# STDOUT: ---v---v---v---v---v--- ansible-playbook [core 2.13.6] config file = /etc/ansible/ansible.cfg configured module search path = ['/home/jenkins/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /opt/ansible-2.13/lib/python3.8/site-packages/ansible ansible collection location = /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection executable location = /opt/ansible-2.13/bin/ansible-playbook python version = 3.8.13 (default, Jun 24 2022, 15:27:57) [GCC 8.5.0 20210514 (Red Hat 8.5.0-13)] jinja version = 3.1.2 libyaml = True Using /etc/ansible/ansible.cfg as config file Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: tests_host_to_host_cert.yml ****************************************** 1 plays in /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tests_host_to_host_cert.yml PLAY [all] ********************************************************************* TASK [Gathering Facts] ********************************************************* task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tests_host_to_host_cert.yml:3 Monday 21 November 2022 19:49:42 +0000 (0:00:00.015) 0:00:00.015 ******* ok: [sut] META: ran handlers TASK [Set up test environment] ************************************************* task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tests_host_to_host_cert.yml:13 Monday 21 November 2022 19:49:43 +0000 (0:00:00.997) 0:00:01.012 ******* included: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tasks/setup_test.yml for sut TASK [Set platform/version specific variables] ********************************* task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tasks/setup_test.yml:2 Monday 21 November 2022 19:49:43 +0000 (0:00:00.035) 0:00:01.048 ******* TASK [fedora.linux_system_roles.vpn : Ensure ansible_facts used by role] ******* task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/set_vars.yml:2 Monday 21 November 2022 19:49:43 +0000 (0:00:00.041) 0:00:01.089 ******* ok: [sut] TASK [fedora.linux_system_roles.vpn : Set platform/version specific variables] *** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/set_vars.yml:7 Monday 21 November 2022 19:49:44 +0000 (0:00:00.460) 0:00:01.550 ******* skipping: [sut] => (item=RedHat.yml) => { "ansible_loop_var": "item", "changed": false, "item": "RedHat.yml", "skip_reason": "Conditional result was False" } ok: [sut] => (item=Fedora.yml) => { "ansible_facts": {}, "ansible_included_var_files": [ "/WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/vars/Fedora.yml" ], "ansible_loop_var": "item", "changed": false, "item": "Fedora.yml" } skipping: [sut] => (item=Fedora_35.yml) => { "ansible_loop_var": "item", "changed": false, "item": "Fedora_35.yml", "skip_reason": "Conditional result was False" } skipping: [sut] => (item=Fedora_35.yml) => { "ansible_loop_var": "item", "changed": false, "item": "Fedora_35.yml", "skip_reason": "Conditional result was False" } META: role_complete for sut TASK [Change inventory_hostname] *********************************************** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tasks/setup_test.yml:10 Monday 21 November 2022 19:49:44 +0000 (0:00:00.067) 0:00:01.618 ******* ok: [sut] => { "ansible_facts": { "inventory_hostname": "mainhost.local" }, "changed": false } TASK [add dummy main host] ***************************************************** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tasks/setup_test.yml:16 Monday 21 November 2022 19:49:44 +0000 (0:00:00.047) 0:00:01.665 ******* creating host via 'add_host': hostname=mainhost.local changed: [sut] => { "add_host": { "groups": [], "host_name": "mainhost.local", "host_vars": {} }, "changed": true } TASK [Create nss directory for testing] **************************************** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tasks/setup_test.yml:22 Monday 21 November 2022 19:49:44 +0000 (0:00:00.048) 0:00:01.714 ******* changed: [sut] => { "changed": true, "gid": 0, "group": "root", "mode": "0600", "owner": "root", "path": "/var/lib/ipsec/nss", "secontext": "unconfined_u:object_r:var_lib_t:s0", "size": 4096, "state": "directory", "uid": 0 } TASK [Create /etc/ipsec.d directory for testing] ******************************* task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tasks/setup_test.yml:28 Monday 21 November 2022 19:49:44 +0000 (0:00:00.409) 0:00:02.123 ******* changed: [sut] => { "changed": true, "gid": 0, "group": "root", "mode": "0600", "owner": "root", "path": "/etc/ipsec.d", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 4096, "state": "directory", "uid": 0 } TASK [Dynamically add more hosts] ********************************************** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tasks/setup_test.yml:34 Monday 21 November 2022 19:49:45 +0000 (0:00:00.250) 0:00:02.374 ******* included: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tasks/add_hosts.yml for sut TASK [dynamically add multiple hosts for testing] ****************************** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tasks/add_hosts.yml:2 Monday 21 November 2022 19:49:45 +0000 (0:00:00.028) 0:00:02.403 ******* creating host via 'add_host': hostname=host01.local creating host via 'add_host': hostname=host02.local changed: [sut] => (item=1) => { "add_host": { "groups": [ "testing" ], "host_name": "host01.local", "host_vars": { "cert_name": "dyn_cert", "current_ip": "169.254.1.1", "current_subnet": "169.254.0.0/16" } }, "ansible_loop_var": "item", "changed": true, "item": 1 } changed: [sut] => (item=2) => { "add_host": { "groups": [ "testing" ], "host_name": "host02.local", "host_vars": { "cert_name": "dyn_cert", "current_ip": "169.254.1.1", "current_subnet": "169.254.0.0/16" } }, "ansible_loop_var": "item", "changed": true, "item": 2 } TASK [create mock vpn_connections] ********************************************* task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tasks/add_hosts.yml:11 Monday 21 November 2022 19:49:45 +0000 (0:00:00.058) 0:00:02.461 ******* ok: [sut] => { "ansible_facts": { "vpn_connections": [ { "hosts": { "host01.local": "", "host02.local": "", "mainhost.local": "", "sut": "" } } ] }, "changed": false } TASK [Create dummy policies directory for testing] ***************************** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tasks/setup_test.yml:39 Monday 21 November 2022 19:49:45 +0000 (0:00:00.033) 0:00:02.495 ******* skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [Create dummy policy files for testing] *********************************** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tasks/setup_test.yml:45 Monday 21 November 2022 19:49:45 +0000 (0:00:00.041) 0:00:02.536 ******* skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [Create dummy policy files for testing] *********************************** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tasks/setup_test.yml:51 Monday 21 November 2022 19:49:45 +0000 (0:00:00.042) 0:00:02.579 ******* skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [Create dummy policy files for testing] *********************************** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tasks/setup_test.yml:57 Monday 21 November 2022 19:49:45 +0000 (0:00:00.042) 0:00:02.621 ******* skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [Add cert options to check] *********************************************** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tests_host_to_host_cert.yml:19 Monday 21 November 2022 19:49:45 +0000 (0:00:00.043) 0:00:02.665 ******* ok: [sut] => { "ansible_facts": { "vpn_connections": [ { "auth_method": "cert", "auto": "start", "hosts": { "host01.local": { "cert_name": "cert2" }, "host02.local": { "cert_name": "cert3" }, "mainhost.local": { "cert_name": "cert1" }, "sut": { "cert_name": "cert4" } }, "name": "tunnel1" } ] }, "changed": false } TASK [Save certname for main host] ********************************************* task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tests_host_to_host_cert.yml:33 Monday 21 November 2022 19:49:45 +0000 (0:00:00.051) 0:00:02.716 ******* ok: [sut] => { "ansible_facts": { "__vpn_main_certname": "cert1" }, "changed": false } TASK [Use vpn role] ************************************************************ task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tests_host_to_host_cert.yml:37 Monday 21 November 2022 19:49:45 +0000 (0:00:00.027) 0:00:02.744 ******* TASK [fedora.linux_system_roles.vpn : set platform/version specific variables] *** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/main.yml:3 Monday 21 November 2022 19:49:45 +0000 (0:00:00.062) 0:00:02.806 ******* included: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/set_vars.yml for sut TASK [fedora.linux_system_roles.vpn : Ensure ansible_facts used by role] ******* task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/set_vars.yml:2 Monday 21 November 2022 19:49:45 +0000 (0:00:00.031) 0:00:02.838 ******* ok: [sut] TASK [fedora.linux_system_roles.vpn : Set platform/version specific variables] *** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/set_vars.yml:7 Monday 21 November 2022 19:49:45 +0000 (0:00:00.459) 0:00:03.298 ******* skipping: [sut] => (item=RedHat.yml) => { "ansible_loop_var": "item", "changed": false, "item": "RedHat.yml", "skip_reason": "Conditional result was False" } ok: [sut] => (item=Fedora.yml) => { "ansible_facts": {}, "ansible_included_var_files": [ "/WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/vars/Fedora.yml" ], "ansible_loop_var": "item", "changed": false, "item": "Fedora.yml" } skipping: [sut] => (item=Fedora_35.yml) => { "ansible_loop_var": "item", "changed": false, "item": "Fedora_35.yml", "skip_reason": "Conditional result was False" } skipping: [sut] => (item=Fedora_35.yml) => { "ansible_loop_var": "item", "changed": false, "item": "Fedora_35.yml", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.vpn : Ensure required packages are installed] *** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/main.yml:6 Monday 21 November 2022 19:49:46 +0000 (0:00:00.065) 0:00:03.363 ******* changed: [sut] => { "changed": true, "rc": 0, "results": [ "Installed: logrotate-3.18.1-4.fc35.x86_64", "Installed: nss-tools-3.83.0-1.fc35.x86_64", "Installed: libreswan-4.9-1.fc35.x86_64", "Installed: ldns-1.8.1-3.fc35.x86_64" ] } TASK [fedora.linux_system_roles.vpn : Configure firewall] ********************** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/main.yml:12 Monday 21 November 2022 19:49:51 +0000 (0:00:05.201) 0:00:08.564 ******* included: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/firewall.yml for sut TASK [Ensure the vpn ports status with the firewall role] ********************** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/firewall.yml:3 Monday 21 November 2022 19:49:51 +0000 (0:00:00.032) 0:00:08.596 ******* skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.vpn : Configure selinux] *********************** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/main.yml:15 Monday 21 November 2022 19:49:51 +0000 (0:00:00.046) 0:00:08.643 ******* included: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/selinux.yml for sut TASK [fedora.linux_system_roles.vpn : Populate service facts] ****************** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/selinux.yml:3 Monday 21 November 2022 19:49:51 +0000 (0:00:00.037) 0:00:08.681 ******* ok: [sut] => { "ansible_facts": { "services": { "NetworkManager-dispatcher.service": { "name": "NetworkManager-dispatcher.service", "source": "systemd", "state": "inactive", "status": "enabled" }, "NetworkManager-wait-online.service": { "name": "NetworkManager-wait-online.service", "source": "systemd", "state": "stopped", "status": "enabled" }, "NetworkManager.service": { "name": "NetworkManager.service", "source": "systemd", "state": "running", "status": "enabled" }, "arp-ethers.service": { "name": "arp-ethers.service", "source": "systemd", "state": "inactive", "status": "disabled" }, "auditd.service": { "name": "auditd.service", "source": "systemd", "state": "running", "status": "enabled" }, "auth-rpcgss-module.service": { "name": "auth-rpcgss-module.service", "source": "systemd", "state": "stopped", "status": "static" }, "autovt@.service": { "name": "autovt@.service", "source": "systemd", "state": "unknown", "status": "alias" }, "bluetooth.service": { "name": "bluetooth.service", "source": "systemd", "state": "inactive", "status": "enabled" }, "chrony-wait.service": { "name": "chrony-wait.service", "source": "systemd", "state": "inactive", "status": "disabled" }, "chronyd.service": { "name": "chronyd.service", "source": "systemd", "state": "running", "status": "enabled" }, "cloud-config.service": { "name": "cloud-config.service", "source": "systemd", "state": "inactive", "status": "disabled" }, "cloud-final.service": { "name": "cloud-final.service", "source": "systemd", "state": "inactive", "status": "disabled" }, "cloud-init-local.service": { "name": "cloud-init-local.service", "source": "systemd", "state": "stopped", "status": "disabled" }, "cloud-init.service": { "name": "cloud-init.service", "source": "systemd", "state": "stopped", "status": "enabled" }, "console-getty.service": { "name": "console-getty.service", "source": "systemd", "state": "inactive", "status": "disabled" }, "container-getty@.service": { "name": "container-getty@.service", "source": "systemd", "state": "unknown", "status": "static" }, "dbus-broker.service": { "name": "dbus-broker.service", "source": "systemd", "state": "running", "status": "enabled" }, "dbus-org.bluez.service": { "name": "dbus-org.bluez.service", "source": "systemd", "state": "inactive", "status": "alias" }, "dbus-org.freedesktop.hostname1.service": { "name": "dbus-org.freedesktop.hostname1.service", "source": "systemd", "state": "inactive", "status": "alias" }, "dbus-org.freedesktop.locale1.service": { "name": "dbus-org.freedesktop.locale1.service", "source": "systemd", "state": "inactive", "status": "alias" }, "dbus-org.freedesktop.login1.service": { "name": "dbus-org.freedesktop.login1.service", "source": "systemd", "state": "active", "status": "alias" }, "dbus-org.freedesktop.nm-dispatcher.service": { "name": "dbus-org.freedesktop.nm-dispatcher.service", "source": "systemd", "state": "inactive", "status": "alias" }, "dbus-org.freedesktop.oom1.service": { "name": "dbus-org.freedesktop.oom1.service", "source": "systemd", "state": "active", "status": "alias" }, "dbus-org.freedesktop.portable1.service": { "name": "dbus-org.freedesktop.portable1.service", "source": "systemd", "state": "inactive", "status": "alias" }, "dbus-org.freedesktop.resolve1.service": { "name": "dbus-org.freedesktop.resolve1.service", "source": "systemd", "state": "active", "status": "alias" }, "dbus-org.freedesktop.timedate1.service": { "name": "dbus-org.freedesktop.timedate1.service", "source": "systemd", "state": "inactive", "status": "alias" }, "dbus.service": { "name": "dbus.service", "source": "systemd", "state": "active", "status": "alias" }, "debug-shell.service": { "name": "debug-shell.service", "source": "systemd", "state": "inactive", "status": "disabled" }, "display-manager.service": { "name": "display-manager.service", "source": "systemd", "state": "stopped", "status": "not-found" }, "dnf-makecache.service": { "name": "dnf-makecache.service", "source": "systemd", "state": "stopped", "status": "static" }, "dracut-cmdline.service": { "name": "dracut-cmdline.service", "source": "systemd", "state": "stopped", "status": "static" }, "dracut-initqueue.service": { "name": "dracut-initqueue.service", "source": "systemd", "state": "stopped", "status": "static" }, "dracut-mount.service": { "name": "dracut-mount.service", "source": "systemd", "state": "stopped", "status": "static" }, "dracut-pre-mount.service": { "name": "dracut-pre-mount.service", "source": "systemd", "state": "stopped", "status": "static" }, "dracut-pre-pivot.service": { "name": "dracut-pre-pivot.service", "source": "systemd", "state": "stopped", "status": "static" }, "dracut-pre-trigger.service": { "name": "dracut-pre-trigger.service", "source": "systemd", "state": "stopped", "status": "static" }, "dracut-pre-udev.service": { "name": "dracut-pre-udev.service", "source": "systemd", "state": "stopped", "status": "static" }, "dracut-shutdown.service": { "name": "dracut-shutdown.service", "source": "systemd", "state": "stopped", "status": "static" }, "emergency.service": { "name": "emergency.service", "source": "systemd", "state": "stopped", "status": "static" }, "firewalld.service": { "name": "firewalld.service", "source": "systemd", "state": "inactive", "status": "disabled" }, "fstrim.service": { "name": "fstrim.service", "source": "systemd", "state": "stopped", "status": "static" }, "fwupd-offline-update.service": { "name": "fwupd-offline-update.service", "source": "systemd", "state": "inactive", "status": "static" }, "fwupd-refresh.service": { "name": "fwupd-refresh.service", "source": "systemd", "state": "inactive", "status": "static" }, "fwupd.service": { "name": "fwupd.service", "source": "systemd", "state": "inactive", "status": "static" }, "getty@.service": { "name": "getty@.service", "source": "systemd", "state": "unknown", "status": "enabled" }, "getty@tty1.service": { "name": "getty@tty1.service", "source": "systemd", "state": "running", "status": "active" }, "grub-boot-indeterminate.service": { "name": "grub-boot-indeterminate.service", "source": "systemd", "state": "inactive", "status": "static" }, "grub2-systemd-integration.service": { "name": "grub2-systemd-integration.service", "source": "systemd", "state": "inactive", "status": "static" }, "gssproxy.service": { "name": "gssproxy.service", "source": "systemd", "state": "running", "status": "disabled" }, "hv_kvp_daemon.service": { "name": "hv_kvp_daemon.service", "source": "systemd", "state": "stopped", "status": "not-found" }, "import-state.service": { "name": "import-state.service", "source": "systemd", "state": "stopped", "status": "enabled" }, "initrd-cleanup.service": { "name": "initrd-cleanup.service", "source": "systemd", "state": "stopped", "status": "static" }, "initrd-parse-etc.service": { "name": "initrd-parse-etc.service", "source": "systemd", "state": "stopped", "status": "static" }, "initrd-switch-root.service": { "name": "initrd-switch-root.service", "source": "systemd", "state": "stopped", "status": "static" }, "initrd-udevadm-cleanup-db.service": { "name": "initrd-udevadm-cleanup-db.service", "source": "systemd", "state": "stopped", "status": "static" }, "ipsec.service": { "name": "ipsec.service", "source": "systemd", "state": "inactive", "status": "disabled" }, "kmod-static-nodes.service": { "name": "kmod-static-nodes.service", "source": "systemd", "state": "stopped", "status": "static" }, "ldconfig.service": { "name": "ldconfig.service", "source": "systemd", "state": "stopped", "status": "static" }, "loadmodules.service": { "name": "loadmodules.service", "source": "systemd", "state": "inactive", "status": "disabled" }, "logrotate.service": { "name": "logrotate.service", "source": "systemd", "state": "stopped", "status": "static" }, "man-db-cache-update.service": { "name": "man-db-cache-update.service", "source": "systemd", "state": "inactive", "status": "static