ansible-playbook [core 2.17.14] config file = None configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules'] ansible python module location = /usr/local/lib/python3.12/site-packages/ansible ansible collection location = /tmp/collections-fhO executable location = /usr/local/bin/ansible-playbook python version = 3.12.12 (main, Mar 27 2026, 00:00:00) [GCC 14.3.1 20251022 (Red Hat 14.3.1-4)] (/usr/bin/python3.12) jinja version = 3.1.6 libyaml = True No config file found; using defaults running playbook inside collection fedora.linux_system_roles Skipping callback 'debug', as we already have a stdout callback. Skipping callback 'json', as we already have a stdout callback. Skipping callback 'jsonl', as we already have a stdout callback. Skipping callback 'default', as we already have a stdout callback. Skipping callback 'minimal', as we already have a stdout callback. Skipping callback 'oneline', as we already have a stdout callback. PLAYBOOK: tests_purge_rules.yml ************************************************ 1 plays in /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tests_purge_rules.yml PLAY [Test auditd_purge_rules purge and idempotence] *************************** TASK [Gathering Facts] ********************************************************* task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tests_purge_rules.yml:5 Thursday 16 April 2026 11:33:18 -0400 (0:00:00.017) 0:00:00.017 ******** [WARNING]: Platform linux on host managed-node1 is using the discovered Python interpreter at /usr/bin/python3.12, but future installation of another Python interpreter could change the meaning of that path. See https://docs.ansible.com/ansible- core/2.17/reference_appendices/interpreter_discovery.html for more information. ok: [managed-node1] TASK [Back up existing auditd configuration and rules metadata] **************** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tests_purge_rules.yml:13 Thursday 16 April 2026 11:33:19 -0400 (0:00:01.189) 0:00:01.207 ******** included: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tasks/setup.yml for managed-node1 TASK [Check for existing auditd.conf] ****************************************** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tasks/setup.yml:7 Thursday 16 April 2026 11:33:19 -0400 (0:00:00.017) 0:00:01.225 ******** ok: [managed-node1] => { "changed": false, "stat": { "atime": 1776353582.8467028, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "a93cfc6889d0a3dfd87548eac330576e1146dbe7", "ctime": 1776353578.763674, "dev": 51714, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 239075523, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0640", "mtime": 1776353578.7640395, "nlink": 1, "path": "/etc/audit/auditd.conf", "pw_name": "root", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 880, "uid": 0, "version": "429122602", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Check for existing custom.rules] ***************************************** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tasks/setup.yml:12 Thursday 16 April 2026 11:33:20 -0400 (0:00:00.440) 0:00:01.666 ******** ok: [managed-node1] => { "changed": false, "stat": { "atime": 1776353581.456693, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "69008de23bc363984514521ddc3cd86619715c09", "ctime": 1776353579.9192512, "dev": 51714, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 260047045, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0664", "mtime": 1776353579.6506803, "nlink": 1, "path": "/etc/audit/rules.d/custom.rules", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 268, "uid": 0, "version": "3346494091", "wgrp": true, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Remember whether custom.rules existed] *********************************** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tasks/setup.yml:17 Thursday 16 April 2026 11:33:20 -0400 (0:00:00.363) 0:00:02.030 ******** ok: [managed-node1] => { "ansible_facts": { "__auditd_integration_had_custom_rules": true }, "changed": false } TASK [Back up auditd.conf before test] ***************************************** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tasks/setup.yml:21 Thursday 16 April 2026 11:33:20 -0400 (0:00:00.014) 0:00:02.044 ******** changed: [managed-node1] => { "changed": true, "checksum": "a93cfc6889d0a3dfd87548eac330576e1146dbe7", "dest": "/root/.lsr_auditd_integration_auditd.conf.bak", "gid": 0, "group": "root", "md5sum": "92e833ed88010f0e8de83378e762d4c2", "mode": "0640", "owner": "root", "secontext": "system_u:object_r:admin_home_t:s0", "size": 880, "src": "/etc/audit/auditd.conf", "state": "file", "uid": 0 } TASK [Back up custom.rules before test] **************************************** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tasks/setup.yml:29 Thursday 16 April 2026 11:33:20 -0400 (0:00:00.443) 0:00:02.488 ******** changed: [managed-node1] => { "changed": true, "checksum": "69008de23bc363984514521ddc3cd86619715c09", "dest": "/root/.lsr_auditd_integration_custom.rules.bak", "gid": 0, "group": "root", "md5sum": "e3743c173f2e0ea45fbb3aa9853a278e", "mode": "0664", "owner": "root", "secontext": "system_u:object_r:admin_home_t:s0", "size": 268, "src": "/etc/audit/rules.d/custom.rules", "state": "file", "uid": 0 } TASK [Record auditd.conf backup path for cleanup] ****************************** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tasks/setup.yml:37 Thursday 16 April 2026 11:33:21 -0400 (0:00:00.358) 0:00:02.846 ******** ok: [managed-node1] => { "ansible_facts": { "__auditd_integration_backup_auditd_conf": "/root/.lsr_auditd_integration_auditd.conf.bak" }, "changed": false } TASK [Record custom.rules backup path for cleanup] ***************************** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tasks/setup.yml:42 Thursday 16 April 2026 11:33:21 -0400 (0:00:00.014) 0:00:02.861 ******** ok: [managed-node1] => { "ansible_facts": { "__auditd_integration_backup_custom_rules": "/root/.lsr_auditd_integration_custom.rules.bak" }, "changed": false } TASK [Ensure rules.d backup parent directory is absent] ************************ task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tests_purge_rules.yml:16 Thursday 16 April 2026 11:33:21 -0400 (0:00:00.013) 0:00:02.875 ******** ok: [managed-node1] => { "changed": false, "path": "/root/.lsr_auditd_purge_rulesd.backup", "state": "absent" } TASK [Create parent directory for rules.d snapshot] **************************** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tests_purge_rules.yml:21 Thursday 16 April 2026 11:33:21 -0400 (0:00:00.442) 0:00:03.318 ******** changed: [managed-node1] => { "changed": true, "gid": 0, "group": "root", "mode": "0700", "owner": "root", "path": "/root/.lsr_auditd_purge_rulesd.backup", "secontext": "unconfined_u:object_r:admin_home_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [Snapshot rules.d tree for full restore after test] *********************** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tests_purge_rules.yml:27 Thursday 16 April 2026 11:33:22 -0400 (0:00:00.363) 0:00:03.681 ******** changed: [managed-node1] => { "changed": true, "checksum": null, "dest": "/root/.lsr_auditd_purge_rulesd.backup/", "gid": 0, "group": "root", "md5sum": null, "mode": "0750", "owner": "root", "secontext": "unconfined_u:object_r:admin_home_t:s0", "size": 45, "src": "/etc/audit/rules.d/", "state": "directory", "uid": 0 } TASK [Install decoy rules fragment to be removed by purge] ********************* task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tests_purge_rules.yml:34 Thursday 16 April 2026 11:33:22 -0400 (0:00:00.357) 0:00:04.038 ******** changed: [managed-node1] => { "changed": true, "checksum": "35324fa08aa315fc1ab79570382f077fec44dce9", "dest": "/etc/audit/rules.d/99-lsr-purge-decoy.rules", "gid": 0, "group": "root", "md5sum": "f628c72c0861f587eff2d10f92b8e21b", "mode": "0644", "owner": "root", "secontext": "system_u:object_r:auditd_etc_t:s0", "size": 89, "src": "/root/.ansible/tmp/ansible-tmp-1776353602.486108-10684-275667484586173/.source.rules", "state": "file", "uid": 0 } TASK [Run auditd role with purge enabled] ************************************** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tests_purge_rules.yml:42 Thursday 16 April 2026 11:33:23 -0400 (0:00:00.656) 0:00:04.695 ******** included: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tasks/run_role_with_clear_facts.yml for managed-node1 TASK [Clear facts] ************************************************************* task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tasks/run_role_with_clear_facts.yml:9 Thursday 16 April 2026 11:33:23 -0400 (0:00:00.019) 0:00:04.715 ******** META: facts cleared TASK [Run the role] ************************************************************ task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tasks/run_role_with_clear_facts.yml:23 Thursday 16 April 2026 11:33:23 -0400 (0:00:00.000) 0:00:04.715 ******** skipping: [managed-node1] => { "changed": false, "false_condition": "__sr_failed_when is defined", "skip_reason": "Conditional result was False" } TASK [Run the role normally] *************************************************** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tasks/run_role_with_clear_facts.yml:33 Thursday 16 April 2026 11:33:23 -0400 (0:00:00.014) 0:00:04.730 ******** included: fedora.linux_system_roles.auditd for managed-node1 TASK [fedora.linux_system_roles.auditd : Validating arguments against arg spec 'main' - Manage auditd and audit rules] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tests_purge_rules.yml:5 Thursday 16 April 2026 11:33:23 -0400 (0:00:00.063) 0:00:04.793 ******** ok: [managed-node1] => { "changed": false, "validate_args_context": { "argument_spec_name": "main", "name": "auditd", "path": "/tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd", "type": "role" } } MSG: The arg spec validation passed TASK [fedora.linux_system_roles.auditd : Validate role parameters] ************* task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/main.yml:3 Thursday 16 April 2026 11:33:23 -0400 (0:00:00.014) 0:00:04.807 ******** included: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml for managed-node1 TASK [fedora.linux_system_roles.auditd : Assert num_logs range (num_logs_parser)] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:4 Thursday 16 April 2026 11:33:23 -0400 (0:00:00.025) 0:00:04.833 ******** ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [fedora.linux_system_roles.auditd : Assert freq range (freq_parser)] ****** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:11 Thursday 16 April 2026 11:33:23 -0400 (0:00:00.015) 0:00:04.848 ******** ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [fedora.linux_system_roles.auditd : Assert incremental flush requires non-zero freq (sanity_check)] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:18 Thursday 16 April 2026 11:33:23 -0400 (0:00:00.014) 0:00:04.863 ******** ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [fedora.linux_system_roles.auditd : Assert priority_boost range (priority_boost_parser)] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:25 Thursday 16 April 2026 11:33:23 -0400 (0:00:00.014) 0:00:04.878 ******** ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [fedora.linux_system_roles.auditd : Assert q_depth range (q_depth_parser)] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:31 Thursday 16 April 2026 11:33:23 -0400 (0:00:00.015) 0:00:04.893 ******** ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [fedora.linux_system_roles.auditd : Assert max_restarts range (max_restarts_parser)] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:38 Thursday 16 April 2026 11:33:23 -0400 (0:00:00.015) 0:00:04.909 ******** ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [fedora.linux_system_roles.auditd : Assert tcp_listen_port range when listener enabled in build (tcp_listen_port_parser)] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:44 Thursday 16 April 2026 11:33:23 -0400 (0:00:00.014) 0:00:04.923 ******** ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [fedora.linux_system_roles.auditd : Assert tcp_listen_queue range (tcp_listen_queue_parser)] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:50 Thursday 16 April 2026 11:33:23 -0400 (0:00:00.014) 0:00:04.938 ******** ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [fedora.linux_system_roles.auditd : Assert tcp_max_per_addr range (tcp_max_per_addr_parser)] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:56 Thursday 16 April 2026 11:33:23 -0400 (0:00:00.014) 0:00:04.953 ******** ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [fedora.linux_system_roles.auditd : Assert tcp_client_max_idle range (tcp_client_max_idle_parser)] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:62 Thursday 16 April 2026 11:33:23 -0400 (0:00:00.014) 0:00:04.967 ******** ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [fedora.linux_system_roles.auditd : Assert tcp_client_ports format (tcp_client_ports_parser)] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:68 Thursday 16 April 2026 11:33:23 -0400 (0:00:00.015) 0:00:04.982 ******** ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [fedora.linux_system_roles.auditd : Assert tcp_client_ports range order] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:76 Thursday 16 April 2026 11:33:23 -0400 (0:00:00.017) 0:00:05.000 ******** ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [fedora.linux_system_roles.auditd : Assert space_left_action rejects halt (space_action_parser)] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:83 Thursday 16 April 2026 11:33:23 -0400 (0:00:00.018) 0:00:05.019 ******** ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [fedora.linux_system_roles.auditd : Assert disk_full_action rejects email (disk_full_action_parser)] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:89 Thursday 16 April 2026 11:33:23 -0400 (0:00:00.013) 0:00:05.032 ******** ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [fedora.linux_system_roles.auditd : Assert disk_error_action rejects email and rotate (disk_error_action_parser)] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:95 Thursday 16 April 2026 11:33:23 -0400 (0:00:00.013) 0:00:05.046 ******** ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [fedora.linux_system_roles.auditd : Assert exec companion paths when action is exec] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:101 Thursday 16 April 2026 11:33:23 -0400 (0:00:00.013) 0:00:05.060 ******** skipping: [managed-node1] => { "changed": false, "false_condition": "auditd_max_log_file_action | lower == 'exec'", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.auditd : Assert space_left_action exec path] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:108 Thursday 16 April 2026 11:33:23 -0400 (0:00:00.011) 0:00:05.071 ******** skipping: [managed-node1] => { "changed": false, "false_condition": "auditd_space_left_action | lower == 'exec'", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.auditd : Assert admin_space_left_action exec path] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:115 Thursday 16 April 2026 11:33:23 -0400 (0:00:00.012) 0:00:05.083 ******** skipping: [managed-node1] => { "changed": false, "false_condition": "auditd_admin_space_left_action | lower == 'exec'", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.auditd : Assert disk_full_action exec