# STDOUT: ---v---v---v---v---v--- ansible-playbook [core 2.16.0] config file = /etc/ansible/ansible.cfg configured module search path = ['/home/jenkins/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /opt/ansible-2.16/lib/python3.11/site-packages/ansible ansible collection location = /WORKDIR/git-weekly-cis0ow1621/.collection executable location = /opt/ansible-2.16/bin/ansible-playbook python version = 3.11.5 (main, Sep 7 2023, 00:00:00) [GCC 11.4.1 20230605 (Red Hat 11.4.1-2)] (/opt/ansible-2.16/bin/python) jinja version = 3.1.2 libyaml = True Using /etc/ansible/ansible.cfg as config file Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: tests_config_files.yml *********************************************** 2 plays in /WORKDIR/git-weekly-cis0ow1621/tests/tests_config_files.yml PLAY [all] ********************************************************************* TASK [Include vault variables] ************************************************* task path: /WORKDIR/git-weekly-cis0ow1621/tests/tests_config_files.yml:4 Saturday 20 April 2024 17:24:24 +0000 (0:00:00.012) 0:00:00.012 ******** ok: [sut] => { "ansible_facts": { "mysql_container_root_password": { "__ansible_vault": "$ANSIBLE_VAULT;1.1;AES256\n61333932373230333539663035366431326163363166363036323963623131363530326231303634\n6635326161643165363366323062333334363730376631660a393566366139353861656364656661\n38653463363837336639363032646433666361646535366137303464623261313663643336306465\n6264663730656337310a343962353137386238383064646533366433333437303566656433386233\n34343235326665646661623131643335313236313131353661386338343366316261643634653633\n3832313034366536616531323963333234326461353130303532\n" } }, "ansible_included_var_files": [ "/WORKDIR/git-weekly-cis0ow1621/tests/vars/vault-variables.yml" ], "changed": false } PLAY [Ensure that the role can manage its config files] ************************ TASK [Gathering Facts] ********************************************************* task path: /WORKDIR/git-weekly-cis0ow1621/tests/tests_config_files.yml:9 Saturday 20 April 2024 17:24:24 +0000 (0:00:00.014) 0:00:00.026 ******** ok: [sut] TASK [Run the role with no config to get private vars] ************************* task path: /WORKDIR/git-weekly-cis0ow1621/tests/tests_config_files.yml:48 Saturday 20 April 2024 17:24:25 +0000 (0:00:00.862) 0:00:00.889 ******** TASK [fedora.linux_system_roles.podman : Set platform/version specific variables] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:3 Saturday 20 April 2024 17:24:25 +0000 (0:00:00.022) 0:00:00.912 ******** included: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/set_vars.yml for sut TASK [fedora.linux_system_roles.podman : Ensure ansible_facts used by role] **** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/set_vars.yml:3 Saturday 20 April 2024 17:24:25 +0000 (0:00:00.013) 0:00:00.925 ******** skipping: [sut] => { "changed": false, "false_condition": "__podman_required_facts | difference(ansible_facts.keys() | list) | length > 0", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Check if system is ostree] ************ task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/set_vars.yml:11 Saturday 20 April 2024 17:24:25 +0000 (0:00:00.017) 0:00:00.942 ******** ok: [sut] => { "changed": false, "stat": { "exists": false } } TASK [fedora.linux_system_roles.podman : Set flag to indicate system is ostree] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/set_vars.yml:16 Saturday 20 April 2024 17:24:25 +0000 (0:00:00.245) 0:00:01.188 ******** ok: [sut] => { "ansible_facts": { "__podman_is_ostree": false }, "changed": false } TASK [fedora.linux_system_roles.podman : Set platform/version specific variables] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/set_vars.yml:20 Saturday 20 April 2024 17:24:25 +0000 (0:00:00.014) 0:00:01.202 ******** ok: [sut] => (item=RedHat.yml) => { "ansible_facts": { "__podman_packages": [ "podman", "shadow-utils-subid" ] }, "ansible_included_var_files": [ "/WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/vars/RedHat.yml" ], "ansible_loop_var": "item", "changed": false, "item": "RedHat.yml" } skipping: [sut] => (item=CentOS.yml) => { "ansible_loop_var": "item", "changed": false, "false_condition": "__vars_file is file", "item": "CentOS.yml", "skip_reason": "Conditional result was False" } ok: [sut] => (item=CentOS_8.yml) => { "ansible_facts": { "__podman_packages": [ "crun", "podman", "podman-plugins", "shadow-utils-subid" ] }, "ansible_included_var_files": [ "/WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/vars/CentOS_8.yml" ], "ansible_loop_var": "item", "changed": false, "item": "CentOS_8.yml" } ok: [sut] => (item=CentOS_8.yml) => { "ansible_facts": { "__podman_packages": [ "crun", "podman", "podman-plugins", "shadow-utils-subid" ] }, "ansible_included_var_files": [ "/WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/vars/CentOS_8.yml" ], "ansible_loop_var": "item", "changed": false, "item": "CentOS_8.yml" } TASK [fedora.linux_system_roles.podman : Gather the package facts] ************* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:6 Saturday 20 April 2024 17:24:25 +0000 (0:00:00.028) 0:00:01.230 ******** ok: [sut] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } TASK [fedora.linux_system_roles.podman : Enable copr if requested] ************* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:10 Saturday 20 April 2024 17:24:27 +0000 (0:00:01.475) 0:00:02.706 ******** skipping: [sut] => { "changed": false, "false_condition": "podman_use_copr | d(false)", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Ensure required packages are installed] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:14 Saturday 20 April 2024 17:24:27 +0000 (0:00:00.023) 0:00:02.729 ******** changed: [sut] => { "changed": true, "rc": 0, "results": [ "Installed: podman-catatonit-3:4.9.4-0.1.module_el8+971+3d3df00d.x86_64", "Installed: protobuf-c-1.3.0-8.el8.x86_64", "Installed: libslirp-4.4.0-1.module_el8+804+f131391c.x86_64", "Installed: yajl-2.1.0-12.el8.x86_64", "Installed: fuse-common-3.3.0-19.el8.x86_64", "Installed: container-selinux-2:2.229.0-2.module_el8+847+7863d4e6.noarch", "Installed: dnsmasq-2.79-33.el8.x86_64", "Installed: fuse3-3.3.0-19.el8.x86_64", "Installed: conmon-3:2.1.10-1.module_el8+804+f131391c.x86_64", "Installed: containernetworking-plugins-1:1.4.0-2.module_el8+974+0c52b299.x86_64", "Installed: podman-gvproxy-3:4.9.4-0.1.module_el8+971+3d3df00d.x86_64", "Installed: criu-3.18-4.module_el8+804+f131391c.x86_64", "Installed: shadow-utils-subid-2:4.6-22.el8.x86_64", "Installed: fuse-overlayfs-1.13-1.module_el8+804+f131391c.x86_64", "Installed: slirp4netns-1.2.3-1.module_el8+951+32019cde.x86_64", "Installed: fuse3-libs-3.3.0-19.el8.x86_64", "Installed: containers-common-2:1-81.module_el8+968+fbb249c7.x86_64", "Installed: criu-libs-3.18-4.module_el8+804+f131391c.x86_64", "Installed: podman-plugins-3:4.9.4-0.1.module_el8+971+3d3df00d.x86_64", "Installed: podman-3:4.9.4-0.1.module_el8+971+3d3df00d.x86_64", "Installed: libnet-1.1.6-15.el8.x86_64", "Installed: crun-1.14.3-2.module_el8+968+fbb249c7.x86_64", "Installed: runc-1:1.1.12-1.module_el8+885+7da147f3.x86_64" ] } lsrpackages: crun podman podman-plugins shadow-utils-subid TASK [fedora.linux_system_roles.podman : Get podman version] ******************* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:22 Saturday 20 April 2024 17:25:30 +0000 (0:01:02.707) 0:01:05.437 ******** ok: [sut] => { "changed": false, "cmd": [ "podman", "--version" ], "delta": "0:00:00.047343", "end": "2024-04-20 17:25:30.357849", "rc": 0, "start": "2024-04-20 17:25:30.310506" } STDOUT: podman version 4.9.4-dev TASK [fedora.linux_system_roles.podman : Set podman version] ******************* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:28 Saturday 20 April 2024 17:25:30 +0000 (0:00:00.382) 0:01:05.820 ******** ok: [sut] => { "ansible_facts": { "podman_version": "4.9.4-dev" }, "changed": false } TASK [fedora.linux_system_roles.podman : Podman package version must be 4.2 or later] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:32 Saturday 20 April 2024 17:25:30 +0000 (0:00:00.019) 0:01:05.840 ******** skipping: [sut] => { "changed": false, "false_condition": "podman_version is version(\"4.2\", \"<\")", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Podman package version must be 4.4 or later for quadlet, secrets] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:39 Saturday 20 April 2024 17:25:30 +0000 (0:00:00.018) 0:01:05.858 ******** skipping: [sut] => { "changed": false, "false_condition": "(podman_quadlet_specs | length > 0) or (podman_secrets | length > 0)", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Podman package version must be 4.4 or later for quadlet, secrets] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:49 Saturday 20 April 2024 17:25:30 +0000 (0:00:00.024) 0:01:05.883 ******** META: end_host conditional evaluated to False, continuing execution for sut skipping: [sut] => { "skip_reason": "end_host conditional evaluated to False, continuing execution for sut" } MSG: end_host conditional evaluated to false, continuing execution for sut TASK [fedora.linux_system_roles.podman : Check user and group information] ***** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:56 Saturday 20 April 2024 17:25:30 +0000 (0:00:00.026) 0:01:05.909 ******** included: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml for sut TASK [fedora.linux_system_roles.podman : Get user information] ***************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:2 Saturday 20 April 2024 17:25:30 +0000 (0:00:00.034) 0:01:05.944 ******** ok: [sut] => { "ansible_facts": { "getent_passwd": { "root": [ "x", "0", "0", "root", "/root", "/bin/bash" ] } }, "changed": false } TASK [fedora.linux_system_roles.podman : Fail if user does not exist] ********** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:9 Saturday 20 April 2024 17:25:30 +0000 (0:00:00.281) 0:01:06.225 ******** skipping: [sut] => { "changed": false, "false_condition": "not ansible_facts[\"getent_passwd\"][__podman_user]", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Set group for podman user] ************ task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:16 Saturday 20 April 2024 17:25:30 +0000 (0:00:00.020) 0:01:06.245 ******** ok: [sut] => { "ansible_facts": { "__podman_group": "0" }, "changed": false } TASK [fedora.linux_system_roles.podman : Get group information] **************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:27 Saturday 20 April 2024 17:25:30 +0000 (0:00:00.024) 0:01:06.270 ******** ok: [sut] => { "ansible_facts": { "getent_group": { "root": [ "x", "0", "" ] } }, "changed": false } TASK [fedora.linux_system_roles.podman : Set group name] *********************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:34 Saturday 20 April 2024 17:25:31 +0000 (0:00:00.222) 0:01:06.493 ******** ok: [sut] => { "ansible_facts": { "__podman_group_name": "root" }, "changed": false } TASK [fedora.linux_system_roles.podman : See if getsubids exists] ************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:38 Saturday 20 April 2024 17:25:31 +0000 (0:00:00.023) 0:01:06.517 ******** ok: [sut] => { "changed": false, "stat": { "atime": 1700557386.0, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 32, "charset": "binary", "checksum": "bb5b46ffbafcaa8c4021f3c8b3cb8594f48ef34b", "ctime": 1713633897.8199303, "dev": 51713, "device_type": 0, "executable": true, "exists": true, "gid": 0, "gr_name": "root", "inode": 6887897, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "application/x-sharedlib", "mode": "0755", "mtime": 1700557386.0, "nlink": 1, "path": "/usr/bin/getsubids", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 12640, "uid": 0, "version": "798932276", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": true, "xoth": true, "xusr": true } } TASK [fedora.linux_system_roles.podman : Check user with getsubids] ************ task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:49 Saturday 20 April 2024 17:25:31 +0000 (0:00:00.205) 0:01:06.722 ******** skipping: [sut] => { "changed": false, "false_condition": "__podman_user not in [\"root\", \"0\"]", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Check group with getsubids] *********** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:54 Saturday 20 April 2024 17:25:31 +0000 (0:00:00.017) 0:01:06.739 ******** skipping: [sut] => { "changed": false, "false_condition": "__podman_user not in [\"root\", \"0\"]", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Set user subuid and subgid info] ****** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:59 Saturday 20 April 2024 17:25:31 +0000 (0:00:00.017) 0:01:06.757 ******** skipping: [sut] => { "changed": false, "false_condition": "__podman_user not in [\"root\", \"0\"]", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Get subuid file] ********************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:73 Saturday 20 April 2024 17:25:31 +0000 (0:00:00.016) 0:01:06.773 ******** skipping: [sut] => { "changed": false, "false_condition": "not __podman_stat_getsubids.stat.exists", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Get subgid file] ********************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:78 Saturday 20 April 2024 17:25:31 +0000 (0:00:00.016) 0:01:06.789 ******** skipping: [sut] => { "changed": false, "false_condition": "not __podman_stat_getsubids.stat.exists", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Set user subuid and subgid info] ****** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:83 Saturday 20 April 2024 17:25:31 +0000 (0:00:00.015) 0:01:06.805 ******** skipping: [sut] => { "changed": false, "false_condition": "not __podman_stat_getsubids.stat.exists", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Fail if user not in subuid file] ****** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:93 Saturday 20 April 2024 17:25:31 +0000 (0:00:00.016) 0:01:06.821 ******** skipping: [sut] => { "changed": false, "false_condition": "not __podman_stat_getsubids.stat.exists", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Fail if group not in subgid file] ***** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:100 Saturday 20 April 2024 17:25:31 +0000 (0:00:00.015) 0:01:06.837 ******** skipping: [sut] => { "changed": false, "false_condition": "not __podman_stat_getsubids.stat.exists", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Set config file paths] **************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:62 Saturday 20 April 2024 17:25:31 +0000 (0:00:00.015) 0:01:06.853 ******** ok: [sut] => { "ansible_facts": { "__podman_container_conf_file": "/etc/containers/containers.conf.d/50-systemroles.conf", "__podman_policy_json_file": "/etc/containers/policy.json", "__podman_registries_conf_file": "/etc/containers/registries.conf.d/50-systemroles.conf", "__podman_storage_conf_file": "/etc/containers/storage.conf" }, "changed": false } TASK [fedora.linux_system_roles.podman : Handle container.conf.d] ************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:71 Saturday 20 April 2024 17:25:31 +0000 (0:00:00.034) 0:01:06.887 ******** included: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_container_conf_d.yml for sut TASK [fedora.linux_system_roles.podman : Ensure containers.d exists] *********** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_container_conf_d.yml:5 Saturday 20 April 2024 17:25:31 +0000 (0:00:00.031) 0:01:06.919 ******** skipping: [sut] => { "changed": false, "false_condition": "podman_containers_conf | length > 0", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Update container config file] ********* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_container_conf_d.yml:13 Saturday 20 April 2024 17:25:31 +0000 (0:00:00.017) 0:01:06.936 ******** skipping: [sut] => { "changed": false, "false_condition": "podman_containers_conf | length > 0", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Handle registries.conf.d] ************* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:74 Saturday 20 April 2024 17:25:31 +0000 (0:00:00.016) 0:01:06.952 ******** included: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_registries_conf_d.yml for sut TASK [fedora.linux_system_roles.podman : Ensure registries.d exists] *********** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_registries_conf_d.yml:5 Saturday 20 April 2024 17:25:31 +0000 (0:00:00.032) 0:01:06.985 ******** skipping: [sut] => { "changed": false, "false_condition": "podman_registries_conf | length > 0", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Update registries config file] ******** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_registries_conf_d.yml:13 Saturday 20 April 2024 17:25:31 +0000 (0:00:00.016) 0:01:07.001 ******** skipping: [sut] => { "changed": false, "false_condition": "podman_registries_conf | length > 0", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Handle storage.conf] ****************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:77 Saturday 20 April 2024 17:25:31 +0000 (0:00:00.016) 0:01:07.018 ******** included: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_storage_conf.yml for sut TASK [fedora.linux_system_roles.podman : Ensure storage.conf parent dir exists] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_storage_conf.yml:5 Saturday 20 April 2024 17:25:31 +0000 (0:00:00.055) 0:01:07.074 ******** skipping: [sut] => { "changed": false, "false_condition": "podman_storage_conf | length > 0", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Update storage config file] *********** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_storage_conf.yml:13 Saturday 20 April 2024 17:25:31 +0000 (0:00:00.020) 0:01:07.094 ******** skipping: [sut] => { "changed": false, "false_condition": "podman_storage_conf | length > 0", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Handle policy.json] ******************* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:80 Saturday 20 April 2024 17:25:31 +0000 (0:00:00.024) 0:01:07.118 ******** included: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_policy_json.yml for sut TASK [fedora.linux_system_roles.podman : Ensure policy.json parent dir exists] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_policy_json.yml:6 Saturday 20 April 2024 17:25:31 +0000 (0:00:00.037) 0:01:07.156 ******** skipping: [sut] => { "changed": false, "false_condition": "podman_policy_json | length > 0", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Stat the policy.json file] ************ task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_policy_json.yml:14 Saturday 20 April 2024 17:25:31 +0000 (0:00:00.017) 0:01:07.174 ******** skipping: [sut] => { "changed": false, "false_condition": "podman_policy_json | length > 0", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Get the existing policy.json] ********* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_policy_json.yml:19 Saturday 20 April 2024 17:25:31 +0000 (0:00:00.021) 0:01:07.195 ******** skipping: [sut] => { "changed": false, "false_condition": "podman_policy_json | length > 0", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Write new policy.json file] *********** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_policy_json.yml:25 Saturday 20 April 2024 17:25:31 +0000 (0:00:00.018) 0:01:07.214 ******** skipping: [sut] => { "changed": false, "false_condition": "podman_policy_json | length > 0", "skip_reason": "Conditional result was False" } TASK [Manage firewall for specified ports] ************************************* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:86 Saturday 20 April 2024 17:25:31 +0000 (0:00:00.017) 0:01:07.231 ******** skipping: [sut] => { "changed": false, "false_condition": "podman_firewall | length > 0", "skip_reason": "Conditional result was False" } TASK [Manage selinux for specified ports] ************************************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:93 Saturday 20 April 2024 17:25:31 +0000 (0:00:00.016) 0:01:07.248 ******** skipping: [sut] => { "changed": false, "false_condition": "podman_selinux_ports | length > 0", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Keep track of users that need to cancel linger] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:100 Saturday 20 April 2024 17:25:31 +0000 (0:00:00.017) 0:01:07.266 ******** ok: [sut] => { "ansible_facts": { "__podman_cancel_user_linger": [] }, "changed": false } TASK [fedora.linux_system_roles.podman : Handle secrets] *********************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:104 Saturday 20 April 2024 17:25:31 +0000 (0:00:00.018) 0:01:07.284 ******** skipping: [sut] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } TASK [fedora.linux_system_roles.podman : Handle Kubernetes specifications] ***** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:111 Saturday 20 April 2024 17:25:31 +0000 (0:00:00.016) 0:01:07.301 ******** skipping: [sut] => { "changed": false, "skipped_reason": "No items in the list" } TASK [fedora.linux_system_roles.podman : Handle Quadlet specifications] ******** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:117 Saturday 20 April 2024 17:25:31 +0000 (0:00:00.014) 0:01:07.315 ******** skipping: [sut] => { "changed": false, "skipped_reason": "No items in the list" } TASK [fedora.linux_system_roles.podman : Cancel linger] ************************ task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:123 Saturday 20 April 2024 17:25:31 +0000 (0:00:00.015) 0:01:07.331 ******** skipping: [sut] => { "changed": false, "skipped_reason": "No items in the list" } TASK [Create temp directory] *************************************************** task path: /WORKDIR/git-weekly-cis0ow1621/tests/tests_config_files.yml:59 Saturday 20 April 2024 17:25:31 +0000 (0:00:00.023) 0:01:07.354 ******** changed: [sut] => { "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/tmp/lsr_podman_config_1757_07a", "secontext": "unconfined_u:object_r:user_tmp_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [Create backup] *********************************************************** task path: /WORKDIR/git-weekly-cis0ow1621/tests/tests_config_files.yml:65 Saturday 20 April 2024 17:25:32 +0000 (0:00:00.281) 0:01:07.636 ******** ok: [sut] => { "changed": false, "cmd": [ "tar", "--ignore-failed-read", "-c", "-P", "-v", "-p", "-f", "/tmp/lsr_podman_config_1757_07a/backup.tar", "/etc/containers/containers.conf.d/50-systemroles.conf", "/etc/containers/registries.conf.d/50-systemroles.conf", "/etc/containers/storage.conf", "/etc/containers/policy.json" ], "delta": "0:00:00.033577", "end": "2024-04-20 17:25:32.419386", "rc": 0, "start": "2024-04-20 17:25:32.385809" } STDOUT: /etc/containers/storage.conf /etc/containers/policy.json STDERR: tar: /etc/containers/containers.conf.d/50-systemroles.conf: Warning: Cannot stat: No such file or directory tar: /etc/containers/registries.conf.d/50-systemroles.conf: Warning: Cannot stat: No such file or directory TASK [Create user] ************************************************************* task path: /WORKDIR/git-weekly-cis0ow1621/tests/tests_config_files.yml:72 Saturday 20 April 2024 17:25:32 +0000 (0:00:00.233) 0:01:07.869 ******** changed: [sut] => { "changed": true, "comment": "", "create_home": true, "group": 1000, "home": "/home/user1", "name": "user1", "shell": "/bin/bash", "state": "present", "system": false, "uid": 1000 } TASK [Run the role with user config] ******************************************* task path: /WORKDIR/git-weekly-cis0ow1621/tests/tests_config_files.yml:76 Saturday 20 April 2024 17:25:32 +0000 (0:00:00.412) 0:01:08.282 ******** TASK [fedora.linux_system_roles.podman : Set platform/version specific variables] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:3 Saturday 20 April 2024 17:25:32 +0000 (0:00:00.061) 0:01:08.344 ******** included: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/set_vars.yml for sut TASK [fedora.linux_system_roles.podman : Ensure ansible_facts used by role] **** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/set_vars.yml:3 Saturday 20 April 2024 17:25:32 +0000 (0:00:00.028) 0:01:08.373 ******** skipping: [sut] => { "changed": false, "false_condition": "__podman_required_facts | difference(ansible_facts.keys() | list) | length > 0", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Check if system is ostree] ************ task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/set_vars.yml:11 Saturday 20 April 2024 17:25:32 +0000 (0:00:00.022) 0:01:08.395 ******** skipping: [sut] => { "changed": false, "false_condition": "not __podman_is_ostree is defined", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Set flag to indicate system is ostree] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/set_vars.yml:16 Saturday 20 April 2024 17:25:32 +0000 (0:00:00.020) 0:01:08.415 ******** skipping: [sut] => { "changed": false, "false_condition": "not __podman_is_ostree is defined", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Set platform/version specific variables] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/set_vars.yml:20 Saturday 20 April 2024 17:25:33 +0000 (0:00:00.021) 0:01:08.437 ******** ok: [sut] => (item=RedHat.yml) => { "ansible_facts": { "__podman_packages": [ "podman", "shadow-utils-subid" ] }, "ansible_included_var_files": [ "/WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/vars/RedHat.yml" ], "ansible_loop_var": "item", "changed": false, "item": "RedHat.yml" } skipping: [sut] => (item=CentOS.yml) => { "ansible_loop_var": "item", "changed": false, "false_condition": "__vars_file is file", "item": "CentOS.yml", "skip_reason": "Conditional result was False" } ok: [sut] => (item=CentOS_8.yml) => { "ansible_facts": { "__podman_packages": [ "crun", "podman", "podman-plugins", "shadow-utils-subid" ] }, "ansible_included_var_files": [ "/WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/vars/CentOS_8.yml" ], "ansible_loop_var": "item", "changed": false, "item": "CentOS_8.yml" } ok: [sut] => (item=CentOS_8.yml) => { "ansible_facts": { "__podman_packages": [ "crun", "podman", "podman-plugins", "shadow-utils-subid" ] }, "ansible_included_var_files": [ "/WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/vars/CentOS_8.yml" ], "ansible_loop_var": "item", "changed": false, "item": "CentOS_8.yml" } TASK [fedora.linux_system_roles.podman : Gather the package facts] ************* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:6 Saturday 20 April 2024 17:25:33 +0000 (0:00:00.044) 0:01:08.482 ******** ok: [sut] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } TASK [fedora.linux_system_roles.podman : Enable copr if requested] ************* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:10 Saturday 20 April 2024 17:25:34 +0000 (0:00:01.373) 0:01:09.856 ******** skipping: [sut] => { "changed": false, "false_condition": "podman_use_copr | d(false)", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Ensure required packages are installed] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:14 Saturday 20 April 2024 17:25:34 +0000 (0:00:00.018) 0:01:09.874 ******** skipping: [sut] => { "changed": false, "false_condition": "(__podman_packages | difference(ansible_facts.packages))", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Get podman version] ******************* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:22 Saturday 20 April 2024 17:25:34 +0000 (0:00:00.020) 0:01:09.894 ******** ok: [sut] => { "changed": false, "cmd": [ "podman", "--version" ], "delta": "0:00:00.051325", "end": "2024-04-20 17:25:34.695738", "rc": 0, "start": "2024-04-20 17:25:34.644413" } STDOUT: podman version 4.9.4-dev TASK [fedora.linux_system_roles.podman : Set podman version] ******************* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:28 Saturday 20 April 2024 17:25:34 +0000 (0:00:00.254) 0:01:10.148 ******** ok: [sut] => { "ansible_facts": { "podman_version": "4.9.4-dev" }, "changed": false } TASK [fedora.linux_system_roles.podman : Podman package version must be 4.2 or later] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:32 Saturday 20 April 2024 17:25:34 +0000 (0:00:00.019) 0:01:10.168 ******** skipping: [sut] => { "changed": false, "false_condition": "podman_version is version(\"4.2\", \"<\")", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Podman package version must be 4.4 or later for quadlet, secrets] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:39 Saturday 20 April 2024 17:25:34 +0000 (0:00:00.019) 0:01:10.188 ******** skipping: [sut] => { "changed": false, "false_condition": "(podman_quadlet_specs | length > 0) or (podman_secrets | length > 0)", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Podman package version must be 4.4 or later for quadlet, secrets] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:49 Saturday 20 April 2024 17:25:34 +0000 (0:00:00.017) 0:01:10.205 ******** META: end_host conditional evaluated to False, continuing execution for sut skipping: [sut] => { "skip_reason": "end_host conditional evaluated to False, continuing execution for sut" } MSG: end_host conditional evaluated to false, continuing execution for sut TASK [fedora.linux_system_roles.podman : Check user and group information] ***** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:56 Saturday 20 April 2024 17:25:34 +0000 (0:00:00.019) 0:01:10.225 ******** included: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml for sut TASK [fedora.linux_system_roles.podman : Get user information] ***************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:2 Saturday 20 April 2024 17:25:34 +0000 (0:00:00.057) 0:01:10.283 ******** ok: [sut] => { "ansible_facts": { "getent_passwd": { "user1": [ "x", "1000", "1000", "", "/home/user1", "/bin/bash" ] } }, "changed": false } TASK [fedora.linux_system_roles.podman : Fail if user does not exist] ********** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:9 Saturday 20 April 2024 17:25:35 +0000 (0:00:00.208) 0:01:10.491 ******** skipping: [sut] => { "changed": false, "false_condition": "not ansible_facts[\"getent_passwd\"][__podman_user]", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Set group for podman user] ************ task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:16 Saturday 20 April 2024 17:25:35 +0000 (0:00:00.021) 0:01:10.512 ******** ok: [sut] => { "ansible_facts": { "__podman_group": "1000" }, "changed": false } TASK [fedora.linux_system_roles.podman : Get group information] **************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:27 Saturday 20 April 2024 17:25:35 +0000 (0:00:00.025) 0:01:10.538 ******** ok: [sut] => { "ansible_facts": { "getent_group": { "user1": [ "x", "1000", "" ] } }, "changed": false } TASK [fedora.linux_system_roles.podman : Set group name] *********************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:34 Saturday 20 April 2024 17:25:35 +0000 (0:00:00.206) 0:01:10.744 ******** ok: [sut] => { "ansible_facts": { "__podman_group_name": "user1" }, "changed": false } TASK [fedora.linux_system_roles.podman : See if getsubids exists] ************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:38 Saturday 20 April 2024 17:25:35 +0000 (0:00:00.025) 0:01:10.769 ******** ok: [sut] => { "changed": false, "stat": { "atime": 1713633931.2642198, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 32, "charset": "binary", "checksum": "bb5b46ffbafcaa8c4021f3c8b3cb8594f48ef34b", "ctime": 1713633897.8199303, "dev": 51713, "device_type": 0, "executable": true, "exists": true, "gid": 0, "gr_name": "root", "inode": 6887897, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "application/x-sharedlib", "mode": "0755", "mtime": 1700557386.0, "nlink": 1, "path": "/usr/bin/getsubids", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 12640, "uid": 0, "version": "798932276", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": true, "xoth": true, "xusr": true } } TASK [fedora.linux_system_roles.podman : Check user with getsubids] ************ task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:49 Saturday 20 April 2024 17:25:35 +0000 (0:00:00.205) 0:01:10.975 ******** ok: [sut] => { "changed": false, "cmd": [ "getsubids", "user1" ], "delta": "0:00:00.004048", "end": "2024-04-20 17:25:35.727750", "rc": 0, "start": "2024-04-20 17:25:35.723702" } STDOUT: 0: user1 100000 65536 TASK [fedora.linux_system_roles.podman : Check group with getsubids] *********** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:54 Saturday 20 April 2024 17:25:35 +0000 (0:00:00.203) 0:01:11.178 ******** ok: [sut] => { "changed": false, "cmd": [ "getsubids", "-g", "user1" ], "delta": "0:00:00.004137", "end": "2024-04-20 17:25:35.930850", "rc": 0, "start": "2024-04-20 17:25:35.926713" } STDOUT: 0: user1 100000 65536 TASK [fedora.linux_system_roles.podman : Set user subuid and subgid info] ****** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:59 Saturday 20 April 2024 17:25:35 +0000 (0:00:00.203) 0:01:11.382 ******** ok: [sut] => { "ansible_facts": { "podman_subgid_info": { "user1": { "range": 65536, "start": 100000 } }, "podman_subuid_info": { "user1": { "range": 65536, "start": 100000 } } }, "changed": false } TASK [fedora.linux_system_roles.podman : Get subuid file] ********************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:73 Saturday 20 April 2024 17:25:35 +0000 (0:00:00.028) 0:01:11.410 ******** skipping: [sut] => { "changed": false, "false_condition": "not __podman_stat_getsubids.stat.exists", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Get subgid file] ********************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:78 Saturday 20 April 2024 17:25:36 +0000 (0:00:00.015) 0:01:11.426 ******** skipping: [sut] => { "changed": false, "false_condition": "not __podman_stat_getsubids.stat.exists", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Set user subuid and subgid info] ****** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:83 Saturday 20 April 2024 17:25:36 +0000 (0:00:00.016) 0:01:11.443 ******** skipping: [sut] => { "changed": false, "false_condition": "not __podman_stat_getsubids.stat.exists", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Fail if user not in subuid file] ****** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:93 Saturday 20 April 2024 17:25:36 +0000 (0:00:00.015) 0:01:11.459 ******** skipping: [sut] => { "changed": false, "false_condition": "not __podman_stat_getsubids.stat.exists", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Fail if group not in subgid file] ***** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:100 Saturday 20 April 2024 17:25:36 +0000 (0:00:00.016) 0:01:11.475 ******** skipping: [sut] => { "changed": false, "false_condition": "not __podman_stat_getsubids.stat.exists", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Set config file paths] **************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:62 Saturday 20 April 2024 17:25:36 +0000 (0:00:00.017) 0:01:11.492 ******** ok: [sut] => { "ansible_facts": { "__podman_container_conf_file": "/home/user1/.config/containers/containers.conf.d/50-systemroles.conf", "__podman_policy_json_file": "/home/user1/.config/containers/policy.json", "__podman_registries_conf_file": "/home/user1/.config/containers/registries.conf.d/50-systemroles.conf", "__podman_storage_conf_file": "/home/user1/.config/containers/storage.conf" }, "changed": false } TASK [fedora.linux_system_roles.podman : Handle container.conf.d] ************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:71 Saturday 20 April 2024 17:25:36 +0000 (0:00:00.039) 0:01:11.532 ******** included: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_container_conf_d.yml for sut TASK [fedora.linux_system_roles.podman : Ensure containers.d exists] *********** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_container_conf_d.yml:5 Saturday 20 April 2024 17:25:36 +0000 (0:00:00.032) 0:01:11.565 ******** changed: [sut] => { "changed": true, "gid": 0, "group": "root", "mode": "0755", "owner": "user1", "path": "/home/user1/.config/containers/containers.conf.d", "secontext": "unconfined_u:object_r:config_home_t:s0", "size": 6, "state": "directory", "uid": 1000 } TASK [fedora.linux_system_roles.podman : Update container config file] ********* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_container_conf_d.yml:13 Saturday 20 April 2024 17:25:36 +0000 (0:00:00.299) 0:01:11.864 ******** changed: [sut] => { "changed": true, "checksum": "94370d6e765779f1c58daf02f667b8f0b74d91f6", "dest": "/home/user1/.config/containers/containers.conf.d/50-systemroles.conf", "gid": 0, "group": "root", "md5sum": "6c7ebf8d89ccba8db738c4afe2b97f5a", "mode": "0644", "owner": "user1", "secontext": "unconfined_u:object_r:config_home_t:s0", "size": 116, "src": "/root/.ansible/tmp/ansible-tmp-1713633936.4816918-2484-71047823257513/source", "state": "file", "uid": 1000 } TASK [fedora.linux_system_roles.podman : Handle registries.conf.d] ************* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:74 Saturday 20 April 2024 17:25:37 +0000 (0:00:00.633) 0:01:12.498 ******** included: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_registries_conf_d.yml for sut TASK [fedora.linux_system_roles.podman : Ensure registries.d exists] *********** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_registries_conf_d.yml:5 Saturday 20 April 2024 17:25:37 +0000 (0:00:00.060) 0:01:12.559 ******** changed: [sut] => { "changed": true, "gid": 0, "group": "root", "mode": "0755", "owner": "user1", "path": "/home/user1/.config/containers/registries.conf.d", "secontext": "unconfined_u:object_r:config_home_t:s0", "size": 6, "state": "directory", "uid": 1000 } TASK [fedora.linux_system_roles.podman : Update registries config file] ******** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_registries_conf_d.yml:13 Saturday 20 April 2024 17:25:37 +0000 (0:00:00.213) 0:01:12.772 ******** changed: [sut] => { "changed": true, "checksum": "dfb9cd7094a81b3d1bb06512cc9b49a09c75639b", "dest": "/home/user1/.config/containers/registries.conf.d/50-systemroles.conf", "gid": 0, "group": "root", "md5sum": "92130a764e88fe669136f6cf26613a84", "mode": "0644", "owner": "user1", "secontext": "unconfined_u:object_r:config_home_t:s0", "size": 225, "src": "/root/.ansible/tmp/ansible-tmp-1713633937.3883312-2496-120540751752175/source", "state": "file", "uid": 1000 } TASK [fedora.linux_system_roles.podman : Handle storage.conf] ****************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:77 Saturday 20 April 2024 17:25:37 +0000 (0:00:00.544) 0:01:13.316 ******** included: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_storage_conf.yml for sut TASK [fedora.linux_system_roles.podman : Ensure storage.conf parent dir exists] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_storage_conf.yml:5 Saturday 20 April 2024 17:25:37 +0000 (0:00:00.035) 0:01:13.352 ******** ok: [sut] => { "changed": false, "gid": 0, "group": "root", "mode": "0755", "owner": "user1", "path": "/home/user1/.config/containers", "secontext": "unconfined_u:object_r:config_home_t:s0", "size": 56, "state": "directory", "uid": 1000 } TASK [fedora.linux_system_roles.podman : Update storage config file] *********** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_storage_conf.yml:13 Saturday 20 April 2024 17:25:38 +0000 (0:00:00.213) 0:01:13.565 ******** changed: [sut] => { "changed": true, "checksum": "d08574b6a1df63dbe1c939ff0bcc7c0b61d03044", "dest": "/home/user1/.config/containers/storage.conf", "gid": 0, "group": "root", "md5sum": "47c893f010daf00398b7ed40f434aa0e", "mode": "0644", "owner": "user1", "secontext": "unconfined_u:object_r:config_home_t:s0", "size": 109, "src": "/root/.ansible/tmp/ansible-tmp-1713633938.1814175-2508-147847841132684/source", "state": "file", "uid": 1000 } TASK [fedora.linux_system_roles.podman : Handle policy.json] ******************* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:80 Saturday 20 April 2024 17:25:38 +0000 (0:00:00.547) 0:01:14.113 ******** included: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_policy_json.yml for sut TASK [fedora.linux_system_roles.podman : Ensure policy.json parent dir exists] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_policy_json.yml:6 Saturday 20 April 2024 17:25:38 +0000 (0:00:00.035) 0:01:14.148 ******** ok: [sut] => { "changed": false, "gid": 0, "group": "root", "mode": "0755", "owner": "user1", "path": "/home/user1/.config/containers", "secontext": "unconfined_u:object_r:config_home_t:s0", "size": 76, "state": "directory", "uid": 1000 } TASK [fedora.linux_system_roles.podman : Stat the policy.json file] ************ task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_policy_json.yml:14 Saturday 20 April 2024 17:25:38 +0000 (0:00:00.212) 0:01:14.361 ******** ok: [sut] => { "changed": false, "stat": { "exists": false } } TASK [fedora.linux_system_roles.podman : Get the existing policy.json] ********* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_policy_json.yml:19 Saturday 20 April 2024 17:25:39 +0000 (0:00:00.196) 0:01:14.557 ******** skipping: [sut] => { "changed": false, "false_condition": "__podman_policy_stat.stat.exists", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Write new policy.json file] *********** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_policy_json.yml:25 Saturday 20 April 2024 17:25:39 +0000 (0:00:00.018) 0:01:14.576 ******** changed: [sut] => { "changed": true, "checksum": "6746c079ad563b735fc39f73d4876654b80b0a0d", "dest": "/home/user1/.config/containers/policy.json", "gid": 0, "group": "root", "md5sum": "443c1986d4a8657dddae55f350d122e2", "mode": "0644", "owner": "user1", "secontext": "unconfined_u:object_r:config_home_t:s0", "size": 67, "src": "/root/.ansible/tmp/ansible-tmp-1713633939.193737-2523-965988083262/source", "state": "file", "uid": 1000 } TASK [Manage firewall for specified ports] ************************************* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:86 Saturday 20 April 2024 17:25:39 +0000 (0:00:00.539) 0:01:15.116 ******** skipping: [sut] => { "changed": false, "false_condition": "podman_firewall | length > 0", "skip_reason": "Conditional result was False" } TASK [Manage selinux for specified ports] ************************************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:93 Saturday 20 April 2024 17:25:39 +0000 (0:00:00.018) 0:01:15.134 ******** skipping: [sut] => { "changed": false, "false_condition": "podman_selinux_ports | length > 0", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Keep track of users that need to cancel linger] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:100 Saturday 20 April 2024 17:25:39 +0000 (0:00:00.016) 0:01:15.150 ******** ok: [sut] => { "ansible_facts": { "__podman_cancel_user_linger": [] }, "changed": false } TASK [fedora.linux_system_roles.podman : Handle secrets] *********************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:104 Saturday 20 April 2024 17:25:39 +0000 (0:00:00.017) 0:01:15.168 ******** skipping: [sut] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } TASK [fedora.linux_system_roles.podman : Handle Kubernetes specifications] ***** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:111 Saturday 20 April 2024 17:25:39 +0000 (0:00:00.014) 0:01:15.183 ******** skipping: [sut] => { "changed": false, "skipped_reason": "No items in the list" } TASK [fedora.linux_system_roles.podman : Handle Quadlet specifications] ******** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:117 Saturday 20 April 2024 17:25:39 +0000 (0:00:00.014) 0:01:15.197 ******** skipping: [sut] => { "changed": false, "skipped_reason": "No items in the list" } TASK [fedora.linux_system_roles.podman : Cancel linger] ************************ task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:123 Saturday 20 April 2024 17:25:39 +0000 (0:00:00.038) 0:01:15.236 ******** skipping: [sut] => { "changed": false, "skipped_reason": "No items in the list" } TASK [Check that files exist and are non-null] ********************************* task path: /WORKDIR/git-weekly-cis0ow1621/tests/tests_config_files.yml:83 Saturday 20 April 2024 17:25:39 +0000 (0:00:00.025) 0:01:15.261 ******** ok: [sut] => (item=/home/user1/.config/containers/containers.conf.d/50-systemroles.conf) => { "ansible_loop_var": "item", "changed": false, "failed_when_result": false, "item": "/home/user1/.config/containers/containers.conf.d/50-systemroles.conf", "stat": { "atime": 1713633937.0119257, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "94370d6e765779f1c58daf02f667b8f0b74d91f6", "ctime": 1713633937.0199254, "dev": 51713, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 488636546, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0644", "mtime": 1713633936.7269404, "nlink": 1, "path": "/home/user1/.config/containers/containers.conf.d/50-systemroles.conf", "pw_name": "user1", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 116, "uid": 1000, "version": "3058675693", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } ok: [sut] => (item=/home/user1/.config/containers/registries.conf.d/50-systemroles.conf) => { "ansible_loop_var": "item", "changed": false, "failed_when_result": false, "item": "/home/user1/.config/containers/registries.conf.d/50-systemroles.conf", "stat": { "atime": 1713633937.827884, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "dfb9cd7094a81b3d1bb06512cc9b49a09c75639b", "ctime": 1713633937.8348837, "dev": 51713, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 499122438, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0644", "mtime": 1713633937.630894, "nlink": 1, "path": "/home/user1/.config/containers/registries.conf.d/50-systemroles.conf", "pw_name": "user1", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 225, "uid": 1000, "version": "2447014354", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } ok: [sut] => (item=/home/user1/.config/containers/storage.conf) => { "ansible_loop_var": "item", "changed": false, "failed_when_result": false, "item": "/home/user1/.config/containers/storage.conf", "stat": { "atime": 1713633938.6268432, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "d08574b6a1df63dbe1c939ff0bcc7c0b61d03044", "ctime": 1713633938.6338427, "dev": 51713, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 507511105, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0644", "mtime": 1713633938.4268534, "nlink": 1, "path": "/home/user1/.config/containers/storage.conf", "pw_name": "user1", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 109, "uid": 1000, "version": "2886569580", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } ok: [sut] => (item=/home/user1/.config/containers/policy.json) => { "ansible_loop_var": "item", "changed": false, "failed_when_result": false, "item": "/home/user1/.config/containers/policy.json", "stat": { "atime": 1713633939.627792, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "6746c079ad563b735fc39f73d4876654b80b0a0d", "ctime": 1713633939.6357915, "dev": 51713, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 517996806, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0644", "mtime": 1713633939.428802, "nlink": 1, "path": "/home/user1/.config/containers/policy.json", "pw_name": "user1", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 67, "uid": 1000, "version": "1922968559", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Run the role again with user config] ************************************* task path: /WORKDIR/git-weekly-cis0ow1621/tests/tests_config_files.yml:90 Saturday 20 April 2024 17:25:40 +0000 (0:00:00.790) 0:01:16.052 ******** TASK [fedora.linux_system_roles.podman : Set platform/version specific variables] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:3 Saturday 20 April 2024 17:25:40 +0000 (0:00:00.049) 0:01:16.101 ******** included: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/set_vars.yml for sut TASK [fedora.linux_system_roles.podman : Ensure ansible_facts used by role] **** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/set_vars.yml:3 Saturday 20 April 2024 17:25:40 +0000 (0:00:00.029) 0:01:16.131 ******** skipping: [sut] => { "changed": false, "false_condition": "__podman_required_facts | difference(ansible_facts.keys() | list) | length > 0", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Check if system is ostree] ************ task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/set_vars.yml:11 Saturday 20 April 2024 17:25:40 +0000 (0:00:00.022) 0:01:16.153 ******** skipping: [sut] => { "changed": false, "false_condition": "not __podman_is_ostree is defined", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Set flag to indicate system is ostree] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/set_vars.yml:16 Saturday 20 April 2024 17:25:40 +0000 (0:00:00.019) 0:01:16.172 ******** skipping: [sut] => { "changed": false, "false_condition": "not __podman_is_ostree is defined", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Set platform/version specific variables] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/set_vars.yml:20 Saturday 20 April 2024 17:25:40 +0000 (0:00:00.019) 0:01:16.192 ******** ok: [sut] => (item=RedHat.yml) => { "ansible_facts": { "__podman_packages": [ "podman", "shadow-utils-subid" ] }, "ansible_included_var_files": [ "/WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/vars/RedHat.yml" ], "ansible_loop_var": "item", "changed": false, "item": "RedHat.yml" } skipping: [sut] => (item=CentOS.yml) => { "ansible_loop_var": "item", "changed": false, "false_condition": "__vars_file