# STDOUT: ---v---v---v---v---v--- Using /etc/ansible/ansible.cfg as config file PLAY [all] ********************************************************************* TASK [Gathering Facts] ********************************************************* Thursday 18 August 2022 15:14:40 +0000 (0:00:00.029) 0:00:00.029 ******* ok: [sut] TASK [Set up test environment] ************************************************* Thursday 18 August 2022 15:14:41 +0000 (0:00:00.814) 0:00:00.843 ******* included: /WORKDIR/dist-git-vpn-various_improvements-pa50xt/tests/tasks/setup_test.yml for sut TASK [Set platform/version specific variables] ********************************* Thursday 18 August 2022 15:14:41 +0000 (0:00:00.040) 0:00:00.883 ******* TASK [linux-system-roles.vpn : Ensure ansible_facts used by role] ************** Thursday 18 August 2022 15:14:41 +0000 (0:00:00.042) 0:00:00.926 ******* ok: [sut] TASK [linux-system-roles.vpn : Set platform/version specific variables] ******** Thursday 18 August 2022 15:14:41 +0000 (0:00:00.452) 0:00:01.379 ******* skipping: [sut] => (item=RedHat.yml) => { "ansible_loop_var": "item", "changed": false, "item": "RedHat.yml", "skip_reason": "Conditional result was False" } skipping: [sut] => (item=RedHat.yml) => { "ansible_loop_var": "item", "changed": false, "item": "RedHat.yml", "skip_reason": "Conditional result was False" } skipping: [sut] => (item=RedHat_9.yml) => { "ansible_loop_var": "item", "changed": false, "item": "RedHat_9.yml", "skip_reason": "Conditional result was False" } skipping: [sut] => (item=RedHat_9.1.yml) => { "ansible_loop_var": "item", "changed": false, "item": "RedHat_9.1.yml", "skip_reason": "Conditional result was False" } TASK [Change inventory_hostname] *********************************************** Thursday 18 August 2022 15:14:41 +0000 (0:00:00.080) 0:00:01.459 ******* skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [add dummy main host] ***************************************************** Thursday 18 August 2022 15:14:41 +0000 (0:00:00.048) 0:00:01.507 ******* skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [Create nss directory for testing] **************************************** Thursday 18 August 2022 15:14:42 +0000 (0:00:00.046) 0:00:01.554 ******* changed: [sut] => { "changed": true, "gid": 0, "group": "root", "mode": "0600", "owner": "root", "path": "/var/lib/ipsec/nss", "secontext": "unconfined_u:object_r:var_lib_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [Create /etc/ipsec.d directory for testing] ******************************* Thursday 18 August 2022 15:14:42 +0000 (0:00:00.347) 0:00:01.901 ******* changed: [sut] => { "changed": true, "gid": 0, "group": "root", "mode": "0600", "owner": "root", "path": "/etc/ipsec.d", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [Dynamically add more hosts] ********************************************** Thursday 18 August 2022 15:14:42 +0000 (0:00:00.232) 0:00:02.134 ******* included: /WORKDIR/dist-git-vpn-various_improvements-pa50xt/tests/tasks/add_hosts.yml for sut TASK [dynamically add multiple hosts for testing] ****************************** Thursday 18 August 2022 15:14:42 +0000 (0:00:00.033) 0:00:02.167 ******* changed: [sut] => (item=1) => { "add_host": { "groups": [ "testing" ], "host_name": "host01.local", "host_vars": { "cert_name": "dyn_cert", "current_ip": "169.254.1.1", "current_subnet": "169.254.0.0/16" } }, "ansible_loop_var": "item", "changed": true, "item": 1 } changed: [sut] => (item=2) => { "add_host": { "groups": [ "testing" ], "host_name": "host02.local", "host_vars": { "cert_name": "dyn_cert", "current_ip": "169.254.1.1", "current_subnet": "169.254.0.0/16" } }, "ansible_loop_var": "item", "changed": true, "item": 2 } TASK [create mock vpn_connections] ********************************************* Thursday 