path] **** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:122 Thursday 16 April 2026 11:33:23 -0400 (0:00:00.012) 0:00:05.096 ******** skipping: [managed-node1] => { "changed": false, "false_condition": "auditd_disk_full_action | lower == 'exec'", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.auditd : Assert disk_error_action exec path] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:129 Thursday 16 April 2026 11:33:23 -0400 (0:00:00.010) 0:00:05.106 ******** skipping: [managed-node1] => { "changed": false, "false_condition": "auditd_disk_error_action | lower == 'exec'", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.auditd : Assert name when name_format is user (resolve_node)] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:136 Thursday 16 April 2026 11:33:23 -0400 (0:00:00.011) 0:00:05.118 ******** skipping: [managed-node1] => { "changed": false, "false_condition": "auditd_name_format | lower == 'user'", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.auditd : Assert auditd_rules entries] ********** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:143 Thursday 16 April 2026 11:33:23 -0400 (0:00:00.011) 0:00:05.129 ******** ok: [managed-node1] => (item=lsr_auditd_purge_test) => { "ansible_loop_var": "item", "changed": false, "item": { "file": "/etc/issue", "keyname": "lsr_auditd_purge_test", "permissions": [ "read" ] } } MSG: All assertions passed TASK [fedora.linux_system_roles.auditd : Assert syscall rules include required keys] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:153 Thursday 16 April 2026 11:33:23 -0400 (0:00:00.022) 0:00:05.151 ******** skipping: [managed-node1] => { "changed": false, "skipped_reason": "No items in the list" } TASK [fedora.linux_system_roles.auditd : Assert permission keys for file rules] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:164 Thursday 16 April 2026 11:33:23 -0400 (0:00:00.016) 0:00:05.168 ******** ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [fedora.linux_system_roles.auditd : Set platform/version specific variables] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/main.yml:6 Thursday 16 April 2026 11:33:23 -0400 (0:00:00.022) 0:00:05.191 ******** included: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/set_vars.yml for managed-node1 TASK [fedora.linux_system_roles.auditd : Ensure ansible_facts used by role] **** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/set_vars.yml:2 Thursday 16 April 2026 11:33:23 -0400 (0:00:00.026) 0:00:05.217 ******** ok: [managed-node1] TASK [fedora.linux_system_roles.auditd : Check if system is ostree] ************ task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/set_vars.yml:10 Thursday 16 April 2026 11:33:24 -0400 (0:00:00.562) 0:00:05.780 ******** ok: [managed-node1] => { "changed": false, "stat": { "exists": false } } TASK [fedora.linux_system_roles.auditd : Set flag to indicate system is ostree] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/set_vars.yml:15 Thursday 16 April 2026 11:33:24 -0400 (0:00:00.351) 0:00:06.131 ******** ok: [managed-node1] => { "ansible_facts": { "__auditd_is_ostree": false }, "changed": false } TASK [fedora.linux_system_roles.auditd : Set platform/version specific variables] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/set_vars.yml:19 Thursday 16 April 2026 11:33:24 -0400 (0:00:00.018) 0:00:06.150 ******** skipping: [managed-node1] => (item=RedHat.yml) => { "ansible_loop_var": "item", "changed": false, "false_condition": "__vars_file is file", "item": "RedHat.yml", "skip_reason": "Conditional result was False" } skipping: [managed-node1] => (item=CentOS.yml) => { "ansible_loop_var": "item", "changed": false, "false_condition": "__vars_file is file", "item": "CentOS.yml", "skip_reason": "Conditional result was False" } skipping: [managed-node1] => (item=CentOS_10.yml) => { "ansible_loop_var": "item", "changed": false, "false_condition": "__vars_file is file", "item": "CentOS_10.yml", "skip_reason": "Conditional result was False" } skipping: [managed-node1] => (item=CentOS_10.yml) => { "ansible_loop_var": "item", "changed": false, "false_condition": "__vars_file is file", "item": "CentOS_10.yml", "skip_reason": "Conditional result was False" } skipping: [managed-node1] => { "changed": false } MSG: All items skipped TASK [fedora.linux_system_roles.auditd : Resolve package names for OS family] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/set_vars.yml:34 Thursday 16 April 2026 11:33:24 -0400 (0:00:00.026) 0:00:06.177 ******** ok: [managed-node1] => { "ansible_facts": { "__auditd_packages": [ "audit" ] }, "changed": false } TASK [fedora.linux_system_roles.auditd : Install audit packages] *************** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/main.yml:9 Thursday 16 April 2026 11:33:24 -0400 (0:00:00.015) 0:00:06.193 ******** ok: [managed-node1] => { "changed": false, "rc": 0, "results": [] } MSG: Nothing to do TASK [fedora.linux_system_roles.auditd : Deploy auditd configuration] ********** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/main.yml:15 Thursday 16 April 2026 11:33:25 -0400 (0:00:01.251) 0:00:07.445 ******** ok: [managed-node1] => { "changed": false, "checksum": "a93cfc6889d0a3dfd87548eac330576e1146dbe7", "dest": "/etc/audit/auditd.conf", "gid": 0, "group": "root", "mode": "0640", "owner": "root", "path": "/etc/audit/auditd.conf", "secontext": "system_u:object_r:auditd_etc_t:s0", "size": 880, "state": "file", "uid": 0 } TASK [fedora.linux_system_roles.auditd : Ensure rules.d directory exists] ****** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/main.yml:22 Thursday 16 April 2026 11:33:26 -0400 (0:00:00.655) 0:00:08.100 ******** ok: [managed-node1] => { "changed": false, "gid": 0, "group": "root", "mode": "0750", "owner": "root", "path": "/etc/audit/rules.d", "secontext": "system_u:object_r:auditd_etc_t:s0", "size": 77, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.auditd : Purge rules.d when requested] ********* task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/main.yml:28 Thursday 16 April 2026 11:33:26 -0400 (0:00:00.357) 0:00:08.458 ******** included: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/purge_rules.yml for managed-node1 TASK [fedora.linux_system_roles.auditd : Discover files in rules.d] ************ task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/purge_rules.yml:12 Thursday 16 April 2026 11:33:26 -0400 (0:00:00.032) 0:00:08.491 ******** ok: [managed-node1] => { "changed": false, "examined": 3, "files": [ { "atime": 1776353416.559, "ctime": 1776149893.341, "dev": 51714, "gid": 0, "gr_name": "root", "inode": 4419619, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mode": "0640", "mtime": 1767657600.0, "nlink": 1, "path": "/etc/audit/rules.d/audit.rules", "pw_name": "root", "rgrp": true, "roth": false, "rusr": true, "size": 244, "uid": 0, "wgrp": false, "woth": false, "wusr": true, "xgrp": false, "xoth": false, "xusr": false }, { "atime": 1776353581.456693, "ctime": 1776353579.9192512, "dev": 51714, "gid": 0, "gr_name": "root", "inode": 260047045, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mode": "0664", "mtime": 1776353579.6506803, "nlink": 1, "path": "/etc/audit/rules.d/custom.rules", "pw_name": "root", "rgrp": true, "roth": true, "rusr": true, "size": 268, "uid": 0, "wgrp": true, "woth": false, "wusr": true, "xgrp": false, "xoth": false, "xusr": false }, { "atime": 1776353603.0488448, "ctime": 1776353603.0518448, "dev": 51714, "gid": 0, "gr_name": "root", "inode": 465567939, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mode": "0644", "mtime": 1776353602.785843, "nlink": 1, "path": "/etc/audit/rules.d/99-lsr-purge-decoy.rules", "pw_name": "root", "rgrp": true, "roth": true, "rusr": true, "size": 89, "uid": 