is file", "item": "CentOS.yml", "skip_reason": "Conditional result was False" } ok: [sut] => (item=CentOS_8.yml) => { "ansible_facts": { "__podman_packages": [ "crun", "podman", "podman-plugins", "shadow-utils-subid" ] }, "ansible_included_var_files": [ "/WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/vars/CentOS_8.yml" ], "ansible_loop_var": "item", "changed": false, "item": "CentOS_8.yml" } ok: [sut] => (item=CentOS_8.yml) => { "ansible_facts": { "__podman_packages": [ "crun", "podman", "podman-plugins", "shadow-utils-subid" ] }, "ansible_included_var_files": [ "/WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/vars/CentOS_8.yml" ], "ansible_loop_var": "item", "changed": false, "item": "CentOS_8.yml" } TASK [fedora.linux_system_roles.podman : Gather the package facts] ************* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:6 Saturday 20 April 2024 17:25:40 +0000 (0:00:00.044) 0:01:16.236 ******** ok: [sut] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } TASK [fedora.linux_system_roles.podman : Enable copr if requested] ************* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:10 Saturday 20 April 2024 17:25:42 +0000 (0:00:01.334) 0:01:17.570 ******** skipping: [sut] => { "changed": false, "false_condition": "podman_use_copr | d(false)", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Ensure required packages are installed] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:14 Saturday 20 April 2024 17:25:42 +0000 (0:00:00.017) 0:01:17.587 ******** skipping: [sut] => { "changed": false, "false_condition": "(__podman_packages | difference(ansible_facts.packages))", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Get podman version] ******************* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:22 Saturday 20 April 2024 17:25:42 +0000 (0:00:00.020) 0:01:17.608 ******** ok: [sut] => { "changed": false, "cmd": [ "podman", "--version" ], "delta": "0:00:00.031613", "end": "2024-04-20 17:25:42.386758", "rc": 0, "start": "2024-04-20 17:25:42.355145" } STDOUT: podman version 4.9.4-dev TASK [fedora.linux_system_roles.podman : Set podman version] ******************* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:28 Saturday 20 April 2024 17:25:42 +0000 (0:00:00.230) 0:01:17.838 ******** ok: [sut] => { "ansible_facts": { "podman_version": "4.9.4-dev" }, "changed": false } TASK [fedora.linux_system_roles.podman : Podman package version must be 4.2 or later] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:32 Saturday 20 April 2024 17:25:42 +0000 (0:00:00.044) 0:01:17.883 ******** skipping: [sut] => { "changed": false, "false_condition": "podman_version is version(\"4.2\", \"<\")", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Podman package version must be 4.4 or later for quadlet, secrets] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:39 Saturday 20 April 2024 17:25:42 +0000 (0:00:00.020) 0:01:17.903 ******** skipping: [sut] => { "changed": false, "false_condition": "(podman_quadlet_specs | length > 0) or (podman_secrets | length > 0)", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Podman package version must be 4.4 or later for quadlet, secrets] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:49 Saturday 20 April 2024 17:25:42 +0000 (0:00:00.018) 0:01:17.922 ******** META: end_host conditional evaluated to False, continuing execution for sut skipping: [sut] => { "skip_reason": "end_host conditional evaluated to False, continuing execution for sut" } MSG: end_host conditional evaluated to false, continuing execution for sut TASK [fedora.linux_system_roles.podman : Check user and group information] ***** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:56 Saturday 20 April 2024 17:25:42 +0000 (0:00:00.021) 0:01:17.943 ******** included: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml for sut TASK [fedora.linux_system_roles.podman : Get user information] ***************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:2 Saturday 20 April 2024 17:25:42 +0000 (0:00:00.034) 0:01:17.978 ******** skipping: [sut] => { "changed": false, "false_condition": "'getent_passwd' not in ansible_facts or __podman_user not in ansible_facts['getent_passwd']", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Fail if user does not exist] ********** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:9 Saturday 20 April 2024 17:25:42 +0000 (0:00:00.021) 0:01:17.999 ******** skipping: [sut] => { "changed": false, "false_condition": "not ansible_facts[\"getent_passwd\"][__podman_user]", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Set group for podman user] ************ task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:16 Saturday 20 April 2024 17:25:42 +0000 (0:00:00.020) 0:01:18.019 ******** ok: [sut] => { "ansible_facts": { "__podman_group": "1000" }, "changed": false } TASK [fedora.linux_system_roles.podman : Get group information] **************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:27 Saturday 20 April 2024 17:25:42 +0000 (0:00:00.027) 0:01:18.047 ******** ok: [sut] => { "ansible_facts": { "getent_group": { "user1": [ "x", "1000", "" ] } }, "changed": false } TASK [fedora.linux_system_roles.podman : Set group name] *********************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:34 Saturday 20 April 2024 17:25:42 +0000 (0:00:00.203) 0:01:18.250 ******** ok: [sut] => { "ansible_facts": { "__podman_group_name": "user1" }, "changed": false } TASK [fedora.linux_system_roles.podman : See if getsubids exists] ************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:38 Saturday 20 April 2024 17:25:42 +0000 (0:00:00.025) 0:01:18.276 ******** ok: [sut] => { "changed": false, "stat": { "atime": 1713633931.2642198, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 32, "charset": "binary", "checksum": "bb5b46ffbafcaa8c4021f3c8b3cb8594f48ef34b", "ctime": 1713633897.8199303, "dev": 51713, "device_type": 0, "executable": true, "exists": true, "gid": 0, "gr_name": "root", "inode": 6887897, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "application/x-sharedlib", "mode": "0755", "mtime": 1700557386.0, "nlink": 1, "path": "/usr/bin/getsubids", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 12640, "uid": 0, "version": "798932276", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": true, "xoth": true, "xusr": true } } TASK [fedora.linux_system_roles.podman : Check user with getsubids] ************ task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:49 Saturday 20 April 2024 17:25:43 +0000 (0:00:00.205) 0:01:18.481 ******** ok: [sut] => { "changed": false, "cmd": [ "getsubids", "user1" ], "delta": "0:00:00.004172", "end": "2024-04-20 17:25:43.234710", "rc": 0, "start": "2024-04-20 17:25:43.230538" } STDOUT: 0: user1 100000 65536 TASK [fedora.linux_system_roles.podman : Check group with getsubids] *********** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:54 Saturday 20 April 2024 17:25:43 +0000 (0:00:00.204) 0:01:18.686 ******** ok: [sut] => { "changed": false, "cmd": [ "getsubids", "-g", "user1" ], "delta": "0:00:00.004131", "end": "2024-04-20 17:25:43.441076", "rc": 0, "start": "2024-04-20 17:25:43.436945" } STDOUT: 0: user1 100000 65536 TASK [fedora.linux_system_roles.podman : Set user subuid and subgid info] ****** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:59 Saturday 20 April 2024 17:25:43 +0000 (0:00:00.206) 0:01:18.892 ******** ok: [sut] => { "ansible_facts": { "podman_subgid_info": { "user1": { "range": 65536, "start": 100000 } }, "podman_subuid_info": { "user1": { "range": 65536, "start": 100000 } } }, "changed": false } TASK [fedora.linux_system_roles.podman : Get subuid file] ********************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:73 Saturday 20 April 2024 17:25:43 +0000 (0:00:00.027) 0:01:18.920 ******** skipping: [sut] => { "changed": false, "false_condition": "not __podman_stat_getsubids.stat.exists", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Get subgid file] ********************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:78 Saturday 20 April 2024 17:25:43 +0000 (0:00:00.016) 0:01:18.937 ******** skipping: [sut] => { "changed": false, "false_condition": "not __podman_stat_getsubids.stat.exists", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Set user subuid and subgid info] ****** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:83 Saturday 20 April 2024 17:25:43 +0000 (0:00:00.016) 0:01:18.953 ******** skipping: [sut] => { "changed": false, "false_condition": "not __podman_stat_getsubids.stat.exists", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Fail if user not in subuid file] ****** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:93 Saturday 20 April 2024 17:25:43 +0000 (0:00:00.017) 0:01:18.970 ******** skipping: [sut] => { "changed": false, "false_condition": "not __podman_stat_getsubids.stat.exists", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Fail if group not in subgid file] ***** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:100 Saturday 20 April 2024 17:25:43 +0000 (0:00:00.017) 0:01:18.987 ******** skipping: [sut] => { "changed": false, "false_condition": "not __podman_stat_getsubids.stat.exists", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Set config file paths] **************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:62 Saturday 20 April 2024 17:25:43 +0000 (0:00:00.044) 0:01:19.032 ******** ok: [sut] => { "ansible_facts": { "__podman_container_conf_file": "/home/user1/.config/containers/containers.conf.d/50-systemroles.conf", "__podman_policy_json_file": "/home/user1/.config/containers/policy.json", "__podman_registries_conf_file": "/home/user1/.config/containers/registries.conf.d/50-systemroles.conf", "__podman_storage_conf_file": "/home/user1/.config/containers/storage.conf" }, "changed": false } TASK [fedora.linux_system_roles.podman : Handle container.conf.d] ************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:71 Saturday 20 April 2024 17:25:43 +0000 (0:00:00.038) 0:01:19.070 ******** included: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_container_conf_d.yml for sut TASK [fedora.linux_system_roles.podman : Ensure containers.d exists] *********** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_container_conf_d.yml:5 Saturday 20 April 2024 17:25:43 +0000 (0:00:00.036) 0:01:19.107 ******** ok: [sut] => { "changed": false, "gid": 0, "group": "root", "mode": "0755", "owner": "user1", "path": "/home/user1/.config/containers/containers.conf.d", "secontext": "unconfined_u:object_r:config_home_t:s0", "size": 33, "state": "directory", "uid": 1000 } TASK [fedora.linux_system_roles.podman : Update container config file] ********* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_container_conf_d.yml:13 Saturday 20 April 2024 17:25:43 +0000 (0:00:00.213) 0:01:19.320 ******** ok: [sut] => { "changed": false, "checksum": "94370d6e765779f1c58daf02f667b8f0b74d91f6", "dest": "/home/user1/.config/containers/containers.conf.d/50-systemroles.conf", "gid": 0, "group": "root", "mode": "0644", "owner": "user1", "path": "/home/user1/.config/containers/containers.conf.d/50-systemroles.conf", "secontext": "unconfined_u:object_r:config_home_t:s0", "size": 116, "state": "file", "uid": 1000 } TASK [fedora.linux_system_roles.podman : Handle registries.conf.d] ************* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:74 Saturday 20 April 2024 17:25:44 +0000 (0:00:00.493) 0:01:19.814 ******** included: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_registries_conf_d.yml for sut TASK [fedora.linux_system_roles.podman : Ensure registries.d exists] *********** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_registries_conf_d.yml:5 Saturday 20 April 2024 17:25:44 +0000 (0:00:00.034) 0:01:19.849 ******** ok: [sut] => { "changed": false, "gid": 0, "group": "root", "mode": "0755", "owner": "user1", "path": "/home/user1/.config/containers/registries.conf.d", "secontext": "unconfined_u:object_r:config_home_t:s0", "size": 33, "state": "directory", "uid": 1000 } TASK [fedora.linux_system_roles.podman : Update registries config file] ******** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_registries_conf_d.yml:13 Saturday 20 April 2024 17:25:44 +0000 (0:00:00.215) 0:01:20.064 ******** ok: [sut] => { "changed": false, "checksum": "dfb9cd7094a81b3d1bb06512cc9b49a09c75639b", "dest": "/home/user1/.config/containers/registries.conf.d/50-systemroles.conf", "gid": 0, "group": "root", "mode": "0644", "owner": "user1", "path": "/home/user1/.config/containers/registries.conf.d/50-systemroles.conf", "secontext": "unconfined_u:object_r:config_home_t:s0", "size": 225, "state": "file", "uid": 1000 } TASK [fedora.linux_system_roles.podman : Handle storage.conf] ****************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:77 Saturday 20 April 2024 17:25:45 +0000 (0:00:00.497) 0:01:20.562 ******** included: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_storage_conf.yml for sut TASK [fedora.linux_system_roles.podman : Ensure storage.conf parent dir exists] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_storage_conf.yml:5 Saturday 20 April 2024 17:25:45 +0000 (0:00:00.035) 0:01:20.597 ******** ok: [sut] => { "changed": false, "gid": 0, "group": "root", "mode": "0755", "owner": "user1", "path": "/home/user1/.config/containers", "secontext": "unconfined_u:object_r:config_home_t:s0", "size": 95, "state": "directory", "uid": 1000 } TASK [fedora.linux_system_roles.podman : Update storage config file] *********** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_storage_conf.yml:13 Saturday 20 April 2024 17:25:45 +0000 (0:00:00.213) 0:01:20.810 ******** ok: [sut] => { "changed": false, "checksum": "d08574b6a1df63dbe1c939ff0bcc7c0b61d03044", "dest": "/home/user1/.config/containers/storage.conf", "gid": 0, "group": "root", "mode": "0644", "owner": "user1", "path": "/home/user1/.config/containers/storage.conf", "secontext": "unconfined_u:object_r:config_home_t:s0", "size": 109, "state": "file", "uid": 1000 } TASK [fedora.linux_system_roles.podman : Handle policy.json] ******************* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:80 Saturday 20 April 2024 17:25:45 +0000 (0:00:00.497) 0:01:21.307 ******** included: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_policy_json.yml for sut TASK [fedora.linux_system_roles.podman : Ensure policy.json parent dir exists] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_policy_json.yml:6 Saturday 20 April 2024 17:25:45 +0000 (0:00:00.037) 0:01:21.344 ******** ok: [sut] => { "changed": false, "gid": 0, "group": "root", "mode": "0755", "owner": "user1", "path": "/home/user1/.config/containers", "secontext": "unconfined_u:object_r:config_home_t:s0", "size": 95, "state": "directory", "uid": 1000 } TASK [fedora.linux_system_roles.podman : Stat the policy.json file] ************ task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_policy_json.yml:14 Saturday 20 April 2024 17:25:46 +0000 (0:00:00.215) 0:01:21.560 ******** ok: [sut] => { "changed": false, "stat": { "atime": 1713633940.5887427, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "6746c079ad563b735fc39f73d4876654b80b0a0d", "ctime": 1713633939.6357915, "dev": 51713, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 517996806, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0644", "mtime": 1713633939.428802, "nlink": 1, "path": "/home/user1/.config/containers/policy.json", "pw_name": "user1", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 67, "uid": 1000, "version": "1922968559", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [fedora.linux_system_roles.podman : Get the existing policy.json] ********* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_policy_json.yml:19 Saturday 20 April 2024 17:25:46 +0000 (0:00:00.210) 0:01:21.770 ******** ok: [sut] => { "changed": false, "content": "ewogICAgImRlZmF1bHQiOiB7CiAgICAgICAgInR5cGUiOiAiaW5zZWN1cmVBY2NlcHRBbnl0aGluZyIKICAgIH0KfQ==", "encoding": "base64", "source": "/home/user1/.config/containers/policy.json" } TASK [fedora.linux_system_roles.podman : Write new policy.json file] *********** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_policy_json.yml:25 Saturday 20 April 2024 17:25:46 +0000 (0:00:00.308) 0:01:22.079 ******** skipping: [sut] => { "changed": false, "false_condition": "__policy_existing != podman_policy_json", "skip_reason": "Conditional result was False" } TASK [Manage firewall for specified ports] ************************************* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:86 