmentFiles": "/etc/sysconfig/certmonger (ignore_errors=yes)",
"ExecMainCode": "0",
"ExecMainExitTimestampMonotonic": "0",
"ExecMainPID": "0",
"ExecMainStartTimestampMonotonic": "0",
"ExecMainStatus": "0",
"ExecStart": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /run/certmonger.pid -n $OPTS ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }",
"ExecStartEx": "{ path=/usr/sbin/certmonger ; argv[]=/usr/sbin/certmonger -S -p /run/certmonger.pid -n $OPTS ; flags= ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }",
"ExitType": "main",
"FailureAction": "none",
"FileDescriptorStoreMax": "0",
"FinalKillSignal": "9",
"FragmentPath": "/usr/lib/systemd/system/certmonger.service",
"FreezerState": "running",
"GID": "[not set]",
"GuessMainPID": "yes",
"IOAccounting": "no",
"IOReadBytes": "18446744073709551615",
"IOReadOperations": "18446744073709551615",
"IOSchedulingClass": "2",
"IOSchedulingPriority": "4",
"IOWeight": "[not set]",
"IOWriteBytes": "18446744073709551615",
"IOWriteOperations": "18446744073709551615",
"IPAccounting": "no",
"IPEgressBytes": "[no data]",
"IPEgressPackets": "[no data]",
"IPIngressBytes": "[no data]",
"IPIngressPackets": "[no data]",
"Id": "certmonger.service",
"IgnoreOnIsolate": "no",
"IgnoreSIGPIPE": "yes",
"InactiveEnterTimestampMonotonic": "0",
"InactiveExitTimestampMonotonic": "0",
"JobRunningTimeoutUSec": "infinity",
"JobTimeoutAction": "none",
"JobTimeoutUSec": "infinity",
"KeyringMode": "private",
"KillMode": "control-group",
"KillSignal": "15",
"LimitAS": "infinity",
"LimitASSoft": "infinity",
"LimitCORE": "infinity",
"LimitCORESoft": "infinity",
"LimitCPU": "infinity",
"LimitCPUSoft": "infinity",
"LimitDATA": "infinity",
"LimitDATASoft": "infinity",
"LimitFSIZE": "infinity",
"LimitFSIZESoft": "infinity",
"LimitLOCKS": "infinity",
"LimitLOCKSSoft": "infinity",
"LimitMEMLOCK": "8388608",
"LimitMEMLOCKSoft": "8388608",
"LimitMSGQUEUE": "819200",
"LimitMSGQUEUESoft": "819200",
"LimitNICE": "0",
"LimitNICESoft": "0",
"LimitNOFILE": "524288",
"LimitNOFILESoft": "1024",
"LimitNPROC": "13956",
"LimitNPROCSoft": "13956",
"LimitRSS": "infinity",
"LimitRSSSoft": "infinity",
"LimitRTPRIO": "0",
"LimitRTPRIOSoft": "0",
"LimitRTTIME": "infinity",
"LimitRTTIMESoft": "infinity",
"LimitSIGPENDING": "13956",
"LimitSIGPENDINGSoft": "13956",
"LimitSTACK": "infinity",
"LimitSTACKSoft": "8388608",
"LoadState": "loaded",
"LockPersonality": "no",
"LogLevelMax": "-1",
"LogRateLimitBurst": "0",
"LogRateLimitIntervalUSec": "0",
"LogsDirectoryMode": "0755",
"MainPID": "0",
"ManagedOOMMemoryPressure": "auto",
"ManagedOOMMemoryPressureLimit": "0",
"ManagedOOMPreference": "none",
"ManagedOOMSwap": "auto",
"MemoryAccounting": "yes",
"MemoryAvailable": "infinity",
"MemoryCurrent": "[not set]",
"MemoryDenyWriteExecute": "no",
"MemoryHigh": "infinity",
"MemoryLimit": "infinity",
"MemoryLow": "0",
"MemoryMax": "infinity",
"MemoryMin": "0",
"MemorySwapMax": "infinity",
"MountAPIVFS": "no",
"NFileDescriptorStore": "0",
"NRestarts": "0",
"NUMAPolicy": "n/a",
"Names": "certmonger.service",
"NeedDaemonReload": "no",
"Nice": "0",
"NoNewPrivileges": "no",
"NonBlocking": "no",
"NotifyAccess": "none",
"OOMPolicy": "stop",
"OOMScoreAdjust": "0",
"OnFailureJobMode": "replace",
"OnSuccessJobMode": "fail",
"PIDFile": "/run/certmonger.pid",
"PartOf": "dbus-broker.service",