0, "wgrp": false, "woth": false, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } ], "matched": 3, "skipped_paths": {} } MSG: All paths examined TASK [fedora.linux_system_roles.auditd : Stat existing custom.rules before purge] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/purge_rules.yml:18 Thursday 16 April 2026 11:33:27 -0400 (0:00:00.446) 0:00:08.937 ******** ok: [managed-node1] => { "changed": false, "stat": { "atime": 1776353581.456693, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "69008de23bc363984514521ddc3cd86619715c09", "ctime": 1776353579.9192512, "dev": 51714, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 260047045, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0664", "mtime": 1776353579.6506803, "nlink": 1, "path": "/etc/audit/rules.d/custom.rules", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 268, "uid": 0, "version": "3346494091", "wgrp": true, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [fedora.linux_system_roles.auditd : Read existing custom.rules for comparison] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/purge_rules.yml:23 Thursday 16 April 2026 11:33:27 -0400 (0:00:00.363) 0:00:09.301 ******** ok: [managed-node1] => { "changed": false, "content": "IwojIEFuc2libGUgbWFuYWdlZAojCiMgc3lzdGVtX3JvbGU6YXVkaXRkCgoKIyBEZWxldGUgYWxsIHByZXZpb3VzIHJ1bGVzCi1ECiMgU2V0IGJ1ZmZlciBzaXplCi1iIDMyNzY4CiMgU2V0IGZhaWx1cmUgYmVoYXZpb3IKLWYgMQojIFNldCB0aGUgbWF4aW11bSBhbW91bnQgb2YgbWVzc2FnZXMgcGVyIHNlY29uZAotciA2MAojIFNldCBlbmFibGUgZmxhZyAoMD1kaXNhYmxlLCAxPWVuYWJsZSwgMj1sb2NrZWQsIHJlcXVpcmVzIHJlYm9vdCB0byB1bmxvY2spCi1lIDEKCg==", "encoding": "base64", "source": "/etc/audit/rules.d/custom.rules" } TASK [fedora.linux_system_roles.auditd : Record whether to keep existing custom.rules (managed rules)] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/purge_rules.yml:29 Thursday 16 April 2026 11:33:28 -0400 (0:00:00.432) 0:00:09.733 ******** ok: [managed-node1] => { "ansible_facts": { "__auditd_purge_keep_custom_rules": false }, "changed": false } TASK [fedora.linux_system_roles.auditd : Remove files from rules.d] ************ task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/purge_rules.yml:62 Thursday 16 April 2026 11:33:28 -0400 (0:00:00.041) 0:00:09.775 ******** changed: [managed-node1] => (item=/etc/audit/rules.d/audit.rules) => { "ansible_loop_var": "item", "changed": true, "item": { "atime": 1776353416.559, "ctime": 1776149893.341, "dev": 51714, "gid": 0, "gr_name": "root", "inode": 4419619, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mode": "0640", "mtime": 1767657600.0, "nlink": 1, "path": "/etc/audit/rules.d/audit.rules", "pw_name": "root", "rgrp": true, "roth": false, "rusr": true, "size": 244, "uid": 0, "wgrp": false, "woth": false, "wusr": true, "xgrp": false, "xoth": false, "xusr": false }, "path": "/etc/audit/rules.d/audit.rules", "state": "absent" } changed: [managed-node1] => (item=/etc/audit/rules.d/custom.rules) => { "ansible_loop_var": "item", "changed": true, "item": { "atime": 1776353581.456693, "ctime": 1776353579.9192512, "dev": 51714, "gid": 0, "gr_name": "root", "inode": 260047045, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mode": "0664", "mtime": 1776353579.6506803, "nlink": 1, "path": "/etc/audit/rules.d/custom.rules", "pw_name": "root", "rgrp": true, "roth": true, "rusr": true, "size": 268, "uid": 0, "wgrp": true, "woth": false, "wusr": true, "xgrp": false, "xoth": false, "xusr": false }, "path": "/etc/audit/rules.d/custom.rules", "state": "absent" } changed: [managed-node1] => (item=/etc/audit/rules.d/99-lsr-purge-decoy.rules) => { "ansible_loop_var": "item", "changed": true, "item": { "atime": 1776353603.0488448, "ctime": 1776353603.0518448, "dev": 51714, "gid": 0, "gr_name": "root", "inode": 465567939, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mode": "0644", "mtime": 1776353602.785843, "nlink": 1, "path": "/etc/audit/rules.d/99-lsr-purge-decoy.rules", "pw_name": "root", "rgrp": true, "roth": true, "rusr": true, "size": 89, "uid": 0, "wgrp": false, "woth": false, "wusr": true, "xgrp": false, "xoth": false, "xusr": false }, "path": "/etc/audit/rules.d/99-lsr-purge-decoy.rules", "state": "absent" } Notification for handler Run augenrules has been saved. Notification for handler Run augenrules has been saved. Notification for handler Run augenrules has been saved. TASK [fedora.linux_system_roles.auditd : Deploy custom audit rules] ************ task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/main.yml:34 Thursday 16 April 2026 11:33:29 -0400 (0:00:01.064) 0:00:10.839 ******** Notification for handler Run augenrules has been saved. changed: [managed-node1] => { "changed": true, "checksum": "4f9017c3cb8f8ddf2a782812732781a02ca551eb", "dest": "/etc/audit/rules.d/custom.rules", "gid": 0, "group": "root", "md5sum": "cc34bac1a48291a6662d6a5254eaaf16", "mode": "0664", "owner": "root", "secontext": "system_u:object_r:auditd_etc_t:s0", "size": 312, "src": "/root/.ansible/tmp/ansible-tmp-1776353609.2911806-10851-183805795172554/.source.rules", "state": "file", "uid": 0 } TASK [fedora.linux_system_roles.auditd : Start and enable auditd service] ****** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/main.yml:44 Thursday 16 April 2026 11:33:29 -0400 (0:00:00.701) 0:00:11.541 ******** skipping: [managed-node1] => { "changed": false, "false_condition": "auditd_start_service | bool", "skip_reason": "Conditional result was False" } TASK [Flush handlers after first role run] ************************************* task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tests_purge_rules.yml:54 Thursday 16 April 2026 11:33:29 -0400 (0:00:00.012) 0:00:11.553 ******** NOTIFIED HANDLER fedora.linux_system_roles.auditd : Run augenrules for managed-node1 META: triggered running handlers for managed-node1 RUNNING HANDLER [fedora.linux_system_roles.auditd : Run augenrules] ************ task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/handlers/main.yml:3 Thursday 16 April 2026 11:33:29 -0400 (0:00:00.000) 0:00:11.554 ******** NOTIFIED HANDLER fedora.linux_system_roles.auditd : Load audit rules for managed-node1 changed: [managed-node1] => { "changed": true, "cmd": [ "augenrules" ], "delta": "0:00:00.023985", "end": "2026-04-16 11:33:30.367774", "rc": 0, "start": "2026-04-16 11:33:30.343789" } RUNNING HANDLER [fedora.linux_system_roles.auditd : Load audit rules] ********** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/handlers/main.yml:9 Thursday 16 April 2026 11:33:30 -0400 (0:00:00.458) 0:00:12.013 ******** skipping: [managed-node1] => { "changed": false, "false_condition": "auditd_start_service | bool", "skip_reason": "Conditional result was False" } TASK [Stat decoy fragment after purge] ***************************************** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tests_purge_rules.yml:57 Thursday 16 April 2026 11:33:30 -0400 (0:00:00.012) 0:00:12.026 ******** ok: [managed-node1] => { "changed": false, "stat": { "exists": false } } TASK [Verify decoy rules file was purged] ************************************** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tests_purge_rules.yml:62 Thursday 16 April 2026 11:33:30 -0400 (0:00:00.345) 0:00:12.371 ******** ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [Read custom.rules after purge] ******************************************* task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tests_purge_rules.yml:67 Thursday 16 April 2026 11:33:30 -0400 (0:00:00.014) 0:00:12.385 ******** ok: [managed-node1] => { "changed": false, "content": "IwojIEFuc2libGUgbWFuYWdlZAojCiMgc3lzdGVtX3JvbGU6YXVkaXRkCgoKIyBEZWxldGUgYWxsIHByZXZpb3VzIHJ1bGVzCi1ECiMgU2V0IGJ1ZmZlciBzaXplCi1iIDMyNzY4CiMgU2V0IGZhaWx1cmUgYmVoYXZpb3IKLWYgMQojIFNldCB0aGUgbWF4aW11bSBhbW91bnQgb2YgbWVzc2FnZXMgcGVyIHNlY29uZAotciA2MAojIFNldCBlbmFibGUgZmxhZyAoMD1kaXNhYmxlLCAxPWVuYWJsZSwgMj1sb2NrZWQsIHJlcXVpcmVzIHJlYm9vdCB0byB1bmxvY2spCi1lIDEKCi13IC9ldGMvaXNzdWUgLXAgciAtayBsc3JfYXVkaXRkX3B1cmdlX3Rlc3QK", "encoding": "base64", "source": "/etc/audit/rules.d/custom.rules" } TASK [Verify custom.rules reflects role auditd_rules] ************************** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tests_purge_rules.yml:72 Thursday 16 April 2026 11:33:31 -0400 (0:00:00.348) 0:00:12.734 ******** ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [Capture checksum of custom.rules before second role run] ***************** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tests_purge_rules.yml:80 Thursday 16 April 2026 11:33:31 -0400 (0:00:00.016) 0:00:12.750 ******** ok: [managed-node1] => { "changed": false, "stat": { "atime": 1776353610.3528962, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "d36697555eba276c9547cb7b31718d7ab6a8cea2b2ac74c41c41bbbdc64687cb", "ctime": 1776353609.8958929, "dev": 51714, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 578814148, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0664", "mtime": 1776353609.6268911, "nlink": 1, "path": "/etc/audit/rules.d/custom.rules", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 312, "uid": 0, "version": "828188878", "wgrp": true, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Run auditd role again with identical purge and rules] ******************** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tests_purge_rules.yml:86 Thursday 16 April 2026 11:33:31 -0400 (0:00:00.367) 0:00:13.118 ******** included: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tasks/run_role_with_clear_facts.yml for managed-node1 TASK [Clear facts] ************************************************************* task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tasks/run_role_with_clear_facts.yml:9 Thursday 16 April 2026 11:33:31 -0400 (0:00:00.018) 0:00:13.136 ******** META: facts cleared TASK [Run the role] ************************************************************ task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tasks/run_role_with_clear_facts.yml:23 Thursday 16 April 2026 11:33:31 -0400 (0:00:00.000) 0:00:13.137 ******** skipping: [managed-node1] => { "changed": false, "false_condition": "__sr_failed_when is defined", "skip_reason": "Conditional result was False" } TASK [Run the role normally] *************************************************** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tasks/run_role_with_clear_facts.yml:33 Thursday 16 April 2026 11:33:31 -0400 (0:00:00.015) 0:00:13.152 ******** included: fedora.linux_system_roles.auditd for managed-node1 TASK [fedora.linux_system_roles.auditd : Validating arguments against arg spec 'main' - Manage auditd and audit rules] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tests_purge_rules.yml:5 Thursday 16 April 2026 11:33:31 -0400 (0:00:00.028) 0:00:13.180 ******** ok: [managed-node1] => { "changed": false, "validate_args_context": { "argument_spec_name": "main", "name": "auditd", "path": "/tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd", "type": "role" } } MSG: The arg spec validation passed TASK [fedora.linux_system_roles.auditd : Validate role parameters] ************* task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/main.yml:3 Thursday 16 April 2026 11:33:31 -0400 (0:00:00.014) 0:00:13.195 ******** included: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml for managed-node1 TASK [fedora.linux_system_roles.auditd : Assert num_logs range (num_logs_parser)] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:4 Thursday 16 April 2026 11:33:31 -0400 (0:00:00.023) 0:00:13.218 ******** ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [fedora.linux_system_roles.auditd : Assert freq range (freq_parser)] ****** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:11 Thursday 16 April 2026 11:33:31 -0400 (0:00:00.015) 0:00:13.234 ******** ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [fedora.linux_system_roles.auditd : Assert incremental flush requires non-zero freq (sanity_check)] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:18 Thursday 16 April 2026 11:33:31 -0400 (0:00:00.016) 0:00:13.250 ******** ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [fedora.linux_system_roles.auditd : Assert priority_boost range (priority_boost_parser)] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:25 Thursday 16 April 2026 11:33:31 -0400 (0:00:00.015) 0:00:13.265 ******** ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [fedora.linux_system_roles.auditd : Assert q_depth range (q_depth_parser)] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:31 Thursday 16 April 2026 11:33:31 -0400 (0:00:00.016) 0:00:13.282 ******** ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [fedora.linux_system_roles.auditd : Assert max_restarts range (max_restarts_parser)] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:38 Thursday 16 April 2026 11:33:31 -0400 (0:00:00.017) 0:00:13.299 ******** ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [fedora.linux_system_roles.auditd : Assert tcp_listen_port range when listener enabled in build (tcp_listen_port_parser)] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:44 Thursday 16 April 2026 11:33:31 -0400 (0:00:00.016) 0:00:13.316 ******** ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [fedora.linux_system_roles.auditd : Assert tcp_listen_queue range (tcp_listen_queue_parser)] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:50 Thursday 16 April 2026 11:33:31 -0400 (0:00:00.014) 0:00:13.331 ******** ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [fedora.linux_system_roles.auditd : Assert tcp_max_per_addr range (tcp_max_per_addr_parser)] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:56 Thursday 16 April 2026 11:33:31 -0400 (0:00:00.015) 0:00:13.346 ******** ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [fedora.linux_system_roles.auditd : Assert tcp_client_max_idle range (tcp_client_max_idle_parser)] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:62 Thursday 16 April 2026 11:33:31 -0400 (0:00:00.015) 0:00:13.362 ******** ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [fedora.linux_system_roles.auditd : Assert tcp_client_ports format (tcp_client_ports_parser)] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:68 Thursday 16 April 2026 11:33:31 -0400 (0:00:00.015) 0:00:13.377 ******** ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [fedora.linux_system_roles.auditd : Assert tcp_client_ports range order] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:76 Thursday 16 April 2026 11:33:31 -0400 (0:00:00.018) 0:00:13.396 ******** ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [fedora.linux_system_roles.auditd : Assert space_left_action rejects halt (space_action_parser)] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:83 Thursday 16 April 2026 11:33:31 -0400 (0:00:00.019) 0:00:13.416 ******** ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [fedora.linux_system_roles.auditd : Assert disk_full_action rejects email (disk_full_action_parser)] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:89 Thursday 16 April 2026 11:33:31 -0400 (0:00:00.015) 0:00:13.431 ******** ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [fedora.linux_system_roles.auditd : Assert disk_error_action rejects email and rotate (disk_error_action_parser)] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:95 Thursday 16 April 2026 11:33:31 -0400 (0:00:00.015) 0:00:13.446 ******** ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [fedora.linux_system_roles.auditd : Assert exec companion paths when action is