Saturday 20 April 2024 17:25:46 +0000 (0:00:00.020) 0:01:22.099 ******** skipping: [sut] => { "changed": false, "false_condition": "podman_firewall | length > 0", "skip_reason": "Conditional result was False" } TASK [Manage selinux for specified ports] ************************************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:93 Saturday 20 April 2024 17:25:46 +0000 (0:00:00.017) 0:01:22.117 ******** skipping: [sut] => { "changed": false, "false_condition": "podman_selinux_ports | length > 0", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Keep track of users that need to cancel linger] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:100 Saturday 20 April 2024 17:25:46 +0000 (0:00:00.017) 0:01:22.134 ******** ok: [sut] => { "ansible_facts": { "__podman_cancel_user_linger": [] }, "changed": false } TASK [fedora.linux_system_roles.podman : Handle secrets] *********************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:104 Saturday 20 April 2024 17:25:46 +0000 (0:00:00.018) 0:01:22.153 ******** skipping: [sut] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } TASK [fedora.linux_system_roles.podman : Handle Kubernetes specifications] ***** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:111 Saturday 20 April 2024 17:25:46 +0000 (0:00:00.014) 0:01:22.168 ******** skipping: [sut] => { "changed": false, "skipped_reason": "No items in the list" } TASK [fedora.linux_system_roles.podman : Handle Quadlet specifications] ******** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:117 Saturday 20 April 2024 17:25:46 +0000 (0:00:00.015) 0:01:22.183 ******** skipping: [sut] => { "changed": false, "skipped_reason": "No items in the list" } TASK [fedora.linux_system_roles.podman : Cancel linger] ************************ task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:123 Saturday 20 April 2024 17:25:46 +0000 (0:00:00.014) 0:01:22.198 ******** skipping: [sut] => { "changed": false, "skipped_reason": "No items in the list" } TASK [Check that files still exist and are non-null] *************************** task path: /WORKDIR/git-weekly-cis0ow1621/tests/tests_config_files.yml:97 Saturday 20 April 2024 17:25:46 +0000 (0:00:00.023) 0:01:22.222 ******** ok: [sut] => (item=/home/user1/.config/containers/containers.conf.d/50-systemroles.conf) => { "ansible_loop_var": "item", "changed": false, "failed_when_result": false, "item": "/home/user1/.config/containers/containers.conf.d/50-systemroles.conf", "stat": { "atime": 1713633940.0077724, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "94370d6e765779f1c58daf02f667b8f0b74d91f6", "ctime": 1713633937.0199254, "dev": 51713, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 488636546, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0644", "mtime": 1713633936.7269404, "nlink": 1, "path": "/home/user1/.config/containers/containers.conf.d/50-systemroles.conf", "pw_name": "user1", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 116, "uid": 1000, "version": "3058675693", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } ok: [sut] => (item=/home/user1/.config/containers/registries.conf.d/50-systemroles.conf) => { "ansible_loop_var": "item", "changed": false, "failed_when_result": false, "item": "/home/user1/.config/containers/registries.conf.d/50-systemroles.conf", "stat": { "atime": 1713633940.1997626, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "dfb9cd7094a81b3d1bb06512cc9b49a09c75639b", "ctime": 1713633937.8348837, "dev": 51713, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 499122438, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0644", "mtime": 1713633937.630894, "nlink": 1, "path": "/home/user1/.config/containers/registries.conf.d/50-systemroles.conf", "pw_name": "user1", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 225, "uid": 1000, "version": "2447014354", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } ok: [sut] => (item=/home/user1/.config/containers/storage.conf) => { "ansible_loop_var": "item", "changed": false, "failed_when_result": false, "item": "/home/user1/.config/containers/storage.conf", "stat": { "atime": 1713633940.3967526, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "d08574b6a1df63dbe1c939ff0bcc7c0b61d03044", "ctime": 1713633938.6338427, "dev": 51713, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 507511105, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0644", "mtime": 1713633938.4268534, "nlink": 1, "path": "/home/user1/.config/containers/storage.conf", "pw_name": "user1", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 109, "uid": 1000, "version": "2886569580", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } ok: [sut] => (item=/home/user1/.config/containers/policy.json) => { "ansible_loop_var": "item", "changed": false, "failed_when_result": false, "item": "/home/user1/.config/containers/policy.json", "stat": { "atime": 1713633940.5887427, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "6746c079ad563b735fc39f73d4876654b80b0a0d", "ctime": 1713633939.6357915, "dev": 51713, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 517996806, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0644", "mtime": 1713633939.428802, "nlink": 1, "path": "/home/user1/.config/containers/policy.json", "pw_name": "user1", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 67, "uid": 1000, "version": "1922968559", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Run the role with root config] ******************************************* task path: /WORKDIR/git-weekly-cis0ow1621/tests/tests_config_files.yml:104 Saturday 20 April 2024 17:25:47 +0000 (0:00:00.784) 0:01:23.007 ******** TASK [fedora.linux_system_roles.podman : Set platform/version specific variables] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:3 Saturday 20 April 2024 17:25:47 +0000 (0:00:00.055) 0:01:23.062 ******** included: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/set_vars.yml for sut TASK [fedora.linux_system_roles.podman : Ensure ansible_facts used by role] **** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/set_vars.yml:3 Saturday 20 April 2024 17:25:47 +0000 (0:00:00.029) 0:01:23.092 ******** skipping: [sut] => { "changed": false, "false_condition": "__podman_required_facts | difference(ansible_facts.keys() | list) | length > 0", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Check if system is ostree] ************ task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/set_vars.yml:11 Saturday 20 April 2024 17:25:47 +0000 (0:00:00.023) 0:01:23.115 ******** skipping: [sut] => { "changed": false, "false_condition": "not __podman_is_ostree is defined", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Set flag to indicate system is ostree] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/set_vars.yml:16 Saturday 20 April 2024 17:25:47 +0000 (0:00:00.019) 0:01:23.135 ******** skipping: [sut] => { "changed": false, "false_condition": "not __podman_is_ostree is defined", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Set platform/version specific variables] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/set_vars.yml:20 Saturday 20 April 2024 17:25:47 +0000 (0:00:00.020) 0:01:23.156 ******** ok: [sut] => (item=RedHat.yml) => { "ansible_facts": { "__podman_packages": [ "podman", "shadow-utils-subid" ] }, "ansible_included_var_files": [ "/WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/vars/RedHat.yml" ], "ansible_loop_var": "item", "changed": false, "item": "RedHat.yml" } skipping: [sut] => (item=CentOS.yml) => { "ansible_loop_var": "item", "changed": false, "false_condition": "__vars_file is file", "item": "CentOS.yml", "skip_reason": "Conditional result was False" } ok: [sut] => (item=CentOS_8.yml) => { "ansible_facts": { "__podman_packages": [ "crun", "podman", "podman-plugins", "shadow-utils-subid" ] }, "ansible_included_var_files": [ "/WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/vars/CentOS_8.yml" ], "ansible_loop_var": "item", "changed": false, "item": "CentOS_8.yml" } ok: [sut] => (item=CentOS_8.yml) => { "ansible_facts": { "__podman_packages": [ "crun", "podman", "podman-plugins", "shadow-utils-subid" ] }, "ansible_included_var_files": [ "/WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/vars/CentOS_8.yml" ], "ansible_loop_var": "item", "changed": false, "item": "CentOS_8.yml" } TASK [fedora.linux_system_roles.podman : Gather the package facts] ************* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:6 Saturday 20 April 2024 17:25:47 +0000 (0:00:00.044) 0:01:23.200 ******** ok: [sut] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } TASK [fedora.linux_system_roles.podman : Enable copr if requested] ************* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:10 Saturday 20 April 2024 17:25:49 +0000 (0:00:01.392) 0:01:24.593 ******** skipping: [sut] => { "changed": false, "false_condition": "podman_use_copr | d(false)", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Ensure required packages are installed] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:14 Saturday 20 April 2024 17:25:49 +0000 (0:00:00.020) 0:01:24.613 ******** skipping: [sut] => { "changed": false, "false_condition": "(__podman_packages | difference(ansible_facts.packages))", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Get podman version] ******************* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:22 Saturday 20 April 2024 17:25:49 +0000 (0:00:00.022) 0:01:24.636 ******** ok: [sut] => { "changed": false, "cmd": [ "podman", "--version" ], "delta": "0:00:00.033897", "end": "2024-04-20 17:25:49.431254", "rc": 0, "start": "2024-04-20 17:25:49.397357" } STDOUT: podman version 4.9.4-dev TASK [fedora.linux_system_roles.podman : Set podman version] ******************* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:28 Saturday 20 April 2024 17:25:49 +0000 (0:00:00.247) 0:01:24.884 ******** ok: [sut] => { "ansible_facts": { "podman_version": "4.9.4-dev" }, "changed": false } TASK [fedora.linux_system_roles.podman : Podman package version must be 4.2 or later] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:32 Saturday 20 April 2024 17:25:49 +0000 (0:00:00.020) 0:01:24.904 ******** skipping: [sut] => { "changed": false, "false_condition": "podman_version is version(\"4.2\", \"<\")", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Podman package version must be 4.4 or later for quadlet, secrets] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:39 Saturday 20 April 2024 17:25:49 +0000 (0:00:00.020) 0:01:24.925 ******** skipping: [sut] => { "changed": false, "false_condition": "(podman_quadlet_specs | length > 0) or (podman_secrets | length > 0)", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Podman package version must be 4.4 or later for quadlet, secrets] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:49 Saturday 20 April 2024 17:25:49 +0000 (0:00:00.018) 0:01:24.944 ******** META: end_host conditional evaluated to False, continuing execution for sut skipping: [sut] => { "skip_reason": "end_host conditional evaluated to False, continuing execution for sut" } MSG: end_host conditional evaluated to false, continuing execution for sut TASK [fedora.linux_system_roles.podman : Check user and group information] ***** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:56 Saturday 20 April 2024 17:25:49 +0000 (0:00:00.020) 0:01:24.964 ******** included: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml for sut TASK [fedora.linux_system_roles.podman : Get user information] ***************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:2 Saturday 20 April 2024 17:25:49 +0000 (0:00:00.036) 0:01:25.000 ******** ok: [sut] => { "ansible_facts": { "getent_passwd": { "root": [ "x", "0", "0", "root", "/root", "/bin/bash" ] } }, "changed": false } TASK [fedora.linux_system_roles.podman : Fail if user does not exist] ********** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:9 Saturday 20 April 2024 17:25:49 +0000 (0:00:00.205) 0:01:25.206 ******** skipping: [sut] => { "changed": false, "false_condition": "not ansible_facts[\"getent_passwd\"][__podman_user]", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Set group for podman user] ************ task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:16 Saturday 20 April 2024 17:25:49 +0000 (0:00:00.021) 0:01:25.227 ******** ok: [sut] => { "ansible_facts": { "__podman_group": "0" }, "changed": false } TASK [fedora.linux_system_roles.podman : Get group information] **************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:27 Saturday 20 April 2024 17:25:49 +0000 (0:00:00.026) 0:01:25.254 ******** ok: [sut] => { "ansible_facts": { "getent_group": { "root": [ "x", "0", "" ] } }, "changed": false } TASK [fedora.linux_system_roles.podman : Set group name] *********************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:34 Saturday 20 April 2024 17:25:50 +0000 (0:00:00.207) 0:01:25.461 ******** ok: [sut] => { "ansible_facts": { "__podman_group_name": "root" }, "changed": false } TASK [fedora.linux_system_roles.podman : See if getsubids exists] ************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:38 Saturday 20 April 2024 17:25:50 +0000 (0:00:00.027) 0:01:25.489 ******** ok: [sut] => { "changed": false, "stat": { "atime": 1713633931.2642198, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 32, "charset": "binary", "checksum": "bb5b46ffbafcaa8c4021f3c8b3cb8594f48ef34b", "ctime": 1713633897.8199303, "dev": 51713, "device_type": 0, "executable": true, "exists": true, "gid": 0, "gr_name": "root", "inode": 6887897, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "application/x-sharedlib", "mode": "0755", "mtime": 1700557386.0, "nlink": 1, "path": "/usr/bin/getsubids", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 12640, "uid": 0, "version": "798932276", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": true, "xoth": true, "xusr": true } } TASK [fedora.linux_system_roles.podman : Check user with getsubids] ************ task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:49 Saturday 20 April 2024 17:25:50 +0000 (0:00:00.206) 0:01:25.695 ******** skipping: [sut] => { "changed": false, "false_condition": "__podman_user not in [\"root\", \"0\"]", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Check group with getsubids] *********** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:54 Saturday 20 April 2024 17:25:50 +0000 (0:00:00.050) 0:01:25.746 ******** skipping: [sut] => { "changed": false, "false_condition": "__podman_user not in [\"root\", \"0\"]", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Set user subuid and subgid info] ****** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:59 Saturday 20 April 2024 17:25:50 +0000 (0:00:00.019) 0:01:25.765 ******** skipping: [sut] => { "changed": false, "false_condition": "__podman_user not in [\"root\", \"0\"]", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Get subuid file] ********************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:73 Saturday 20 April 2024 17:25:50 +0000 (0:00:00.018) 0:01:25.783 ******** skipping: [sut] => { "changed": false, "false_condition": "not __podman_stat_getsubids.stat.exists", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Get subgid file] ********************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:78 Saturday 20 April 2024 17:25:50 +0000 (0:00:00.017) 0:01:25.801 ******** skipping: [sut] => { "changed": false, "false_condition": "not __podman_stat_getsubids.stat.exists", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Set user subuid and subgid info] ****** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:83 Saturday 20 April 2024 17:25:50 +0000 (0:00:00.017) 0:01:25.818 ******** skipping: [sut] => { "changed": false, "false_condition": "not __podman_stat_getsubids.stat.exists", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Fail if user not in subuid file] ****** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:93 Saturday 20 April 2024 17:25:50 +0000 (0:00:00.017) 0:01:25.836 ******** skipping: [sut] => { "changed": false, "false_condition": "not __podman_stat_getsubids.stat.exists", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Fail if group not in subgid file] ***** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:100 Saturday 20 April 2024 17:25:50 +0000 (0:00:00.016) 0:01:25.853 ******** skipping: [sut] => { "changed": false, "false_condition": "not __podman_stat_getsubids.stat.exists", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Set config file