"Perpetual": "no",
"PrivateDevices": "no",
"PrivateIPC": "no",
"PrivateMounts": "no",
"PrivateNetwork": "no",
"PrivateTmp": "no",
"PrivateUsers": "no",
"ProcSubset": "all",
"ProtectClock": "no",
"ProtectControlGroups": "no",
"ProtectHome": "no",
"ProtectHostname": "no",
"ProtectKernelLogs": "no",
"ProtectKernelModules": "no",
"ProtectKernelTunables": "no",
"ProtectProc": "default",
"ProtectSystem": "no",
"RefuseManualStart": "no",
"RefuseManualStop": "no",
"ReloadResult": "success",
"ReloadSignal": "1",
"RemainAfterExit": "no",
"RemoveIPC": "no",
"Requires": "sysinit.target dbus.socket system.slice",
"Restart": "no",
"RestartKillSignal": "15",
"RestartUSec": "100ms",
"RestrictNamespaces": "no",
"RestrictRealtime": "no",
"RestrictSUIDSGID": "no",
"Result": "success",
"RootDirectoryStartOnly": "no",
"RuntimeDirectoryMode": "0755",
"RuntimeDirectoryPreserve": "no",
"RuntimeMaxUSec": "infinity",
"RuntimeRandomizedExtraUSec": "0",
"SameProcessGroup": "no",
"SecureBits": "0",
"SendSIGHUP": "no",
"SendSIGKILL": "yes",
"Slice": "system.slice",
"StandardError": "inherit",
"StandardInput": "null",
"StandardOutput": "journal",
"StartLimitAction": "none",
"StartLimitBurst": "5",
"StartLimitIntervalUSec": "10s",
"StartupBlockIOWeight": "[not set]",
"StartupCPUShares": "[not set]",
"StartupCPUWeight": "[not set]",
"StartupIOWeight": "[not set]",
"StateChangeTimestampMonotonic": "0",
"StateDirectoryMode": "0755",
"StatusErrno": "0",
"StopWhenUnneeded": "no",
"SubState": "dead",
"SuccessAction": "none",
"SyslogFacility": "3",
"SyslogLevel": "6",
"SyslogLevelPrefix": "yes",
"SyslogPriority": "30",
"SystemCallErrorNumber": "2147483646",
"TTYReset": "no",
"TTYVHangup": "no",
"TTYVTDisallocate": "no",
"TasksAccounting": "yes",
"TasksCurrent": "[not set]",
"TasksMax": "22329",
"TimeoutAbortUSec": "1min 30s",
"TimeoutCleanUSec": "infinity",
"TimeoutStartFailureMode": "terminate",
"TimeoutStartUSec": "1min 30s",
"TimeoutStopFailureMode": "terminate",
"TimeoutStopUSec": "1min 30s",
"TimerSlackNSec": "50000",
"Transient": "no",
"Type": "dbus",
"UID": "[not set]",
"UMask": "0022",
"UnitFilePreset": "disabled",
"UnitFileState": "disabled",
"UtmpMode": "init",
"WatchdogSignal": "6",
"WatchdogTimestampMonotonic": "0",
"WatchdogUSec": "infinity"
}
}
TASK [fedora.linux_system_roles.certificate : Ensure certificate requests] *****
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:101
Saturday 16 November 2024 11:36:06 -0500 (0:00:00.858) 0:00:28.079 *****
changed: [managed-node1] => (item={'name': 'monger-cockpit', 'dns': ['localhost', 'www.example.com'], 'ca': 'local', 'group': 'cockpit-wsinstance', 'run_after': 'DEST=/etc/cockpit/ws-certs.d/monger-cockpit.cert\ncat /etc/pki/tls/certs/monger-cockpit.crt \\\n/etc/pki/tls/private/monger-cockpit.key > $DEST\nchmod 640 $DEST\nchown root:cockpit-wsinstance $DEST\n'}) => {
"ansible_loop_var": "item",
"changed": true,
"item": {
"ca": "local",
"dns": [
"localhost",
"www.example.com"
],
"group": "cockpit-wsinstance",
"name": "monger-cockpit",
"run_after": "DEST=/etc/cockpit/ws-certs.d/monger-cockpit.cert\ncat /etc/pki/tls/certs/monger-cockpit.crt \\\n/etc/pki/tls/private/monger-cockpit.key > $DEST\nchmod 640 $DEST\nchown root:cockpit-wsinstance $DEST\n"
}
}
MSG:
Certificate requested (new). Pre/Post run hooks updated. File attributes updated.