exec] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:101 Thursday 16 April 2026 11:33:31 -0400 (0:00:00.014) 0:00:13.461 ******** skipping: [managed-node1] => { "changed": false, "false_condition": "auditd_max_log_file_action | lower == 'exec'", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.auditd : Assert space_left_action exec path] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:108 Thursday 16 April 2026 11:33:31 -0400 (0:00:00.013) 0:00:13.474 ******** skipping: [managed-node1] => { "changed": false, "false_condition": "auditd_space_left_action | lower == 'exec'", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.auditd : Assert admin_space_left_action exec path] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:115 Thursday 16 April 2026 11:33:31 -0400 (0:00:00.012) 0:00:13.486 ******** skipping: [managed-node1] => { "changed": false, "false_condition": "auditd_admin_space_left_action | lower == 'exec'", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.auditd : Assert disk_full_action exec path] **** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:122 Thursday 16 April 2026 11:33:31 -0400 (0:00:00.012) 0:00:13.499 ******** skipping: [managed-node1] => { "changed": false, "false_condition": "auditd_disk_full_action | lower == 'exec'", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.auditd : Assert disk_error_action exec path] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:129 Thursday 16 April 2026 11:33:31 -0400 (0:00:00.011) 0:00:13.510 ******** skipping: [managed-node1] => { "changed": false, "false_condition": "auditd_disk_error_action | lower == 'exec'", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.auditd : Assert name when name_format is user (resolve_node)] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:136 Thursday 16 April 2026 11:33:31 -0400 (0:00:00.011) 0:00:13.521 ******** skipping: [managed-node1] => { "changed": false, "false_condition": "auditd_name_format | lower == 'user'", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.auditd : Assert auditd_rules entries] ********** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:143 Thursday 16 April 2026 11:33:31 -0400 (0:00:00.011) 0:00:13.533 ******** ok: [managed-node1] => (item=lsr_auditd_purge_test) => { "ansible_loop_var": "item", "changed": false, "item": { "file": "/etc/issue", "keyname": "lsr_auditd_purge_test", "permissions": [ "read" ] } } MSG: All assertions passed TASK [fedora.linux_system_roles.auditd : Assert syscall rules include required keys] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:153 Thursday 16 April 2026 11:33:31 -0400 (0:00:00.024) 0:00:13.558 ******** skipping: [managed-node1] => { "changed": false, "skipped_reason": "No items in the list" } TASK [fedora.linux_system_roles.auditd : Assert permission keys for file rules] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/assert_role_vars.yml:164 Thursday 16 April 2026 11:33:31 -0400 (0:00:00.016) 0:00:13.574 ******** ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [fedora.linux_system_roles.auditd : Set platform/version specific variables] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/main.yml:6 Thursday 16 April 2026 11:33:32 -0400 (0:00:00.023) 0:00:13.597 ******** included: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/set_vars.yml for managed-node1 TASK [fedora.linux_system_roles.auditd : Ensure ansible_facts used by role] **** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/set_vars.yml:2 Thursday 16 April 2026 11:33:32 -0400 (0:00:00.026) 0:00:13.624 ******** ok: [managed-node1] TASK [fedora.linux_system_roles.auditd : Check if system is ostree] ************ task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/set_vars.yml:10 Thursday 16 April 2026 11:33:32 -0400 (0:00:00.571) 0:00:14.195 ******** skipping: [managed-node1] => { "changed": false, "false_condition": "not __auditd_is_ostree is defined", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.auditd : Set flag to indicate system is ostree] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/set_vars.yml:15 Thursday 16 April 2026 11:33:32 -0400 (0:00:00.016) 0:00:14.211 ******** skipping: [managed-node1] => { "changed": false, "false_condition": "not __auditd_is_ostree is defined", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.auditd : Set platform/version specific variables] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/set_vars.yml:19 Thursday 16 April 2026 11:33:32 -0400 (0:00:00.015) 0:00:14.226 ******** skipping: [managed-node1] => (item=RedHat.yml) => { "ansible_loop_var": "item", "changed": false, "false_condition": "__vars_file is file", "item": "RedHat.yml", "skip_reason": "Conditional result was False" } skipping: [managed-node1] => (item=CentOS.yml) => { "ansible_loop_var": "item", "changed": false, "false_condition": "__vars_file is file", "item": "CentOS.yml", "skip_reason": "Conditional result was False" } skipping: [managed-node1] => (item=CentOS_10.yml) => { "ansible_loop_var": "item", "changed": false, "false_condition": "__vars_file is file", "item": "CentOS_10.yml", "skip_reason": "Conditional result was False" } skipping: [managed-node1] => (item=CentOS_10.yml) => { "ansible_loop_var": "item", "changed": false, "false_condition": "__vars_file is file", "item": "CentOS_10.yml", "skip_reason": "Conditional result was False" } skipping: [managed-node1] => { "changed": false } MSG: All items skipped TASK [fedora.linux_system_roles.auditd : Resolve package names for OS family] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/set_vars.yml:34 Thursday 16 April 2026 11:33:32 -0400 (0:00:00.028) 0:00:14.254 ******** ok: [managed-node1] => { "ansible_facts": { "__auditd_packages": [ "audit" ] }, "changed": false } TASK [fedora.linux_system_roles.auditd : Install audit packages] *************** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/main.yml:9 Thursday 16 April 2026 11:33:32 -0400 (0:00:00.016) 0:00:14.270 ******** ok: [managed-node1] => { "changed": false, "rc": 0, "results": [] } MSG: Nothing to do TASK [fedora.linux_system_roles.auditd : Deploy auditd configuration] ********** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/main.yml:15 Thursday 16 April 2026 11:33:33 -0400 (0:00:01.180) 0:00:15.451 ******** ok: [managed-node1] => { "changed": false, "checksum": "a93cfc6889d0a3dfd87548eac330576e1146dbe7", "dest": "/etc/audit/auditd.conf", "gid": 0, "group": "root", "mode": "0640", "owner": "root", "path": "/etc/audit/auditd.conf", "secontext": "system_u:object_r:auditd_etc_t:s0", "size": 880, "state": "file", "uid": 0 } TASK [fedora.linux_system_roles.auditd : Ensure rules.d directory exists] ****** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/main.yml:22 Thursday 16 April 2026 11:33:34 -0400 (0:00:00.678) 0:00:16.129 ******** ok: [managed-node1] => { "changed": false, "gid": 0, "group": "root", "mode": "0750", "owner": "root", "path": "/etc/audit/rules.d", "secontext": "system_u:object_r:auditd_etc_t:s0", "size": 26, "state": "directory", "uid": 0 } TASK [fedora.linux_system_roles.auditd : Purge rules.d when requested] ********* task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/main.yml:28 Thursday 16 April 2026 11:33:34 -0400 (0:00:00.370) 0:00:16.500 ******** included: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/purge_rules.yml for managed-node1 TASK [fedora.linux_system_roles.auditd : Discover files in rules.d] ************ task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/purge_rules.yml:12 Thursday 16 April 2026 11:33:34 -0400 (0:00:00.033) 0:00:16.533 ******** ok: [managed-node1] => { "changed": false, "examined": 1, "files": [ { "atime": 1776353610.3528962, "ctime": 1776353609.8958929, "dev": 51714, "gid": 0, "gr_name": "root", "inode": 