[DEPRECATION WARNING]: ANSIBLE_COLLECTIONS_PATHS option, does not fit var 
naming standard, use the singular form ANSIBLE_COLLECTIONS_PATH instead. This 
feature will be removed from ansible-core in version 2.19. Deprecation warnings
 can be disabled by setting deprecation_warnings=False in ansible.cfg.
ansible-playbook [core 2.17.3]
  config file = None
  configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/lib/python3.12/site-packages/ansible
  ansible collection location = /tmp/collections-io6
  executable location = /usr/local/bin/ansible-playbook
  python version = 3.12.4 (main, Jul 17 2024, 00:00:00) [GCC 11.4.1 20231218 (Red Hat 11.4.1-3)] (/usr/bin/python3.12)
  jinja version = 3.1.4
  libyaml = True
No config file found; using defaults
running playbook inside collection fedora.linux_system_roles
redirecting (type: callback) ansible.builtin.debug to ansible.posix.debug
redirecting (type: callback) ansible.builtin.debug to ansible.posix.debug
redirecting (type: callback) ansible.builtin.profile_tasks to ansible.posix.profile_tasks
Skipping callback 'default', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.

PLAYBOOK: tests_trusted_execution.yml ******************************************
1 plays in /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/tests/fapolicyd/tests_trusted_execution.yml

PLAY [Basic test for fapolicyd] ************************************************

TASK [Gathering Facts] *********************************************************
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/tests/fapolicyd/tests_trusted_execution.yml:2
Saturday 17 August 2024  08:24:28 -0400 (0:00:00.007)       0:00:00.007 ******* 
[WARNING]: Platform linux on host managed_node3 is using the discovered Python
interpreter at /usr/bin/python3.9, but future installation of another Python
interpreter could change the meaning of that path. See
https://docs.ansible.com/ansible-
core/2.17/reference_appendices/interpreter_discovery.html for more information.
ok: [managed_node3]

TASK [Create temp test directory] **********************************************
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/tests/fapolicyd/tests_trusted_execution.yml:23
Saturday 17 August 2024  08:24:31 -0400 (0:00:02.789)       0:00:02.796 ******* 
changed: [managed_node3] => {
    "changed": true,
    "gid": 0,
    "group": "root",
    "mode": "0700",
    "owner": "root",
    "path": "/var/tmp/fapolicyd_zet4pn88",
    "secontext": "unconfined_u:object_r:user_tmp_t:s0",
    "size": 6,
    "state": "directory",
    "uid": 0
}

TASK [Create directories for tests] ********************************************
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/tests/fapolicyd/tests_trusted_execution.yml:30
Saturday 17 August 2024  08:24:32 -0400 (0:00:00.423)       0:00:03.220 ******* 
changed: [managed_node3] => (item=/var/tmp/fapolicyd_zet4pn88) => {
    "ansible_loop_var": "item",
    "changed": true,
    "gid": 0,
    "group": "root",
    "item": "/var/tmp/fapolicyd_zet4pn88",
    "mode": "0755",
    "owner": "root",
    "path": "/var/tmp/fapolicyd_zet4pn88",
    "secontext": "unconfined_u:object_r:user_tmp_t:s0",
    "size": 6,
    "state": "directory",
    "uid": 0
}
changed: [managed_node3] => (item=/var/tmp/fapolicyd_zet4pn88/executables) => {
    "ansible_loop_var": "item",
    "changed": true,
    "gid": 0,
    "group": "root",
    "item": "/var/tmp/fapolicyd_zet4pn88/executables",
    "mode": "0755",
    "owner": "root",
    "path": "/var/tmp/fapolicyd_zet4pn88/executables",
    "secontext": "unconfined_u:object_r:user_tmp_t:s0",
    "size": 6,
    "state": "directory",
    "uid": 0
}

TASK [Create shell executables] ************************************************
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/tests/fapolicyd/tests_trusted_execution.yml:39
Saturday 17 August 2024  08:24:32 -0400 (0:00:00.765)       0:00:03.985 ******* 
changed: [managed_node3] => (item=/var/tmp/fapolicyd_zet4pn88/executables/exe1) => {
    "ansible_loop_var": "item",
    "changed": true,
    "checksum": "72de53da929054c130ff8ef86dc8efb6c7254026",
    "dest": "/var/tmp/fapolicyd_zet4pn88/executables/exe1",
    "gid": 0,
    "group": "root",
    "item": "/var/tmp/fapolicyd_zet4pn88/executables/exe1",
    "md5sum": "4d62f4ad5d3570bbd774c7e993c5e70a",
    "mode": "0755",
    "owner": "root",
    "secontext": "unconfined_u:object_r:admin_home_t:s0",
    "size": 101,
    "src": "/root/.ansible/tmp/ansible-tmp-1723897472.8067162-6777-266351103816797/.source",
    "state": "file",
    "uid": 0
}
changed: [managed_node3] => (item=/var/tmp/fapolicyd_zet4pn88/executables/exe2) => {
    "ansible_loop_var": "item",
    "changed": true,
    "checksum": "005627d44e939ab41ff8486cacd835157fe6dfe0",
    "dest": "/var/tmp/fapolicyd_zet4pn88/executables/exe2",
    "gid": 0,
    "group": "root",
    "item": "/var/tmp/fapolicyd_zet4pn88/executables/exe2",
    "md5sum": "abceea15faff07d179ae5dc2f36de80c",
    "mode": "0755",
    "owner": "root",
    "secontext": "unconfined_u:object_r:admin_home_t:s0",
    "size": 101,
    "src": "/root/.ansible/tmp/ansible-tmp-1723897473.5419104-6777-135690625090869/.source",
    "state": "file",
    "uid": 0
}

TASK [Create a new user] *******************************************************
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/tests/fapolicyd/tests_trusted_execution.yml:54
Saturday 17 August 2024  08:24:34 -0400 (0:00:01.305)       0:00:05.291 ******* 
changed: [managed_node3] => {
    "changed": true,
    "comment": "",
    "create_home": true,
    "group": 1000,
    "home": "/home/fapolicyd_test1_user",
    "name": "fapolicyd_test1_user",
    "shell": "/bin/bash",
    "state": "present",
    "system": false,
    "uid": 1000
}

TASK [Run the role] ************************************************************
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/tests/fapolicyd/tests_trusted_execution.yml:60
Saturday 17 August 2024  08:24:34 -0400 (0:00:00.909)       0:00:06.200 ******* 
included: fedora.linux_system_roles.fapolicyd for managed_node3

TASK [fedora.linux_system_roles.fapolicyd : Set platform/version specific variables] ***
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:2
Saturday 17 August 2024  08:24:35 -0400 (0:00:00.033)       0:00:06.233 ******* 
included: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/set_vars.yml for managed_node3

TASK [fedora.linux_system_roles.fapolicyd : Ensure ansible_facts used by role] ***
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/set_vars.yml:2
Saturday 17 August 2024  08:24:35 -0400 (0:00:00.022)       0:00:06.255 ******* 
skipping: [managed_node3] => {
    "changed": false,
    "false_condition": "__fapolicyd_required_facts | difference(ansible_facts.keys() | list) | length > 0",
    "skip_reason": "Conditional result was False"
}

TASK [fedora.linux_system_roles.fapolicyd : Check if system is ostree] *********
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/set_vars.yml:10
Saturday 17 August 2024  08:24:35 -0400 (0:00:00.035)       0:00:06.291 ******* 
ok: [managed_node3] => {
    "changed": false,
    "stat": {
        "exists": false
    }
}

TASK [fedora.linux_system_roles.fapolicyd : Set flag to indicate system is ostree] ***
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/set_vars.yml:15
Saturday 17 August 2024  08:24:35 -0400 (0:00:00.307)       0:00:06.599 ******* 
ok: [managed_node3] => {
    "ansible_facts": {
        "__fapolicyd_is_ostree": false
    },
    "changed": false
}

TASK [fedora.linux_system_roles.fapolicyd : Set platform/version specific variables] ***
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/set_vars.yml:19
Saturday 17 August 2024  08:24:35 -0400 (0:00:00.022)       0:00:06.621 ******* 
skipping: [managed_node3] => (item=RedHat.yml)  => {
    "ansible_loop_var": "item",
    "changed": false,
    "false_condition": "__vars_file is file",
    "item": "RedHat.yml",
    "skip_reason": "Conditional result was False"
}
skipping: [managed_node3] => (item=CentOS.yml)  => {
    "ansible_loop_var": "item",
    "changed": false,
    "false_condition": "__vars_file is file",
    "item": "CentOS.yml",
    "skip_reason": "Conditional result was False"
}
skipping: [managed_node3] => (item=CentOS_9.yml)  => {
    "ansible_loop_var": "item",
    "changed": false,
    "false_condition": "__vars_file is file",
    "item": "CentOS_9.yml",
    "skip_reason": "Conditional result was False"
}
skipping: [managed_node3] => (item=CentOS_9.yml)  => {
    "ansible_loop_var": "item",
    "changed": false,
    "false_condition": "__vars_file is file",
    "item": "CentOS_9.yml",
    "skip_reason": "Conditional result was False"
}
skipping: [managed_node3] => {
    "changed": false
}

MSG:

All items skipped

TASK [fedora.linux_system_roles.fapolicyd : Set fapolicyd feature facts for OS versions] ***
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/set_vars.yml:40
Saturday 17 August 2024  08:24:35 -0400 (0:00:00.030)       0:00:06.651 ******* 
ok: [managed_node3] => {
    "ansible_facts": {
        "__fapolicyd_configcheck_supported": true,
        "__fapolicyd_integrity_supported": true,
        "__fapolicyd_selinux_supported": true,
        "__fapolicyd_supported": true,
        "__fapolicyd_syslog_format_supported": true,
        "__fapolicyd_trust_supported": true,
        "__fapolicyd_trustfiles_supported": true,
        "__fapolicyd_watch_fs_supported": true
    },
    "changed": false
}

TASK [fedora.linux_system_roles.fapolicyd : System check] **********************
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:5
Saturday 17 August 2024  08:24:35 -0400 (0:00:00.068)       0:00:06.720 ******* 
skipping: [managed_node3] => {
    "changed": false,
    "false_condition": "not __fapolicyd_supported",
    "skip_reason": "Conditional result was False"
}

TASK [fedora.linux_system_roles.fapolicyd : Check trust compatibility] *********
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:13
Saturday 17 August 2024  08:24:35 -0400 (0:00:00.012)       0:00:06.733 ******* 
skipping: [managed_node3] => {
    "changed": false,
    "false_condition": "not __fapolicyd_trust_supported",
    "skip_reason": "Conditional result was False"
}

TASK [fedora.linux_system_roles.fapolicyd : Check integrity compatibility] *****
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:24
Saturday 17 August 2024  08:24:35 -0400 (0:00:00.032)       0:00:06.765 ******* 
skipping: [managed_node3] => {
    "changed": false,
    "false_condition": "not __fapolicyd_integrity_supported",
    "skip_reason": "Conditional result was False"
}

TASK [fedora.linux_system_roles.fapolicyd : Check trust files compatibility] ***
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:35
Saturday 17 August 2024  08:24:35 -0400 (0:00:00.032)       0:00:06.797 ******* 
skipping: [managed_node3] => {
    "changed": false,
    "false_condition": "not __fapolicyd_trustfiles_supported",
    "skip_reason": "Conditional result was False"
}