TASK [fedora.linux_system_roles.certificate : Slurp the contents of the files] ***
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:152
Saturday 16 November 2024 11:36:07 -0500 (0:00:00.981) 0:00:29.061 *****
skipping: [managed-node1] => (item=['cert', {'name': 'monger-cockpit', 'dns': ['localhost', 'www.example.com'], 'ca': 'local', 'group': 'cockpit-wsinstance', 'run_after': 'DEST=/etc/cockpit/ws-certs.d/monger-cockpit.cert\ncat /etc/pki/tls/certs/monger-cockpit.crt \\\n/etc/pki/tls/private/monger-cockpit.key > $DEST\nchmod 640 $DEST\nchown root:cockpit-wsinstance $DEST\n'}]) => {
"ansible_loop_var": "item",
"changed": false,
"false_condition": "certificate_test_mode | d(false)",
"item": [
"cert",
{
"ca": "local",
"dns": [
"localhost",
"www.example.com"
],
"group": "cockpit-wsinstance",
"name": "monger-cockpit",
"run_after": "DEST=/etc/cockpit/ws-certs.d/monger-cockpit.cert\ncat /etc/pki/tls/certs/monger-cockpit.crt \\\n/etc/pki/tls/private/monger-cockpit.key > $DEST\nchmod 640 $DEST\nchown root:cockpit-wsinstance $DEST\n"
}
],
"skip_reason": "Conditional result was False"
}
skipping: [managed-node1] => (item=['key', {'name': 'monger-cockpit', 'dns': ['localhost', 'www.example.com'], 'ca': 'local', 'group': 'cockpit-wsinstance', 'run_after': 'DEST=/etc/cockpit/ws-certs.d/monger-cockpit.cert\ncat /etc/pki/tls/certs/monger-cockpit.crt \\\n/etc/pki/tls/private/monger-cockpit.key > $DEST\nchmod 640 $DEST\nchown root:cockpit-wsinstance $DEST\n'}]) => {
"ansible_loop_var": "item",
"changed": false,
"false_condition": "certificate_test_mode | d(false)",
"item": [
"key",
{
"ca": "local",
"dns": [
"localhost",
"www.example.com"
],
"group": "cockpit-wsinstance",
"name": "monger-cockpit",
"run_after": "DEST=/etc/cockpit/ws-certs.d/monger-cockpit.cert\ncat /etc/pki/tls/certs/monger-cockpit.crt \\\n/etc/pki/tls/private/monger-cockpit.key > $DEST\nchmod 640 $DEST\nchown root:cockpit-wsinstance $DEST\n"
}
],
"skip_reason": "Conditional result was False"
}
skipping: [managed-node1] => (item=['ca', {'name': 'monger-cockpit', 'dns': ['localhost', 'www.example.com'], 'ca': 'local', 'group': 'cockpit-wsinstance', 'run_after': 'DEST=/etc/cockpit/ws-certs.d/monger-cockpit.cert\ncat /etc/pki/tls/certs/monger-cockpit.crt \\\n/etc/pki/tls/private/monger-cockpit.key > $DEST\nchmod 640 $DEST\nchown root:cockpit-wsinstance $DEST\n'}]) => {
"ansible_loop_var": "item",
"changed": false,
"false_condition": "certificate_test_mode | d(false)",
"item": [
"ca",
{
"ca": "local",
"dns": [
"localhost",
"www.example.com"
],
"group": "cockpit-wsinstance",
"name": "monger-cockpit",
"run_after": "DEST=/etc/cockpit/ws-certs.d/monger-cockpit.cert\ncat /etc/pki/tls/certs/monger-cockpit.crt \\\n/etc/pki/tls/private/monger-cockpit.key > $DEST\nchmod 640 $DEST\nchown root:cockpit-wsinstance $DEST\n"
}
],
"skip_reason": "Conditional result was False"
}
skipping: [managed-node1] => {
"changed": false
}
MSG:
All items skipped
TASK [fedora.linux_system_roles.certificate : Create return data] **************
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:160
Saturday 16 November 2024 11:36:07 -0500 (0:00:00.090) 0:00:29.151 *****
skipping: [managed-node1] => {