578814148, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mode": "0664", "mtime": 1776353609.6268911, "nlink": 1, "path": "/etc/audit/rules.d/custom.rules", "pw_name": "root", "rgrp": true, "roth": true, "rusr": true, "size": 312, "uid": 0, "wgrp": true, "woth": false, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } ], "matched": 1, "skipped_paths": {} } MSG: All paths examined TASK [fedora.linux_system_roles.auditd : Stat existing custom.rules before purge] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/purge_rules.yml:18 Thursday 16 April 2026 11:33:35 -0400 (0:00:00.365) 0:00:16.899 ******** ok: [managed-node1] => { "changed": false, "stat": { "atime": 1776353610.3528962, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "4f9017c3cb8f8ddf2a782812732781a02ca551eb", "ctime": 1776353609.8958929, "dev": 51714, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 578814148, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0664", "mtime": 1776353609.6268911, "nlink": 1, "path": "/etc/audit/rules.d/custom.rules", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 312, "uid": 0, "version": "828188878", "wgrp": true, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [fedora.linux_system_roles.auditd : Read existing custom.rules for comparison] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/purge_rules.yml:23 Thursday 16 April 2026 11:33:35 -0400 (0:00:00.373) 0:00:17.273 ******** ok: [managed-node1] => { "changed": false, "content": "IwojIEFuc2libGUgbWFuYWdlZAojCiMgc3lzdGVtX3JvbGU6YXVkaXRkCgoKIyBEZWxldGUgYWxsIHByZXZpb3VzIHJ1bGVzCi1ECiMgU2V0IGJ1ZmZlciBzaXplCi1iIDMyNzY4CiMgU2V0IGZhaWx1cmUgYmVoYXZpb3IKLWYgMQojIFNldCB0aGUgbWF4aW11bSBhbW91bnQgb2YgbWVzc2FnZXMgcGVyIHNlY29uZAotciA2MAojIFNldCBlbmFibGUgZmxhZyAoMD1kaXNhYmxlLCAxPWVuYWJsZSwgMj1sb2NrZWQsIHJlcXVpcmVzIHJlYm9vdCB0byB1bmxvY2spCi1lIDEKCi13IC9ldGMvaXNzdWUgLXAgciAtayBsc3JfYXVkaXRkX3B1cmdlX3Rlc3QK", "encoding": "base64", "source": "/etc/audit/rules.d/custom.rules" } TASK [fedora.linux_system_roles.auditd : Record whether to keep existing custom.rules (managed rules)] *** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/purge_rules.yml:29 Thursday 16 April 2026 11:33:36 -0400 (0:00:00.355) 0:00:17.629 ******** ok: [managed-node1] => { "ansible_facts": { "__auditd_purge_keep_custom_rules": true }, "changed": false } TASK [fedora.linux_system_roles.auditd : Remove files from rules.d] ************ task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/purge_rules.yml:62 Thursday 16 April 2026 11:33:36 -0400 (0:00:00.042) 0:00:17.671 ******** skipping: [managed-node1] => (item=/etc/audit/rules.d/custom.rules) => { "ansible_loop_var": "item", "changed": false, "false_condition": "not (\n (item.path | basename == 'custom.rules')\n and (__auditd_purge_keep_custom_rules | default(false) | bool)\n)", "item": { "atime": 1776353610.3528962, "ctime": 1776353609.8958929, "dev": 51714, "gid": 0, "gr_name": "root", "inode": 578814148, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mode": "0664", "mtime": 1776353609.6268911, "nlink": 1, "path": "/etc/audit/rules.d/custom.rules", "pw_name": "root", "rgrp": true, "roth": true, "rusr": true, "size": 312, "uid": 0, "wgrp": true, "woth": false, "wusr": true, "xgrp": false, "xoth": false, "xusr": false }, "skip_reason": "Conditional result was False" } skipping: [managed-node1] => { "changed": false } MSG: All items skipped TASK [fedora.linux_system_roles.auditd : Deploy custom audit rules] ************ task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/main.yml:34 Thursday 16 April 2026 11:33:36 -0400 (0:00:00.019) 0:00:17.690 ******** skipping: [managed-node1] => { "changed": false, "false_condition": "not (__auditd_purge_keep_custom_rules | default(false) | bool)", "skip_reason": "Conditional result was False" } TASK [fedora.linux_system_roles.auditd : Start and enable auditd service] ****** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/main.yml:44 Thursday 16 April 2026 11:33:36 -0400 (0:00:00.013) 0:00:17.704 ******** skipping: [managed-node1] => { "changed": false, "false_condition": "auditd_start_service | bool", "skip_reason": "Conditional result was False" } TASK [Flush handlers after second role run] ************************************ task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tests_purge_rules.yml:98 Thursday 16 April 2026 11:33:36 -0400 (0:00:00.012) 0:00:17.717 ******** META: triggered running handlers for managed-node1 TASK [Stat custom.rules after second role run] ********************************* task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tests_purge_rules.yml:101 Thursday 16 April 2026 11:33:36 -0400 (0:00:00.000) 0:00:17.718 ******** ok: [managed-node1] => { "changed": false, "stat": { "atime": 1776353610.3528962, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 8, "charset": "us-ascii", "checksum": "d36697555eba276c9547cb7b31718d7ab6a8cea2b2ac74c41c41bbbdc64687cb", "ctime": 1776353609.8958929, "dev": 51714, "device_type": 0, "executable": false, "exists": true, "gid": 0, "gr_name": "root", "inode": 578814148, "isblk": false, "ischr": false, "isdir": false, "isfifo": false, "isgid": false, "islnk": false, "isreg": true, "issock": false, "isuid": false, "mimetype": "text/plain", "mode": "0664", "mtime": 1776353609.6268911, "nlink": 1, "path": "/etc/audit/rules.d/custom.rules", "pw_name": "root", "readable": true, "rgrp": true, "roth": true, "rusr": true, "size": 312, "uid": 0, "version": "828188878", "wgrp": true, "woth": false, "writeable": true, "wusr": true, "xgrp": false, "xoth": false, "xusr": false } } TASK [Verify custom.rules unchanged on idempotent second run] ****************** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tests_purge_rules.yml:107 Thursday 16 April 2026 11:33:36 -0400 (0:00:00.378) 0:00:18.096 ******** ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [Stat decoy path after second run] **************************************** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tests_purge_rules.yml:116 Thursday 16 April 2026 11:33:36 -0400 (0:00:00.020) 0:00:18.116 ******** ok: [managed-node1] => { "changed": false, "stat": { "exists": false } } TASK [Verify decoy did not reappear] ******************************************* task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tests_purge_rules.yml:121 Thursday 16 April 2026 11:33:36 -0400 (0:00:00.361) 0:00:18.478 ******** ok: [managed-node1] => { "changed": false } MSG: All assertions passed TASK [Check whether purge test rules.d snapshot exists] ************************ task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tests_purge_rules.yml:127 Thursday 16 April 2026 11:33:36 -0400 (0:00:00.015) 0:00:18.494 ******** ok: [managed-node1] => { "changed": false, "stat": { "atime": 1776353602.391781, "attr_flags": "", "attributes": [], "block_size": 4096, "blocks": 0, "charset": "binary", "ctime": 1776353602.3928401, "dev": 51714, "device_type": 0, "executable": true, "exists": true, "gid": 0, "gr_name": "root", "inode": 452985025, "isblk": false, "ischr": false, "isdir": true, "isfifo": false, "isgid": false, "islnk": false, "isreg": false, "issock": false, "isuid": false, "mimetype": "inode/directory", "mode": "0750", "mtime": 1776353602.3916552, "nlink": 2, "path": "/root/.lsr_auditd_purge_rulesd.backup", "pw_name": "root", "readable": true, "rgrp": true, "roth": false, "rusr": true, "size": 45, "uid": 0, "version": "2152966818", "wgrp": false, "woth": false, "writeable": true, "wusr": true, "xgrp": true, "xoth": false, "xusr": true } } TASK [Remove rules.d tree before restoring snapshot] *************************** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tests_purge_rules.yml:135 Thursday 16 April 2026 11:33:37 -0400 (0:00:00.364) 