paths] **************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:62 Saturday 20 April 2024 17:25:50 +0000 (0:00:00.017) 0:01:25.870 ******** ok: [sut] => { "ansible_facts": { "__podman_container_conf_file": "/etc/containers/containers.conf.d/50-systemroles.conf", "__podman_policy_json_file": "/etc/containers/policy.json", "__podman_registries_conf_file": "/etc/containers/registries.conf.d/50-systemroles.conf", "__podman_storage_conf_file": "/etc/containers/storage.conf" }, "changed": false } TASK [fedora.linux_system_roles.podman : Handle container.conf.d] ************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:71 Saturday 20 April 2024 17:25:50 +0000 (0:00:00.036) 0:01:25.907 ******** included: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_container_conf_d.yml for sut TASK [fedora.linux_system_roles.podman : Ensure containers.d exists] *********** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_container_conf_d.yml:5 Saturday 20 April 2024 17:25:50 +0000 (0:00:00.033) 0:01:25.941 ******** changed: [sut] => { "changed": true, "gid": 0, "group": "root", "mode": "0755", "owner": "root", "path": "/etc/containers/containers.conf.d", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.podman : Update container config file] ********* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_container_conf_d.yml:13 Saturday 20 April 2024 17:25:50 +0000 (0:00:00.215) 0:01:26.156 ******** changed: [sut] => { "changed": true, "checksum": "94370d6e765779f1c58daf02f667b8f0b74d91f6", "dest": "/etc/containers/containers.conf.d/50-systemroles.conf", "gid": 0, "group": "root", "md5sum": "6c7ebf8d89ccba8db738c4afe2b97f5a", "mode": "0644", "owner": "root", "secontext": "system_u:object_r:etc_t:s0", "size": 116, "src": "/root/.ansible/tmp/ansible-tmp-1713633950.773333-2663-160081469415413/source", "state": "file", "uid": 0 } TASK [fedora.linux_system_roles.podman : Handle registries.conf.d] ************* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:74 Saturday 20 April 2024 17:25:51 +0000 (0:00:00.554) 0:01:26.711 ******** included: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_registries_conf_d.yml for sut TASK [fedora.linux_system_roles.podman : Ensure registries.d exists] *********** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_registries_conf_d.yml:5 Saturday 20 April 2024 17:25:51 +0000 (0:00:00.035) 0:01:26.746 ******** ok: [sut] => { "changed": false, "gid": 0, "group": "root", "mode": "0755", "owner": "root", "path": "/etc/containers/registries.conf.d", "secontext": "system_u:object_r:etc_t:s0", "size": 107, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.podman : Update registries config file] ******** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_registries_conf_d.yml:13 Saturday 20 April 2024 17:25:51 +0000 (0:00:00.213) 0:01:26.960 ******** changed: [sut] => { "changed": true, "checksum": "dfb9cd7094a81b3d1bb06512cc9b49a09c75639b", "dest": "/etc/containers/registries.conf.d/50-systemroles.conf", "gid": 0, "group": "root", "md5sum": "92130a764e88fe669136f6cf26613a84", "mode": "0644", "owner": "root", "secontext": "system_u:object_r:etc_t:s0", "size": 225, "src": "/root/.ansible/tmp/ansible-tmp-1713633951.5777354-2675-217987742309877/source", "state": "file", "uid": 0 } TASK [fedora.linux_system_roles.podman : Handle storage.conf] ****************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:77 Saturday 20 April 2024 17:25:52 +0000 (0:00:00.546) 0:01:27.506 ******** included: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_storage_conf.yml for sut TASK [fedora.linux_system_roles.podman : Ensure storage.conf parent dir exists] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_storage_conf.yml:5 Saturday 20 April 2024 17:25:52 +0000 (0:00:00.035) 0:01:27.541 ******** ok: [sut] => { "changed": false, "gid": 0, "group": "root", "mode": "0755", "owner": "root", "path": "/etc/containers", "secontext": "system_u:object_r:etc_t:s0", "size": 179, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.podman : Update storage config file] *********** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_storage_conf.yml:13 Saturday 20 April 2024 17:25:52 +0000 (0:00:00.242) 0:01:27.784 ******** changed: [sut] => { "changed": true, "checksum": "d08574b6a1df63dbe1c939ff0bcc7c0b61d03044", "dest": "/etc/containers/storage.conf", "gid": 0, "group": "root", "md5sum": "47c893f010daf00398b7ed40f434aa0e", "mode": "0644", "owner": "root", "secontext": "system_u:object_r:etc_t:s0", "size": 109, "src": "/root/.ansible/tmp/ansible-tmp-1713633952.4014351-2687-88693945706582/source", "state": "file", "uid": 0 } TASK [fedora.linux_system_roles.podman : Handle policy.json] ******************* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:80 Saturday 20 April 2024 17:25:52 +0000 (0:00:00.559) 0:01:28.344 ******** included: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_policy_json.yml for sut TASK [fedora.linux_system_roles.podman : Ensure policy.json parent dir exists] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_policy_json.yml:6 Saturday 20 April 2024 17:25:52 +0000 (0:00:00.036) 0:01:28.381 ******** ok: [sut] => { "changed": false, "gid": 0, "group": "root", "mode": "0755", "owner": "root", "path": "/etc/containers", "secontext": "system_u:object_r:etc_t:s0", "size": 179, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.podman : Stat the policy.json file] ************ task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_policy_json.yml:14 Saturday 20 April 2024 17:25:53 +0000 (0:00:00.214) 0:01:28.595 ******** ok: [sut] => { "changed": false, "stat": { "atime": 1713633932.4181607, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "a71b1d310c167cdc95c2fc11e7835d5636768f14", "ctime": 1713633898.977871, "dev": 51713, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 381681985, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0644", "mtime": 1708358882.0, "nlink": 1, "path": "/etc/containers/policy.json", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 663, "uid": 0, "version": "924188989", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [fedora.linux_system_roles.podman : Get the existing policy.json] ********* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_policy_json.yml:19 Saturday 20 April 2024 17:25:53 +0000 (0:00:00.214) 0:01:28.809 ******** ok: [sut] => { "changed": false, "content": "ewogICAgImRlZmF1bHQiOiBbCiAgICAgICAgewogICAgICAgICAgICAidHlwZSI6ICJpbnNlY3VyZUFjY2VwdEFueXRoaW5nIgogICAgICAgIH0KICAgIF0sCiAgICAidHJhbnNwb3J0cyI6IHsKICAgICAgICAiZG9ja2VyIjogewoJICAgICJyZWdpc3RyeS5hY2Nlc3MucmVkaGF0LmNvbSI6IFsKCQl7CgkJICAgICJ0eXBlIjogInNpZ25lZEJ5IiwKCQkgICAgImtleVR5cGUiOiAiR1BHS2V5cyIsCgkJICAgICJrZXlQYXRocyI6IFsiL2V0Yy9wa2kvcnBtLWdwZy9SUE0tR1BHLUtFWS1yZWRoYXQtcmVsZWFzZSIsICIvZXRjL3BraS9ycG0tZ3BnL1JQTS1HUEctS0VZLXJlZGhhdC1iZXRhIl0KCQl9CgkgICAgXSwKCSAgICAicmVnaXN0cnkucmVkaGF0LmlvIjogWwoJCXsKCQkgICAgInR5cGUiOiAic2lnbmVkQnkiLAoJCSAgICAia2V5VHlwZSI6ICJHUEdLZXlzIiwKCQkgICAgImtleVBhdGhzIjogWyIvZXRjL3BraS9ycG0tZ3BnL1JQTS1HUEctS0VZLXJlZGhhdC1yZWxlYXNlIiwgIi9ldGMvcGtpL3JwbS1ncGcvUlBNLUdQRy1LRVktcmVkaGF0LWJldGEiXQoJCX0KCSAgICBdCgl9LAogICAgICAgICJkb2NrZXItZGFlbW9uIjogewoJICAgICIiOiBbCgkJewoJCSAgICAidHlwZSI6ICJpbnNlY3VyZUFjY2VwdEFueXRoaW5nIgoJCX0KCSAgICBdCgl9CiAgICB9Cn0K", "encoding": "base64", "source": "/etc/containers/policy.json" } TASK [fedora.linux_system_roles.podman : Write new policy.json file] *********** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_policy_json.yml:25 Saturday 20 April 2024 17:25:53 +0000 (0:00:00.197) 0:01:29.007 ******** changed: [sut] => { "changed": true, "checksum": "6746c079ad563b735fc39f73d4876654b80b0a0d", "dest": "/etc/containers/policy.json", "gid": 0, "group": "root", "md5sum": "443c1986d4a8657dddae55f350d122e2", "mode": "0644", "owner": "root", "secontext": "system_u:object_r:etc_t:s0", "size": 67, "src": "/root/.ansible/tmp/ansible-tmp-1713633953.6260793-2703-281203447476939/source", "state": "file", "uid": 0 } TASK [Manage firewall for specified ports] ************************************* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:86 Saturday 20 April 2024 17:25:54 +0000 (0:00:00.553) 0:01:29.560 ******** skipping: [sut] => { "changed": false, "false_condition": "podman_firewall | length > 0", "skip_reason": "Conditional result was False" } TASK [Manage selinux for specified ports] ************************************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:93 Saturday 20 April 2024 17:25:54 +0000 (0:00:00.018) 0:01:29.579 ******** skipping: [sut] => { "changed": false, "false_condition": "podman_selinux_ports | length > 0", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Keep track of users that need to cancel linger] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:100 Saturday 20 April 2024 17:25:54 +0000 (0:00:00.018) 0:01:29.597 ******** ok: [sut] => { "ansible_facts": { "__podman_cancel_user_linger": [] }, "changed": false } TASK [fedora.linux_system_roles.podman : Handle secrets] *********************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:104 Saturday 20 April 2024 17:25:54 +0000 (0:00:00.018) 0:01:29.616 ******** skipping: [sut] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } TASK [fedora.linux_system_roles.podman : Handle Kubernetes specifications] ***** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:111 Saturday 20 April 2024 17:25:54 +0000 (0:00:00.017) 0:01:29.633 ******** skipping: [sut] => { "changed": false, "skipped_reason": "No items in the list" } TASK [fedora.linux_system_roles.podman : Handle Quadlet specifications] ******** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:117 Saturday 20 April 2024 17:25:54 +0000 (0:00:00.015) 0:01:29.649 ******** skipping: [sut] => { "changed": false, "skipped_reason": "No items in the list" } TASK [fedora.linux_system_roles.podman : Cancel linger] ************************ task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:123 Saturday 20 April 2024 17:25:54 +0000 (0:00:00.016) 0:01:29.666 ******** skipping: [sut] => { "changed": false, "skipped_reason": "No items in the list" } TASK [Check that files exist and are non-null] ********************************* task path: /WORKDIR/git-weekly-cis0ow1621/tests/tests_config_files.yml:111 Saturday 20 April 2024 17:25:54 +0000 (0:00:00.026) 0:01:29.692 ******** ok: [sut] => (item=/etc/containers/containers.conf.d/50-systemroles.conf) => { "ansible_loop_var": "item", "changed": false, "failed_when_result": false, "item": "/etc/containers/containers.conf.d/50-systemroles.conf", "stat": { "atime": 1713633951.221199, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "94370d6e765779f1c58daf02f667b8f0b74d91f6", "ctime": 1713633951.2251987, "dev": 51713, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 73400641, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0644", "mtime": 1713633951.024209, "nlink": 1, "path": "/etc/containers/containers.conf.d/50-systemroles.conf", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 116, "uid": 0, "version": "2737851893", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } ok: [sut] => (item=/etc/containers/registries.conf.d/50-systemroles.conf) => { "ansible_loop_var": "item", "changed": false, "failed_when_result": false, "item": "/etc/containers/registries.conf.d/50-systemroles.conf", "stat": { "atime": 1713633952.0171583, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "dfb9cd7094a81b3d1bb06512cc9b49a09c75639b", "ctime": 1713633952.021158, "dev": 51713, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 81789249, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0644", "mtime": 1713633951.822168, "nlink": 1, "path": "/etc/containers/registries.conf.d/50-systemroles.conf", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 225, "uid": 0, "version": "1803577741", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } ok: [sut] => (item=/etc/containers/storage.conf) => { "ansible_loop_var": "item", "changed": false, "failed_when_result": false, "item": "/etc/containers/storage.conf", "stat": { "atime": 1713633952.8571153, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "d08574b6a1df63dbe1c939ff0bcc7c0b61d03044", "ctime": 1713633952.8581152, "dev": 51713, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 90177857, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0644", "mtime": 1713633952.6601253, "nlink": 1, "path": "/etc/containers/storage.conf", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 109, "uid": 0, "version": "2130975532", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } ok: [sut] => (item=/etc/containers/policy.json) => { "ansible_loop_var": "item", "changed": false, "failed_when_result": false, "item": "/etc/containers/policy.json", "stat": { "atime": 1713633954.0720532, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "6746c079ad563b735fc39f73d4876654b80b0a0d", "ctime": 1713633954.0730531, "dev": 51713, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 102760769, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0644", "mtime": 1713633953.8750632, "nlink": 1, "path": "/etc/containers/policy.json", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 67, "uid": 0, "version": "1848679944", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Run the role again with root config] ************************************* task path: /WORKDIR/git-weekly-cis0ow1621/tests/tests_config_files.yml:118 Saturday 20 April 2024 17:25:55 +0000 (0:00:00.786) 0:01:30.479 ******** TASK [fedora.linux_system_roles.podman : Set platform/version specific variables] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:3 Saturday 20 April 2024 17:25:55 +0000 (0:00:00.063) 0:01:30.542 ******** included: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/set_vars.yml for sut TASK [fedora.linux_system_roles.podman : Ensure ansible_facts used by role] **** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/set_vars.yml:3 Saturday 20 April 2024 17:25:55 +0000 (0:00:00.059) 0:01:30.602 ******** skipping: [sut] => { "changed": false, "false_condition": "__podman_required_facts | difference(ansible_facts.keys() | list) | length > 0", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Check if system is ostree] ************ task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/set_vars.yml:11 Saturday 20 April 2024 17:25:55 +0000 (0:00:00.023) 0:01:30.626 ******** skipping: [sut] => { "changed": false, "false_condition": "not __podman_is_ostree is defined", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Set flag to indicate system is ostree] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/set_vars.yml:16 Saturday 20 April 2024 17:25:55 +0000 (0:00:00.020) 0:01:30.646 ******** skipping: [sut] => { "changed": false, "false_condition": "not __podman_is_ostree is defined", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Set platform/version specific variables] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/set_vars.yml:20 Saturday 20 April 2024 17:25:55 +0000 (0:00:00.019) 0:01:30.666 ******** ok: [sut] => (item=RedHat.yml) => { "ansible_facts": { "__podman_packages": [ "podman", "shadow-utils-subid" ] }, "ansible_included_var_files": [ "/WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/vars/RedHat.yml" ], "ansible_loop_var": "item", "changed": false, "item": "RedHat.yml" } skipping: [sut] => (item=CentOS.yml) => { "ansible_loop_var": "item", "changed": false, "false_condition": "__vars_file is file", "item": "CentOS.yml", "skip_reason": "Conditional result was False" } ok: [sut] => (item=CentOS_8.yml) => { "ansible_facts": { "__podman_packages": [ "crun", "podman", "podman-plugins", "shadow-utils-subid" ] }, "ansible_included_var_files": [ "/WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/vars/CentOS_8.yml" ], "ansible_loop_var": "item", "changed": false, "item": "CentOS_8.yml" } ok: [sut] => (item=CentOS_8.yml) => { "ansible_facts": { "__podman_packages": [ "crun", "podman", "podman-plugins", "shadow-utils-subid" ] }, "ansible_included_var_files": [ "/WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/vars/CentOS_8.yml" ], "ansible_loop_var": "item", "changed": false, "item": "CentOS_8.yml" } TASK [fedora.linux_system_roles.podman : Gather the package facts] ************* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:6 Saturday 20 April 2024 17:25:55 +0000 (0:00:00.048) 0:01:30.715 ******** ok: [sut] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } TASK [fedora.linux_system_roles.podman : Enable copr if requested] ************* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:10 