TASK [fedora.linux_system_roles.fapolicyd : Check failed conditions] ***********
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:46
Saturday 17 August 2024  08:24:35 -0400 (0:00:00.034)       0:00:06.831 ******* 
skipping: [managed_node3] => {
    "changed": false,
    "false_condition": "__failed_check_trust is failed or __failed_check_integrity is failed or __failed_check_trusted_file is failed",
    "skip_reason": "Conditional result was False"
}

TASK [fedora.linux_system_roles.fapolicyd : Install fapolicyd packages] ********
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:51
Saturday 17 August 2024  08:24:35 -0400 (0:00:00.016)       0:00:06.848 ******* 
changed: [managed_node3] => {
    "changed": true,
    "rc": 0,
    "results": [
        "Installed: policycoreutils-python-utils-3.6-2.1.el9.noarch",
        "Installed: fapolicyd-1.3.3-100.el9.x86_64",
        "Installed: fapolicyd-selinux-1.3.3-100.el9.noarch",
        "Installed: rpm-plugin-fapolicyd-4.16.1.3-32.el9.x86_64"
    ]
}
lsrpackages: fapolicyd fapolicyd-selinux

TASK [fedora.linux_system_roles.fapolicyd : Copy fapolicyd configuration file] ***
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:59
Saturday 17 August 2024  08:25:05 -0400 (0:00:30.031)       0:00:36.880 ******* 
changed: [managed_node3] => {
    "changed": true,
    "checksum": "d79d7424d2f9daf8e9e018c5750ecd06d3beba55",
    "dest": "/etc/fapolicyd/fapolicyd.conf",
    "gid": 993,
    "group": "fapolicyd",
    "md5sum": "769ccbfa27940a69973575df5fa87cdf",
    "mode": "0644",
    "owner": "root",
    "secontext": "system_u:object_r:fapolicyd_config_t:s0",
    "size": 509,
    "src": "/root/.ansible/tmp/ansible-tmp-1723897505.7180727-6986-153971356802663/.source.conf",
    "state": "file",
    "uid": 0
}

TASK [fedora.linux_system_roles.fapolicyd : Run fapolicyd configuration check] ***
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:68
Saturday 17 August 2024  08:25:06 -0400 (0:00:01.189)       0:00:38.069 ******* 
ok: [managed_node3] => {
    "changed": false,
    "cmd": [
        "fapolicyd-cli",
        "--check-config"
    ],
    "delta": "0:00:00.004974",
    "end": "2024-08-17 08:25:07.217465",
    "rc": 0,
    "start": "2024-08-17 08:25:07.212491"
}

STDOUT:

Daemon config is OK

TASK [fedora.linux_system_roles.fapolicyd : Start fapolicyd service] ***********
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:76
Saturday 17 August 2024  08:25:07 -0400 (0:00:00.411)       0:00:38.480 ******* 
changed: [managed_node3] => {
    "changed": true,
    "enabled": true,
    "name": "fapolicyd.service",
    "state": "started",
    "status": {
        "AccessSELinuxContext": "system_u:object_r:fapolicyd_unit_file_t:s0",
        "ActiveEnterTimestampMonotonic": "0",
        "ActiveExitTimestampMonotonic": "0",
        "ActiveState": "inactive",
        "After": "local-fs.target system.slice systemd-tmpfiles-setup.service systemd-journald.socket -.mount",
        "AllowIsolate": "no",
        "AssertResult": "no",
        "AssertTimestampMonotonic": "0",
        "BlockIOAccounting": "no",
        "BlockIOWeight": "[not set]",
        "CPUAccounting": "yes",
        "CPUAffinityFromNUMA": "no",
        "CPUQuotaPerSecUSec": "infinity",
        "CPUQuotaPeriodUSec": "infinity",
        "CPUSchedulingPolicy": "0",
        "CPUSchedulingPriority": "0",
        "CPUSchedulingResetOnFork": "no",
        "CPUShares": "[not set]",
        "CPUUsageNSec": "[not set]",
        "CPUWeight": "[not set]",
        "CacheDirectoryMode": "0755",
        "CanClean": "runtime",
        "CanFreeze": "yes",
        "CanIsolate": "no",
        "CanReload": "no",
        "CanStart": "yes",
        "CanStop": "yes",
        "CapabilityBoundingSet": "cap_chown cap_dac_override cap_dac_read_search cap_fowner cap_fsetid cap_kill cap_setgid cap_setuid cap_setpcap cap_linux_immutable cap_net_bind_service cap_net_broadcast cap_net_admin cap_net_raw cap_ipc_lock cap_ipc_owner cap_sys_module cap_sys_rawio cap_sys_chroot cap_sys_ptrace cap_sys_pacct cap_sys_admin cap_sys_boot cap_sys_nice cap_sys_resource cap_sys_time cap_sys_tty_config cap_mknod cap_lease cap_audit_write cap_audit_control cap_setfcap cap_mac_override cap_mac_admin cap_syslog cap_wake_alarm cap_block_suspend cap_audit_read cap_perfmon cap_bpf cap_checkpoint_restore",
        "CleanResult": "success",
        "CollectMode": "inactive",
        "ConditionResult": "no",
        "ConditionTimestampMonotonic": "0",
        "ConfigurationDirectoryMode": "0755",
        "ControlGroupId": "0",
        "ControlPID": "0",
        "CoredumpFilter": "0x33",
        "DefaultDependencies": "no",
        "DefaultMemoryLow": "0",
        "DefaultMemoryMin": "0",
        "Delegate": "no",
        "Description": "File Access Policy Daemon",
        "DevicePolicy": "auto",
        "Documentation": "\"man:fapolicyd(8)\"",
        "DynamicUser": "no",
        "ExecMainCode": "0",
        "ExecMainExitTimestampMonotonic": "0",
        "ExecMainPID": "0",
        "ExecMainStartTimestampMonotonic": "0",
        "ExecMainStatus": "0",
        "ExecStart": "{ path=/usr/sbin/fapolicyd ; argv[]=/usr/sbin/fapolicyd ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }",
        "ExecStartEx": "{ path=/usr/sbin/fapolicyd ; argv[]=/usr/sbin/fapolicyd ; flags= ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }",
        "ExecStartPre": "{ path=/usr/sbin/fagenrules ; argv[]=/usr/sbin/fagenrules ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }",
        "ExecStartPreEx": "{ path=/usr/sbin/fagenrules ; argv[]=/usr/sbin/fagenrules ; flags= ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }",
        "ExitType": "main",
        "FailureAction": "none",
        "FileDescriptorStoreMax": "0",
        "FinalKillSignal": "9",
        "FragmentPath": "/usr/lib/systemd/system/fapolicyd.service",
        "FreezerState": "running",
        "GID": "[not set]",
        "GuessMainPID": "yes",
        "IOAccounting": "no",
        "IOReadBytes": "18446744073709551615",
        "IOReadOperations": "18446744073709551615",
        "IOSchedulingClass": "2",
        "IOSchedulingPriority": "4",
        "IOWeight": "[not set]",
        "IOWriteBytes": "18446744073709551615",
        "IOWriteOperations": "18446744073709551615",
        "IPAccounting": "no",
        "IPEgressBytes": "[no data]",
        "IPEgressPackets": "[no data]",
        "IPIngressBytes": "[no data]",
        "IPIngressPackets": "[no data]",
        "Id": "fapolicyd.service",
        "IgnoreOnIsolate": "no",
        "IgnoreSIGPIPE": "yes",
        "InactiveEnterTimestampMonotonic": "0",
        "InactiveExitTimestampMonotonic": "0",
        "JobRunningTimeoutUSec": "infinity",
        "JobTimeoutAction": "none",
        "JobTimeoutUSec": "infinity",
        "KeyringMode": "private",
        "KillMode": "control-group",
        "KillSignal": "15",
        "LimitAS": "infinity",
        "LimitASSoft": "infinity",
        "LimitCORE": "infinity",
        "LimitCORESoft": "infinity",
        "LimitCPU": "infinity",
        "LimitCPUSoft": "infinity",
        "LimitDATA": "infinity",
        "LimitDATASoft": "infinity",
        "LimitFSIZE": "infinity",
        "LimitFSIZESoft": "infinity",
        "LimitLOCKS": "infinity",
        "LimitLOCKSSoft": "infinity",
        "LimitMEMLOCK": "8388608",
        "LimitMEMLOCKSoft": "8388608",
        "LimitMSGQUEUE": "819200",
        "LimitMSGQUEUESoft": "819200",
        "LimitNICE": "0",
        "LimitNICESoft": "0",
        "LimitNOFILE": "524288",
        "LimitNOFILESoft": "1024",
        "LimitNPROC": "13964",
        "LimitNPROCSoft": "13964",
        "LimitRSS": "infinity",
        "LimitRSSSoft": "infinity",
        "LimitRTPRIO": "0",
        "LimitRTPRIOSoft": "0",
        "LimitRTTIME": "infinity",
        "LimitRTTIMESoft": "infinity",
        "LimitSIGPENDING": "13964",
        "LimitSIGPENDINGSoft": "13964",
        "LimitSTACK": "infinity",
        "LimitSTACKSoft": "8388608",
        "LoadState": "loaded",
        "LockPersonality": "no",
        "LogLevelMax": "-1",
        "LogRateLimitBurst": "0",
        "LogRateLimitIntervalUSec": "0",
        "LogsDirectoryMode": "0755",
        "MainPID": "0",
        "ManagedOOMMemoryPressure": "auto",
        "ManagedOOMMemoryPressureLimit": "0",
        "ManagedOOMPreference": "none",
        "ManagedOOMSwap": "auto",
        "MemoryAccounting": "yes",
        "MemoryAvailable": "infinity",
        "MemoryCurrent": "[not set]",
        "MemoryDenyWriteExecute": "no",
        "MemoryHigh": "infinity",
        "MemoryLimit": "infinity",
        "MemoryLow": "0",
        "MemoryMax": "infinity",
        "MemoryMin": "0",
        "MemorySwapMax": "infinity",
        "MountAPIVFS": "no",
        "NFileDescriptorStore": "0",
        "NRestarts": "0",
        "NUMAPolicy": "n/a",
        "Names": "fapolicyd.service",
        "NeedDaemonReload": "no",
        "Nice": "0",
        "NoNewPrivileges": "no",
        "NonBlocking": "no",
        "NotifyAccess": "none",
        "OOMPolicy": "stop",
        "OOMScoreAdjust": "-1000",
        "OnFailureJobMode": "replace",
        "OnSuccessJobMode": "fail",
        "PIDFile": "/run/fapolicyd.pid",
        "Perpetual": "no",
        "PrivateDevices": "no",
        "PrivateIPC": "no",
        "PrivateMounts": "no",
        "PrivateNetwork": "no",
        "PrivateTmp": "no",
        "PrivateUsers": "no",
        "ProcSubset": "all",
        "ProtectClock": "no",
        "ProtectControlGroups": "no",
        "ProtectHome": "no",
        "ProtectHostname": "no",
        "ProtectKernelLogs": "no",
        "ProtectKernelModules": "no",
        "ProtectKernelTunables": "no",
        "ProtectProc": "default",
        "ProtectSystem": "no",
        "RefuseManualStart": "no",
        "RefuseManualStop": "no",
        "ReloadResult": "success",
        "ReloadSignal": "1",
        "RemainAfterExit": "no",
        "RemoveIPC": "no",
        "Requires": "system.slice -.mount",
        "RequiresMountsFor": "/run/fapolicyd",
        "Restart": "on-abnormal",
        "RestartKillSignal": "15",
        "RestartUSec": "100ms",
        "RestrictNamespaces": "no",
        "RestrictRealtime": "no",
        "RestrictSUIDSGID": "no",
        "Result": "success",
        "RootDirectoryStartOnly": "no",
        "RuntimeDirectory": "fapolicyd",
        "RuntimeDirectoryMode": "0755",
        "RuntimeDirectoryPreserve": "no",
        "RuntimeMaxUSec": "infinity",
        "RuntimeRandomizedExtraUSec": "0",
        "SameProcessGroup": "no",
        "SecureBits": "0",
        "SendSIGHUP": "no",
        "SendSIGKILL": "yes",
        "Slice": "system.slice",
        "StandardError": "inherit",
        "StandardInput": "null",
        "StandardOutput": "journal",
        "StartLimitAction": "none",
        "StartLimitBurst": "5",
        "StartLimitIntervalUSec": "10s",
        "StartupBlockIOWeight": "[not set]",
        "StartupCPUShares": "[not set]",
        "StartupCPUWeight": "[not set]",
        "StartupIOWeight": "[not set]",
        "StateChangeTimestampMonotonic": "0",
        "StateDirectoryMode": "0755",
        "StatusErrno": "0",
        "StopWhenUnneeded": "no",
        "SubState": "dead",
        "SuccessAction": "none",
        "SyslogFacility": "3",
        "SyslogLevel": "6",
        "SyslogLevelPrefix": "yes",
        "SyslogPriority": "30",
        "SystemCallErrorNumber": "2147483646",
        "TTYReset": "no",
        "TTYVHangup": "no",
        "TTYVTDisallocate": "no",
        "TasksAccounting": "yes",
        "TasksCurrent": "[not set]",
        "TasksMax": "22342",
        "TimeoutAbortUSec": "1min 30s",
        "TimeoutCleanUSec": "infinity",
        "TimeoutStartFailureMode": "terminate",
        "TimeoutStartUSec": "1min 30s",
        "TimeoutStopFailureMode": "terminate",
        "TimeoutStopUSec": "1min 30s",
        "TimerSlackNSec": "50000",
        "Transient": "no",
        "Type": "forking",
        "UID": "[not set]",
        "UMask": "0022",
        "UnitFilePreset": "disabled",
        "UnitFileState": "disabled",
        "UtmpMode": "init",
        "WatchdogSignal": "6",
        "WatchdogTimestampMonotonic": "0",
        "WatchdogUSec": "infinity"
    }
}