18 August 2022 15:14:42 +0000 (0:00:00.065) 0:00:02.233 ******* ok: [sut] => { "ansible_facts": { "vpn_connections": [ { "hosts": { "host01.local": "", "host02.local": "", "sut": "" } } ] }, "changed": false } TASK [Create dummy policies directory for testing] ***************************** Thursday 18 August 2022 15:14:42 +0000 (0:00:00.057) 0:00:02.290 ******* changed: [sut] => { "changed": true, "gid": 0, "group": "root", "mode": "0600", "owner": "root", "path": "/etc/ipsec.d/policies", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [Create dummy policy files for testing] *********************************** Thursday 18 August 2022 15:14:43 +0000 (0:00:00.259) 0:00:02.550 ******* changed: [sut] => { "changed": true, "dest": "/etc/ipsec.d/policies/private", "gid": 0, "group": "root", "mode": "0600", "owner": "root", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 0, "state": "file", "uid": 0 } TASK [Create dummy policy files for testing] *********************************** Thursday 18 August 2022 15:14:43 +0000 (0:00:00.264) 0:00:02.814 ******* changed: [sut] => { "changed": true, "dest": "/etc/ipsec.d/policies/private-or-clear", "gid": 0, "group": "root", "mode": "0600", "owner": "root", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 0, "state": "file", "uid": 0 } TASK [Create dummy policy files for testing] *********************************** Thursday 18 August 2022 15:14:43 +0000 (0:00:00.261) 0:00:03.076 ******* changed: [sut] => { "changed": true, "dest": "/etc/ipsec.d/policies/clear", "gid": 0, "group": "root", "mode": "0600", "owner": "root", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 0, "state": "file", "uid": 0 } TASK [Add extra options to check] ********************************************** Thursday 18 August 2022 15:14:43 +0000 (0:00:00.259) 0:00:03.335 ******* ok: [sut] => { "ansible_facts": { "vpn_connections": [ { "auth_method": "cert", "hosts": { "host01.local": "", "host02.local": "", "sut": "" }, "opportunistic": true, "policies": [ { "cidr": "203.0.113.0/24", "policy": "private" }, { "cidr": "198.51.100.0/24", "policy": "clear" } ] } ] }, "changed": false } TASK [add cert_name fact to controller] **************************************** Thursday 18 August 2022 15:14:43 +0000 (0:00:00.058) 0:00:03.394 ******* ok: [sut] => { "ansible_facts": { "cert_name": "main_cert" }, "changed": false } TASK [Use vpn role] ************************************************************ Thursday 18 August 2022 15:14:43 +0000 (0:00:00.051) 0:00:03.446 ******* TASK [linux-system-roles.vpn : set platform/version specific variables] ******** Thursday 18 August 2022 15:14:43 +0000 (0:00:00.058) 0:00:03.505 ******* included: /WORKDIR/dist-git-vpn-various_improvements-pa50xt/tests/roles/linux-system-roles.vpn/tasks/set_vars.yml for sut TASK [linux-system-roles.vpn : Ensure ansible_facts used by role] ************** Thursday 18 August 2022 15:14:43 +0000 (0:00:00.035) 0:00:03.540 ******* ok: [sut] TASK [linux-system-roles.vpn : Set platform/version specific variables] ******** Thursday 18 August 2022 15:14:44 +0000 (0:00:00.449) 0:00:03.990 ******* skipping: [sut] => (item=RedHat.yml) => { "ansible_loop_var": "item", "changed": false, "item": "RedHat.yml", "skip_reason": "Conditional result was False" } skipping: [sut] => (item=RedHat.yml) => { "ansible_loop_var": "item", "changed": false, "item": "RedHat.yml", "skip_reason": "Conditional result was False" } skipping: [sut] => (item=RedHat_9.yml) => { "ansible_loop_var": "item", "changed": false, "item": "RedHat_9.yml", "skip_reason": "Conditional result was False" } skipping: [sut] => (item=RedHat_9.1.yml) => { "ansible_loop_var": "item", "changed": false, "item": "RedHat_9.1.yml", "skip_reason": "Conditional result was False" } TASK [linux-system-roles.vpn : Ensure required packages are installed] ********* Thursday 18 August 2022 15:14:44 +0000 (0:00:00.082) 0:00:04.072 ******* changed: [sut] => { "changed": true, "rc": 0, "results": [ "Installed: ldns-1.7.1-11.el9.x86_64", "Installed: nss-softokn-3.79.0-11.el9_0.x86_64", "Installed: unbound-libs-1.16.2-2.el9.x86_64", "Installed: nss-softokn-freebl-3.79.0-11.el9_0.x86_64", "Installed: protobuf-c-1.3.3-12.el9.x86_64", "Installed: nss-sysinit-3.79.0-11.el9_0.x86_64", "Installed: nss-tools-3.79.0-11.el9_0.x86_64", "Installed: nss-util-3.79.0-11.el9_0.x86_64", "Installed: nspr-4.34.0-11.el9_0.x86_64", "Installed: nss-3.79.0-11.el9_0.x86_64", "Installed: libreswan-4.6-3.el9.x86_64" ] } TASK [linux-system-roles.vpn : Ensure OpenSSL is installed on the controller] *** Thursday 18 August 2022 15:14:49 +0000 (0:00:04.521) 0:00:08.594 ******* fatal: [sut -> localhost]: FAILED! => { "changed": false, "cmd": "dnf install -y python3-dnf", "rc": 1, "results": [] } STDERR: Error: This command has to be run with superuser privileges (under the root user on most systems). MSG: Could not import the dnf python module using /opt/ansible-2.9/bin/python3.6 (3.6.8 (default, Mar 25 2022, 11:15:52) [GCC 8.5.0 20210514 (Red Hat 8.5.0-10)]). Please install `python3-dnf` package or ensure you have specified the correct ansible_python_interpreter. NO MORE HOSTS LEFT ************************************************************* to retry, use: --limit @/tmp/tests_mesh_cert.retry PLAY RECAP ********************************************************************* sut : ok=17 changed=8 unreachable=0 failed=1 skipped=4 rescued=0 ignored=0 Thursday 18 August 2022 15:14:50 +0000 (0:00:01.042) 0:00:09.636 ******* =============================================================================== linux-system-roles.vpn : Ensure required packages are installed --------- 4.52s linux-system-roles.vpn : Ensure OpenSSL is installed on the controller --- 1.04s Gathering Facts --------------------------------------------------------- 0.81s linux-system-roles.vpn : Ensure ansible_facts used by role -------------- 0.45s linux-system-roles.vpn : Ensure ansible_facts used by role -------------- 0.45s Create nss directory for testing ---------------------------------------- 0.35s Create dummy policy files for testing ----------------------------------- 0.26s Create dummy policy files for testing ----------------------------------- 0.26s Create dummy policies directory for testing ----------------------------- 0.26s Create dummy policy files for testing ----------------------------------- 0.26s Create /etc/ipsec.d directory for testing ------------------------------- 0.23s linux-system-roles.vpn : Set platform/version specific variables -------- 0.08s linux-system-roles.vpn : Set platform/version specific variables -------- 0.08s dynamically add multiple hosts for testing ------------------------------ 0.07s Use vpn role ------------------------------------------------------------ 0.06s Add extra options to check ---------------------------------------------- 0.06s create mock vpn_connections --------------------------------------------- 0.06s add cert_name fact to controller ---------------------------------------- 0.05s Change inventory_hostname ----------------------------------------------- 0.05s add dummy main host ----------------------------------------------------- 0.05s ---^---^---^---^---^--- # STDERR: ---v---v---v---v---v--- /opt/ansible-2.9/lib/python3.6/site-packages/ansible/parsing/vault/__init__.py:44: CryptographyDeprecationWarning: Python 3.6 is no longer supported by the Python core team. Therefore, support for it is deprecated in cryptography and will be removed in a future release. from cryptography.exceptions import InvalidSignature ---^---^---^---^---^---