" }, "man-db-restart-cache-update.service": { "name": "man-db-restart-cache-update.service", "source": "systemd", "state": "inactive", "status": "disabled" }, "mdadm-grow-continue@.service": { "name": "mdadm-grow-continue@.service", "source": "systemd", "state": "unknown", "status": "static" }, "mdadm-last-resort@.service": { "name": "mdadm-last-resort@.service", "source": "systemd", "state": "unknown", "status": "static" }, "mdcheck_continue.service": { "name": "mdcheck_continue.service", "source": "systemd", "state": "inactive", "status": "static" }, "mdcheck_start.service": { "name": "mdcheck_start.service", "source": "systemd", "state": "inactive", "status": "static" }, "mdmon@.service": { "name": "mdmon@.service", "source": "systemd", "state": "unknown", "status": "static" }, "mdmonitor-oneshot.service": { "name": "mdmonitor-oneshot.service", "source": "systemd", "state": "inactive", "status": "static" }, "mdmonitor.service": { "name": "mdmonitor.service", "source": "systemd", "state": "stopped", "status": "enabled" }, "modprobe@.service": { "name": "modprobe@.service", "source": "systemd", "state": "unknown", "status": "static" }, "modprobe@configfs.service": { "name": "modprobe@configfs.service", "source": "systemd", "state": "stopped", "status": "inactive" }, "modprobe@drm.service": { "name": "modprobe@drm.service", "source": "systemd", "state": "stopped", "status": "inactive" }, "modprobe@fuse.service": { "name": "modprobe@fuse.service", "source": "systemd", "state": "stopped", "status": "inactive" }, "network.service": { "name": "network.service", "source": "systemd", "state": "stopped", "status": "not-found" }, "nfs-blkmap.service": { "name": "nfs-blkmap.service", "source": "systemd", "state": "stopped", "status": "disabled" }, "nfs-convert.service": { "name": "nfs-convert.service", "source": "systemd", "state": "stopped", "status": "enabled" }, "nfs-idmapd.service": { "name": "nfs-idmapd.service", "source": "systemd", "state": "stopped", "status": "static" }, "nfs-mountd.service": { "name": "nfs-mountd.service", "source": "systemd", "state": "stopped", "status": "static" }, "nfs-server.service": { "name": "nfs-server.service", "source": "systemd", "state": "stopped", "status": "disabled" }, "nfs-utils.service": { "name": "nfs-utils.service", "source": "systemd", "state": "stopped", "status": "static" }, "nfsdcld.service": { "name": "nfsdcld.service", "source": "systemd", "state": "stopped", "status": "static" }, "nftables.service": { "name": "nftables.service", "source": "systemd", "state": "inactive", "status": "disabled" }, "nis-domainname.service": { "name": "nis-domainname.service", "source": "systemd", "state": "inactive", "status": "disabled" }, "ntpd.service": { "name": "ntpd.service", "source": "systemd", "state": "stopped", "status": "not-found" }, "ntpdate.service": { "name": "ntpdate.service", "source": "systemd", "state": "stopped", "status": "not-found" }, "pam_namespace.service": { "name": "pam_namespace.service", "source": "systemd", "state": "inactive", "status": "static" }, "pcscd.service": { "name": "pcscd.service", "source": "systemd", "state": "stopped", "status": "indirect" }, "plymouth-halt.service": { "name": "plymouth-halt.service", "source": "systemd", "state": "inactive", "status": "static" }, "plymouth-kexec.service": { "name": "plymouth-kexec.service", "source": "systemd", "state": "inactive", "status": "static" }, "plymouth-poweroff.service": { "name": "plymouth-poweroff.service", "source": "systemd", "state": "inactive", "status": "static" }, "plymouth-quit-wait.service": { "name": "plymouth-quit-wait.service", "source": "systemd", "state": "stopped", "status": "static" }, "plymouth-quit.service": { "name": "plymouth-quit.service", "source": "systemd", "state": "stopped", "status": "static" }, "plymouth-read-write.service": { "name": "plymouth-read-write.service", "source": "systemd", "state": "stopped", "status": "static" }, "plymouth-reboot.service": { "name": "plymouth-reboot.service", "source": "systemd", "state": "inactive", "status": "static" }, "plymouth-start.service": { "name": "plymouth-start.service", "source": "systemd", "state": "stopped", "status": "static" }, "plymouth-switch-root-initramfs.service": { "name": "plymouth-switch-root-initramfs.service", "source": "systemd", "state": "inactive", "status": "static" }, "plymouth-switch-root.service": { "name": "plymouth-switch-root.service", "source": "systemd", "state": "stopped", "status": "static" }, "polkit.service": { "name": "polkit.service", "source": "systemd", "state": "inactive", "status": "static" }, "quotaon.service": { "name": "quotaon.service", "source": "systemd", "state": "inactive", "status": "static" }, "raid-check.service": { "name": "raid-check.service", "source": "systemd", "state": "stopped", "status": "static" }, "rc-local.service": { "name": "rc-local.service", "source": "systemd", "state": "stopped", "status": "static" }, "rdisc.service": { "name": "rdisc.service", "source": "systemd", "state": "inactive", "status": "disabled" }, "rescue.service": { "name": "rescue.service", "source": "systemd", "state": "stopped", "status": "static" }, "restraintd.service": { "name": "restraintd.service", "source": "systemd", "state": "running", "status": "enabled" }, "rngd.service": { "name": "rngd.service", "source": "systemd", "state": "running", "status": "enabled" }, "rpc-gssd.service": { "name": "rpc-gssd.service", "source": "systemd", "state": "stopped", "status": "static" }, "rpc-statd-notify.service": { "name": "rpc-statd-notify.service", "source": "systemd", "state": "stopped", "status": "static" }, "rpc-statd.service": { "name": "rpc-statd.service", "source": "systemd", "state": "stopped", "status": "static" }, "rpc-svcgssd.service": { "name": "rpc-svcgssd.service", "source": "systemd", "state": "stopped", "status": "not-found" }, "rpcbind.service": { "name": "rpcbind.service", "source": "systemd", "state": "stopped", "status": "disabled" }, "rpmdb-rebuild.service": { "name": "rpmdb-rebuild.service", "source": "systemd", "state": "stopped", "status": "enabled" }, "selinux-autorelabel-mark.service": { "name": "selinux-autorelabel-mark.service", "source": "systemd", "state": "stopped", "status": "enabled" }, "selinux-autorelabel.service": { "name": "selinux-autorelabel.service", "source": "systemd", "state": "inactive", "status": "static" }, "selinux-check-proper-disable.service": { "name": "selinux-check-proper-disable.service", "source": "systemd", "state": "inactive", "status": "disabled" }, "serial-getty@.service": { "name": "serial-getty@.service", "source": "systemd", "state": "unknown", "status": "disabled" }, "sntp.service": { "name": "sntp.service", "source": "systemd", "state": "stopped", "status": "not-found" }, "sshd-keygen.service": { "name": "sshd-keygen.service", "source": "systemd", "state": "stopped", "status": "not-found" }, "sshd-keygen@.service": { "name": "sshd-keygen@.service", "source": "systemd", "state": "unknown", "status": "disabled" }, "sshd-keygen@ecdsa.service": { "name": "sshd-keygen@ecdsa.service", "source": "systemd", "state": "stopped", "status": "inactive" }, "sshd-keygen@ed25519.service": { "name": "sshd-keygen@ed25519.service", "source": "systemd", "state": "stopped", "status": "inactive" }, "sshd-keygen@rsa.service": { "name": "sshd-keygen@rsa.service", "source": "systemd", "state": "stopped", "status": "inactive" }, "sshd.service": { "name": "sshd.service", "source": "systemd", "state": "running", "status": "enabled" }, "sshd@.service": { "name": "sshd@.service", "source": "systemd", "state": "unknown", "status": "static" }, "sssd-autofs.service": { "name": "sssd-autofs.service", "source": "systemd", "state": "inactive", "status": "indirect" }, "sssd-kcm.service": { "name": "sssd-kcm.service", "source": "systemd", "state": "stopped", "status": "indirect" }, "sssd-nss.service": { "name": "sssd-nss.service", "source": "systemd", "state": "inactive", "status": "indirect" }, "sssd-pac.service": { "name": "sssd-pac.service", "source": "systemd", "state": "inactive", "status": "indirect" }, "sssd-pam.service": { "name": "sssd-pam.service", "source": "systemd", "state": "inactive", "status": "indirect" }, "sssd-ssh.service": { "name": "sssd-ssh.service", "source": "systemd", "state": "inactive", "status": "indirect" }, "sssd-sudo.service": { "name": "sssd-sudo.service", "source": "systemd", "state": "inactive", "status": "indirect" }, "sssd.service": { "name": "sssd.service", "source": "systemd", "state": "stopped", "status": "enabled" }, "syslog.service": { "name": "syslog.service", "source": "systemd", "state": "stopped", "status": "not-found" }, "system-update-cleanup.service": { "name": "system-update-cleanup.service", "source": "systemd", "state": "inactive", "status": "static" }, "systemd-ask-password-console.service": { "name": "systemd-ask-password-console.service", "source": "systemd", "state": "stopped", "status": "static" }, "systemd-ask-password-plymouth.service": { "name": "systemd-ask-password-plymouth.service", "source": "systemd", "state": "stopped", "status": "static" }, "systemd-ask-password-wall.service": { "name": "systemd-ask-password-wall.service", "source": "systemd", "state": "stopped", "status": "static" }, "systemd-backlight@.service": { "name": "systemd-backlight@.service", "source": "systemd", "state": "unknown", "status": "static" }, "systemd-binfmt.service": { "name": "systemd-binfmt.service", "source": "systemd", "state": "stopped", "status": "static" }, "systemd-bless-boot.service": { "name": "systemd-bless-boot.service", "source": "systemd", "state": "inactive