"changed": false,
"false_condition": "certificate_test_mode | d(false)",
"skip_reason": "Conditional result was False"
}
TASK [fedora.linux_system_roles.certificate : Stop tracking certificates] ******
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:176
Saturday 16 November 2024 11:36:07 -0500 (0:00:00.065) 0:00:29.217 *****
skipping: [managed-node1] => {
"changed": false,
"false_condition": "certificate_test_mode | d(false)",
"skip_reason": "Conditional result was False"
}
TASK [fedora.linux_system_roles.certificate : Remove files] ********************
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:181
Saturday 16 November 2024 11:36:07 -0500 (0:00:00.068) 0:00:29.285 *****
skipping: [managed-node1] => {
"changed": false,
"false_condition": "certificate_test_mode | d(false)",
"skip_reason": "Conditional result was False"
}
TASK [Restart cockpit to use the new certificates] *****************************
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tests_certificate_runafter.yml:57
Saturday 16 November 2024 11:36:07 -0500 (0:00:00.067) 0:00:29.353 *****
skipping: [managed-node1] => {
"changed": false,
"false_condition": "__cockpit_is_ostree | d(false)",
"skip_reason": "Conditional result was False"
}
TASK [Get PEM of certmonger's local CA] ****************************************
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tests_certificate_runafter.yml:64
Saturday 16 November 2024 11:36:07 -0500 (0:00:00.083) 0:00:29.436 *****
changed: [managed-node1] => {
"changed": true,
"cmd": [
"openssl",
"pkcs12",
"-in",
"/var/lib/certmonger/local/creds",
"-out",
"/var/lib/certmonger/local/ca.pem",
"-nokeys",
"-nodes",
"-passin",
"pass:"
],
"delta": "0:00:00.008735",
"end": "2024-11-16 11:36:08.446308",
"rc": 0,
"start": "2024-11-16 11:36:08.437573"
}
TASK [Test - cockpit works with TLS and expected certificate] ******************
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tests_certificate_runafter.yml:72
Saturday 16 November 2024 11:36:08 -0500 (0:00:00.545) 0:00:29.981 *****
ok: [managed-node1] => {
"changed": false,
"cmd": [
"curl",
"--cacert",
"/var/lib/certmonger/local/ca.pem",
"https://localhost:9090"
],
"delta": "0:00:00.188896",
"end": "2024-11-16 11:36:09.007812",
"rc": 0,
"start": "2024-11-16 11:36:08.818916"
}
STDOUT:
Loading...
Please enable JavaScript to use the Web Console.
A modern browser is required for security, reliability, and performance.
Download a new browser for free
Bypass browser check
Validating authentication token
STDERR:
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
100 11803 0 11803 0 0 65572 0 --:--:-- --:--:-- --:--:-- 65938
TASK [Test - get certmonger tracking status] ***********************************
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tests_certificate_runafter.yml:82
Saturday 16 November 2024 11:36:09 -0500 (0:00:00.574) 0:00:30.555 *****
ok: [managed-node1] => {
"changed": false,
"cmd": [
"getcert",
"list",
"--tracking-only",
"-f",
"/etc/pki/tls/certs/monger-cockpit.crt"
],
"delta": "0:00:00.041535",
"end": "2024-11-16 11:36:09.471585",
"rc": 0,
"start": "2024-11-16 11:36:09.430050"
}
STDOUT:
Number of certificates and requests being tracked: 1.
