ansible-playbook [core 2.16.14]
config file = None
configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/local/lib/python3.12/site-packages/ansible
ansible collection location = /tmp/collections-dly
executable location = /usr/local/bin/ansible-playbook
python version = 3.12.1 (main, Feb 21 2024, 14:18:26) [GCC 8.5.0 20210514 (Red Hat 8.5.0-21)] (/usr/bin/python3.12)
jinja version = 3.1.4
libyaml = True
No config file found; using defaults
running playbook inside collection fedora.linux_system_roles
redirecting (type: callback) ansible.builtin.debug to ansible.posix.debug
redirecting (type: callback) ansible.builtin.debug to ansible.posix.debug
redirecting (type: callback) ansible.builtin.profile_tasks to ansible.posix.profile_tasks
Skipping callback 'default', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.
PLAYBOOK: tests_default.yml ****************************************************
1 plays in /tmp/collections-dly/ansible_collections/fedora/linux_system_roles/tests/pam_pwd/tests_default.yml
PLAY [Ensure that the role runs with default parameters] ***********************
TASK [Gathering Facts] *********************************************************
task path: /tmp/collections-dly/ansible_collections/fedora/linux_system_roles/tests/pam_pwd/tests_default.yml:3
Saturday 14 December 2024 10:06:33 -0500 (0:00:00.007) 0:00:00.007 *****
ok: [managed-node1]
TASK [fedora.linux_system_roles.pam_pwd : Perform platform/version specific tasks] ***
task path: /tmp/collections-dly/ansible_collections/fedora/linux_system_roles/roles/pam_pwd/tasks/main.yml:4
Saturday 14 December 2024 10:06:34 -0500 (0:00:01.296) 0:00:01.304 *****
included: /tmp/collections-dly/ansible_collections/fedora/linux_system_roles/roles/pam_pwd/tasks/setup/default.yml for managed-node1
TASK [fedora.linux_system_roles.pam_pwd : Deny access after number of consecutive authentication failures num 5] ***
task path: /tmp/collections-dly/ansible_collections/fedora/linux_system_roles/roles/pam_pwd/tasks/setup/default.yml:2
Saturday 14 December 2024 10:06:34 -0500 (0:00:00.034) 0:00:01.339 *****
changed: [managed-node1] => {
"backup": "/etc/security/faillock.conf.7402.2024-12-14@10:06:35~",
"changed": true
}
MSG:
line added
TASK [fedora.linux_system_roles.pam_pwd : Reenable access after the lock out seconds 300] ***
task path: /tmp/collections-dly/ansible_collections/fedora/linux_system_roles/roles/pam_pwd/tasks/setup/default.yml:12
Saturday 14 December 2024 10:06:35 -0500 (0:00:00.449) 0:00:01.788 *****
changed: [managed-node1] => {
"backup": "/etc/security/faillock.conf.7527.2024-12-14@10:06:35~",
"changed": true
}
MSG:
line added
TASK [fedora.linux_system_roles.pam_pwd : Set option silent in /etc/security/faillock.conf] ***
task path: /tmp/collections-dly/ansible_collections/fedora/linux_system_roles/roles/pam_pwd/tasks/setup/default.yml:20
Saturday 14 December 2024 10:06:35 -0500 (0:00:00.346) 0:00:02.134 *****
changed: [managed-node1] => {
"backup": "/etc/security/faillock.conf.7652.2024-12-14@10:06:35~",
"changed": true
}
MSG:
line added
TASK [fedora.linux_system_roles.pam_pwd : List authselect profiles] ************
task path: /tmp/collections-dly/ansible_collections/fedora/linux_system_roles/roles/pam_pwd/tasks/setup/default.yml:29
Saturday 14 December 2024 10:06:35 -0500 (0:00:00.336) 0:00:02.471 *****
ok: [managed-node1] => {
"changed": false,
"cmd": [
"authselect",
"list"
],
"delta": "0:00:00.022524",
"end": "2024-12-14 10:06:36.366064",
"rc": 0,
"start": "2024-12-14 10:06:36.343540"
}
STDOUT:
- minimal Local users only for minimal installations
- nis Enable NIS for system authentication
- sssd Enable SSSD for system authentication (also for local users only)
- winbind Enable winbind for system authentication
TASK [fedora.linux_system_roles.pam_pwd : Create custom authselect profile from existing profile sssd password-policy] ***
task path: /tmp/collections-dly/ansible_collections/fedora/linux_system_roles/roles/pam_pwd/tasks/setup/default.yml:38
Saturday 14 December 2024 10:06:36 -0500 (0:00:00.489) 0:00:02.960 *****
Notification for handler Pam_pwd_authselect_apply has been saved.