", "status": "static" }, "systemd-boot-check-no-failures.service": { "name": "systemd-boot-check-no-failures.service", "source": "systemd", "state": "inactive", "status": "disabled" }, "systemd-boot-system-token.service": { "name": "systemd-boot-system-token.service", "source": "systemd", "state": "stopped", "status": "static" }, "systemd-coredump@.service": { "name": "systemd-coredump@.service", "source": "systemd", "state": "unknown", "status": "static" }, "systemd-exit.service": { "name": "systemd-exit.service", "source": "systemd", "state": "inactive", "status": "static" }, "systemd-firstboot.service": { "name": "systemd-firstboot.service", "source": "systemd", "state": "stopped", "status": "static" }, "systemd-fsck-root.service": { "name": "systemd-fsck-root.service", "source": "systemd", "state": "stopped", "status": "enabled-runtime" }, "systemd-fsck@.service": { "name": "systemd-fsck@.service", "source": "systemd", "state": "unknown", "status": "static" }, "systemd-halt.service": { "name": "systemd-halt.service", "source": "systemd", "state": "inactive", "status": "static" }, "systemd-hibernate-resume@.service": { "name": "systemd-hibernate-resume@.service", "source": "systemd", "state": "unknown", "status": "static" }, "systemd-hibernate.service": { "name": "systemd-hibernate.service", "source": "systemd", "state": "inactive", "status": "static" }, "systemd-homed-activate.service": { "name": "systemd-homed-activate.service", "source": "systemd", "state": "inactive", "status": "disabled" }, "systemd-homed.service": { "name": "systemd-homed.service", "source": "systemd", "state": "inactive", "status": "disabled" }, "systemd-hostnamed.service": { "name": "systemd-hostnamed.service", "source": "systemd", "state": "inactive", "status": "static" }, "systemd-hwdb-update.service": { "name": "systemd-hwdb-update.service", "source": "systemd", "state": "stopped", "status": "static" }, "systemd-hybrid-sleep.service": { "name": "systemd-hybrid-sleep.service", "source": "systemd", "state": "inactive", "status": "static" }, "systemd-initctl.service": { "name": "systemd-initctl.service", "source": "systemd", "state": "stopped", "status": "static" }, "systemd-journal-catalog-update.service": { "name": "systemd-journal-catalog-update.service", "source": "systemd", "state": "stopped", "status": "static" }, "systemd-journal-flush.service": { "name": "systemd-journal-flush.service", "source": "systemd", "state": "stopped", "status": "static" }, "systemd-journald.service": { "name": "systemd-journald.service", "source": "systemd", "state": "running", "status": "static" }, "systemd-journald@.service": { "name": "systemd-journald@.service", "source": "systemd", "state": "unknown", "status": "static" }, "systemd-kexec.service": { "name": "systemd-kexec.service", "source": "systemd", "state": "inactive", "status": "static" }, "systemd-localed.service": { "name": "systemd-localed.service", "source": "systemd", "state": "inactive", "status": "static" }, "systemd-logind.service": { "name": "systemd-logind.service", "source": "systemd", "state": "running", "status": "static" }, "systemd-machine-id-commit.service": { "name": "systemd-machine-id-commit.service", "source": "systemd", "state": "stopped", "status": "static" }, "systemd-modules-load.service": { "name": "systemd-modules-load.service", "source": "systemd", "state": "stopped", "status": "static" }, "systemd-network-generator.service": { "name": "systemd-network-generator.service", "source": "systemd", "state": "stopped", "status": "enabled" }, "systemd-networkd-wait-online.service": { "name": "systemd-networkd-wait-online.service", "source": "systemd", "state": "stopped", "status": "disabled" }, "systemd-networkd.service": { "name": "systemd-networkd.service", "source": "systemd", "state": "stopped", "status": "disabled" }, "systemd-oomd.service": { "name": "systemd-oomd.service", "source": "systemd", "state": "running", "status": "enabled" }, "systemd-portabled.service": { "name": "systemd-portabled.service", "source": "systemd", "state": "inactive", "status": "static" }, "systemd-poweroff.service": { "name": "systemd-poweroff.service", "source": "systemd", "state": "inactive", "status": "static" }, "systemd-pstore.service": { "name": "systemd-pstore.service", "source": "systemd", "state": "inactive", "status": "disabled" }, "systemd-quotacheck.service": { "name": "systemd-quotacheck.service", "source": "systemd", "state": "inactive", "status": "static" }, "systemd-random-seed.service": { "name": "systemd-random-seed.service", "source": "systemd", "state": "stopped", "status": "static" }, "systemd-reboot.service": { "name": "systemd-reboot.service", "source": "systemd", "state": "inactive", "status": "static" }, "systemd-remount-fs.service": { "name": "systemd-remount-fs.service", "source": "systemd", "state": "stopped", "status": "enabled-runtime" }, "systemd-repart.service": { "name": "systemd-repart.service", "source": "systemd", "state": "stopped", "status": "static" }, "systemd-resolved.service": { "name": "systemd-resolved.service", "source": "systemd", "state": "running", "status": "enabled" }, "systemd-rfkill.service": { "name": "systemd-rfkill.service", "source": "systemd", "state": "stopped", "status": "static" }, "systemd-suspend-then-hibernate.service": { "name": "systemd-suspend-then-hibernate.service", "source": "systemd", "state": "inactive", "status": "static" }, "systemd-suspend.service": { "name": "systemd-suspend.service", "source": "systemd", "state": "inactive", "status": "static" }, "systemd-sysctl.service": { "name": "systemd-sysctl.service", "source": "systemd", "state": "stopped", "status": "static" }, "systemd-sysext.service": { "name": "systemd-sysext.service", "source": "systemd", "state": "inactive", "status": "disabled" }, "systemd-sysusers.service": { "name": "systemd-sysusers.service", "source": "systemd", "state": "stopped", "status": "static" }, "systemd-time-wait-sync.service": { "name": "systemd-time-wait-sync.service", "source": "systemd", "state": "inactive", "status": "disabled" }, "systemd-timedated.service": { "name": "systemd-timedated.service", "source": "systemd", "state": "inactive", "status": "static" }, "systemd-timesyncd.service": { "name": "systemd-timesyncd.service", "source": "systemd", "state": "stopped", "status": "disabled" }, "systemd-tmpfiles-clean.service": { "name": "systemd-tmpfiles-clean.service", "source": "systemd", "state": "stopped", "status": "static" }, "systemd-tmpfiles-setup-dev.service": { "name": "systemd-tmpfiles-setup-dev.service", "source": "systemd", "state": "stopped", "status": "static" }, "systemd-tmpfiles-setup.service": { "name": "systemd-tmpfiles-setup.service", "source": "systemd", "state": "stopped", "status": "static" }, "systemd-udev-settle.service": { "name": "systemd-udev-settle.service", "source": "systemd", "state": "stopped", "status": "static" }, "systemd-udev-trigger.service": { "name": "systemd-udev-trigger.service", "source": "systemd", "state": "stopped", "status": "static" }, "systemd-udevd.service": { "name": "systemd-udevd.service", "source": "systemd", "state": "running", "status": "static" }, "systemd-update-done.service": { "name": "systemd-update-done.service", "source": "systemd", "state": "stopped", "status": "static" }, "systemd-update-utmp-runlevel.service": { "name": "systemd-update-utmp-runlevel.service", "source": "systemd", "state": "stopped", "status": "static" }, "systemd-update-utmp.service": { "name": "systemd-update-utmp.service", "source": "systemd", "state": "stopped", "status": "static" }, "systemd-user-sessions.service": { "name": "systemd-user-sessions.service", "source": "systemd", "state": "stopped", "status": "static" }, "systemd-userdbd.service": { "name": "systemd-userdbd.service", "source": "systemd", "state": "running", "status": "indirect" }, "systemd-vconsole-setup.service": { "name": "systemd-vconsole-setup.service", "source": "systemd", "state": "stopped", "status": "static" }, "systemd-volatile-root.service": { "name": "systemd-volatile-root.service", "source": "systemd", "state": "inactive", "status": "static" }, "systemd-zram-setup@.service": { "name": "systemd-zram-setup@.service", "source": "systemd", "state": "unknown", "status": "static" }, "systemd-zram-setup@zram0.service": { "name": "systemd-zram-setup@zram0.service", "source": "systemd", "state": "stopped", "status": "active" }, "udisks2.service": { "name": "udisks2.service", "source": "systemd", "state": "stopped", "status": "enabled" }, "unbound-anchor.service": { "name": "unbound-anchor.service", "source": "systemd", "state": "stopped", "status": "static" }, "user-runtime-dir@.service": { "name": "user-runtime-dir@.service", "source": "systemd", "state": "unknown", "status": "static" }, "user-runtime-dir@0.service": { "name": "user-runtime-dir@0.service", "source": "systemd", "state": "stopped", "status": "active" }, "user@.service": { "name": "user@.service", "source": "systemd", "state": "unknown", "status": "static" }, "user@0.service": { "name": "user@0.service", "source": "systemd", "state": "running", "status": "active" } } }, "changed": false } TASK [fedora.linux_system_roles.vpn : Get the ipsec tcp service ports] ********* task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/selinux.yml:7 Monday 21 November 2022 19:49:53 +0000 (0:00:02.516) 0:00:11.197 ******* skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.vpn : Initialize _vpn_selinux] ***************** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/selinux.yml:15 Monday 21 November 2022 19:49:53 +0000 (0:00:00.042) 0:00:11.240 ******* skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.vpn : Add the ipsec service ports to _vpn_selinux] *** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/selinux.yml:19 Monday 21 November 2022 19:49:53 +0000 (0:00:00.037) 0:00:11.277 ******* skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [Ensure the service and the ports status with the selinux role] *********** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/selinux.yml:26 Monday 21 November 2022 19:49:53 +0000 (0:00:00.040) 0:00:11.318 ******* skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.vpn : Ensure OpenSSL is installed on the controller] *** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/main.yml:23 Monday 21 November 2022 19:49:54 +0000 (0:00:00.041) 0:00:11.360 ******* skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.vpn : Enforce default auth method as needed] *** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/main.yml:31 Monday 21 November 2022 19:49:54 +0000 (0:00:00.059) 0:00:11.419 ******* ok: [sut -> localhost] => { "ansible_facts": { "vpn_connections": [ { "auth_method": "cert", "auto": "start", "hosts": { "host01.local": { "cert_name": "cert2" }, "host02.local": { "cert_name": "cert3" }, "mainhost.local": { "cert_name": "cert1" }, "sut": { "cert_name": "cert4" } }, "name": "tunnel1" } ] }, "changed": false } TASK [fedora.linux_system_roles.vpn : Make sure that the hosts list is not empty] *** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/main.yml:41 Monday 21 November 2022 19:49:54 +0000 (0:00:00.058) 0:00:11.478 ******* skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.vpn : Make sure there is at least one pair of hosts in each connection] *** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/main.yml:55 Monday 21 November 2022 19:49:54 +0000 (0:00:00.056) 0:00:11.535 ******* ok: [sut -> localhost] => { "ansible_facts": { "vpn_connections": [ { "auth_method": "cert", "auto": "start", "hosts": { "host01.local": { "cert_name": "cert2" }, "host02.local": { "cert_name": "cert3" }, "mainhost.local": { "cert_name": "cert1" }, "sut": { "cert_name": "cert4" } }, "name": "tunnel1" } ] }, "changed": false } TASK [fedora.linux_system_roles.vpn : Ensure cert_names are populated when auth_method is cert] *** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/main.yml:69 Monday 21 November 2022 19:49:54 +0000 (0:00:00.062) 0:00:11.597 ******* skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.vpn : Generate PSKs or use provided shared_key_content] *** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/main.yml:95 Monday 21 November 2022 19:49:54 +0000 (0:00:00.072) 0:00:11.670 ******* ok: [sut -> localhost] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } TASK [fedora.linux_system_roles.vpn : set psks for hosts] ********************** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/main.yml:134 Monday 21 November 2022 19:49:54 +0000 (0:00:00.065) 0:00:11.736 ******* ok: [sut] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } TASK [fedora.linux_system_roles.vpn : create ipsec.conf files] ***************** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/main.yml:158 Monday 21 November 2022 19:49:54 +0000 (0:00:00.166) 0:00:11.902 ******* changed: [sut] => (item=host01.local) => { "ansible_loop_var": "item", "changed": true, "checksum": "4e3df591f6543d6f8eef59524146c6ef56165e98", "dest": "/etc/ipsec.d/mainhost.local-to-host01.local.conf", "gid": 0, "group": "root", "item": "host01.local", "md5sum": "fc9e80b2d4429b1b8462b9737a24496a", "mode": "0644", "owner": "root", "secontext": "system_u:object_r:ipsec_key_file_t:s0", "size": 244, "src": "/root/.ansible/tmp/ansible-tmp-1669060194.6525404-2235-60582923788786/source", "state": "file", "uid": 0 } changed: [sut] => (item=host02.local) => { "ansible_loop_var": "item", "changed": true, "checksum": "0a875331c613d0ccd0b4b8b362177f2763477769", "dest": "/etc/ipsec.d/mainhost.local-to-host02.local.conf", "gid": 0, "group": "root", "item": "host02.local", "md5sum": "fc7a5e9b30c7c2a8c32a41c975768c0e", "mode": "0644", "owner": "root", "secontext": "system_u:object_r:ipsec_key_file_t:s0", "size": 244, "src": "/root/.ansible/tmp/ansible-tmp-1669060195.6683986-2235-23271017386607/source", "state": "file", "uid": 0 } changed: [sut] => (item=sut) => { "ansible_loop_var": "item", "changed": true, "checksum": "6dc0f6837a5239953b5457358cd6eebd088763e4", "dest": "/etc/ipsec.d/mainhost.local-to-sut.conf", "gid": 0, "group": "root", "item": "sut", "md5sum": "f21639266422b890d59c652df6de87e8", "mode": "0644", "owner": "root", "secontext": "system_u:object_r:ipsec_key_file_t:s0", "size": 242, "src": "/root/.ansible/tmp/ansible-tmp-1669060196.3502576-2235-180770783483305/source", "state": "file", "uid": 0 } NOTIFIED HANDLER fedora.linux_system_roles.vpn : restart vpn service and wait for ssh conn to return for sut NOTIFIED HANDLER fedora.linux_system_roles.vpn : restart vpn service and wait for ssh conn to return for sut TASK [fedora.linux_system_roles.vpn : check if secrets file already exists] **** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/main.yml:166 Monday 21 November 2022 19:49:57 +0000 (0:00:02.440) 0:00:14.342 ******* ok: [sut] => (item=host01.local) => { "ansible_loop_var": "item", "changed": false, "item": "host01.local", "stat": { "exists": false } } ok: [sut] => (item=host02.local) => { "ansible_loop_var": "item", "changed": false, "item": "host02.local", "stat": { "exists": false } } ok: [sut] => (item=sut) => { "ansible_loop_var": "item", "changed": false, "item": "sut", "stat": { "exists": false } } TASK [fedora.linux_system_roles.vpn : create ipsec.secrets files] ************** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/main.yml:172 Monday 21 November 2022 19:49:57 +0000 (0:00:00.703) 0:00:15.046 ******* changed: [sut] => (item={'changed': False, 'stat': {'exists': False}, 'invocation': {'module_args': {'path': '/etc/ipsec.d/mainhost.local-to-host01.local.secrets', 'follow': False, 'get_md5': False, 'get_checksum': True, 'get_mime': True, 'get_attributes': True, 'checksum_algorithm': 'sha1'}}, 'failed': False, 'item': 'host01.local', 'ansible_loop_var': 'item'}) => { "ansible_loop_var": "item", "changed": true, "checksum": "4425a48c9740c4e46bb0c2e266f82526ecbb0da8", "dest": "/etc/ipsec.d/mainhost.local-to-host01.local.secrets", "gid": 0, "group": "root", "item": { "ansible_loop_var": "item", "changed": false, "failed": false, "invocation": { "module_args": { "checksum_algorithm": "sha1", "follow": false, "get_attributes": true, "get_checksum": true, "get_md5": false, "get_mime": true, "path": "/etc/ipsec.d/mainhost.local-to-host01.local.secrets" } }, "item": "host01.local", "stat": { "exists": false } }, "md5sum": "237848764286796c34a8f1867abdb047", "mode": "0600", "owner": "root", "secontext": "system_u:object_r:ipsec_key_file_t:s0", "size": 66, "src": "/root/.ansible/tmp/ansible-tmp-1669060197.7794352-2267-14039326036685/source", "state": "file", "uid": 0 } changed: [sut] => (item={'changed': False, 'stat': {'exists': False}, 'invocation': {'module_args': {'path': '/etc/ipsec.d/mainhost.local-to-host02.local.secrets', 'follow': False, 'get_md5': False, 'get_checksum': True, 'get_mime': True, 'get_attributes': True, 'checksum_algorithm': 'sha1'}}, 'failed': False, 'item': 'host02.local', 'ansible_loop_var': 'item'}) => { "ansible_loop_var": "item", "changed": true, "checksum": "f986e99dad836493f8052a892443c675c212e231", "dest": "/etc/ipsec.d/mainhost.local-to-host02.local.secrets", "gid": 0, "group": "root", "item": { "ansible_loop_var": "item", "changed": false, "failed": false, "invocation": { "module_args": { "checksum_algorithm": "sha1", "follow": false, "get_attributes": true, "get_checksum": true, "get_md5": false, "get_mime": true, "path": "/etc/ipsec.d/mainhost.local-to-host02.local.secrets" } }, "item": "host02.local", "stat": { "exists": false } }, "md5sum": "b23f631e961a8bb247f138d9aed2b5ec", "mode": "0600", "owner": "root", "secontext": "system_u:object_r:ipsec_key_file_t:s0", "size": 66, "src": "/root/.ansible/tmp/ansible-tmp-1669060198.4778686-2267-280981519320189/source", "state": "file", "uid": 0 } changed: [sut] => (item={'changed': False, 'stat': {'exists': False}, 'invocation': {'module_args': {'path': '/etc/ipsec.d/mainhost.local-to-sut.secrets', 'follow': False, 'get_md5': False, 'get_checksum': True, 'get_mime': True, 'get_attributes': True, 'checksum_algorithm': 'sha1'}}, 'failed': False, 'item': 'sut', 'ansible_loop_var': 'item'}) => { "ansible_loop_var": "item", "changed": true, "checksum": "edc456e02833e25be937035aee59f7e66ae1783b", "dest": "/etc/ipsec.d/mainhost.local-to-sut.secrets", "gid": 0, "group": "root", "item": { "ansible_loop_var": "item", "changed": false, "failed": false, "invocation": { "module_args": { "checksum_algorithm": "sha1", "follow": false, "get_attributes": true, "get_checksum": true, "get_md5": false, "get_mime": true, "path": "/etc/ipsec.d/mainhost.local-to-sut.secrets" } }, "item": "sut", "stat": { "exists": false } }, "md5sum": "4baa082809acff47a7f99e7a7b296a6a", "mode": "0600", "owner": "root", "secontext": "system_u:object_r:ipsec_key_file_t:s0", "size": 64, "src": "/root/.ansible/tmp/ansible-tmp-1669060199.1509402-2267-243533244895607/source", "state": "file", "uid": 0 } TASK [fedora.linux_system_roles.vpn : build opportunistic configuration] ******* task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/main.yml:182 Monday 21 November 2022 19:49:59 +0000 (0:00:02.089) 0:00:17.135 ******* skipping: [sut] => (item=None) => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } skipping: [sut] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } META: role_complete for sut TASK [Assert file existence] *************************************************** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tests_host_to_host_cert.yml:42 Monday 21 November 2022 19:49:59 +0000 (0:00:00.063) 0:00:17.198 ******* included: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tasks/assert_conf_secrets_files_exist.yml for sut TASK [stat conf files paths] *************************************************** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tasks/assert_conf_secrets_files_exist.yml:2 Monday 21 November 2022 19:49:59 +0000 (0:00:00.044) 0:00:17.243 ******* ok: [sut] => (item=host01.local) => { "ansible_loop_var": "item", "changed": false, "item": "host01.local", "stat": { "atime": 1669060195.5600286, "attr_flags": "e", "attributes": [ "extents" ], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "4e3df591f6543d6f8eef59524146c6ef56165e98", "ctime": 1669060195.5660288, "dev": 51713, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 262428, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0644", "mtime": 1669060195.1520195, "nlink": 1, "path": "/etc/ipsec.d/mainhost.local-to-host01.local.conf", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 244, "uid": 0, "version": "1055324846", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } ok: [sut] => (item=host02.local) => { "ansible_loop_var": "item", "changed": false, "item": "host02.local", "stat": { "atime": 1669060196.245044, "attr_flags": "e", "attributes": [ "extents" ], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "0a875331c613d0ccd0b4b8b362177f2763477769", "ctime": 1669060196.2490442, "dev": 51713, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 262429, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0644", "mtime": 1669060196.0020387, "nlink": 1, "path": "/etc/ipsec.d/mainhost.local-to-host02.local.conf", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 244, "uid": 0, "version": "927218503", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [stat secrets files paths] ************************************************ task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tasks/assert_conf_secrets_files_exist.yml:8 Monday 21 November 2022 19:50:00 +0000 (0:00:00.489) 0:00:17.732 ******* ok: [sut] => (item=host01.local) => { "ansible_loop_var": "item", "changed": false, "item": "host01.local", "stat": { "atime": 1669060198.369092, "attr_flags": "e", "attributes": [ "extents" ], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "4425a48c9740c4e46bb0c2e266f82526ecbb0da8", "ctime": 1669060198.374092, "dev": 51713, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 262431, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1669060198.1270866, "nlink": 1, "path": "/etc/ipsec.d/mainhost.local-to-host01.local.secrets", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 66, "uid": 0, "version": "4199326898", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } ok: [sut] => (item=host02.local) => { "ansible_loop_var": "item", "changed": false, "item": "host02.local", "stat": { "atime": 1669060199.0431073, "attr_flags": "e", "attributes": [ "extents" ], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "f986e99dad836493f8052a892443c675c212e231", "ctime": 1669060199.0481074, "dev": 51713, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 262432, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1669060198.8031018, "nlink": 1, "path": "/etc/ipsec.d/mainhost.local-to-host02.local.secrets", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 66, "uid": 0, "version": "318269999", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Assert that ipsec.conf and secrets files exist] ************************** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tasks/assert_conf_secrets_files_exist.yml:14 Monday 21 November 2022 19:50:00 +0000 (0:00:00.495) 0:00:18.228 ******* ok: [sut] => (item={'changed': False, 'stat': {'exists': True, 'path': '/etc/ipsec.d/mainhost.local-to-host01.local.conf', 'mode': '0644', 'isdir': False, 'ischr': False, 'isblk': False, 'isreg': True, 'isfifo': False, 'islnk': False, 'issock': False, 'uid': 0, 'gid': 0, 'size': 244, 'inode': 262428, 'dev': 51713, 'nlink': 1, 'atime': 1669060195.5600286, 'mtime': 1669060195.1520195, 'ctime': 1669060195.5660288, 'wusr': True, 'rusr': True, 'xusr': False, 'wgrp': False, 'rgrp': True, 'xgrp': False, 'woth': False, 'roth': True, 'xoth': False, 'isuid': False, 'isgid': False, 'blocks': 8, 'block_size': 4096, 'device_type': 0, 'readable': True, 'writeable': True, 'executable': False, 'pw_name': 'root', 'gr_name': 'root', 'checksum': '4e3df591f6543d6f8eef59524146c6ef56165e98', 'mimetype': 'text/plain', 'charset': 'us-ascii', 'version': '1055324846', 'attributes': ['extents'], 'attr_flags': 'e'}, 'invocation': {'module_args': {'path': '/etc/ipsec.d/mainhost.local-to-host01.local.conf', 'follow': False, 'get_md5': False, 'get_checksum': True, 'get_mime': True, 'get_attributes': True, 'checksum_algorithm': 'sha1'}}, 'failed': False, 'item': 'host01.local', 'ansible_loop_var': 'item'}) => { "ansible_loop_var": "item", "changed": false, "item": { "ansible_loop_var": "item", "changed": false, "failed": false, "invocation": { "module_args": { "checksum_algorithm": "sha1", "follow": false, "get_attributes": true, "get_checksum": true, "get_md5": false, "get_mime": true, "path": "/etc/ipsec.d/mainhost.local-to-host01.local.conf" } }, "item": "host01.local", "stat": { "atime": 1669060195.5600286, "attr_flags": "e", "attributes": [ "extents" ], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "4e3df591f6543d6f8eef59524146c6ef56165e98", "ctime": 1669060195.5660288, "dev": 51713, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 262428, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0644", "mtime": 1669060195.1520195, "nlink": 1, "path": "/etc/ipsec.d/mainhost.local-to-host01.local.conf", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 244, "uid": 0, "version": "1055324846", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } } MSG: All assertions passed ok: [sut] => (item={'changed': False, 'stat': {'exists': True, 'path': '/etc/ipsec.d/mainhost.local-to-host02.local.conf', 'mode': '0644', 'isdir': False, 'ischr': False, 'isblk': False, 'isreg': True, 'isfifo': False, 'islnk': False, 'issock': False, 'uid': 0, 'gid': 0, 'size': 244, 'inode': 262429, 'dev': 51713, 'nlink': 1, 'atime': 1669060196.245044, 'mtime': 1669060196.0020387, 'ctime': 1669060196.2490442, 'wusr': True, 'rusr': True, 'xusr': False, 'wgrp': False, 'rgrp': True, 'xgrp': False, 'woth': False, 'roth': True, 'xoth': False, 'isuid': False, 'isgid': False, 'blocks': 8, 'block_size': 4096, 'device_type': 0, 'readable': True, 'writeable': True, 'executable': False, 'pw_name': 'root', 'gr_name': 'root', 'checksum': '0a875331c613d0ccd0b4b8b362177f2763477769', 'mimetype': 'text/plain', 'charset': 'us-ascii', 'version': '927218503', 'attributes': ['extents'], 'attr_flags': 'e'}, 'invocation': {'module_args': {'path': '/etc/ipsec.d/mainhost.local-to-host02.local.conf', 'follow': False, 'get_md5': False, 'get_checksum': True, 'get_mime': True, 'get_attributes': True, 'checksum_algorithm': 'sha1'}}, 'failed': False, 'item': 'host02.local', 'ansible_loop_var': 'item'}) => { "ansible_loop_var": "item", "changed": false, "item": { "ansible_loop_var": "item", "changed": false, "failed": false, "invocation": { "module_args": { "checksum_algorithm": "sha1", "follow": false, "get_attributes": true, "get_checksum": true, "get_md5": false, "get_mime": true, "path": "/etc/ipsec.d/mainhost.local-to-host02.local.conf" } }, "item": "host02.local", "stat": { "atime": 1669060196.245044, "attr_flags": "e", "attributes": [ "extents" ], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "0a875331c613d0ccd0b4b8b362177f2763477769", "ctime": 1669060196.2490442, "dev": 51713, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 262429, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0644", "mtime": 1669060196.0020387, "nlink": 1, "path": "/etc/ipsec.d/mainhost.local-to-host02.local.conf", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 244, "uid": 0, "version": "927218503", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } } MSG: All assertions passed TASK [Assert that ipsec.conf and secrets files exist] ************************** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tasks/assert_conf_secrets_files_exist.yml:20 Monday 21 November 2022 19:50:00 +0000 (0:00:00.053) 0:00:18.281 ******* ok: [sut] => (item={'changed': False, 'stat': {'exists': True, 'path': '/etc/ipsec.d/mainhost.local-to-host01.local.secrets', 'mode': '0600', 'isdir': False, 'ischr': False, 'isblk': False, 'isreg': True, 'isfifo': False, 'islnk': False, 'issock': False, 'uid': 0, 'gid': 0, 'size': 66, 'inode': 262431, 'dev': 51713, 'nlink': 1, 'atime': 1669060198.369092, 'mtime': 1669060198.1270866, 'ctime': 1669060198.374092, 'wusr': True, 'rusr': True, 'xusr': False, 'wgrp': False, 'rgrp': False, 'xgrp': False, 'woth': False, 'roth': False, 'xoth': False, 'isuid': False, 'isgid': False, 'blocks': 8, 'block_size': 4096, 'device_type': 0, 'readable': True, 'writeable': True, 'executable': False, 'pw_name': 'root', 'gr_name': 'root', 'checksum': '4425a48c9740c4e46bb0c2e266f82526ecbb0da8', 'mimetype': 'text/plain', 'charset': 'us-ascii', 'version': '4199326898', 'attributes': ['extents'], 'attr_flags': 'e'}, 'invocation': {'module_args': {'path': '/etc/ipsec.d/mainhost.local-to-host01.local.secrets', 'follow': False, 'get_md5': False, 