Saturday 20 April 2024 17:25:56 +0000 (0:00:01.334) 0:01:32.049 ******** skipping: [sut] => { "changed": false, "false_condition": "podman_use_copr | d(false)", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Ensure required packages are installed] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:14 Saturday 20 April 2024 17:25:56 +0000 (0:00:00.020) 0:01:32.069 ******** skipping: [sut] => { "changed": false, "false_condition": "(__podman_packages | difference(ansible_facts.packages))", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Get podman version] ******************* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:22 Saturday 20 April 2024 17:25:56 +0000 (0:00:00.021) 0:01:32.090 ******** ok: [sut] => { "changed": false, "cmd": [ "podman", "--version" ], "delta": "0:00:00.031727", "end": "2024-04-20 17:25:56.871168", "rc": 0, "start": "2024-04-20 17:25:56.839441" } STDOUT: podman version 4.9.4-dev STDERR: time="2024-04-20T17:25:56Z" level=warning msg="The storage 'driver' option should be set in /etc/containers/storage.conf. A driver was picked automatically." TASK [fedora.linux_system_roles.podman : Set podman version] ******************* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:28 Saturday 20 April 2024 17:25:56 +0000 (0:00:00.233) 0:01:32.324 ******** ok: [sut] => { "ansible_facts": { "podman_version": "4.9.4-dev" }, "changed": false } TASK [fedora.linux_system_roles.podman : Podman package version must be 4.2 or later] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:32 Saturday 20 April 2024 17:25:56 +0000 (0:00:00.020) 0:01:32.344 ******** skipping: [sut] => { "changed": false, "false_condition": "podman_version is version(\"4.2\", \"<\")", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Podman package version must be 4.4 or later for quadlet, secrets] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:39 Saturday 20 April 2024 17:25:56 +0000 (0:00:00.020) 0:01:32.364 ******** skipping: [sut] => { "changed": false, "false_condition": "(podman_quadlet_specs | length > 0) or (podman_secrets | length > 0)", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Podman package version must be 4.4 or later for quadlet, secrets] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:49 Saturday 20 April 2024 17:25:56 +0000 (0:00:00.018) 0:01:32.383 ******** META: end_host conditional evaluated to False, continuing execution for sut skipping: [sut] => { "skip_reason": "end_host conditional evaluated to False, continuing execution for sut" } MSG: end_host conditional evaluated to false, continuing execution for sut TASK [fedora.linux_system_roles.podman : Check user and group information] ***** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:56 Saturday 20 April 2024 17:25:56 +0000 (0:00:00.020) 0:01:32.403 ******** included: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml for sut TASK [fedora.linux_system_roles.podman : Get user information] ***************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:2 Saturday 20 April 2024 17:25:57 +0000 (0:00:00.064) 0:01:32.467 ******** skipping: [sut] => { "changed": false, "false_condition": "'getent_passwd' not in ansible_facts or __podman_user not in ansible_facts['getent_passwd']", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Fail if user does not exist] ********** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:9 Saturday 20 April 2024 17:25:57 +0000 (0:00:00.022) 0:01:32.489 ******** skipping: [sut] => { "changed": false, "false_condition": "not ansible_facts[\"getent_passwd\"][__podman_user]", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Set group for podman user] ************ task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:16 Saturday 20 April 2024 17:25:57 +0000 (0:00:00.022) 0:01:32.512 ******** ok: [sut] => { "ansible_facts": { "__podman_group": "0" }, "changed": false } TASK [fedora.linux_system_roles.podman : Get group information] **************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:27 Saturday 20 April 2024 17:25:57 +0000 (0:00:00.027) 0:01:32.540 ******** ok: [sut] => { "ansible_facts": { "getent_group": { "root": [ "x", "0", "" ] } }, "changed": false } TASK [fedora.linux_system_roles.podman : Set group name] *********************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:34 Saturday 20 April 2024 17:25:57 +0000 (0:00:00.207) 0:01:32.748 ******** ok: [sut] => { "ansible_facts": { "__podman_group_name": "root" }, "changed": false } TASK [fedora.linux_system_roles.podman : See if getsubids exists] ************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:38 Saturday 20 April 2024 17:25:57 +0000 (0:00:00.026) 0:01:32.775 ******** ok: [sut] => { "changed": false, "stat": { "atime": 1713633931.2642198, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 32, "charset": "binary", "checksum": "bb5b46ffbafcaa8c4021f3c8b3cb8594f48ef34b", "ctime": 1713633897.8199303, "dev": 51713, "device_type": 0, "executable": true, "exists": true, "gid": 0, "gr_name": "root", "inode": 6887897, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "application/x-sharedlib", "mode": "0755", "mtime": 1700557386.0, "nlink": 1, "path": "/usr/bin/getsubids", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 12640, "uid": 0, "version": "798932276", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": true, "xoth": true, "xusr": true } } TASK [fedora.linux_system_roles.podman : Check user with getsubids] ************ task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:49 Saturday 20 April 2024 17:25:57 +0000 (0:00:00.204) 0:01:32.980 ******** skipping: [sut] => { "changed": false, "false_condition": "__podman_user not in [\"root\", \"0\"]", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Check group with getsubids] *********** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:54 Saturday 20 April 2024 17:25:57 +0000 (0:00:00.018) 0:01:32.998 ******** skipping: [sut] => { "changed": false, "false_condition": "__podman_user not in [\"root\", \"0\"]", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Set user subuid and subgid info] ****** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:59 Saturday 20 April 2024 17:25:57 +0000 (0:00:00.017) 0:01:33.016 ******** skipping: [sut] => { "changed": false, "false_condition": "__podman_user not in [\"root\", \"0\"]", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Get subuid file] ********************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:73 Saturday 20 April 2024 17:25:57 +0000 (0:00:00.018) 0:01:33.034 ******** skipping: [sut] => { "changed": false, "false_condition": "not __podman_stat_getsubids.stat.exists", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Get subgid file] ********************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:78 Saturday 20 April 2024 17:25:57 +0000 (0:00:00.017) 0:01:33.051 ******** skipping: [sut] => { "changed": false, "false_condition": "not __podman_stat_getsubids.stat.exists", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Set user subuid and subgid info] ****** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:83 Saturday 20 April 2024 17:25:57 +0000 (0:00:00.018) 0:01:33.070 ******** skipping: [sut] => { "changed": false, "false_condition": "not __podman_stat_getsubids.stat.exists", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Fail if user not in subuid file] ****** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:93 Saturday 20 April 2024 17:25:57 +0000 (0:00:00.017) 0:01:33.087 ******** skipping: [sut] => { "changed": false, "false_condition": "not __podman_stat_getsubids.stat.exists", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Fail if group not in subgid file] ***** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_user_group.yml:100 Saturday 20 April 2024 17:25:57 +0000 (0:00:00.018) 0:01:33.106 ******** skipping: [sut] => { "changed": false, "false_condition": "not __podman_stat_getsubids.stat.exists", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Set config file paths] **************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:62 Saturday 20 April 2024 17:25:57 +0000 (0:00:00.018) 0:01:33.125 ******** ok: [sut] => { "ansible_facts": { "__podman_container_conf_file": "/etc/containers/containers.conf.d/50-systemroles.conf", "__podman_policy_json_file": "/etc/containers/policy.json", "__podman_registries_conf_file": "/etc/containers/registries.conf.d/50-systemroles.conf", "__podman_storage_conf_file": "/etc/containers/storage.conf" }, "changed": false } TASK [fedora.linux_system_roles.podman : Handle container.conf.d] ************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:71 Saturday 20 April 2024 17:25:57 +0000 (0:00:00.037) 0:01:33.162 ******** included: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_container_conf_d.yml for sut TASK [fedora.linux_system_roles.podman : Ensure containers.d exists] *********** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_container_conf_d.yml:5 Saturday 20 April 2024 17:25:57 +0000 (0:00:00.034) 0:01:33.197 ******** ok: [sut] => { "changed": false, "gid": 0, "group": "root", "mode": "0755", "owner": "root", "path": "/etc/containers/containers.conf.d", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 33, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.podman : Update container config file] ********* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_container_conf_d.yml:13 Saturday 20 April 2024 17:25:57 +0000 (0:00:00.217) 0:01:33.415 ******** ok: [sut] => { "changed": false, "checksum": "94370d6e765779f1c58daf02f667b8f0b74d91f6", "dest": "/etc/containers/containers.conf.d/50-systemroles.conf", "gid": 0, "group": "root", "mode": "0644", "owner": "root", "path": "/etc/containers/containers.conf.d/50-systemroles.conf", "secontext": "system_u:object_r:etc_t:s0", "size": 116, "state": "file", "uid": 0 } TASK [fedora.linux_system_roles.podman : Handle registries.conf.d] ************* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:74 Saturday 20 April 2024 17:25:58 +0000 (0:00:00.495) 0:01:33.910 ******** included: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_registries_conf_d.yml for sut TASK [fedora.linux_system_roles.podman : Ensure registries.d exists] *********** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_registries_conf_d.yml:5 Saturday 20 April 2024 17:25:58 +0000 (0:00:00.063) 0:01:33.974 ******** ok: [sut] => { "changed": false, "gid": 0, "group": "root", "mode": "0755", "owner": "root", "path": "/etc/containers/registries.conf.d", "secontext": "system_u:object_r:etc_t:s0", "size": 134, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.podman : Update registries config file] ******** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_registries_conf_d.yml:13 Saturday 20 April 2024 17:25:58 +0000 (0:00:00.213) 0:01:34.188 ******** ok: [sut] => { "changed": false, "checksum": "dfb9cd7094a81b3d1bb06512cc9b49a09c75639b", "dest": "/etc/containers/registries.conf.d/50-systemroles.conf", "gid": 0, "group": "root", "mode": "0644", "owner": "root", "path": "/etc/containers/registries.conf.d/50-systemroles.conf", "secontext": "system_u:object_r:etc_t:s0", "size": 225, "state": "file", "uid": 0 } TASK [fedora.linux_system_roles.podman : Handle storage.conf] ****************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:77 Saturday 20 April 2024 17:25:59 +0000 (0:00:00.494) 0:01:34.683 ******** included: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_storage_conf.yml for sut TASK [fedora.linux_system_roles.podman : Ensure storage.conf parent dir exists] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_storage_conf.yml:5 Saturday 20 April 2024 17:25:59 +0000 (0:00:00.036) 0:01:34.720 ******** ok: [sut] => { "changed": false, "gid": 0, "group": "root", "mode": "0755", "owner": "root", "path": "/etc/containers", "secontext": "system_u:object_r:etc_t:s0", "size": 179, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.podman : Update storage config file] *********** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_storage_conf.yml:13 Saturday 20 April 2024 17:25:59 +0000 (0:00:00.216) 0:01:34.936 ******** ok: [sut] => { "changed": false, "checksum": "d08574b6a1df63dbe1c939ff0bcc7c0b61d03044", "dest": "/etc/containers/storage.conf", "gid": 0, "group": "root", "mode": "0644", "owner": "root", "path": "/etc/containers/storage.conf", "secontext": "system_u:object_r:etc_t:s0", "size": 109, "state": "file", "uid": 0 } TASK [fedora.linux_system_roles.podman : Handle policy.json] ******************* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:80 Saturday 20 April 2024 17:26:00 +0000 (0:00:00.494) 0:01:35.431 ******** included: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_policy_json.yml for sut TASK [fedora.linux_system_roles.podman : Ensure policy.json parent dir exists] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_policy_json.yml:6 Saturday 20 April 2024 17:26:00 +0000 (0:00:00.036) 0:01:35.468 ******** ok: [sut] => { "changed": false, "gid": 0, "group": "root", "mode": "0755", "owner": "root", "path": "/etc/containers", "secontext": "system_u:object_r:etc_t:s0", "size": 179, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.podman : Stat the policy.json file] ************ task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_policy_json.yml:14 Saturday 20 April 2024 17:26:00 +0000 (0:00:00.215) 0:01:35.683 ******** ok: [sut] => { "changed": false, "stat": { "atime": 1713633955.0150049, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "6746c079ad563b735fc39f73d4876654b80b0a0d", "ctime": 1713633954.0730531, "dev": 51713, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 102760769, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0644", "mtime": 1713633953.8750632, "nlink": 1, "path": "/etc/containers/policy.json", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 67, "uid": 0, "version": "1848679944", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [fedora.linux_system_roles.podman : Get the existing policy.json] ********* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_policy_json.yml:19 Saturday 20 April 2024 17:26:00 +0000 (0:00:00.216) 0:01:35.900 ******** ok: [sut] => { "changed": false, "content": "ewogICAgImRlZmF1bHQiOiB7CiAgICAgICAgInR5cGUiOiAiaW5zZWN1cmVBY2NlcHRBbnl0aGluZyIKICAgIH0KfQ==", "encoding": "base64", "source": "/etc/containers/policy.json" } TASK [fedora.linux_system_roles.podman : Write new policy.json file] *********** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_policy_json.yml:25 Saturday 20 April 2024 17:26:00 +0000 (0:00:00.200) 0:01:36.100 ******** skipping: [sut] => { "changed": false, "false_condition": "__policy_existing != podman_policy_json", "skip_reason": "Conditional result was False" } TASK [Manage firewall for specified ports] ************************************* task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:86 Saturday 20 April 2024 17:26:00 +0000 (0:00:00.020) 0:01:36.120 ******** skipping: [sut] => { "changed": false, "false_condition": "podman_firewall | length > 0", "skip_reason": "Conditional result was False" } TASK [Manage selinux for specified ports] ************************************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:93 Saturday 20 April 2024 17:26:00 +0000 (0:00:00.017) 0:01:36.138 ******** skipping: [sut] => { "changed": false, "false_condition": "podman_selinux_ports | length > 0", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.podman : Keep track of users that need to cancel linger] *** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:100 Saturday 20 April 2024 17:26:00 +0000 (0:00:00.018) 0:01:36.156 ******** ok: [sut] => { "ansible_facts": { "__podman_cancel_user_linger": [] }, "changed": false } TASK [fedora.linux_system_roles.podman : Handle secrets] *********************** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:104 Saturday 20 April 2024 17:26:00 +0000 (0:00:00.018) 0:01:36.175 ******** skipping: [sut] => { "censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false } TASK [fedora.linux_system_roles.podman : Handle Kubernetes specifications] ***** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:111 Saturday 20 April 2024 17:26:00 +0000 (0:00:00.015) 0:01:36.191 ******** skipping: [sut] => { "changed": false, "skipped_reason": "No items in the list" } TASK [fedora.linux_system_roles.podman : Handle Quadlet specifications] ******** task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:117 Saturday 20 April 2024 17:26:00 +0000 (0:00:00.015) 0:01:36.206 ******** skipping: [sut] => { "changed": false, "skipped_reason": "No items in the list" } TASK [fedora.linux_system_roles.podman : Cancel linger] ************************ task path: /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:123 Saturday 20 April 2024 17:26:00 +0000 (0:00:00.044) 0:01:36.250 ******** skipping: [sut] => { "changed": false, "skipped_reason": "No items in the list" } TASK [Check that files still exist and are non-null] *************************** task path: /WORKDIR/git-weekly-cis0ow1621/tests/tests_config_files.yml:125 Saturday 20 April 2024 17:26:00 +0000 (0:00:00.025) 0:01:36.276 ******** ok: [sut] => (item=/etc/containers/containers.conf.d/50-systemroles.conf) => { "ansible_loop_var": "item", "changed": false, "failed_when_result": false, "item": "/etc/containers/containers.conf.d/50-systemroles.conf", "stat": { "atime": 1713633954.4420342, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "94370d6e765779f1c58daf02f667b8f0b74d91f6", "ctime": 1713633951.2251987, "dev": 51713, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 73400641, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0644", "mtime": 1713633951.024209, "nlink": 1, "path": "/etc/containers/containers.conf.d/50-systemroles.conf", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 116, "uid": 0, "version": "2737851893", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } ok: [sut] => (item=/etc/containers/registries.conf.d/50-systemroles.conf) => { "ansible_loop_var": "item", "changed": false, "failed_when_result": false, "item": "/etc/containers/registries.conf.d/50-systemroles.conf", "stat": { "atime": 1713633954.6320245, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "dfb9cd7094a81b3d1bb06512cc9b49a09c75639b", "ctime": 1713633952.021158, "dev": 51713, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 81789249, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0644", "mtime": 1713633951.822168, "nlink": 1, "path": "/etc/containers/registries.conf.d/50-systemroles.conf", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 225, "uid": 0, "version": "1803577741", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } ok: [sut] => (item=/etc/containers/storage.conf) => { "ansible_loop_var": "item", "changed": false, "failed_when_result": false, "item": "/etc/containers/storage.conf", "stat": { "atime": 1713633954.8230147, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "d08574b6a1df63dbe1c939ff0bcc7c0b61d03044", "ctime": 1713633952.8581152, "dev": 51713, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 90177857, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0644", "mtime": 1713633952.6601253, "nlink": 1, "path": "/etc/containers/storage.conf", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 109, "uid": 0, "version": "2130975532", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } ok: [sut] => (item=/etc/containers/policy.json) => { "ansible_loop_var": "item", "changed": false, "failed_when_result": false, "item": "/etc/containers/policy.json", "stat": { "atime": 1713633955.0150049, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "6746c079ad563b735fc39f73d4876654b80b0a0d", "ctime": 1713633954.0730531, "dev": 51713, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 102760769, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0644", "mtime": 1713633953.8750632, "nlink": 1, "path": "/etc/containers/policy.json", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 67, "uid": 0, "version": "1848679944", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Check for ansible_managed, fingerprint in generated files] *************** task path: /WORKDIR/git-weekly-cis0ow1621/tests/tests_config_files.yml:132 Saturday 20 April 2024 17:26:01 +0000 (0:00:00.790) 0:01:37.066 ******** included: /WORKDIR/git-weekly-cis0ow1621/tests/tasks/check_header.yml for sut => (item=/home/user1/.config/containers/containers.conf.d/50-systemroles.conf) included: /WORKDIR/git-weekly-cis0ow1621/tests/tasks/check_header.yml for sut => (item=/home/user1/.config/containers/registries.conf.d/50-systemroles.conf) included: /WORKDIR/git-weekly-cis0ow1621/tests/tasks/check_header.yml for sut => (item=/home/user1/.config/containers/storage.conf) included: /WORKDIR/git-weekly-cis0ow1621/tests/tasks/check_header.yml for sut => (item=/etc/containers/containers.conf.d/50-systemroles.conf) included: /WORKDIR/git-weekly-cis0ow1621/tests/tasks/check_header.yml for sut => (item=/etc/containers/registries.conf.d/50-systemroles.conf) included: /WORKDIR/git-weekly-cis0ow1621/tests/tasks/check_header.yml for sut => (item=/etc/containers/storage.conf) TASK [Get file] **************************************************************** task path: /WORKDIR/git-weekly-cis0ow1621/tests/tasks/check_header.yml:3 Saturday 20 April 2024 17:26:01 +0000 (0:00:00.055) 0:01:37.121 ******** ok: [sut] => { "changed": false, "content": "IwojIEFuc2libGUgbWFuYWdlZAojCiMgc3lzdGVtX3JvbGU6cG9kbWFuCgpbY29udGFpbmVyc10KYW5ub3RhdGlvbnMgPSBbICJlbnZpcm9ubWVudD1wcm9kdWN0aW9uIiwgInN0YXR1cz10aWVyMiIsXQo=", "encoding": "base64", "source": "/home/user1/.config/containers/containers.conf.d/50-systemroles.conf" } TASK [Check for presence of ansible managed header, fingerprint] *************** task path: /WORKDIR/git-weekly-cis0ow1621/tests/tasks/check_header.yml:9 Saturday 20 April 2024 17:26:01 +0000 (0:00:00.206) 0:01:37.328 ******** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Get file] **************************************************************** task path: /WORKDIR/git-weekly-cis0ow1621/tests/tasks/check_header.yml:3 Saturday 20 April 2024 17:26:01 +0000 (0:00:00.059) 0:01:37.387 ******** ok: [sut] => { "changed": false, "content": "IwojIEFuc2libGUgbWFuYWdlZAojCiMgc3lzdGVtX3JvbGU6cG9kbWFuCgp1bnF1YWxpZmllZC1zZWFyY2gtcmVnaXN0cmllcz1bJ3JlZ2lzdHJ5LTEuZXhhbXBsZS5jb20nLCAncmVnaXN0cnktMi5leGFtcGxlLmNvbSddCmNyZWRlbnRpYWwtaGVscGVycz1bJ2NyZWQtaGVscGVyLTEnLCAnY3JlZC1oZWxwZXItMiddClthbGlhc2VzXQpteXJlZ2lzdHJ5PSJyZWdpc3RyeS5leGFtcGxlLmNvbSIK", "encoding": "base64", "source": "/home/user1/.config/containers/registries.conf.d/50-systemroles.conf" } TASK [Check for presence of ansible managed header, fingerprint] *************** task path: /WORKDIR/git-weekly-cis0ow1621/tests/tasks/check_header.yml:9 Saturday 20 April 2024 17:26:02 +0000 (0:00:00.202) 0:01:37.590 ******** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Get file] **************************************************************** task path: /WORKDIR/git-weekly-cis0ow1621/tests/tasks/check_header.yml:3 Saturday 20 April 2024 17:26:02 +0000 (0:00:00.055) 0:01:37.646 ******** ok: [sut] => { "changed": false, "content": "IwojIEFuc2libGUgbWFuYWdlZAojCiMgc3lzdGVtX3JvbGU6cG9kbWFuCgpbc3RvcmFnZV0KcnVucm9vdD0iL3RtcCIKZ3JhcGhyb290PSIvdmFyL2xpYi9jb250YWluZXJzL3N0b3JhZ2UiCg==", "encoding": "base64", "source": "/home/user1/.config/containers/storage.conf" } TASK [Check for presence of ansible managed header, fingerprint] *************** task path: /WORKDIR/git-weekly-cis0ow1621/tests/tasks/check_header.yml:9 Saturday 20 April 2024 17:26:02 +0000 (0:00:00.199) 0:01:37.845 ******** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Get file] **************************************************************** task path: /WORKDIR/git-weekly-cis0ow1621/tests/tasks/check_header.yml:3 Saturday 20 April 2024 17:26:02 +0000 (0:00:00.054) 0:01:37.900 ******** ok: [sut] => { "changed": false, "content": "IwojIEFuc2libGUgbWFuYWdlZAojCiMgc3lzdGVtX3JvbGU6cG9kbWFuCgpbY29udGFpbmVyc10KYW5ub3RhdGlvbnMgPSBbICJlbnZpcm9ubWVudD1wcm9kdWN0aW9uIiwgInN0YXR1cz10aWVyMiIsXQo=", "encoding": "base64", "source": "/etc/containers/containers.conf.d/50-systemroles.conf" } TASK [Check for presence of ansible managed header, fingerprint] *************** task path: /WORKDIR/git-weekly-cis0ow1621/tests/tasks/check_header.yml:9 Saturday 20 April 2024 17:26:02 +0000 (0:00:00.199) 0:01:38.099 ******** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Get file] **************************************************************** task path: /WORKDIR/git-weekly-cis0ow1621/tests/tasks/check_header.yml:3 Saturday 20 April 2024 17:26:02 +0000 (0:00:00.055) 0:01:38.154 ******** ok: [sut] => { "changed": false, "content": "IwojIEFuc2libGUgbWFuYWdlZAojCiMgc3lzdGVtX3JvbGU6cG9kbWFuCgp1bnF1YWxpZmllZC1zZWFyY2gtcmVnaXN0cmllcz1bJ3JlZ2lzdHJ5LTEuZXhhbXBsZS5jb20nLCAncmVnaXN0cnktMi5leGFtcGxlLmNvbSddCmNyZWRlbnRpYWwtaGVscGVycz1bJ2NyZWQtaGVscGVyLTEnLCAnY3JlZC1oZWxwZXItMiddClthbGlhc2VzXQpteXJlZ2lzdHJ5PSJyZWdpc3RyeS5leGFtcGxlLmNvbSIK", "encoding": "base64", "source": "/etc/containers/registries.conf.d/50-systemroles.conf" } TASK [Check for presence of ansible managed header, fingerprint] *************** task path: /WORKDIR/git-weekly-cis0ow1621/tests/tasks/check_header.yml:9 Saturday 20 April 2024 17:26:02 +0000 (0:00:00.197) 0:01:38.351 ******** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Get file] **************************************************************** task path: /WORKDIR/git-weekly-cis0ow1621/tests/tasks/check_header.yml:3 Saturday 20 April 2024 17:26:02 +0000 (0:00:00.055) 0:01:38.407 ******** ok: [sut] => { "changed": false, "content": "IwojIEFuc2libGUgbWFuYWdlZAojCiMgc3lzdGVtX3JvbGU6cG9kbWFuCgpbc3RvcmFnZV0KcnVucm9vdD0iL3RtcCIKZ3JhcGhyb290PSIvdmFyL2xpYi9jb250YWluZXJzL3N0b3JhZ2UiCg==", "encoding": "base64", "source": "/etc/containers/storage.conf" } TASK [Check for presence of ansible managed header, fingerprint] *************** task path: /WORKDIR/git-weekly-cis0ow1621/tests/tasks/check_header.yml:9 Saturday 20 April 2024 17:26:03 +0000 (0:00:00.200) 0:01:38.607 ******** ok: [sut] => { "changed": false } MSG: All assertions passed TASK [Remove test config files] ************************************************ task path: /WORKDIR/git-weekly-cis0ow1621/tests/tests_config_files.yml:153 Saturday 20 April 2024 17:26:03 +0000 (0:00:00.090) 0:01:38.698 ******** changed: [sut] => (item=/etc/containers/containers.conf.d/50-systemroles.conf) => { "ansible_loop_var": "item", "changed": true, "item": "/etc/containers/containers.conf.d/50-systemroles.conf", "path": "/etc/containers/containers.conf.d/50-systemroles.conf", "state": "absent" } changed: [sut] => (item=/etc/containers/registries.conf.d/50-systemroles.conf) => { "ansible_loop_var": "item", "changed": true, "item": "/etc/containers/registries.conf.d/50-systemroles.conf", "path": "/etc/containers/registries.conf.d/50-systemroles.conf", "state": "absent" } changed: [sut] => (item=/etc/containers/storage.conf) => { "ansible_loop_var": "item", "changed": true, "item": "/etc/containers/storage.conf", "path": "/etc/containers/storage.conf", "state": "absent" } changed: [sut] => (item=/etc/containers/policy.json) => { "ansible_loop_var": "item", "changed": true, "item": "/etc/containers/policy.json", "path": "/etc/containers/policy.json", "state": "absent" } changed: [sut] => (item=/home/user1/.config/containers/containers.conf.d/50-systemroles.conf) => { "ansible_loop_var": "item", "changed": true, "item": "/home/user1/.config/containers/containers.conf.d/50-systemroles.conf", "path": "/home/user1/.config/containers/containers.conf.d/50-systemroles.conf", "state": "absent" } changed: [sut] => (item=/home/user1/.config/containers/registries.conf.d/50-systemroles.conf) => { "ansible_loop_var": "item", "changed": true, "item": "/home/user1/.config/containers/registries.conf.d/50-systemroles.conf", "path": "/home/user1/.config/containers/registries.conf.d/50-systemroles.conf", "state": "absent" } changed: [sut] => (item=/home/user1/.config/containers/storage.conf) => { "ansible_loop_var": "item", "changed": true, "item": "/home/user1/.config/containers/storage.conf", "path": "/home/user1/.config/containers/storage.conf", "state": "absent" } changed: [sut] => (item=/home/user1/.config/containers/policy.json) => { "ansible_loop_var": "item", "changed": true, "item": "/home/user1/.config/containers/policy.json", "path": "/home/user1/.config/containers/policy.json", "state": "absent" } TASK [Restore system config files] ********************************************* task path: /WORKDIR/git-weekly-cis0ow1621/tests/tests_config_files.yml:159 Saturday 20 April 2024 17:26:04 +0000 (0:00:01.504) 0:01:40.202 ******** ok: [sut] => { "changed": false, "cmd": [ "tar", "xfvpP", "/tmp/lsr_podman_config_1757_07a/backup.tar" ], "delta": "0:00:00.004151", "end": "2024-04-20 17:26:04.955269", "rc": 0, "start": "2024-04-20 17:26:04.951118" } STDOUT: /etc/containers/storage.conf /etc/containers/policy.json TASK [Remove temp directory] *************************************************** task path: /WORKDIR/git-weekly-cis0ow1621/tests/tests_config_files.yml:164 Saturday 20 April 2024 17:26:05 +0000 (0:00:00.240) 0:01:40.442 ******** changed: [sut] => { "changed": true, "path": "/tmp/lsr_podman_config_1757_07a", "state": "absent" } PLAY RECAP ********************************************************************* sut : ok=159 changed=16 unreachable=0 failed=0 skipped=116 rescued=0 ignored=0 Saturday 20 April 2024 17:26:05 +0000 (0:00:00.233) 0:01:40.676 ******** =============================================================================== fedora.linux_system_roles.podman : Ensure required packages are installed -- 62.71s /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:14 Remove test config files ------------------------------------------------ 1.50s /WORKDIR/git-weekly-cis0ow1621/tests/tests_config_files.yml:153 --------------- fedora.linux_system_roles.podman : Gather the package facts ------------- 1.48s /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:6 fedora.linux_system_roles.podman : Gather the package facts ------------- 1.39s /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:6 fedora.linux_system_roles.podman : Gather the package facts ------------- 1.37s /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:6 fedora.linux_system_roles.podman : Gather the package facts ------------- 1.33s /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:6 fedora.linux_system_roles.podman : Gather the package facts ------------- 1.33s /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/main.yml:6 Gathering Facts --------------------------------------------------------- 0.86s /WORKDIR/git-weekly-cis0ow1621/tests/tests_config_files.yml:9 ----------------- Check that files exist and are non-null --------------------------------- 0.79s /WORKDIR/git-weekly-cis0ow1621/tests/tests_config_files.yml:83 ---------------- Check that files still exist and are non-null --------------------------- 0.79s /WORKDIR/git-weekly-cis0ow1621/tests/tests_config_files.yml:125 --------------- Check that files exist and are non-null --------------------------------- 0.79s /WORKDIR/git-weekly-cis0ow1621/tests/tests_config_files.yml:111 --------------- Check that files still exist and are non-null --------------------------- 0.78s /WORKDIR/git-weekly-cis0ow1621/tests/tests_config_files.yml:97 ---------------- fedora.linux_system_roles.podman : Update container config file --------- 0.63s /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_container_conf_d.yml:13 fedora.linux_system_roles.podman : Update storage config file ----------- 0.56s /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_storage_conf.yml:13 fedora.linux_system_roles.podman : Update container config file --------- 0.55s /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_container_conf_d.yml:13 fedora.linux_system_roles.podman : Write new policy.json file ----------- 0.55s /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_policy_json.yml:25 fedora.linux_system_roles.podman : Update storage config file ----------- 0.55s /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_storage_conf.yml:13 fedora.linux_system_roles.podman : Update registries config file -------- 0.55s /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_registries_conf_d.yml:13 fedora.linux_system_roles.podman : Update registries config file -------- 0.54s /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_registries_conf_d.yml:13 fedora.linux_system_roles.podman : Write new policy.json file ----------- 0.54s /WORKDIR/git-weekly-cis0ow1621/.collection/ansible_collections/fedora/linux_system_roles/roles/podman/tasks/handle_policy_json.yml:25 ---^---^---^---^---^--- # STDERR: ---v---v---v---v---v--- [DEPRECATION WARNING]: ANSIBLE_COLLECTIONS_PATHS option, does not fit var naming standard, use the singular form ANSIBLE_COLLECTIONS_PATH instead. This feature will be removed from ansible-core in version 2.19. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg. ---^---^---^---^---^---