Request ID '20241116163607':
status: MONITORING
stuck: no
key pair storage: type=FILE,location='/etc/pki/tls/private/monger-cockpit.key'
certificate: type=FILE,location='/etc/pki/tls/certs/monger-cockpit.crt'
CA: local
issuer: CN=dff47709-0dfc462f-b30f339e-45357f09,CN=Local Signing Authority
subject: CN=localhost
issued: 2024-11-16 11:36:07 EST
expires: 2025-11-16 11:36:06 EST
dns: localhost,www.example.com
key usage: digitalSignature,keyEncipherment
eku: id-kp-serverAuth,id-kp-clientAuth
pre-save command:
post-save command: /etc/certmonger/post-scripts/monger-cockpit-59d1099.sh
track: yes
auto-renew: yes
TASK [Test - ensure certificate generation succeeded] **************************
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tests_certificate_runafter.yml:89
Saturday 16 November 2024 11:36:09 -0500 (0:00:00.446) 0:00:31.002 *****
ok: [managed-node1] => {
"changed": false
}
MSG:
All assertions passed
TASK [Test - clean up tracked certificate] *************************************
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tests_certificate_runafter.yml:93
Saturday 16 November 2024 11:36:09 -0500 (0:00:00.021) 0:00:31.024 *****
ok: [managed-node1] => {
"changed": false,
"cmd": [
"getcert",
"stop-tracking",
"-f",
"/etc/pki/tls/certs/monger-cockpit.crt"
],
"delta": "0:00:00.031537",
"end": "2024-11-16 11:36:09.884307",
"rc": 0,
"start": "2024-11-16 11:36:09.852770"
}
STDOUT:
Request "20241116163607" removed.
TASK [Test - clean up generated certificate] ***********************************
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tests_certificate_runafter.yml:100
Saturday 16 November 2024 11:36:09 -0500 (0:00:00.398) 0:00:31.423 *****
changed: [managed-node1] => {
"changed": true,
"path": "/etc/pki/tls/certs/monger-cockpit.crt",
"state": "absent"
}
TASK [Test - clean up generated private key] ***********************************
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tests_certificate_runafter.yml:105
Saturday 16 November 2024 11:36:10 -0500 (0:00:00.411) 0:00:31.834 *****
changed: [managed-node1] => {
"changed": true,
"path": "/etc/pki/tls/private/monger-cockpit.key",
"state": "absent"
}
TASK [Test - clean up copied certificate] **************************************
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tests_certificate_runafter.yml:110
Saturday 16 November 2024 11:36:10 -0500 (0:00:00.402) 0:00:32.237 *****
changed: [managed-node1] => {
"changed": true,
"path": "/etc/cockpit/ws-certs.d/monger-cockpit.cert",
"state": "absent"
}
TASK [Test - generic cleanup] **************************************************
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tests_certificate_runafter.yml:115
Saturday 16 November 2024 11:36:11 -0500 (0:00:00.397) 0:00:32.635 *****
included: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tasks/cleanup.yml for managed-node1
TASK [Cleanup - packages] ******************************************************
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tasks/cleanup.yml:2
Saturday 16 November 2024 11:36:11 -0500 (0:00:00.029) 0:00:32.665 *****
changed: [managed-node1] => {
"changed": true,
"rc": 0,
"results": [
"Removed: cockpit-bridge-327-1.el9.x86_64",
"Removed: cockpit-system-327-1.el9.noarch",
"Removed: cockpit-ws-327-1.el9.x86_64"
]
}
TASK [Cleanup - services] ******************************************************
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tasks/cleanup.yml:15
Saturday 16 November 2024 11:36:22 -0500 (0:00:11.397) 0:00:44.062 *****
skipping: [managed-node1] => {
"changed": false,
"false_condition": "__cockpit_is_ostree | d(false)",
"skip_reason": "Conditional result was False"
}
TASK [Cleanup - find certificates] *********************************************
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tasks/cleanup.yml:25
Saturday 16 November 2024 11:36:22 -0500 (0:00:00.040) 0:00:44.103 *****
[WARNING]: Skipped '/etc/cockpit/ws-certs.d/' path due to this access issue:
'/etc/cockpit/ws-certs.d/' is not a directory
ok: [managed-node1] => {
"changed": false,
"examined": 0,
"files": [],
"matched": 0,
"skipped_paths": {
"/etc/cockpit/ws-certs.d/": "'/etc/cockpit/ws-certs.d/' is not a directory"
}
}
MSG:
Not all paths examined, check warnings for details
TASK [Cleanup - certificates] **************************************************
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tasks/cleanup.yml:35
Saturday 16 November 2024 11:36:23 -0500 (0:00:00.479) 0:00:44.582 *****
skipping: [managed-node1] => {
"changed": false,
"skipped_reason": "No items in the list"
}