'get_checksum': True, 'get_mime': True, 'get_attributes': True, 'checksum_algorithm': 'sha1'}}, 'failed': False, 'item': 'host01.local', 'ansible_loop_var': 'item'}) => { "ansible_loop_var": "item", "changed": false, "item": { "ansible_loop_var": "item", "changed": false, "failed": false, "invocation": { "module_args": { "checksum_algorithm": "sha1", "follow": false, "get_attributes": true, "get_checksum": true, "get_md5": false, "get_mime": true, "path": "/etc/ipsec.d/mainhost.local-to-host01.local.secrets" } }, "item": "host01.local", "stat": { "atime": 1669060198.369092, "attr_flags": "e", "attributes": [ "extents" ], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "4425a48c9740c4e46bb0c2e266f82526ecbb0da8", "ctime": 1669060198.374092, "dev": 51713, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 262431, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1669060198.1270866, "nlink": 1, "path": "/etc/ipsec.d/mainhost.local-to-host01.local.secrets", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 66, "uid": 0, "version": "4199326898", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } } MSG: All assertions passed ok: [sut] => (item={'changed': False, 'stat': {'exists': True, 'path': '/etc/ipsec.d/mainhost.local-to-host02.local.secrets', 'mode': '0600', 'isdir': False, 'ischr': False, 'isblk': False, 'isreg': True, 'isfifo': False, 'islnk': False, 'issock': False, 'uid': 0, 'gid': 0, 'size': 66, 'inode': 262432, 'dev': 51713, 'nlink': 1, 'atime': 1669060199.0431073, 'mtime': 1669060198.8031018, 'ctime': 1669060199.0481074, 'wusr': True, 'rusr': True, 'xusr': False, 'wgrp': False, 'rgrp': False, 'xgrp': False, 'woth': False, 'roth': False, 'xoth': False, 'isuid': False, 'isgid': False, 'blocks': 8, 'block_size': 4096, 'device_type': 0, 'readable': True, 'writeable': True, 'executable': False, 'pw_name': 'root', 'gr_name': 'root', 'checksum': 'f986e99dad836493f8052a892443c675c212e231', 'mimetype': 'text/plain', 'charset': 'us-ascii', 'version': '318269999', 'attributes': ['extents'], 'attr_flags': 'e'}, 'invocation': {'module_args': {'path': '/etc/ipsec.d/mainhost.local-to-host02.local.secrets', 'follow': False, 'get_md5': False, 'get_checksum': True, 'get_mime': True, 'get_attributes': True, 'checksum_algorithm': 'sha1'}}, 'failed': False, 'item': 'host02.local', 'ansible_loop_var': 'item'}) => { "ansible_loop_var": "item", "changed": false, "item": { "ansible_loop_var": "item", "changed": false, "failed": false, "invocation": { "module_args": { "checksum_algorithm": "sha1", "follow": false, "get_attributes": true, "get_checksum": true, "get_md5": false, "get_mime": true, "path": "/etc/ipsec.d/mainhost.local-to-host02.local.secrets" } }, "item": "host02.local", "stat": { "atime": 1669060199.0431073, "attr_flags": "e", "attributes": [ "extents" ], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "f986e99dad836493f8052a892443c675c212e231", "ctime": 1669060199.0481074, "dev": 51713, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 262432, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0600", "mtime": 1669060198.8031018, "nlink": 1, "path": "/etc/ipsec.d/mainhost.local-to-host02.local.secrets", "pw_name": "root", "readable": true, "rgrp": false, "roth": false, "rusr": true, "size": 66, "uid": 0, "version": "318269999", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } } MSG: All assertions passed TASK [reset success flag] ****************************************************** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tests_host_to_host_cert.yml:45 Monday 21 November 2022 19:50:01 +0000 (0:00:00.056) 0:00:18.338 ******* ok: [sut] => { "ansible_facts": { "__vpn_success": true }, "changed": false } TASK [get and store conf files] ************************************************ task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tests_host_to_host_cert.yml:49 Monday 21 November 2022 19:50:01 +0000 (0:00:00.030) 0:00:18.368 ******* ok: [sut] => (item=host01.local) => { "ansible_loop_var": "item", "changed": false, "content": "IwojIEFuc2libGUgbWFuYWdlZAojCmNvbm4gdHVubmVsMS1tYWluaG9zdC5sb2NhbC10by1ob3N0MDEubG9jYWwKICBsZWZ0PW1haW5ob3N0LmxvY2FsCiAgbGVmdGlkPUBtYWluaG9zdC5sb2NhbAogIHJpZ2h0PWhvc3QwMS5sb2NhbAogIGlrZXYyPWluc2lzdAogIGF1dG89c3RhcnQKICByaWdodGlkPSVmcm9tY2VydAogIGxlZnRyc2FzaWdrZXk9JWNlcnQKICBsZWZ0Y2VydD1jZXJ0MQogIHJpZ2h0cnNhc2lna2V5PSVjZXJ0Cg==", "encoding": "base64", "item": "host01.local", "source": "/etc/ipsec.d/mainhost.local-to-host01.local.conf" } ok: [sut] => (item=host02.local) => { "ansible_loop_var": "item", "changed": false, "content": "IwojIEFuc2libGUgbWFuYWdlZAojCmNvbm4gdHVubmVsMS1tYWluaG9zdC5sb2NhbC10by1ob3N0MDIubG9jYWwKICBsZWZ0PW1haW5ob3N0LmxvY2FsCiAgbGVmdGlkPUBtYWluaG9zdC5sb2NhbAogIHJpZ2h0PWhvc3QwMi5sb2NhbAogIGlrZXYyPWluc2lzdAogIGF1dG89c3RhcnQKICByaWdodGlkPSVmcm9tY2VydAogIGxlZnRyc2FzaWdrZXk9JWNlcnQKICBsZWZ0Y2VydD1jZXJ0MQogIHJpZ2h0cnNhc2lna2V5PSVjZXJ0Cg==", "encoding": "base64", "item": "host02.local", "source": "/etc/ipsec.d/mainhost.local-to-host02.local.conf" } TASK [check that conf file contains correct information] *********************** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tests_host_to_host_cert.yml:55 Monday 21 November 2022 19:50:01 +0000 (0:00:00.602) 0:00:18.971 ******* skipping: [sut] => (item={'content': 'IwojIEFuc2libGUgbWFuYWdlZAojCmNvbm4gdHVubmVsMS1tYWluaG9zdC5sb2NhbC10by1ob3N0MDEubG9jYWwKICBsZWZ0PW1haW5ob3N0LmxvY2FsCiAgbGVmdGlkPUBtYWluaG9zdC5sb2NhbAogIHJpZ2h0PWhvc3QwMS5sb2NhbAogIGlrZXYyPWluc2lzdAogIGF1dG89c3RhcnQKICByaWdodGlkPSVmcm9tY2VydAogIGxlZnRyc2FzaWdrZXk9JWNlcnQKICBsZWZ0Y2VydD1jZXJ0MQogIHJpZ2h0cnNhc2lna2V5PSVjZXJ0Cg==', 'source': '/etc/ipsec.d/mainhost.local-to-host01.local.conf', 'encoding': 'base64', 'invocation': {'module_args': {'src': '/etc/ipsec.d/mainhost.local-to-host01.local.conf'}}, 'failed': False, 'changed': False, 'item': 'host01.local', 'ansible_loop_var': 'item'}) => { "ansible_index_var": "idx", "ansible_loop_var": "item", "changed": false, "idx": 0, "item": { "ansible_loop_var": "item", "changed": false, "content": "IwojIEFuc2libGUgbWFuYWdlZAojCmNvbm4gdHVubmVsMS1tYWluaG9zdC5sb2NhbC10by1ob3N0MDEubG9jYWwKICBsZWZ0PW1haW5ob3N0LmxvY2FsCiAgbGVmdGlkPUBtYWluaG9zdC5sb2NhbAogIHJpZ2h0PWhvc3QwMS5sb2NhbAogIGlrZXYyPWluc2lzdAogIGF1dG89c3RhcnQKICByaWdodGlkPSVmcm9tY2VydAogIGxlZnRyc2FzaWdrZXk9JWNlcnQKICBsZWZ0Y2VydD1jZXJ0MQogIHJpZ2h0cnNhc2lna2V5PSVjZXJ0Cg==", "encoding": "base64", "failed": false, "invocation": { "module_args": { "src": "/etc/ipsec.d/mainhost.local-to-host01.local.conf" } }, "item": "host01.local", "source": "/etc/ipsec.d/mainhost.local-to-host01.local.conf" }, "skip_reason": "Conditional result was False" } skipping: [sut] => (item={'content': 'IwojIEFuc2libGUgbWFuYWdlZAojCmNvbm4gdHVubmVsMS1tYWluaG9zdC5sb2NhbC10by1ob3N0MDIubG9jYWwKICBsZWZ0PW1haW5ob3N0LmxvY2FsCiAgbGVmdGlkPUBtYWluaG9zdC5sb2NhbAogIHJpZ2h0PWhvc3QwMi5sb2NhbAogIGlrZXYyPWluc2lzdAogIGF1dG89c3RhcnQKICByaWdodGlkPSVmcm9tY2VydAogIGxlZnRyc2FzaWdrZXk9JWNlcnQKICBsZWZ0Y2VydD1jZXJ0MQogIHJpZ2h0cnNhc2lna2V5PSVjZXJ0Cg==', 'source': '/etc/ipsec.d/mainhost.local-to-host02.local.conf', 'encoding': 'base64', 'invocation': {'module_args': {'src': '/etc/ipsec.d/mainhost.local-to-host02.local.conf'}}, 'failed': False, 'changed': False, 'item': 'host02.local', 'ansible_loop_var': 'item'}) => { "ansible_index_var": "idx", "ansible_loop_var": "item", "changed": false, "idx": 1, "item": { "ansible_loop_var": "item", "changed": false, "content": "IwojIEFuc2libGUgbWFuYWdlZAojCmNvbm4gdHVubmVsMS1tYWluaG9zdC5sb2NhbC10by1ob3N0MDIubG9jYWwKICBsZWZ0PW1haW5ob3N0LmxvY2FsCiAgbGVmdGlkPUBtYWluaG9zdC5sb2NhbAogIHJpZ2h0PWhvc3QwMi5sb2NhbAogIGlrZXYyPWluc2lzdAogIGF1dG89c3RhcnQKICByaWdodGlkPSVmcm9tY2VydAogIGxlZnRyc2FzaWdrZXk9JWNlcnQKICBsZWZ0Y2VydD1jZXJ0MQogIHJpZ2h0cnNhc2lna2V5PSVjZXJ0Cg==", "encoding": "base64", "failed": false, "invocation": { "module_args": { "src": "/etc/ipsec.d/mainhost.local-to-host02.local.conf" } }, "item": "host02.local", "source": "/etc/ipsec.d/mainhost.local-to-host02.local.conf" }, "skip_reason": "Conditional result was False" } TASK [assert success for conf files] ******************************************* task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tests_host_to_host_cert.yml:81 Monday 21 November 2022 19:50:01 +0000 (0:00:00.089) 0:00:19.061 ******* ok: [sut] => { "changed": false } MSG: All assertions passed TASK [get and store secrets files] ********************************************* task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tests_host_to_host_cert.yml:86 Monday 21 November 2022 19:50:01 +0000 (0:00:00.055) 0:00:19.116 ******* ok: [sut] => (item=host01.local) => { "ansible_loop_var": "item", "changed": false, "content": "IwojIEFuc2libGUgbWFuYWdlZAojCkBtYWluaG9zdC5sb2NhbCBAaG9zdDAxLmxvY2FsIDogUlNBICJjZXJ0MSIK", "encoding": "base64", "item": "host01.local", "source": "/etc/ipsec.d/mainhost.local-to-host01.local.secrets" } ok: [sut] => (item=host02.local) => { "ansible_loop_var": "item", "changed": false, "content": "IwojIEFuc2libGUgbWFuYWdlZAojCkBtYWluaG9zdC5sb2NhbCBAaG9zdDAyLmxvY2FsIDogUlNBICJjZXJ0MSIK", "encoding": "base64", "item": "host02.local", "source": "/etc/ipsec.d/mainhost.local-to-host02.local.secrets" } TASK [check that secrets file contains correct information] ******************** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tests_host_to_host_cert.yml:92 Monday 21 November 2022 19:50:02 +0000 (0:00:00.467) 0:00:19.584 ******* skipping: [sut] => (item={'content': 'IwojIEFuc2libGUgbWFuYWdlZAojCkBtYWluaG9zdC5sb2NhbCBAaG9zdDAxLmxvY2FsIDogUlNBICJjZXJ0MSIK', 'source': '/etc/ipsec.d/mainhost.local-to-host01.local.secrets', 'encoding': 