TASK [fedora.linux_system_roles.fapolicyd : Restart fapolicyd service] *********
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:85
Saturday 17 August 2024  08:25:08 -0400 (0:00:00.956)       0:00:39.437 ******* 
changed: [managed_node3] => {
    "changed": true,
    "enabled": true,
    "name": "fapolicyd.service",
    "state": "started",
    "status": {
        "AccessSELinuxContext": "system_u:object_r:fapolicyd_unit_file_t:s0",
        "ActiveEnterTimestamp": "Sat 2024-08-17 08:25:08 EDT",
        "ActiveEnterTimestampMonotonic": "224095549",
        "ActiveExitTimestampMonotonic": "0",
        "ActiveState": "active",
        "After": "system.slice systemd-tmpfiles-setup.service -.mount systemd-journald.socket local-fs.target",
        "AllowIsolate": "no",
        "AssertResult": "yes",
        "AssertTimestamp": "Sat 2024-08-17 08:25:08 EDT",
        "AssertTimestampMonotonic": "224047617",
        "BlockIOAccounting": "no",
        "BlockIOWeight": "[not set]",
        "CPUAccounting": "yes",
        "CPUAffinityFromNUMA": "no",
        "CPUQuotaPerSecUSec": "infinity",
        "CPUQuotaPeriodUSec": "infinity",
        "CPUSchedulingPolicy": "0",
        "CPUSchedulingPriority": "0",
        "CPUSchedulingResetOnFork": "no",
        "CPUShares": "[not set]",
        "CPUUsageNSec": "654395000",
        "CPUWeight": "[not set]",
        "CacheDirectoryMode": "0755",
        "CanClean": "runtime",
        "CanFreeze": "yes",
        "CanIsolate": "no",
        "CanReload": "no",
        "CanStart": "yes",
        "CanStop": "yes",
        "CapabilityBoundingSet": "cap_chown cap_dac_override cap_dac_read_search cap_fowner cap_fsetid cap_kill cap_setgid cap_setuid cap_setpcap cap_linux_immutable cap_net_bind_service cap_net_broadcast cap_net_admin cap_net_raw cap_ipc_lock cap_ipc_owner cap_sys_module cap_sys_rawio cap_sys_chroot cap_sys_ptrace cap_sys_pacct cap_sys_admin cap_sys_boot cap_sys_nice cap_sys_resource cap_sys_time cap_sys_tty_config cap_mknod cap_lease cap_audit_write cap_audit_control cap_setfcap cap_mac_override cap_mac_admin cap_syslog cap_wake_alarm cap_block_suspend cap_audit_read cap_perfmon cap_bpf cap_checkpoint_restore",
        "CleanResult": "success",
        "CollectMode": "inactive",
        "ConditionResult": "yes",
        "ConditionTimestamp": "Sat 2024-08-17 08:25:08 EDT",
        "ConditionTimestampMonotonic": "224047615",
        "ConfigurationDirectoryMode": "0755",
        "ControlGroup": "/system.slice/fapolicyd.service",
        "ControlGroupId": "3767",
        "ControlPID": "0",
        "CoredumpFilter": "0x33",
        "DefaultDependencies": "no",
        "DefaultMemoryLow": "0",
        "DefaultMemoryMin": "0",
        "Delegate": "no",
        "Description": "File Access Policy Daemon",
        "DevicePolicy": "auto",
        "Documentation": "\"man:fapolicyd(8)\"",
        "DynamicUser": "no",
        "ExecMainCode": "0",
        "ExecMainExitTimestampMonotonic": "0",
        "ExecMainPID": "8483",
        "ExecMainStartTimestamp": "Sat 2024-08-17 08:25:08 EDT",
        "ExecMainStartTimestampMonotonic": "224095518",
        "ExecMainStatus": "0",
        "ExecStart": "{ path=/usr/sbin/fapolicyd ; argv[]=/usr/sbin/fapolicyd ; ignore_errors=no ; start_time=[Sat 2024-08-17 08:25:08 EDT] ; stop_time=[Sat 2024-08-17 08:25:08 EDT] ; pid=8482 ; code=exited ; status=0 }",
        "ExecStartEx": "{ path=/usr/sbin/fapolicyd ; argv[]=/usr/sbin/fapolicyd ; flags= ; start_time=[Sat 2024-08-17 08:25:08 EDT] ; stop_time=[Sat 2024-08-17 08:25:08 EDT] ; pid=8482 ; code=exited ; status=0 }",
        "ExecStartPre": "{ path=/usr/sbin/fagenrules ; argv[]=/usr/sbin/fagenrules ; ignore_errors=no ; start_time=[Sat 2024-08-17 08:25:08 EDT] ; stop_time=[Sat 2024-08-17 08:25:08 EDT] ; pid=8458 ; code=exited ; status=0 }",
        "ExecStartPreEx": "{ path=/usr/sbin/fagenrules ; argv[]=/usr/sbin/fagenrules ; flags= ; start_time=[Sat 2024-08-17 08:25:08 EDT] ; stop_time=[Sat 2024-08-17 08:25:08 EDT] ; pid=8458 ; code=exited ; status=0 }",
        "ExitType": "main",
        "FailureAction": "none",
        "FileDescriptorStoreMax": "0",
        "FinalKillSignal": "9",
        "FragmentPath": "/usr/lib/systemd/system/fapolicyd.service",
        "FreezerState": "running",
        "GID": "[not set]",
        "GuessMainPID": "yes",
        "IOAccounting": "no",
        "IOReadBytes": "18446744073709551615",
        "IOReadOperations": "18446744073709551615",
        "IOSchedulingClass": "2",
        "IOSchedulingPriority": "4",
        "IOWeight": "[not set]",
        "IOWriteBytes": "18446744073709551615",
        "IOWriteOperations": "18446744073709551615",
        "IPAccounting": "no",
        "IPEgressBytes": "[no data]",
        "IPEgressPackets": "[no data]",
        "IPIngressBytes": "[no data]",
        "IPIngressPackets": "[no data]",
        "Id": "fapolicyd.service",
        "IgnoreOnIsolate": "no",
        "IgnoreSIGPIPE": "yes",
        "InactiveEnterTimestampMonotonic": "0",
        "InactiveExitTimestamp": "Sat 2024-08-17 08:25:08 EDT",
        "InactiveExitTimestampMonotonic": "224052097",
        "InvocationID": "a415ccf9933443f7ba8b9556796a9188",
        "JobRunningTimeoutUSec": "infinity",
        "JobTimeoutAction": "none",
        "JobTimeoutUSec": "infinity",
        "KeyringMode": "private",
        "KillMode": "control-group",
        "KillSignal": "15",
        "LimitAS": "infinity",
        "LimitASSoft": "infinity",
        "LimitCORE": "infinity",
        "LimitCORESoft": "infinity",
        "LimitCPU": "infinity",
        "LimitCPUSoft": "infinity",
        "LimitDATA": "infinity",
        "LimitDATASoft": "infinity",
        "LimitFSIZE": "infinity",
        "LimitFSIZESoft": "infinity",
        "LimitLOCKS": "infinity",
        "LimitLOCKSSoft": "infinity",
        "LimitMEMLOCK": "8388608",
        "LimitMEMLOCKSoft": "8388608",
        "LimitMSGQUEUE": "819200",
        "LimitMSGQUEUESoft": "819200",
        "LimitNICE": "0",
        "LimitNICESoft": "0",
        "LimitNOFILE": "524288",
        "LimitNOFILESoft": "1024",
        "LimitNPROC": "13964",
        "LimitNPROCSoft": "13964",
        "LimitRSS": "infinity",
        "LimitRSSSoft": "infinity",
        "LimitRTPRIO": "0",
        "LimitRTPRIOSoft": "0",
        "LimitRTTIME": "infinity",
        "LimitRTTIMESoft": "infinity",
        "LimitSIGPENDING": "13964",
        "LimitSIGPENDINGSoft": "13964",
        "LimitSTACK": "infinity",
        "LimitSTACKSoft": "8388608",
        "LoadState": "loaded",
        "LockPersonality": "no",
        "LogLevelMax": "-1",
        "LogRateLimitBurst": "0",
        "LogRateLimitIntervalUSec": "0",
        "LogsDirectoryMode": "0755",
        "MainPID": "8483",
        "ManagedOOMMemoryPressure": "auto",
        "ManagedOOMMemoryPressureLimit": "0",
        "ManagedOOMPreference": "none",
        "ManagedOOMSwap": "auto",
        "MemoryAccounting": "yes",
        "MemoryAvailable": "infinity",
        "MemoryCurrent": "24072192",
        "MemoryDenyWriteExecute": "no",
        "MemoryHigh": "infinity",
        "MemoryLimit": "infinity",
        "MemoryLow": "0",
        "MemoryMax": "infinity",
        "MemoryMin": "0",
        "MemorySwapMax": "infinity",
        "MountAPIVFS": "no",
        "NFileDescriptorStore": "0",
        "NRestarts": "0",
        "NUMAPolicy": "n/a",
        "Names": "fapolicyd.service",
        "NeedDaemonReload": "no",
        "Nice": "0",
        "NoNewPrivileges": "no",
        "NonBlocking": "no",
        "NotifyAccess": "none",
        "OOMPolicy": "stop",
        "OOMScoreAdjust": "-1000",
        "OnFailureJobMode": "replace",
        "OnSuccessJobMode": "fail",
        "PIDFile": "/run/fapolicyd.pid",
        "Perpetual": "no",
        "PrivateDevices": "no",
        "PrivateIPC": "no",
        "PrivateMounts": "no",
        "PrivateNetwork": "no",
        "PrivateTmp": "no",
        "PrivateUsers": "no",
        "ProcSubset": "all",
        "ProtectClock": "no",
        "ProtectControlGroups": "no",
        "ProtectHome": "no",
        "ProtectHostname": "no",
        "ProtectKernelLogs": "no",
        "ProtectKernelModules": "no",
        "ProtectKernelTunables": "no",
        "ProtectProc": "default",
        "ProtectSystem": "no",
        "RefuseManualStart": "no",
        "RefuseManualStop": "no",
        "ReloadResult": "success",
        "ReloadSignal": "1",
        "RemainAfterExit": "no",
        "RemoveIPC": "no",
        "Requires": "-.mount system.slice",
        "RequiresMountsFor": "/run/fapolicyd",
        "Restart": "on-abnormal",
        "RestartKillSignal": "15",
        "RestartUSec": "100ms",
        "RestrictNamespaces": "no",
        "RestrictRealtime": "no",
        "RestrictSUIDSGID": "no",
        "Result": "success",
        "RootDirectoryStartOnly": "no",
        "RuntimeDirectory": "fapolicyd",
        "RuntimeDirectoryMode": "0755",
        "RuntimeDirectoryPreserve": "no",
        "RuntimeMaxUSec": "infinity",
        "RuntimeRandomizedExtraUSec": "0",
        "SameProcessGroup": "no",
        "SecureBits": "0",
        "SendSIGHUP": "no",
        "SendSIGKILL": "yes",
        "Slice": "system.slice",
        "StandardError": "inherit",
        "StandardInput": "null",
        "StandardOutput": "journal",
        "StartLimitAction": "none",
        "StartLimitBurst": "5",
        "StartLimitIntervalUSec": "10s",
        "StartupBlockIOWeight": "[not set]",
        "StartupCPUShares": "[not set]",
        "StartupCPUWeight": "[not set]",
        "StartupIOWeight": "[not set]",
        "StateChangeTimestamp": "Sat 2024-08-17 08:25:08 EDT",
        "StateChangeTimestampMonotonic": "224095549",
        "StateDirectoryMode": "0755",
        "StatusErrno": "0",
        "StopWhenUnneeded": "no",
        "SubState": "running",
        "SuccessAction": "none",
        "SyslogFacility": "3",
        "SyslogLevel": "6",
        "SyslogLevelPrefix": "yes",
        "SyslogPriority": "30",
        "SystemCallErrorNumber": "2147483646",
        "TTYReset": "no",
        "TTYVHangup": "no",
        "TTYVTDisallocate": "no",
        "TasksAccounting": "yes",
        "TasksCurrent": "1",
        "TasksMax": "22342",
        "TimeoutAbortUSec": "1min 30s",
        "TimeoutCleanUSec": "infinity",
        "TimeoutStartFailureMode": "terminate",
        "TimeoutStartUSec": "1min 30s",
        "TimeoutStopFailureMode": "terminate",
        "TimeoutStopUSec": "1min 30s",
        "TimerSlackNSec": "50000",
        "Transient": "no",
        "Type": "forking",
        "UID": "[not set]",
        "UMask": "0022",
        "UnitFilePreset": "disabled",
        "UnitFileState": "enabled",
        "UtmpMode": "init",
        "WantedBy": "multi-user.target",
        "WatchdogSignal": "6",
        "WatchdogTimestampMonotonic": "0",
        "WatchdogUSec": "0"
    }
}