changed: [managed-node1] => {
"changed": true,
"cmd": [
"authselect",
"create-profile",
"password-policy",
"-b",
"sssd"
],
"delta": "0:00:00.003484",
"end": "2024-12-14 10:06:36.698652",
"rc": 0,
"start": "2024-12-14 10:06:36.695168"
}
STDOUT:
New profile was created at /etc/authselect/custom/password-policy
TASK [fedora.linux_system_roles.pam_pwd : List authselect current profile] *****
task path: /tmp/collections-dly/ansible_collections/fedora/linux_system_roles/roles/pam_pwd/tasks/setup/default.yml:46
Saturday 14 December 2024 10:06:36 -0500 (0:00:00.315) 0:00:03.276 *****
ok: [managed-node1] => {
"changed": false,
"cmd": [
"authselect",
"current"
],
"delta": "0:00:00.003324",
"end": "2024-12-14 10:06:37.027646",
"failed_when_result": false,
"rc": 0,
"start": "2024-12-14 10:06:37.024322"
}
STDOUT:
Profile ID: sssd
Enabled features: None
TASK [fedora.linux_system_roles.pam_pwd : Select profile password-policy] ******
task path: /tmp/collections-dly/ansible_collections/fedora/linux_system_roles/roles/pam_pwd/tasks/setup/default.yml:58
Saturday 14 December 2024 10:06:37 -0500 (0:00:00.340) 0:00:03.616 *****
Notification for handler Pam_pwd_authselect_apply has been saved.
changed: [managed-node1] => {
"changed": true,
"cmd": [
"authselect",
"select",
"--force",
"custom/password-policy"
],
"delta": "0:00:00.019125",
"end": "2024-12-14 10:06:37.398317",
"rc": 0,
"start": "2024-12-14 10:06:37.379192"
}
STDOUT:
Backup stored at /var/lib/authselect/backups/2024-12-14-15-06-37.9tgFCJ
Profile "custom/password-policy" was selected.
The following nsswitch maps are overwritten by the profile:
- passwd
- group
- netgroup
- automount
- services
Make sure that SSSD service is configured and enabled. See SSSD documentation for more information.
TASK [fedora.linux_system_roles.pam_pwd : List authselect current profile] *****
task path: /tmp/collections-dly/ansible_collections/fedora/linux_system_roles/roles/pam_pwd/tasks/setup/default.yml:64
Saturday 14 December 2024 10:06:37 -0500 (0:00:00.368) 0:00:03.984 *****
ok: [managed-node1] => {
"changed": false,
"cmd": [
"authselect",
"current"
],
"delta": "0:00:00.002963",
"end": "2024-12-14 10:06:37.759173",
"rc": 0,
"start": "2024-12-14 10:06:37.756210"
}
STDOUT:
Profile ID: custom/password-policy
Enabled features: None
TASK [fedora.linux_system_roles.pam_pwd : Set enable-feature with-faillock] ****
task path: /tmp/collections-dly/ansible_collections/fedora/linux_system_roles/roles/pam_pwd/tasks/setup/default.yml:69
Saturday 14 December 2024 10:06:37 -0500 (0:00:00.357) 0:00:04.342 *****
Notification for handler Pam_pwd_authselect_apply has been saved.
changed: [managed-node1] => {
"changed": true,
"cmd": [
"authselect",
"enable-feature",
"with-faillock"
],
"delta": "0:00:00.012018",
"end": "2024-12-14 10:06:38.113466",
"rc": 0,
"start": "2024-12-14 10:06:38.101448"
}
STDOUT:
Make sure that SSSD service is configured and enabled. See SSSD documentation for more information.
TASK [fedora.linux_system_roles.pam_pwd : Keep history of the last passwords used num 10] ***
task path: /tmp/collections-dly/ansible_collections/fedora/linux_system_roles/roles/pam_pwd/tasks/setup/default.yml:75
Saturday 14 December 2024 10:06:38 -0500 (0:00:00.363) 0:00:04.706 *****
changed: [managed-node1] => (item=/etc/authselect/custom/password-policy/system-auth) => {
"ansible_loop_var": "item",
"backup": "/etc/authselect/custom/password-policy/system-auth.8521.2024-12-14@10:06:38~",
"changed": true,
"item": "/etc/authselect/custom/password-policy/system-auth"
}
MSG:
line added
changed: [managed-node1] => (item=/etc/authselect/custom/password-policy/password-auth) => {
"ansible_loop_var": "item",
"backup": "/etc/authselect/custom/password-policy/password-auth.8646.2024-12-14@10:06:38~",
"changed": true,
"item": "/etc/authselect/custom/password-policy/password-auth"
}
MSG:
line added
TASK [fedora.linux_system_roles.pam_pwd : Enforce root for password complexity] ***
task path: /tmp/collections-dly/ansible_collections/fedora/linux_system_roles/roles/pam_pwd/tasks/setup/default.yml:89
Saturday 14 December 2024 10:06:38 -0500 (0:00:00.735) 0:00:05.442 *****
changed: [managed-node1] => (item=/etc/authselect/custom/password-policy/system-auth) => {
"ansible_loop_var": "item",
"backup": "/etc/authselect/custom/password-policy/system-auth.8771.2024-12-14@10:06:39~",
"changed": true,
"item": "/etc/authselect/custom/password-policy/system-auth"
}
MSG:
line replaced
changed: [managed-node1] => (item=/etc/authselect/custom/password-policy/password-auth) => {
"ansible_loop_var": "item",
"backup": "/etc/authselect/custom/password-policy/password-auth.8896.2024-12-14@10:06:39~",
"changed": true,
"item": "/etc/authselect/custom/password-policy/password-auth"
}
MSG:
line replaced
TASK [fedora.linux_system_roles.pam_pwd : Set password quality] ****************
task path: /tmp/collections-dly/ansible_collections/fedora/linux_system_roles/roles/pam_pwd/tasks/main.yml:17
Saturday 14 December 2024 10:06:39 -0500 (0:00:00.706) 0:00:06.148 *****
changed: [managed-node1] => {
"backup_file": "/etc/security/pwquality.conf.9021.2024-12-14@10:06:39~",
"changed": true
}
MSG:
Block inserted
NOTIFIED HANDLER fedora.linux_system_roles.pam_pwd : Apply authselect changes for managed-node1
RUNNING HANDLER [fedora.linux_system_roles.pam_pwd : Apply authselect changes] ***
task path: /tmp/collections-dly/ansible_collections/fedora/linux_system_roles/roles/pam_pwd/handlers/main.yml:5
Saturday 14 December 2024 10:06:40 -0500 (0:00:00.453) 0:00:06.601 *****
changed: [managed-node1] => {
"changed": true,
"cmd": [
"authselect",
"apply-changes"
],
"delta": "0:00:00.014633",
"end": "2024-12-14 10:06:40.367766",
"rc": 0,
"start": "2024-12-14 10:06:40.353133"
}
STDOUT:
Changes were successfully applied.