0:00:18.858 ******** changed: [managed-node1] => { "changed": true, "path": "/etc/audit/rules.d", "state": "absent" } TASK [Recreate empty rules.d directory] **************************************** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tests_purge_rules.yml:140 Thursday 16 April 2026 11:33:37 -0400 (0:00:00.361) 0:00:19.220 ******** changed: [managed-node1] => { "changed": true, "gid": 0, "group": "root", "mode": "0750", "owner": "root", "path": "/etc/audit/rules.d", "secontext": "unconfined_u:object_r:auditd_etc_t:s0", "size": 6, "state": "directory", "uid": 0 } TASK [Copy snapshot back into rules.d] ***************************************** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tests_purge_rules.yml:146 Thursday 16 April 2026 11:33:37 -0400 (0:00:00.361) 0:00:19.582 ******** changed: [managed-node1] => { "changed": true, "checksum": null, "dest": "/etc/audit/rules.d/", "gid": 0, "group": "root", "md5sum": null, "mode": "0750", "owner": "root", "secontext": "unconfined_u:object_r:auditd_etc_t:s0", "size": 45, "src": "/root/.lsr_auditd_purge_rulesd.backup/", "state": "directory", "uid": 0 } TASK [Remove purge test rules.d snapshot directory on managed host] ************ task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tests_purge_rules.yml:153 Thursday 16 April 2026 11:33:38 -0400 (0:00:00.362) 0:00:19.944 ******** changed: [managed-node1] => { "changed": true, "path": "/root/.lsr_auditd_purge_rulesd.backup", "state": "absent" } TASK [Restore system state after purge test] *********************************** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tests_purge_rules.yml:159 Thursday 16 April 2026 11:33:38 -0400 (0:00:00.365) 0:00:20.309 ******** included: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tasks/cleanup.yml for managed-node1 TASK [Restore auditd.conf from integration test backup] ************************ task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tasks/cleanup.yml:3 Thursday 16 April 2026 11:33:38 -0400 (0:00:00.020) 0:00:20.330 ******** ok: [managed-node1] => { "changed": false, "checksum": "a93cfc6889d0a3dfd87548eac330576e1146dbe7", "dest": "/etc/audit/auditd.conf", "gid": 0, "group": "root", "md5sum": "92e833ed88010f0e8de83378e762d4c2", "mode": "0640", "owner": "root", "secontext": "system_u:object_r:auditd_etc_t:s0", "size": 880, "src": "/root/.lsr_auditd_integration_auditd.conf.bak", "state": "file", "uid": 0 } TASK [Remove auditd.conf backup file] ****************************************** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tasks/cleanup.yml:11 Thursday 16 April 2026 11:33:39 -0400 (0:00:00.359) 0:00:20.690 ******** changed: [managed-node1] => { "changed": true, "path": "/root/.lsr_auditd_integration_auditd.conf.bak", "state": "absent" } TASK [Restore custom.rules from integration test backup] *********************** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tasks/cleanup.yml:17 Thursday 16 April 2026 11:33:39 -0400 (0:00:00.366) 0:00:21.056 ******** ok: [managed-node1] => { "changed": false, "checksum": "69008de23bc363984514521ddc3cd86619715c09", "dest": "/etc/audit/rules.d/custom.rules", "gid": 0, "group": "root", "md5sum": "e3743c173f2e0ea45fbb3aa9853a278e", "mode": "0664", "owner": "root", "secontext": "unconfined_u:object_r:auditd_etc_t:s0", "size": 268, "src": "/root/.lsr_auditd_integration_custom.rules.bak", "state": "file", "uid": 0 } TASK [Remove custom.rules backup file] ***************************************** task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tasks/cleanup.yml:25 Thursday 16 April 2026 11:33:39 -0400 (0:00:00.360) 0:00:21.416 ******** changed: [managed-node1] => { "changed": true, "path": "/root/.lsr_auditd_integration_custom.rules.bak", "state": "absent" } TASK [Remove custom.rules if it did not exist before test] ********************* task path: /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tasks/cleanup.yml:31 Thursday 16 April 2026 11:33:40 -0400 (0:00:00.365) 0:00:21.782 ******** skipping: [managed-node1] => { "changed": false, "false_condition": "not __auditd_integration_had_custom_rules | bool", "skip_reason": "Conditional result was False" } PLAY RECAP ********************************************************************* managed-node1 : ok=101 changed=14 unreachable=0 failed=0 skipped=26 rescued=0 ignored=0 SYSTEM ROLES ERRORS BEGIN v1 [] SYSTEM ROLES ERRORS END v1 TASKS RECAP ******************************************************************** Thursday 16 April 2026 11:33:40 -0400 (0:00:00.011) 0:00:21.793 ******** =============================================================================== fedora.linux_system_roles.auditd : Install audit packages --------------- 1.25s /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/main.yml:9 Gathering Facts --------------------------------------------------------- 1.19s /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tests_purge_rules.yml:5 fedora.linux_system_roles.auditd : Install audit packages --------------- 1.18s /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/main.yml:9 fedora.linux_system_roles.auditd : Remove files from rules.d ------------ 1.06s /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/purge_rules.yml:62 fedora.linux_system_roles.auditd : Deploy custom audit rules ------------ 0.70s /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/main.yml:34 fedora.linux_system_roles.auditd : Deploy auditd configuration ---------- 0.68s /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/main.yml:15 Install decoy rules fragment to be removed by purge --------------------- 0.66s /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tests_purge_rules.yml:34 fedora.linux_system_roles.auditd : Deploy auditd configuration ---------- 0.66s /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/main.yml:15 fedora.linux_system_roles.auditd : Ensure ansible_facts used by role ---- 0.57s /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/set_vars.yml:2 fedora.linux_system_roles.auditd : Ensure ansible_facts used by role ---- 0.56s /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/set_vars.yml:2 fedora.linux_system_roles.auditd : Run augenrules ----------------------- 0.46s /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/handlers/main.yml:3 fedora.linux_system_roles.auditd : Discover files in rules.d ------------ 0.45s /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/purge_rules.yml:12 Back up auditd.conf before test ----------------------------------------- 0.44s /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tasks/setup.yml:21 Ensure rules.d backup parent directory is absent ------------------------ 0.44s /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tests_purge_rules.yml:16 Check for existing auditd.conf ------------------------------------------ 0.44s /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tasks/setup.yml:7 fedora.linux_system_roles.auditd : Read existing custom.rules for comparison --- 0.43s /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/purge_rules.yml:23 Stat custom.rules after second role run --------------------------------- 0.38s /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tests_purge_rules.yml:101 fedora.linux_system_roles.auditd : Stat existing custom.rules before purge --- 0.37s /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/purge_rules.yml:18 fedora.linux_system_roles.auditd : Ensure rules.d directory exists ------ 0.37s /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/roles/auditd/tasks/main.yml:22 Capture checksum of custom.rules before second role run ----------------- 0.37s /tmp/collections-fhO/ansible_collections/fedora/linux_system_roles/tests/auditd/tests_purge_rules.yml:80