TASK [fedora.linux_system_roles.fapolicyd : Check fapolicyd logs] **************
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:96
Saturday 17 August 2024  08:25:08 -0400 (0:00:00.738)       0:00:40.175 ******* 
skipping: [managed_node3] => {
    "changed": false,
    "false_condition": "__fapolicyd_start is failed or __fapolicyd_restart is failed",
    "skip_reason": "Conditional result was False"
}

TASK [fedora.linux_system_roles.fapolicyd : Trustdb cleanup] *******************
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:103
Saturday 17 August 2024  08:25:08 -0400 (0:00:00.017)       0:00:40.192 ******* 
changed: [managed_node3] => {
    "changed": true,
    "cmd": [
        "fapolicyd-cli",
        "--file",
        "delete",
        "/"
    ],
    "delta": "0:00:00.006958",
    "end": "2024-08-17 08:25:09.328396",
    "failed_when_result": false,
    "rc": 1,
    "start": "2024-08-17 08:25:09.321438"
}

STDERR:

08/17/24 08:25:09 [ ERROR ]: / is not in the trust database


MSG:

non-zero return code

TASK [fedora.linux_system_roles.fapolicyd : Add file to trustdb] ***************
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:108
Saturday 17 August 2024  08:25:09 -0400 (0:00:00.409)       0:00:40.601 ******* 
changed: [managed_node3] => (item=/etc/passwd) => {
    "ansible_loop_var": "item",
    "changed": true,
    "cmd": [
        "fapolicyd-cli",
        "--file",
        "add",
        "/etc/passwd"
    ],
    "delta": "0:00:00.007991",
    "end": "2024-08-17 08:25:09.730420",
    "item": "/etc/passwd",
    "rc": 0,
    "start": "2024-08-17 08:25:09.722429"
}
changed: [managed_node3] => (item=/etc/fapolicyd/fapolicyd.conf) => {
    "ansible_loop_var": "item",
    "changed": true,
    "cmd": [
        "fapolicyd-cli",
        "--file",
        "add",
        "/etc/fapolicyd/fapolicyd.conf"
    ],
    "delta": "0:00:00.008268",
    "end": "2024-08-17 08:25:10.105556",
    "item": "/etc/fapolicyd/fapolicyd.conf",
    "rc": 0,
    "start": "2024-08-17 08:25:10.097288"
}
changed: [managed_node3] => (item=/etc/krb5.conf) => {
    "ansible_loop_var": "item",
    "changed": true,
    "cmd": [
        "fapolicyd-cli",
        "--file",
        "add",
        "/etc/krb5.conf"
    ],
    "delta": "0:00:00.007937",
    "end": "2024-08-17 08:25:10.476986",
    "item": "/etc/krb5.conf",
    "rc": 0,
    "start": "2024-08-17 08:25:10.469049"
}
changed: [managed_node3] => (item=/var/tmp/fapolicyd_zet4pn88/executables/exe1) => {
    "ansible_loop_var": "item",
    "changed": true,
    "cmd": [
        "fapolicyd-cli",
        "--file",
        "add",
        "/var/tmp/fapolicyd_zet4pn88/executables/exe1"
    ],
    "delta": "0:00:00.007874",
    "end": "2024-08-17 08:25:10.848606",
    "item": "/var/tmp/fapolicyd_zet4pn88/executables/exe1",
    "rc": 0,
    "start": "2024-08-17 08:25:10.840732"
}

TASK [fedora.linux_system_roles.fapolicyd : Update fapolicyd db] ***************
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:124
Saturday 17 August 2024  08:25:10 -0400 (0:00:01.523)       0:00:42.125 ******* 
changed: [managed_node3] => {
    "changed": true,
    "cmd": "set -euo pipefail\n# get current journal cursor\ncursor=\"\"\nwhile [ -z \"$cursor\" ]; do\n  sleep 1\n  cursor=\"$(journalctl -u fapolicyd -n 0 --show-cursor |\n    awk '/^-- cursor:/ {print $3}')\" || :\ndone\nsystemctl restart fapolicyd\nsearch_str='fapolicyd[^:\\ ]*:\\ Starting to listen for events$'\n# wait until we see the search_str - wait up to 30 seconds\nwaittime=30  # seconds\nendtime=\"$(expr \"$(date +%s)\" + \"$waittime\")\"\nset +o pipefail  # the read will always return a failure code at EOF\njournalctl -u fapolicyd --no-tail -f --after-cursor \"$cursor\" | \\\nwhile read -r line; do\n  if [[ \"$line\" =~ $search_str ]]; then\n    echo INFO: trustdb is updated\n    exit 0\n  fi\ndone & pid=$!\nwhile ps -p \"$pid\"; do\n  if [ \"$(date +%s)\" -gt \"$endtime\" ]; then\n    echo ERROR: failed to update the trustdb\n    exit 1\n  fi\n  sleep 1\ndone\necho INFO: trustdb is updated\nexit 0  # success\n",
    "delta": "0:00:02.463299",
    "end": "2024-08-17 08:25:13.711019",
    "rc": 0,
    "start": "2024-08-17 08:25:11.247720"
}

STDOUT:

    PID TTY          TIME CMD
   9307 pts/0    00:00:00 sh
INFO: trustdb is updated
    PID TTY          TIME CMD
INFO: trustdb is updated

TASK [fedora.linux_system_roles.fapolicyd : Making sure fapolicyd does not run if it was set so] ***
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:160
Saturday 17 August 2024  08:25:13 -0400 (0:00:02.862)       0:00:44.988 ******* 
skipping: [managed_node3] => {
    "changed": false,
    "false_condition": "not fapolicyd_setup_enable_service",
    "skip_reason": "Conditional result was False"
}

TASK [Run trusted binary exe1] *************************************************
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/tests/fapolicyd/tests_trusted_execution.yml:72
Saturday 17 August 2024  08:25:13 -0400 (0:00:00.015)       0:00:45.004 ******* 
ok: [managed_node3] => {
    "changed": false,
    "cmd": [
        "su",
        "-",
        "fapolicyd_test1_user",
        "-c",
        "/var/tmp/fapolicyd_zet4pn88/executables/exe1"
    ],
    "delta": "0:00:00.717194",
    "end": "2024-08-17 08:25:14.842132",
    "rc": 0,
    "start": "2024-08-17 08:25:14.124938"
}

TASK [Replace binary exe1 with exe2] *******************************************
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/tests/fapolicyd/tests_trusted_execution.yml:78
Saturday 17 August 2024  08:25:14 -0400 (0:00:01.113)       0:00:46.117 ******* 
changed: [managed_node3] => {
    "changed": true,
    "checksum": "005627d44e939ab41ff8486cacd835157fe6dfe0",
    "dest": "/var/tmp/fapolicyd_zet4pn88/executables/exe1",
    "gid": 0,
    "group": "root",
    "md5sum": "abceea15faff07d179ae5dc2f36de80c",
    "mode": "0755",
    "owner": "root",
    "secontext": "unconfined_u:object_r:admin_home_t:s0",
    "size": 101,
    "src": "/var/tmp/fapolicyd_zet4pn88/executables/exe2",
    "state": "file",
    "uid": 0
}