TASK [Cleanup - config file] ***************************************************
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tasks/cleanup.yml:44
Saturday 16 November 2024 11:36:23 -0500 (0:00:00.017) 0:00:44.599 *****
ok: [managed-node1] => {
"changed": false,
"path": "/etc/cockpit/cockpit.conf",
"state": "absent"
}
TASK [Cleanup - port customization] ********************************************
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tasks/cleanup.yml:52
Saturday 16 November 2024 11:36:23 -0500 (0:00:00.369) 0:00:44.969 *****
ok: [managed-node1] => {
"changed": false,
"path": "/etc/systemd/system/cockpit.socket.d/",
"state": "absent"
}
TASK [Cleanup - Reload systemd] ************************************************
task path: /tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tasks/cleanup.yml:60
Saturday 16 November 2024 11:36:23 -0500 (0:00:00.365) 0:00:45.335 *****
ok: [managed-node1] => {
"changed": false,
"name": null,
"status": {}
}
PLAY RECAP *********************************************************************
managed-node1 : ok=44 changed=13 unreachable=0 failed=0 skipped=22 rescued=0 ignored=0
Saturday 16 November 2024 11:36:24 -0500 (0:00:00.703) 0:00:46.039 *****
===============================================================================
fedora.linux_system_roles.cockpit : Ensure Cockpit Web Console packages are installed. -- 14.12s
/tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/tasks/setup-dnf.yml:7
Cleanup - packages ----------------------------------------------------- 11.40s
/tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tasks/cleanup.yml:2
fedora.linux_system_roles.certificate : Ensure provider packages are installed --- 3.26s
/tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:23
fedora.linux_system_roles.certificate : Ensure certificate role dependencies are installed --- 3.15s
/tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:5
Gathering Facts --------------------------------------------------------- 1.19s
/tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tests_certificate_runafter.yml:6
fedora.linux_system_roles.cockpit : Ensure Cockpit Web Console is started/stopped and enabled/disabled --- 1.08s
/tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/tasks/main.yml:71
fedora.linux_system_roles.certificate : Ensure certificate requests ----- 0.98s
/tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:101
fedora.linux_system_roles.certificate : Ensure provider service is running --- 0.86s
/tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:90
Cleanup - Reload systemd ------------------------------------------------ 0.70s
/tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tasks/cleanup.yml:60
Test - cockpit works with TLS and expected certificate ------------------ 0.57s
/tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tests_certificate_runafter.yml:72
Get PEM of certmonger's local CA ---------------------------------------- 0.55s
/tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tests_certificate_runafter.yml:64
fedora.linux_system_roles.cockpit : Clean up port configuration file for undefined custom port --- 0.50s
/tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/tasks/main.yml:62
Get name of cockpit group for tests ------------------------------------- 0.49s
/tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tasks/get_cockpit_group.yml:3
fedora.linux_system_roles.cockpit : Check if system is ostree ----------- 0.49s
/tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/cockpit/tasks/set_vars.yml:10
Cleanup - find certificates --------------------------------------------- 0.48s
/tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tasks/cleanup.yml:25
Test - get certmonger tracking status ----------------------------------- 0.45s
/tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tests_certificate_runafter.yml:82
fedora.linux_system_roles.certificate : Ensure pre-scripts hooks directory exists --- 0.43s
/tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:35
fedora.linux_system_roles.certificate : Ensure post-scripts hooks directory exists --- 0.42s
/tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/roles/certificate/tasks/main.yml:61
Test - clean up generated certificate ----------------------------------- 0.41s
/tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tests_certificate_runafter.yml:100
Test - clean up generated private key ----------------------------------- 0.40s
/tmp/collections-r8g/ansible_collections/fedora/linux_system_roles/tests/cockpit/tests_certificate_runafter.yml:105