PLAY RECAP *********************************************************************
managed-node1 : ok=15 changed=10 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
TASKS RECAP ********************************************************************
Saturday 14 December 2024 10:06:40 -0500 (0:00:00.341) 0:00:06.943 *****
===============================================================================
Gathering Facts --------------------------------------------------------- 1.30s
/tmp/collections-dly/ansible_collections/fedora/linux_system_roles/tests/pam_pwd/tests_default.yml:3
fedora.linux_system_roles.pam_pwd : Keep history of the last passwords used num 10 --- 0.74s
/tmp/collections-dly/ansible_collections/fedora/linux_system_roles/roles/pam_pwd/tasks/setup/default.yml:75
fedora.linux_system_roles.pam_pwd : Enforce root for password complexity --- 0.71s
/tmp/collections-dly/ansible_collections/fedora/linux_system_roles/roles/pam_pwd/tasks/setup/default.yml:89
fedora.linux_system_roles.pam_pwd : List authselect profiles ------------ 0.49s
/tmp/collections-dly/ansible_collections/fedora/linux_system_roles/roles/pam_pwd/tasks/setup/default.yml:29
fedora.linux_system_roles.pam_pwd : Set password quality ---------------- 0.45s
/tmp/collections-dly/ansible_collections/fedora/linux_system_roles/roles/pam_pwd/tasks/main.yml:17
fedora.linux_system_roles.pam_pwd : Deny access after number of consecutive authentication failures num 5 --- 0.45s
/tmp/collections-dly/ansible_collections/fedora/linux_system_roles/roles/pam_pwd/tasks/setup/default.yml:2
fedora.linux_system_roles.pam_pwd : Select profile password-policy ------ 0.37s
/tmp/collections-dly/ansible_collections/fedora/linux_system_roles/roles/pam_pwd/tasks/setup/default.yml:58
fedora.linux_system_roles.pam_pwd : Set enable-feature with-faillock ---- 0.36s
/tmp/collections-dly/ansible_collections/fedora/linux_system_roles/roles/pam_pwd/tasks/setup/default.yml:69
fedora.linux_system_roles.pam_pwd : List authselect current profile ----- 0.36s
/tmp/collections-dly/ansible_collections/fedora/linux_system_roles/roles/pam_pwd/tasks/setup/default.yml:64
fedora.linux_system_roles.pam_pwd : Reenable access after the lock out seconds 300 --- 0.35s
/tmp/collections-dly/ansible_collections/fedora/linux_system_roles/roles/pam_pwd/tasks/setup/default.yml:12
fedora.linux_system_roles.pam_pwd : Apply authselect changes ------------ 0.34s
/tmp/collections-dly/ansible_collections/fedora/linux_system_roles/roles/pam_pwd/handlers/main.yml:5
fedora.linux_system_roles.pam_pwd : List authselect current profile ----- 0.34s
/tmp/collections-dly/ansible_collections/fedora/linux_system_roles/roles/pam_pwd/tasks/setup/default.yml:46
fedora.linux_system_roles.pam_pwd : Set option silent in /etc/security/faillock.conf --- 0.34s
/tmp/collections-dly/ansible_collections/fedora/linux_system_roles/roles/pam_pwd/tasks/setup/default.yml:20
fedora.linux_system_roles.pam_pwd : Create custom authselect profile from existing profile sssd password-policy
--- 0.32s
/tmp/collections-dly/ansible_collections/fedora/linux_system_roles/roles/pam_pwd/tasks/setup/default.yml:38
fedora.linux_system_roles.pam_pwd : Perform platform/version specific tasks --- 0.03s
/tmp/collections-dly/ansible_collections/fedora/linux_system_roles/roles/pam_pwd/tasks/main.yml:4