TASK [Run untrusted binary exe2] ***********************************************
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/tests/fapolicyd/tests_trusted_execution.yml:85
Saturday 17 August 2024  08:25:15 -0400 (0:00:00.393)       0:00:46.511 ******* 
ok: [managed_node3] => {
    "changed": false,
    "cmd": [
        "su",
        "-",
        "fapolicyd_test1_user",
        "-c",
        "/var/tmp/fapolicyd_zet4pn88/executables/exe2"
    ],
    "delta": "0:00:00.047489",
    "end": "2024-08-17 08:25:15.679853",
    "failed_when_result": false,
    "rc": 126,
    "start": "2024-08-17 08:25:15.632364"
}

STDERR:

-bash: line 1: /var/tmp/fapolicyd_zet4pn88/executables/exe2: Operation not permitted


MSG:

non-zero return code

TASK [Check now untrusted exe1 after replacement] ******************************
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/tests/fapolicyd/tests_trusted_execution.yml:93
Saturday 17 August 2024  08:25:15 -0400 (0:00:00.443)       0:00:46.954 ******* 
ok: [managed_node3] => {
    "changed": false,
    "cmd": [
        "su",
        "-",
        "fapolicyd_test1_user",
        "-c",
        "/var/tmp/fapolicyd_zet4pn88/executables/exe1"
    ],
    "delta": "0:00:00.046539",
    "end": "2024-08-17 08:25:16.121202",
    "failed_when_result": false,
    "rc": 126,
    "start": "2024-08-17 08:25:16.074663"
}

STDERR:

-bash: line 1: /var/tmp/fapolicyd_zet4pn88/executables/exe1: Operation not permitted


MSG:

non-zero return code

TASK [Run the role again without test file] ************************************
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/tests/fapolicyd/tests_trusted_execution.yml:101
Saturday 17 August 2024  08:25:16 -0400 (0:00:00.440)       0:00:47.394 ******* 
included: fedora.linux_system_roles.fapolicyd for managed_node3

TASK [fedora.linux_system_roles.fapolicyd : Set platform/version specific variables] ***
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:2
Saturday 17 August 2024  08:25:16 -0400 (0:00:00.043)       0:00:47.438 ******* 
included: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/set_vars.yml for managed_node3

TASK [fedora.linux_system_roles.fapolicyd : Ensure ansible_facts used by role] ***
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/set_vars.yml:2
Saturday 17 August 2024  08:25:16 -0400 (0:00:00.021)       0:00:47.459 ******* 
skipping: [managed_node3] => {
    "changed": false,
    "false_condition": "__fapolicyd_required_facts | difference(ansible_facts.keys() | list) | length > 0",
    "skip_reason": "Conditional result was False"
}

TASK [fedora.linux_system_roles.fapolicyd : Check if system is ostree] *********
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/set_vars.yml:10
Saturday 17 August 2024  08:25:16 -0400 (0:00:00.052)       0:00:47.512 ******* 
skipping: [managed_node3] => {
    "changed": false,
    "false_condition": "not __fapolicyd_is_ostree is defined",
    "skip_reason": "Conditional result was False"
}

TASK [fedora.linux_system_roles.fapolicyd : Set flag to indicate system is ostree] ***
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/set_vars.yml:15
Saturday 17 August 2024  08:25:16 -0400 (0:00:00.027)       0:00:47.539 ******* 
skipping: [managed_node3] => {
    "changed": false,
    "false_condition": "not __fapolicyd_is_ostree is defined",
    "skip_reason": "Conditional result was False"
}

TASK [fedora.linux_system_roles.fapolicyd : Set platform/version specific variables] ***
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/set_vars.yml:19
Saturday 17 August 2024  08:25:16 -0400 (0:00:00.018)       0:00:47.558 ******* 
skipping: [managed_node3] => (item=RedHat.yml)  => {
    "ansible_loop_var": "item",
    "changed": false,
    "false_condition": "__vars_file is file",
    "item": "RedHat.yml",
    "skip_reason": "Conditional result was False"
}
skipping: [managed_node3] => (item=CentOS.yml)  => {
    "ansible_loop_var": "item",
    "changed": false,
    "false_condition": "__vars_file is file",
    "item": "CentOS.yml",
    "skip_reason": "Conditional result was False"
}
skipping: [managed_node3] => (item=CentOS_9.yml)  => {
    "ansible_loop_var": "item",
    "changed": false,
    "false_condition": "__vars_file is file",
    "item": "CentOS_9.yml",
    "skip_reason": "Conditional result was False"
}
skipping: [managed_node3] => (item=CentOS_9.yml)  => {
    "ansible_loop_var": "item",
    "changed": false,
    "false_condition": "__vars_file is file",
    "item": "CentOS_9.yml",
    "skip_reason": "Conditional result was False"
}
skipping: [managed_node3] => {
    "changed": false
}

MSG:

All items skipped

TASK [fedora.linux_system_roles.fapolicyd : Set fapolicyd feature facts for OS versions] ***
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/set_vars.yml:40
Saturday 17 August 2024  08:25:16 -0400 (0:00:00.035)       0:00:47.594 ******* 
ok: [managed_node3] => {
    "ansible_facts": {
        "__fapolicyd_configcheck_supported": true,
        "__fapolicyd_integrity_supported": true,
        "__fapolicyd_selinux_supported": true,
        "__fapolicyd_supported": true,
        "__fapolicyd_syslog_format_supported": true,
        "__fapolicyd_trust_supported": true,
        "__fapolicyd_trustfiles_supported": true,
        "__fapolicyd_watch_fs_supported": true
    },
    "changed": false
}

TASK [fedora.linux_system_roles.fapolicyd : System check] **********************
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:5
Saturday 17 August 2024  08:25:16 -0400 (0:00:00.086)       0:00:47.680 ******* 
skipping: [managed_node3] => {
    "changed": false,
    "false_condition": "not __fapolicyd_supported",
    "skip_reason": "Conditional result was False"
}

TASK [fedora.linux_system_roles.fapolicyd : Check trust compatibility] *********
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:13
Saturday 17 August 2024  08:25:16 -0400 (0:00:00.026)       0:00:47.707 ******* 
skipping: [managed_node3] => {
    "changed": false,
    "false_condition": "not __fapolicyd_trust_supported",
    "skip_reason": "Conditional result was False"
}

TASK [fedora.linux_system_roles.fapolicyd : Check integrity compatibility] *****
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:24
Saturday 17 August 2024  08:25:16 -0400 (0:00:00.049)       0:00:47.757 ******* 
skipping: [managed_node3] => {
    "changed": false,
    "false_condition": "not __fapolicyd_integrity_supported",
    "skip_reason": "Conditional result was False"
}

TASK [fedora.linux_system_roles.fapolicyd : Check trust files compatibility] ***
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:35
Saturday 17 August 2024  08:25:16 -0400 (0:00:00.040)       0:00:47.797 ******* 
skipping: [managed_node3] => {
    "changed": false,
    "false_condition": "fapolicyd_add_trusted_file | length > 0",
    "skip_reason": "Conditional result was False"
}

TASK [fedora.linux_system_roles.fapolicyd : Check failed conditions] ***********
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:46
Saturday 17 August 2024  08:25:16 -0400 (0:00:00.039)       0:00:47.836 ******* 
skipping: [managed_node3] => {
    "changed": false,
    "false_condition": "__failed_check_trust is failed or __failed_check_integrity is failed or __failed_check_trusted_file is failed",
    "skip_reason": "Conditional result was False"
}

TASK [fedora.linux_system_roles.fapolicyd : Install fapolicyd packages] ********
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:51
Saturday 17 August 2024  08:25:16 -0400 (0:00:00.017)       0:00:47.853 ******* 
ok: [managed_node3] => {
    "changed": false,
    "rc": 0,
    "results": []
}

MSG:

Nothing to do
lsrpackages: fapolicyd fapolicyd-selinux

TASK [fedora.linux_system_roles.fapolicyd : Copy fapolicyd configuration file] ***
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:59
Saturday 17 August 2024  08:25:18 -0400 (0:00:01.379)       0:00:49.233 ******* 
ok: [managed_node3] => {
    "changed": false,
    "checksum": "d79d7424d2f9daf8e9e018c5750ecd06d3beba55",
    "dest": "/etc/fapolicyd/fapolicyd.conf",
    "gid": 993,
    "group": "fapolicyd",
    "mode": "0644",
    "owner": "root",
    "path": "/etc/fapolicyd/fapolicyd.conf",
    "secontext": "system_u:object_r:fapolicyd_config_t:s0",
    "size": 509,
    "state": "file",
    "uid": 0
}

TASK [fedora.linux_system_roles.fapolicyd : Run fapolicyd configuration check] ***
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:68
Saturday 17 August 2024  08:25:18 -0400 (0:00:00.681)       0:00:49.914 ******* 
skipping: [managed_node3] => {
    "changed": false,
    "false_condition": "__fapolicy_conf is changed",
    "skip_reason": "Conditional result was False"
}