'base64', 'invocation': {'module_args': {'src': '/etc/ipsec.d/mainhost.local-to-host01.local.secrets'}}, 'failed': False, 'changed': False, 'item': 'host01.local', 'ansible_loop_var': 'item'}) => { "ansible_index_var": "idx", "ansible_loop_var": "item", "changed": false, "idx": 0, "item": { "ansible_loop_var": "item", "changed": false, "content": "IwojIEFuc2libGUgbWFuYWdlZAojCkBtYWluaG9zdC5sb2NhbCBAaG9zdDAxLmxvY2FsIDogUlNBICJjZXJ0MSIK", "encoding": "base64", "failed": false, "invocation": { "module_args": { "src": "/etc/ipsec.d/mainhost.local-to-host01.local.secrets" } }, "item": "host01.local", "source": "/etc/ipsec.d/mainhost.local-to-host01.local.secrets" }, "skip_reason": "Conditional result was False" } skipping: [sut] => (item={'content': 'IwojIEFuc2libGUgbWFuYWdlZAojCkBtYWluaG9zdC5sb2NhbCBAaG9zdDAyLmxvY2FsIDogUlNBICJjZXJ0MSIK', 'source': '/etc/ipsec.d/mainhost.local-to-host02.local.secrets', 'encoding': 'base64', 'invocation': {'module_args': {'src': '/etc/ipsec.d/mainhost.local-to-host02.local.secrets'}}, 'failed': False, 'changed': False, 'item': 'host02.local', 'ansible_loop_var': 'item'}) => { "ansible_index_var": "idx", "ansible_loop_var": "item", "changed": false, "idx": 1, "item": { "ansible_loop_var": "item", "changed": false, "content": "IwojIEFuc2libGUgbWFuYWdlZAojCkBtYWluaG9zdC5sb2NhbCBAaG9zdDAyLmxvY2FsIDogUlNBICJjZXJ0MSIK", "encoding": "base64", "failed": false, "invocation": { "module_args": { "src": "/etc/ipsec.d/mainhost.local-to-host02.local.secrets" } }, "item": "host02.local", "source": "/etc/ipsec.d/mainhost.local-to-host02.local.secrets" }, "skip_reason": "Conditional result was False" } TASK [assert success for secrets files] **************************************** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tests_host_to_host_cert.yml:104 Monday 21 November 2022 19:50:02 +0000 (0:00:00.068) 0:00:19.653 ******* ok: [sut] => { "changed": false } MSG: All assertions passed TASK [check the firewall and the selinux port status] ************************** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tests_host_to_host_cert.yml:109 Monday 21 November 2022 19:50:02 +0000 (0:00:00.054) 0:00:19.707 ******* included: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tasks/check_firewall_selinux.yml for sut TASK [Get firewall service] **************************************************** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tasks/check_firewall_selinux.yml:4 Monday 21 November 2022 19:50:02 +0000 (0:00:00.045) 0:00:19.753 ******* skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [Ensure 'ipsec' is in the firewalld service list] ************************* task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tasks/check_firewall_selinux.yml:9 Monday 21 November 2022 19:50:02 +0000 (0:00:00.031) 0:00:19.785 ******* skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [Get associated selinux ports] ******************************************** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tasks/check_firewall_selinux.yml:14 Monday 21 November 2022 19:50:02 +0000 (0:00:00.033) 0:00:19.818 ******* skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } TASK [Check associated selinux ports when vpn_manage_selinux is true] ********** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tasks/check_firewall_selinux.yml:22 Monday 21 November 2022 19:50:02 +0000 (0:00:00.031) 0:00:19.850 ******* skipping: [sut] => { "changed": false, "skip_reason": "Conditional result was False" } RUNNING HANDLER [fedora.linux_system_roles.vpn : restart vpn service and wait for ssh conn to return] *** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/handlers/main.yml:2 Monday 21 November 2022 19:50:02 +0000 (0:00:00.032) 0:00:19.882 ******* included: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/enable_restart_vpn.yml for sut RUNNING HANDLER [fedora.linux_system_roles.vpn : enable and restart vpn services] *** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/enable_restart_vpn.yml:2 Monday 21 November 2022 19:50:02 +0000 (0:00:00.037) 0:00:19.919 ******* changed: [sut] => (item=ipsec) => { "ansible_job_id": "639218839937.5920", "ansible_loop_var": "item", "changed": true, "finished": 0, "item": "ipsec", "results_file": "/root/.ansible_async/639218839937.5920", "started": 1 } RUNNING HANDLER [fedora.linux_system_roles.vpn : Wait for ssh connection to return] *** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/enable_restart_vpn.yml:11 Monday 21 November 2022 19:50:03 +0000 (0:00:01.073) 0:00:20.993 ******* ok: [sut] => { "changed": false, "elapsed": 3 } RUNNING HANDLER [fedora.linux_system_roles.vpn : restart vpn service and wait for ssh conn to return] *** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/handlers/main.yml:2 Monday 21 November 2022 19:50:07 +0000 (0:00:03.739) 0:00:24.732 ******* included: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/enable_restart_vpn.yml for sut RUNNING HANDLER [fedora.linux_system_roles.vpn : enable and restart vpn services] *** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/enable_restart_vpn.yml:2 Monday 21 November 2022 19:50:07 +0000 (0:00:00.039) 0:00:24.772 ******* changed: [sut] => (item=ipsec) => { "ansible_job_id": "203175110385.6359", "ansible_loop_var": "item", "changed": true, "finished": 0, "item": "ipsec", "results_file": "/root/.ansible_async/203175110385.6359", "started": 1 } RUNNING HANDLER [fedora.linux_system_roles.vpn : Wait for ssh connection to return] *** task path: /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/enable_restart_vpn.yml:11 Monday 21 November 2022 19:50:07 +0000 (0:00:00.560) 0:00:25.332 ******* ok: [sut] => { "changed": false, "elapsed": 3 } META: ran handlers META: ran handlers PLAY RECAP ********************************************************************* sut : ok=44 changed=9 unreachable=0 failed=0 skipped=19 rescued=0 ignored=0 Monday 21 November 2022 19:50:11 +0000 (0:00:03.592) 0:00:28.924 ******* =============================================================================== fedora.linux_system_roles.vpn : Ensure required packages are installed --- 5.20s /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/main.yml:6 fedora.linux_system_roles.vpn : Wait for ssh connection to return ------- 3.74s /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/enable_restart_vpn.yml:11 fedora.linux_system_roles.vpn : Wait for ssh connection to return ------- 3.59s /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/enable_restart_vpn.yml:11 fedora.linux_system_roles.vpn : Populate service facts ------------------ 2.52s /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/selinux.yml:3 fedora.linux_system_roles.vpn : create ipsec.conf files ----------------- 2.44s /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/main.yml:158 fedora.linux_system_roles.vpn : create ipsec.secrets files -------------- 2.09s /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/main.yml:172 fedora.linux_system_roles.vpn : enable and restart vpn services --------- 1.07s /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/enable_restart_vpn.yml:2 Gathering Facts --------------------------------------------------------- 1.00s /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tests_host_to_host_cert.yml:3 fedora.linux_system_roles.vpn : check if secrets file already exists ---- 0.70s /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/main.yml:166 get and store conf files ------------------------------------------------ 0.60s /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tests_host_to_host_cert.yml:49 fedora.linux_system_roles.vpn : enable and restart vpn services --------- 0.56s /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/enable_restart_vpn.yml:2 stat secrets files paths ------------------------------------------------ 0.50s /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tasks/assert_conf_secrets_files_exist.yml:8 stat conf files paths --------------------------------------------------- 0.49s /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tasks/assert_conf_secrets_files_exist.yml:2 get and store secrets files --------------------------------------------- 0.47s /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tests_host_to_host_cert.yml:86 fedora.linux_system_roles.vpn : Ensure ansible_facts used by role ------- 0.46s /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/set_vars.yml:2 fedora.linux_system_roles.vpn : Ensure ansible_facts used by role ------- 0.46s /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/set_vars.yml:2 Create nss directory for testing ---------------------------------------- 0.41s /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tasks/setup_test.yml:22 Create /etc/ipsec.d directory for testing ------------------------------- 0.25s /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tasks/setup_test.yml:28 fedora.linux_system_roles.vpn : set psks for hosts ---------------------- 0.17s /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/.collection/ansible_collections/fedora/linux_system_roles/roles/vpn/tasks/main.yml:134 check that conf file contains correct information ----------------------- 0.09s /WORKDIR/dist-git-vpn-tests-check-firewall-only-if-managed-i5xyzvdj/tests/tests_host_to_host_cert.yml:55 ---^---^---^---^---^--- # STDERR: ---v---v---v---v---v--- [DEPRECATION WARNING]: [defaults]callback_whitelist option, normalizing names to new standard, use callbacks_enabled instead. This feature will be removed from ansible-core in version 2.15. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg. ---^---^---^---^---^---