TASK [fedora.linux_system_roles.fapolicyd : Start fapolicyd service] ***********
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:76
Saturday 17 August 2024  08:25:18 -0400 (0:00:00.035)       0:00:49.949 ******* 
ok: [managed_node3] => {
    "changed": false,
    "enabled": true,
    "name": "fapolicyd.service",
    "state": "started",
    "status": {
        "AccessSELinuxContext": "system_u:object_r:fapolicyd_unit_file_t:s0",
        "ActiveEnterTimestamp": "Sat 2024-08-17 08:25:12 EDT",
        "ActiveEnterTimestampMonotonic": "228621356",
        "ActiveExitTimestamp": "Sat 2024-08-17 08:25:12 EDT",
        "ActiveExitTimestampMonotonic": "228217261",
        "ActiveState": "active",
        "After": "system.slice systemd-tmpfiles-setup.service -.mount systemd-journald.socket local-fs.target",
        "AllowIsolate": "no",
        "AssertResult": "yes",
        "AssertTimestamp": "Sat 2024-08-17 08:25:12 EDT",
        "AssertTimestampMonotonic": "228576125",
        "BlockIOAccounting": "no",
        "BlockIOWeight": "[not set]",
        "CPUAccounting": "yes",
        "CPUAffinityFromNUMA": "no",
        "CPUQuotaPerSecUSec": "infinity",
        "CPUQuotaPeriodUSec": "infinity",
        "CPUSchedulingPolicy": "0",
        "CPUSchedulingPriority": "0",
        "CPUSchedulingResetOnFork": "no",
        "CPUShares": "[not set]",
        "CPUUsageNSec": "1063434000",
        "CPUWeight": "[not set]",
        "CacheDirectoryMode": "0755",
        "CanClean": "runtime",
        "CanFreeze": "yes",
        "CanIsolate": "no",
        "CanReload": "no",
        "CanStart": "yes",
        "CanStop": "yes",
        "CapabilityBoundingSet": "cap_chown cap_dac_override cap_dac_read_search cap_fowner cap_fsetid cap_kill cap_setgid cap_setuid cap_setpcap cap_linux_immutable cap_net_bind_service cap_net_broadcast cap_net_admin cap_net_raw cap_ipc_lock cap_ipc_owner cap_sys_module cap_sys_rawio cap_sys_chroot cap_sys_ptrace cap_sys_pacct cap_sys_admin cap_sys_boot cap_sys_nice cap_sys_resource cap_sys_time cap_sys_tty_config cap_mknod cap_lease cap_audit_write cap_audit_control cap_setfcap cap_mac_override cap_mac_admin cap_syslog cap_wake_alarm cap_block_suspend cap_audit_read cap_perfmon cap_bpf cap_checkpoint_restore",
        "CleanResult": "success",
        "CollectMode": "inactive",
        "ConditionResult": "yes",
        "ConditionTimestamp": "Sat 2024-08-17 08:25:12 EDT",
        "ConditionTimestampMonotonic": "228576121",
        "ConfigurationDirectoryMode": "0755",
        "ControlGroup": "/system.slice/fapolicyd.service",
        "ControlGroupId": "3841",
        "ControlPID": "0",
        "CoredumpFilter": "0x33",
        "DefaultDependencies": "no",
        "DefaultMemoryLow": "0",
        "DefaultMemoryMin": "0",
        "Delegate": "no",
        "Description": "File Access Policy Daemon",
        "DevicePolicy": "auto",
        "Documentation": "\"man:fapolicyd(8)\"",
        "DynamicUser": "no",
        "ExecMainCode": "0",
        "ExecMainExitTimestampMonotonic": "0",
        "ExecMainPID": "9303",
        "ExecMainStartTimestamp": "Sat 2024-08-17 08:25:12 EDT",
        "ExecMainStartTimestampMonotonic": "228621324",
        "ExecMainStatus": "0",
        "ExecStart": "{ path=/usr/sbin/fapolicyd ; argv[]=/usr/sbin/fapolicyd ; ignore_errors=no ; start_time=[Sat 2024-08-17 08:25:12 EDT] ; stop_time=[Sat 2024-08-17 08:25:12 EDT] ; pid=9302 ; code=exited ; status=0 }",
        "ExecStartEx": "{ path=/usr/sbin/fapolicyd ; argv[]=/usr/sbin/fapolicyd ; flags= ; start_time=[Sat 2024-08-17 08:25:12 EDT] ; stop_time=[Sat 2024-08-17 08:25:12 EDT] ; pid=9302 ; code=exited ; status=0 }",
        "ExecStartPre": "{ path=/usr/sbin/fagenrules ; argv[]=/usr/sbin/fagenrules ; ignore_errors=no ; start_time=[Sat 2024-08-17 08:25:12 EDT] ; stop_time=[Sat 2024-08-17 08:25:12 EDT] ; pid=9278 ; code=exited ; status=0 }",
        "ExecStartPreEx": "{ path=/usr/sbin/fagenrules ; argv[]=/usr/sbin/fagenrules ; flags= ; start_time=[Sat 2024-08-17 08:25:12 EDT] ; stop_time=[Sat 2024-08-17 08:25:12 EDT] ; pid=9278 ; code=exited ; status=0 }",
        "ExitType": "main",
        "FailureAction": "none",
        "FileDescriptorStoreMax": "0",
        "FinalKillSignal": "9",
        "FragmentPath": "/usr/lib/systemd/system/fapolicyd.service",
        "FreezerState": "running",
        "GID": "[not set]",
        "GuessMainPID": "yes",
        "IOAccounting": "no",
        "IOReadBytes": "18446744073709551615",
        "IOReadOperations": "18446744073709551615",
        "IOSchedulingClass": "2",
        "IOSchedulingPriority": "4",
        "IOWeight": "[not set]",
        "IOWriteBytes": "18446744073709551615",
        "IOWriteOperations": "18446744073709551615",
        "IPAccounting": "no",
        "IPEgressBytes": "[no data]",
        "IPEgressPackets": "[no data]",
        "IPIngressBytes": "[no data]",
        "IPIngressPackets": "[no data]",
        "Id": "fapolicyd.service",
        "IgnoreOnIsolate": "no",
        "IgnoreSIGPIPE": "yes",
        "InactiveEnterTimestamp": "Sat 2024-08-17 08:25:12 EDT",
        "InactiveEnterTimestampMonotonic": "228575492",
        "InactiveExitTimestamp": "Sat 2024-08-17 08:25:12 EDT",
        "InactiveExitTimestampMonotonic": "228584406",
        "InvocationID": "36289a342ace46ea8f2e9976a4dd9ee0",
        "JobRunningTimeoutUSec": "infinity",
        "JobTimeoutAction": "none",
        "JobTimeoutUSec": "infinity",
        "KeyringMode": "private",
        "KillMode": "control-group",
        "KillSignal": "15",
        "LimitAS": "infinity",
        "LimitASSoft": "infinity",
        "LimitCORE": "infinity",
        "LimitCORESoft": "infinity",
        "LimitCPU": "infinity",
        "LimitCPUSoft": "infinity",
        "LimitDATA": "infinity",
        "LimitDATASoft": "infinity",
        "LimitFSIZE": "infinity",
        "LimitFSIZESoft": "infinity",
        "LimitLOCKS": "infinity",
        "LimitLOCKSSoft": "infinity",
        "LimitMEMLOCK": "8388608",
        "LimitMEMLOCKSoft": "8388608",
        "LimitMSGQUEUE": "819200",
        "LimitMSGQUEUESoft": "819200",
        "LimitNICE": "0",
        "LimitNICESoft": "0",
        "LimitNOFILE": "524288",
        "LimitNOFILESoft": "1024",
        "LimitNPROC": "13964",
        "LimitNPROCSoft": "13964",
        "LimitRSS": "infinity",
        "LimitRSSSoft": "infinity",
        "LimitRTPRIO": "0",
        "LimitRTPRIOSoft": "0",
        "LimitRTTIME": "infinity",
        "LimitRTTIMESoft": "infinity",
        "LimitSIGPENDING": "13964",
        "LimitSIGPENDINGSoft": "13964",
        "LimitSTACK": "infinity",
        "LimitSTACKSoft": "8388608",
        "LoadState": "loaded",
        "LockPersonality": "no",
        "LogLevelMax": "-1",
        "LogRateLimitBurst": "0",
        "LogRateLimitIntervalUSec": "0",
        "LogsDirectoryMode": "0755",
        "MainPID": "9303",
        "ManagedOOMMemoryPressure": "auto",
        "ManagedOOMMemoryPressureLimit": "0",
        "ManagedOOMPreference": "none",
        "ManagedOOMSwap": "auto",
        "MemoryAccounting": "yes",
        "MemoryAvailable": "infinity",
        "MemoryCurrent": "42463232",
        "MemoryDenyWriteExecute": "no",
        "MemoryHigh": "infinity",
        "MemoryLimit": "infinity",
        "MemoryLow": "0",
        "MemoryMax": "infinity",
        "MemoryMin": "0",
        "MemorySwapMax": "infinity",
        "MountAPIVFS": "no",
        "NFileDescriptorStore": "0",
        "NRestarts": "0",
        "NUMAPolicy": "n/a",
        "Names": "fapolicyd.service",
        "NeedDaemonReload": "no",
        "Nice": "0",
        "NoNewPrivileges": "no",
        "NonBlocking": "no",
        "NotifyAccess": "none",
        "OOMPolicy": "stop",
        "OOMScoreAdjust": "-1000",
        "OnFailureJobMode": "replace",
        "OnSuccessJobMode": "fail",
        "PIDFile": "/run/fapolicyd.pid",
        "Perpetual": "no",
        "PrivateDevices": "no",
        "PrivateIPC": "no",
        "PrivateMounts": "no",
        "PrivateNetwork": "no",
        "PrivateTmp": "no",
        "PrivateUsers": "no",
        "ProcSubset": "all",
        "ProtectClock": "no",
        "ProtectControlGroups": "no",
        "ProtectHome": "no",
        "ProtectHostname": "no",
        "ProtectKernelLogs": "no",
        "ProtectKernelModules": "no",
        "ProtectKernelTunables": "no",
        "ProtectProc": "default",
        "ProtectSystem": "no",
        "RefuseManualStart": "no",
        "RefuseManualStop": "no",
        "ReloadResult": "success",
        "ReloadSignal": "1",
        "RemainAfterExit": "no",
        "RemoveIPC": "no",
        "Requires": "-.mount system.slice",
        "RequiresMountsFor": "/run/fapolicyd",
        "Restart": "on-abnormal",
        "RestartKillSignal": "15",
        "RestartUSec": "100ms",
        "RestrictNamespaces": "no",
        "RestrictRealtime": "no",
        "RestrictSUIDSGID": "no",
        "Result": "success",
        "RootDirectoryStartOnly": "no",
        "RuntimeDirectory": "fapolicyd",
        "RuntimeDirectoryMode": "0755",
        "RuntimeDirectoryPreserve": "no",
        "RuntimeMaxUSec": "infinity",
        "RuntimeRandomizedExtraUSec": "0",
        "SameProcessGroup": "no",
        "SecureBits": "0",
        "SendSIGHUP": "no",
        "SendSIGKILL": "yes",
        "Slice": "system.slice",
        "StandardError": "inherit",
        "StandardInput": "null",
        "StandardOutput": "journal",
        "StartLimitAction": "none",
        "StartLimitBurst": "5",
        "StartLimitIntervalUSec": "10s",
        "StartupBlockIOWeight": "[not set]",
        "StartupCPUShares": "[not set]",
        "StartupCPUWeight": "[not set]",
        "StartupIOWeight": "[not set]",
        "StateChangeTimestamp": "Sat 2024-08-17 08:25:12 EDT",
        "StateChangeTimestampMonotonic": "228621356",
        "StateDirectoryMode": "0755",
        "StatusErrno": "0",
        "StopWhenUnneeded": "no",
        "SubState": "running",
        "SuccessAction": "none",
        "SyslogFacility": "3",
        "SyslogLevel": "6",
        "SyslogLevelPrefix": "yes",
        "SyslogPriority": "30",
        "SystemCallErrorNumber": "2147483646",
        "TTYReset": "no",
        "TTYVHangup": "no",
        "TTYVTDisallocate": "no",
        "TasksAccounting": "yes",
        "TasksCurrent": "4",
        "TasksMax": "22342",
        "TimeoutAbortUSec": "1min 30s",
        "TimeoutCleanUSec": "infinity",
        "TimeoutStartFailureMode": "terminate",
        "TimeoutStartUSec": "1min 30s",
        "TimeoutStopFailureMode": "terminate",
        "TimeoutStopUSec": "1min 30s",
        "TimerSlackNSec": "50000",
        "Transient": "no",
        "Type": "forking",
        "UID": "[not set]",
        "UMask": "0022",
        "UnitFilePreset": "disabled",
        "UnitFileState": "enabled",
        "UtmpMode": "init",
        "WantedBy": "multi-user.target",
        "WatchdogSignal": "6",
        "WatchdogTimestampMonotonic": "0",
        "WatchdogUSec": "0"
    }
}

TASK [fedora.linux_system_roles.fapolicyd : Restart fapolicyd service] *********
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:85
Saturday 17 August 2024  08:25:19 -0400 (0:00:00.551)       0:00:50.501 ******* 
skipping: [managed_node3] => {
    "changed": false,
    "false_condition": "__fapolicy_conf is changed",
    "skip_reason": "Conditional result was False"
}

TASK [fedora.linux_system_roles.fapolicyd : Check fapolicyd logs] **************
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:96
Saturday 17 August 2024  08:25:19 -0400 (0:00:00.032)       0:00:50.533 ******* 
skipping: [managed_node3] => {
    "changed": false,
    "false_condition": "__fapolicyd_start is failed or __fapolicyd_restart is failed",
    "skip_reason": "Conditional result was False"
}

TASK [fedora.linux_system_roles.fapolicyd : Trustdb cleanup] *******************
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:103
Saturday 17 August 2024  08:25:19 -0400 (0:00:00.017)       0:00:50.550 ******* 
changed: [managed_node3] => {
    "changed": true,
    "cmd": [
        "fapolicyd-cli",
        "--file",
        "delete",
        "/"
    ],
    "delta": "0:00:00.006805",
    "end": "2024-08-17 08:25:19.660847",
    "failed_when_result": false,
    "rc": 0,
    "start": "2024-08-17 08:25:19.654042"
}

TASK [fedora.linux_system_roles.fapolicyd : Add file to trustdb] ***************
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:108
Saturday 17 August 2024  08:25:19 -0400 (0:00:00.385)       0:00:50.936 ******* 
skipping: [managed_node3] => {
    "changed": false,
    "skipped_reason": "No items in the list"
}

TASK [fedora.linux_system_roles.fapolicyd : Update fapolicyd db] ***************
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:124
Saturday 17 August 2024  08:25:19 -0400 (0:00:00.035)       0:00:50.972 ******* 
changed: [managed_node3] => {
    "changed": true,
    "cmd": "set -euo pipefail\n# get current journal cursor\ncursor=\"\"\nwhile [ -z \"$cursor\" ]; do\n  sleep 1\n  cursor=\"$(journalctl -u fapolicyd -n 0 --show-cursor |\n    awk '/^-- cursor:/ {print $3}')\" || :\ndone\nsystemctl restart fapolicyd\nsearch_str='fapolicyd[^:\\ ]*:\\ Starting to listen for events$'\n# wait until we see the search_str - wait up to 30 seconds\nwaittime=30  # seconds\nendtime=\"$(expr \"$(date +%s)\" + \"$waittime\")\"\nset +o pipefail  # the read will always return a failure code at EOF\njournalctl -u fapolicyd --no-tail -f --after-cursor \"$cursor\" | \\\nwhile read -r line; do\n  if [[ \"$line\" =~ $search_str ]]; then\n    echo INFO: trustdb is updated\n    exit 0\n  fi\ndone & pid=$!\nwhile ps -p \"$pid\"; do\n  if [ \"$(date +%s)\" -gt \"$endtime\" ]; then\n    echo ERROR: failed to update the trustdb\n    exit 1\n  fi\n  sleep 1\ndone\necho INFO: trustdb is updated\nexit 0  # success\n",
    "delta": "0:00:03.211131",
    "end": "2024-08-17 08:25:23.308004",
    "rc": 0,
    "start": "2024-08-17 08:25:20.096873"
}

STDOUT:

    PID TTY          TIME CMD
  10440 pts/0    00:00:00 sh
INFO: trustdb is updated
    PID TTY          TIME CMD
INFO: trustdb is updated

TASK [fedora.linux_system_roles.fapolicyd : Making sure fapolicyd does not run if it was set so] ***
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:160
Saturday 17 August 2024  08:25:23 -0400 (0:00:03.612)       0:00:54.584 ******* 
skipping: [managed_node3] => {
    "changed": false,
    "false_condition": "not fapolicyd_setup_enable_service",
    "skip_reason": "Conditional result was False"
}

TASK [Run untrusted exe1 after removing from trustdb] **************************
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/tests/fapolicyd/tests_trusted_execution.yml:109
Saturday 17 August 2024  08:25:23 -0400 (0:00:00.015)       0:00:54.600 ******* 
ok: [managed_node3] => {
    "changed": false,
    "cmd": [
        "su",
        "-",
        "fapolicyd_test1_user",
        "-c",
        "/var/tmp/fapolicyd_zet4pn88/executables/exe1"
    ],
    "delta": "0:00:00.141096",
    "end": "2024-08-17 08:25:23.867011",
    "failed_when_result": false,
    "rc": 126,
    "start": "2024-08-17 08:25:23.725915"
}

STDERR:

-bash: line 1: /var/tmp/fapolicyd_zet4pn88/executables/exe1: Operation not permitted


MSG:

non-zero return code

TASK [Shutdown fapolicyd] ******************************************************
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/tests/fapolicyd/tests_trusted_execution.yml:117
Saturday 17 August 2024  08:25:23 -0400 (0:00:00.541)       0:00:55.142 ******* 
changed: [managed_node3] => {
    "changed": true,
    "enabled": false,
    "name": "fapolicyd",
    "state": "stopped",
    "status": {
        "AccessSELinuxContext": "system_u:object_r:fapolicyd_unit_file_t:s0",
        "ActiveEnterTimestamp": "Sat 2024-08-17 08:25:22 EDT",
        "ActiveEnterTimestampMonotonic": "238221460",
        "ActiveExitTimestamp": "Sat 2024-08-17 08:25:21 EDT",
        "ActiveExitTimestampMonotonic": "237066625",
        "ActiveState": "active",
        "After": "system.slice systemd-tmpfiles-setup.service -.mount systemd-journald.socket local-fs.target",
        "AllowIsolate": "no",
        "AssertResult": "yes",
        "AssertTimestamp": "Sat 2024-08-17 08:25:22 EDT",
        "AssertTimestampMonotonic": "238166988",
        "BlockIOAccounting": "no",
        "BlockIOWeight": "[not set]",
        "CPUAccounting": "yes",
        "CPUAffinityFromNUMA": "no",
        "CPUQuotaPerSecUSec": "infinity",
        "CPUQuotaPeriodUSec": "infinity",
        "CPUSchedulingPolicy": "0",
        "CPUSchedulingPriority": "0",
        "CPUSchedulingResetOnFork": "no",
        "CPUShares": "[not set]",
        "CPUUsageNSec": "767250000",
        "CPUWeight": "[not set]",
        "CacheDirectoryMode": "0755",
        "CanClean": "runtime",
        "CanFreeze": "yes",
        "CanIsolate": "no",
        "CanReload": "no",
        "CanStart": "yes",
        "CanStop": "yes",
        "CapabilityBoundingSet": "cap_chown cap_dac_override cap_dac_read_search cap_fowner cap_fsetid cap_kill cap_setgid cap_setuid cap_setpcap cap_linux_immutable cap_net_bind_service cap_net_broadcast cap_net_admin cap_net_raw cap_ipc_lock cap_ipc_owner cap_sys_module cap_sys_rawio cap_sys_chroot cap_sys_ptrace cap_sys_pacct cap_sys_admin cap_sys_boot cap_sys_nice cap_sys_resource cap_sys_time cap_sys_tty_config cap_mknod cap_lease cap_audit_write cap_audit_control cap_setfcap cap_mac_override cap_mac_admin cap_syslog cap_wake_alarm cap_block_suspend cap_audit_read cap_perfmon cap_bpf cap_checkpoint_restore",
        "CleanResult": "success",
        "CollectMode": "inactive",
        "ConditionResult": "yes",
        "ConditionTimestamp": "Sat 2024-08-17 08:25:22 EDT",
        "ConditionTimestampMonotonic": "238166984",
        "ConfigurationDirectoryMode": "0755",
        "ControlGroup": "/system.slice/fapolicyd.service",
        "ControlGroupId": "3915",
        "ControlPID": "0",
        "CoredumpFilter": "0x33",
        "DefaultDependencies": "no",
        "DefaultMemoryLow": "0",
        "DefaultMemoryMin": "0",
        "Delegate": "no",
        "Description": "File Access Policy Daemon",
        "DevicePolicy": "auto",
        "Documentation": "\"man:fapolicyd(8)\"",
        "DynamicUser": "no",
        "ExecMainCode": "0",
        "ExecMainExitTimestampMonotonic": "0",
        "ExecMainPID": "10436",
        "ExecMainStartTimestamp": "Sat 2024-08-17 08:25:22 EDT",
        "ExecMainStartTimestampMonotonic": "238221429",
        "ExecMainStatus": "0",
        "ExecStart": "{ path=/usr/sbin/fapolicyd ; argv[]=/usr/sbin/fapolicyd ; ignore_errors=no ; start_time=[Sat 2024-08-17 08:25:22 EDT] ; stop_time=[Sat 2024-08-17 08:25:22 EDT] ; pid=10435 ; code=exited ; status=0 }",
        "ExecStartEx": "{ path=/usr/sbin/fapolicyd ; argv[]=/usr/sbin/fapolicyd ; flags= ; start_time=[Sat 2024-08-17 08:25:22 EDT] ; stop_time=[Sat 2024-08-17 08:25:22 EDT] ; pid=10435 ; code=exited ; status=0 }",
        "ExecStartPre": "{ path=/usr/sbin/fagenrules ; argv[]=/usr/sbin/fagenrules ; ignore_errors=no ; start_time=[Sat 2024-08-17 08:25:22 EDT] ; stop_time=[Sat 2024-08-17 08:25:22 EDT] ; pid=10411 ; code=exited ; status=0 }",
        "ExecStartPreEx": "{ path=/usr/sbin/fagenrules ; argv[]=/usr/sbin/fagenrules ; flags= ; start_time=[Sat 2024-08-17 08:25:22 EDT] ; stop_time=[Sat 2024-08-17 08:25:22 EDT] ; pid=10411 ; code=exited ; status=0 }",
        "ExitType": "main",
        "FailureAction": "none",
        "FileDescriptorStoreMax": "0",
        "FinalKillSignal": "9",
        "FragmentPath": "/usr/lib/systemd/system/fapolicyd.service",
        "FreezerState": "running",
        "GID": "[not set]",
        "GuessMainPID": "yes",
        "IOAccounting": "no",
        "IOReadBytes": "18446744073709551615",
        "IOReadOperations": "18446744073709551615",
        "IOSchedulingClass": "2",
        "IOSchedulingPriority": "4",
        "IOWeight": "[not set]",
        "IOWriteBytes": "18446744073709551615",
        "IOWriteOperations": "18446744073709551615",
        "IPAccounting": "no",
        "IPEgressBytes": "[no data]",
        "IPEgressPackets": "[no data]",
        "IPIngressBytes": "[no data]",
        "IPIngressPackets": "[no data]",
        "Id": "fapolicyd.service",
        "IgnoreOnIsolate": "no",
        "IgnoreSIGPIPE": "yes",
        "InactiveEnterTimestamp": "Sat 2024-08-17 08:25:22 EDT",
        "InactiveEnterTimestampMonotonic": "238166274",
        "InactiveExitTimestamp": "Sat 2024-08-17 08:25:22 EDT",
        "InactiveExitTimestampMonotonic": "238177408",
        "InvocationID": "ccc38fe348414af9ae5f0c00fb16b4be",
        "JobRunningTimeoutUSec": "infinity",
        "JobTimeoutAction": "none",
        "JobTimeoutUSec": "infinity",
        "KeyringMode": "private",
        "KillMode": "control-group",
        "KillSignal": "15",
        "LimitAS": "infinity",
        "LimitASSoft": "infinity",
        "LimitCORE": "infinity",
        "LimitCORESoft": "infinity",
        "LimitCPU": "infinity",
        "LimitCPUSoft": "infinity",
        "LimitDATA": "infinity",
        "LimitDATASoft": "infinity",
        "LimitFSIZE": "infinity",
        "LimitFSIZESoft": "infinity",
        "LimitLOCKS": "infinity",
        "LimitLOCKSSoft": "infinity",
        "LimitMEMLOCK": "8388608",
        "LimitMEMLOCKSoft": "8388608",
        "LimitMSGQUEUE": "819200",
        "LimitMSGQUEUESoft": "819200",
        "LimitNICE": "0",
        "LimitNICESoft": "0",
        "LimitNOFILE": "524288",
        "LimitNOFILESoft": "1024",
        "LimitNPROC": "13964",
        "LimitNPROCSoft": "13964",
        "LimitRSS": "infinity",
        "LimitRSSSoft": "infinity",
        "LimitRTPRIO": "0",
        "LimitRTPRIOSoft": "0",
        "LimitRTTIME": "infinity",
        "LimitRTTIMESoft": "infinity",
        "LimitSIGPENDING": "13964",
        "LimitSIGPENDINGSoft": "13964",
        "LimitSTACK": "infinity",
        "LimitSTACKSoft": "8388608",
        "LoadState": "loaded",
        "LockPersonality": "no",
        "LogLevelMax": "-1",
        "LogRateLimitBurst": "0",
        "LogRateLimitIntervalUSec": "0",
        "LogsDirectoryMode": "0755",
        "MainPID": "10436",
        "ManagedOOMMemoryPressure": "auto",
        "ManagedOOMMemoryPressureLimit": "0",
        "ManagedOOMPreference": "none",
        "ManagedOOMSwap": "auto",
        "MemoryAccounting": "yes",
        "MemoryAvailable": "infinity",
        "MemoryCurrent": "35504128",
        "MemoryDenyWriteExecute": "no",
        "MemoryHigh": "infinity",
        "MemoryLimit": "infinity",
        "MemoryLow": "0",
        "MemoryMax": "infinity",
        "MemoryMin": "0",
        "MemorySwapMax": "infinity",
        "MountAPIVFS": "no",
        "NFileDescriptorStore": "0",
        "NRestarts": "0",
        "NUMAPolicy": "n/a",
        "Names": "fapolicyd.service",
        "NeedDaemonReload": "no",
        "Nice": "0",
        "NoNewPrivileges": "no",
        "NonBlocking": "no",
        "NotifyAccess": "none",
        "OOMPolicy": "stop",
        "OOMScoreAdjust": "-1000",
        "OnFailureJobMode": "replace",
        "OnSuccessJobMode": "fail",
        "PIDFile": "/run/fapolicyd.pid",
        "Perpetual": "no",
        "PrivateDevices": "no",
        "PrivateIPC": "no",
        "PrivateMounts": "no",
        "PrivateNetwork": "no",
        "PrivateTmp": "no",
        "PrivateUsers": "no",
        "ProcSubset": "all",
        "ProtectClock": "no",
        "ProtectControlGroups": "no",
        "ProtectHome": "no",
        "ProtectHostname": "no",
        "ProtectKernelLogs": "no",
        "ProtectKernelModules": "no",
        "ProtectKernelTunables": "no",
        "ProtectProc": "default",
        "ProtectSystem": "no",
        "RefuseManualStart": "no",
        "RefuseManualStop": "no",
        "ReloadResult": "success",
        "ReloadSignal": "1",
        "RemainAfterExit": "no",
        "RemoveIPC": "no",
        "Requires": "-.mount system.slice",
        "RequiresMountsFor": "/run/fapolicyd",
        "Restart": "on-abnormal",
        "RestartKillSignal": "15",
        "RestartUSec": "100ms",
        "RestrictNamespaces": "no",
        "RestrictRealtime": "no",
        "RestrictSUIDSGID": "no",
        "Result": "success",
        "RootDirectoryStartOnly": "no",
        "RuntimeDirectory": "fapolicyd",
        "RuntimeDirectoryMode": "0755",
        "RuntimeDirectoryPreserve": "no",
        "RuntimeMaxUSec": "infinity",
        "RuntimeRandomizedExtraUSec": "0",
        "SameProcessGroup": "no",
        "SecureBits": "0",
        "SendSIGHUP": "no",
        "SendSIGKILL": "yes",
        "Slice": "system.slice",
        "StandardError": "inherit",
        "StandardInput": "null",
        "StandardOutput": "journal",
        "StartLimitAction": "none",
        "StartLimitBurst": "5",
        "StartLimitIntervalUSec": "10s",
        "StartupBlockIOWeight": "[not set]",
        "StartupCPUShares": "[not set]",
        "StartupCPUWeight": "[not set]",
        "StartupIOWeight": "[not set]",
        "StateChangeTimestamp": "Sat 2024-08-17 08:25:22 EDT",
        "StateChangeTimestampMonotonic": "238221460",
        "StateDirectoryMode": "0755",
        "StatusErrno": "0",
        "StopWhenUnneeded": "no",
        "SubState": "running",
        "SuccessAction": "none",
        "SyslogFacility": "3",
        "SyslogLevel": "6",
        "SyslogLevelPrefix": "yes",
        "SyslogPriority": "30",
        "SystemCallErrorNumber": "2147483646",
        "TTYReset": "no",
        "TTYVHangup": "no",
        "TTYVTDisallocate": "no",
        "TasksAccounting": "yes",
        "TasksCurrent": "4",
        "TasksMax": "22342",
        "TimeoutAbortUSec": "1min 30s",
        "TimeoutCleanUSec": "infinity",
        "TimeoutStartFailureMode": "terminate",
        "TimeoutStartUSec": "1min 30s",
        "TimeoutStopFailureMode": "terminate",
        "TimeoutStopUSec": "1min 30s",
        "TimerSlackNSec": "50000",
        "Transient": "no",
        "Type": "forking",
        "UID": "[not set]",
        "UMask": "0022",
        "UnitFilePreset": "disabled",
        "UnitFileState": "enabled",
        "UtmpMode": "init",
        "WantedBy": "multi-user.target",
        "WatchdogSignal": "6",
        "WatchdogTimestampMonotonic": "0",
        "WatchdogUSec": "0"
    }
}

TASK [Clean up temp directory] *************************************************
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/tests/fapolicyd/tests_trusted_execution.yml:123
Saturday 17 August 2024  08:25:25 -0400 (0:00:01.961)       0:00:57.104 ******* 
changed: [managed_node3] => {
    "changed": true,
    "path": "/var/tmp/fapolicyd_zet4pn88",
    "state": "absent"
}

TASK [Remove test user] ********************************************************
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/tests/fapolicyd/tests_trusted_execution.yml:128
Saturday 17 August 2024  08:25:26 -0400 (0:00:00.303)       0:00:57.407 ******* 
changed: [managed_node3] => {
    "attempts": 1,
    "changed": true,
    "force": false,
    "name": "fapolicyd_test1_user",
    "remove": false,
    "state": "absent"
}

TASK [Debug test user removal failure] *****************************************
task path: /tmp/collections-io6/ansible_collections/fedora/linux_system_roles/tests/fapolicyd/tests_trusted_execution.yml:138
Saturday 17 August 2024  08:25:26 -0400 (0:00:00.493)       0:00:57.900 ******* 
skipping: [managed_node3] => {
    "changed": false,
    "false_condition": "__result is failed",
    "skip_reason": "Conditional result was False"
}

PLAY RECAP *********************************************************************
managed_node3              : ok=34   changed=17   unreachable=0    failed=0    skipped=24   rescued=0    ignored=0   

Saturday 17 August 2024  08:25:26 -0400 (0:00:00.024)       0:00:57.924 ******* 
=============================================================================== 
fedora.linux_system_roles.fapolicyd : Install fapolicyd packages ------- 30.03s
/tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:51 
fedora.linux_system_roles.fapolicyd : Update fapolicyd db --------------- 3.61s
/tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:124 
fedora.linux_system_roles.fapolicyd : Update fapolicyd db --------------- 2.86s
/tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:124 
Gathering Facts --------------------------------------------------------- 2.79s
/tmp/collections-io6/ansible_collections/fedora/linux_system_roles/tests/fapolicyd/tests_trusted_execution.yml:2 
Shutdown fapolicyd ------------------------------------------------------ 1.96s
/tmp/collections-io6/ansible_collections/fedora/linux_system_roles/tests/fapolicyd/tests_trusted_execution.yml:117 
fedora.linux_system_roles.fapolicyd : Add file to trustdb --------------- 1.52s
/tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:108 
fedora.linux_system_roles.fapolicyd : Install fapolicyd packages -------- 1.38s
/tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:51 
Create shell executables ------------------------------------------------ 1.31s
/tmp/collections-io6/ansible_collections/fedora/linux_system_roles/tests/fapolicyd/tests_trusted_execution.yml:39 
fedora.linux_system_roles.fapolicyd : Copy fapolicyd configuration file --- 1.19s
/tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:59 
Run trusted binary exe1 ------------------------------------------------- 1.11s
/tmp/collections-io6/ansible_collections/fedora/linux_system_roles/tests/fapolicyd/tests_trusted_execution.yml:72 
fedora.linux_system_roles.fapolicyd : Start fapolicyd service ----------- 0.96s
/tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:76 
Create a new user ------------------------------------------------------- 0.91s
/tmp/collections-io6/ansible_collections/fedora/linux_system_roles/tests/fapolicyd/tests_trusted_execution.yml:54 
Create directories for tests -------------------------------------------- 0.77s
/tmp/collections-io6/ansible_collections/fedora/linux_system_roles/tests/fapolicyd/tests_trusted_execution.yml:30 
fedora.linux_system_roles.fapolicyd : Restart fapolicyd service --------- 0.74s
/tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:85 
fedora.linux_system_roles.fapolicyd : Copy fapolicyd configuration file --- 0.68s
/tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:59 
fedora.linux_system_roles.fapolicyd : Start fapolicyd service ----------- 0.55s
/tmp/collections-io6/ansible_collections/fedora/linux_system_roles/roles/fapolicyd/tasks/main.yml:76 
Run untrusted exe1 after removing from trustdb -------------------------- 0.54s
/tmp/collections-io6/ansible_collections/fedora/linux_system_roles/tests/fapolicyd/tests_trusted_execution.yml:109 
Remove test user -------------------------------------------------------- 0.49s
/tmp/collections-io6/ansible_collections/fedora/linux_system_roles/tests/fapolicyd/tests_trusted_execution.yml:128 
Run untrusted binary exe2 ----------------------------------------------- 0.44s
/tmp/collections-io6/ansible_collections/fedora/linux_system_roles/tests/fapolicyd/tests_trusted_execution.yml:85 
Check now untrusted exe1 after replacement ------------------------------ 0.44s
/tmp/collections-io6/ansible_collections/fedora/linux_system_roles/tests/fapolicyd/tests_trusted_execution.yml:93