Diff of the two buildlogs: -- --- b1/build.log 2025-04-08 17:21:33.855671182 +0000 +++ b2/build.log 2025-04-08 17:26:16.541371953 +0000 @@ -1,6 +1,6 @@ I: pbuilder: network access will be disabled during build -I: Current time: Tue Apr 8 05:16:24 -12 2025 -I: pbuilder-time-stamp: 1744132584 +I: Current time: Tue May 12 13:44:37 +14 2026 +I: pbuilder-time-stamp: 1778543077 I: Building the build Environment I: extracting base tarball [/var/cache/pbuilder/unstable-reproducible-base.tgz] I: copying local configuration @@ -22,51 +22,83 @@ dpkg-source: info: unpacking opkssh_0.4.0-1.debian.tar.xz I: Not using root during the build. I: Installing the build-deps -I: user script /srv/workspace/pbuilder/2419920/tmp/hooks/D02_print_environment starting +I: user script /srv/workspace/pbuilder/2485966/tmp/hooks/D01_modify_environment starting +debug: Running on infom02-amd64. +I: Changing host+domainname to test build reproducibility +I: Adding a custom variable just for the fun of it... +I: Changing /bin/sh to bash +'/bin/sh' -> '/bin/bash' +lrwxrwxrwx 1 root root 9 May 11 23:44 /bin/sh -> /bin/bash +I: Setting pbuilder2's login shell to /bin/bash +I: Setting pbuilder2's GECOS to second user,second room,second work-phone,second home-phone,second other +I: user script /srv/workspace/pbuilder/2485966/tmp/hooks/D01_modify_environment finished +I: user script /srv/workspace/pbuilder/2485966/tmp/hooks/D02_print_environment starting I: set - BUILDDIR='/build/reproducible-path' - BUILDUSERGECOS='first user,first room,first work-phone,first home-phone,first other' - BUILDUSERNAME='pbuilder1' - BUILD_ARCH='amd64' - DEBIAN_FRONTEND='noninteractive' + BASH=/bin/sh + BASHOPTS=checkwinsize:cmdhist:complete_fullquote:extquote:force_fignore:globasciiranges:globskipdots:hostcomplete:interactive_comments:patsub_replacement:progcomp:promptvars:sourcepath + BASH_ALIASES=() + BASH_ARGC=() + BASH_ARGV=() + BASH_CMDS=() + BASH_LINENO=([0]="12" [1]="0") + BASH_LOADABLES_PATH=/usr/local/lib/bash:/usr/lib/bash:/opt/local/lib/bash:/usr/pkg/lib/bash:/opt/pkg/lib/bash:. + BASH_SOURCE=([0]="/tmp/hooks/D02_print_environment" [1]="/tmp/hooks/D02_print_environment") + BASH_VERSINFO=([0]="5" [1]="2" [2]="37" [3]="1" [4]="release" [5]="x86_64-pc-linux-gnu") + BASH_VERSION='5.2.37(1)-release' + BUILDDIR=/build/reproducible-path + BUILDUSERGECOS='second user,second room,second work-phone,second home-phone,second other' + BUILDUSERNAME=pbuilder2 + BUILD_ARCH=amd64 + DEBIAN_FRONTEND=noninteractive DEB_BUILD_OPTIONS='buildinfo=+all reproducible=+all parallel=12 ' - DISTRIBUTION='unstable' - HOME='/root' - HOST_ARCH='amd64' + DIRSTACK=() + DISTRIBUTION=unstable + EUID=0 + FUNCNAME=([0]="Echo" [1]="main") + GROUPS=() + HOME=/root + HOSTNAME=i-capture-the-hostname + HOSTTYPE=x86_64 + HOST_ARCH=amd64 IFS=' ' - INVOCATION_ID='766a40350ee3442fa5dc72eb213bc195' - LANG='C' - LANGUAGE='en_US:en' - LC_ALL='C' - MAIL='/var/mail/root' - OPTIND='1' - PATH='/usr/sbin:/usr/bin:/sbin:/bin:/usr/games' - PBCURRENTCOMMANDLINEOPERATION='build' - PBUILDER_OPERATION='build' - PBUILDER_PKGDATADIR='/usr/share/pbuilder' - PBUILDER_PKGLIBDIR='/usr/lib/pbuilder' - PBUILDER_SYSCONFDIR='/etc' - PPID='2419920' - PS1='# ' - PS2='> ' + INVOCATION_ID=02906b003a1a4addb21533b30641ec5f + LANG=C + LANGUAGE=et_EE:et + LC_ALL=C + MACHTYPE=x86_64-pc-linux-gnu + MAIL=/var/mail/root + OPTERR=1 + OPTIND=1 + OSTYPE=linux-gnu + PATH=/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/i/capture/the/path + PBCURRENTCOMMANDLINEOPERATION=build + PBUILDER_OPERATION=build + PBUILDER_PKGDATADIR=/usr/share/pbuilder + PBUILDER_PKGLIBDIR=/usr/lib/pbuilder + PBUILDER_SYSCONFDIR=/etc + PIPESTATUS=([0]="0") + POSIXLY_CORRECT=y + PPID=2485966 PS4='+ ' - PWD='/' - SHELL='/bin/bash' - SHLVL='2' - SUDO_COMMAND='/usr/bin/timeout -k 18.1h 18h /usr/bin/ionice -c 3 /usr/bin/nice /usr/sbin/pbuilder --build --configfile /srv/reproducible-results/rbuild-debian/r-b-build.8hOb5Vjr/pbuilderrc_ao0H --distribution unstable --hookdir /etc/pbuilder/first-build-hooks --debbuildopts -b --basetgz /var/cache/pbuilder/unstable-reproducible-base.tgz --buildresult /srv/reproducible-results/rbuild-debian/r-b-build.8hOb5Vjr/b1 --logfile b1/build.log opkssh_0.4.0-1.dsc' - SUDO_GID='109' - SUDO_UID='104' - SUDO_USER='jenkins' - TERM='unknown' - TZ='/usr/share/zoneinfo/Etc/GMT+12' - USER='root' - _='/usr/bin/systemd-run' + PWD=/ + SHELL=/bin/bash + SHELLOPTS=braceexpand:errexit:hashall:interactive-comments:posix + SHLVL=3 + SUDO_COMMAND='/usr/bin/timeout -k 24.1h 24h /usr/bin/ionice -c 3 /usr/bin/nice -n 11 /usr/bin/unshare --uts -- /usr/sbin/pbuilder --build --configfile /srv/reproducible-results/rbuild-debian/r-b-build.8hOb5Vjr/pbuilderrc_F6q1 --distribution unstable --hookdir /etc/pbuilder/rebuild-hooks --debbuildopts -b --basetgz /var/cache/pbuilder/unstable-reproducible-base.tgz --buildresult /srv/reproducible-results/rbuild-debian/r-b-build.8hOb5Vjr/b2 --logfile b2/build.log opkssh_0.4.0-1.dsc' + SUDO_GID=109 + SUDO_UID=104 + SUDO_USER=jenkins + TERM=unknown + TZ=/usr/share/zoneinfo/Etc/GMT-14 + UID=0 + USER=root + _='I: set' I: uname -a - Linux infom01-amd64 6.1.0-32-cloud-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.129-1 (2025-03-06) x86_64 GNU/Linux + Linux i-capture-the-hostname 6.12.12+bpo-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.12.12-1~bpo12+1 (2025-02-23) x86_64 GNU/Linux I: ls -l /bin - lrwxrwxrwx 1 root root 7 Mar 4 11:20 /bin -> usr/bin -I: user script /srv/workspace/pbuilder/2419920/tmp/hooks/D02_print_environment finished + lrwxrwxrwx 1 root root 7 Mar 4 2025 /bin -> usr/bin +I: user script /srv/workspace/pbuilder/2485966/tmp/hooks/D02_print_environment finished -> Attempting to satisfy build-dependencies -> Creating pbuilder-satisfydepends-dummy package Package: pbuilder-satisfydepends-dummy @@ -300,7 +332,7 @@ Get: 172 http://deb.debian.org/debian unstable/main amd64 golang-gopkg-ini.v1-dev all 1.67.0-1 [39.9 kB] Get: 173 http://deb.debian.org/debian unstable/main amd64 golang-github-spf13-viper-dev all 1.12.0-1 [68.9 kB] Get: 174 http://deb.debian.org/debian unstable/main amd64 golang-github-spf13-cobra-dev all 1.8.1-1 [75.2 kB] -Fetched 139 MB in 5s (27.0 MB/s) +Fetched 139 MB in 6s (22.4 MB/s) Preconfiguring packages ... Selecting previously unselected package golang-golang-x-sys-dev. (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 19830 files and directories currently installed.) @@ -870,8 +902,8 @@ Setting up tzdata (2025b-1) ... Current default time zone: 'Etc/UTC' -Local time is now: Tue Apr 8 17:20:35 UTC 2025. -Universal Time is now: Tue Apr 8 17:20:35 UTC 2025. +Local time is now: Mon May 11 23:47:19 UTC 2026. +Universal Time is now: Mon May 11 23:47:19 UTC 2026. Run 'dpkg-reconfigure tzdata' if you wish to change it. Setting up golang-github-cespare-xxhash-dev (2.3.0-1) ... @@ -1017,7 +1049,11 @@ Building tag database... -> Finished parsing the build-deps I: Building the package -I: Running cd /build/reproducible-path/opkssh-0.4.0/ && env PATH="/usr/sbin:/usr/bin:/sbin:/bin:/usr/games" HOME="/nonexistent/first-build" dpkg-buildpackage -us -uc -b && env PATH="/usr/sbin:/usr/bin:/sbin:/bin:/usr/games" HOME="/nonexistent/first-build" dpkg-genchanges -S > ../opkssh_0.4.0-1_source.changes +I: user script /srv/workspace/pbuilder/2485966/tmp/hooks/A99_set_merged_usr starting +Not re-configuring usrmerge for unstable +I: user script /srv/workspace/pbuilder/2485966/tmp/hooks/A99_set_merged_usr finished +hostname: Name or service not known +I: Running cd /build/reproducible-path/opkssh-0.4.0/ && env PATH="/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/i/capture/the/path" HOME="/nonexistent/second-build" dpkg-buildpackage -us -uc -b && env PATH="/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/i/capture/the/path" HOME="/nonexistent/second-build" dpkg-genchanges -S > ../opkssh_0.4.0-1_source.changes dpkg-buildpackage: info: source package opkssh dpkg-buildpackage: info: source version 0.4.0-1 dpkg-buildpackage: info: source distribution unstable @@ -1036,42 +1072,45 @@ dh_auto_configure -O--builddirectory=_build -O--buildsystem=golang dh_auto_build -O--builddirectory=_build -O--buildsystem=golang cd _build && go install -trimpath -v -p 12 github.com/openpubkey/opkssh github.com/openpubkey/opkssh/commands github.com/openpubkey/opkssh/internal/projectpath github.com/openpubkey/opkssh/policy github.com/openpubkey/opkssh/policy/files github.com/openpubkey/opkssh/sshcert -internal/unsafeheader -internal/byteorder internal/godebugs -internal/goexperiment -internal/coverage/rtcov +internal/msan +internal/goarch internal/asan -internal/goos internal/profilerecord -internal/goarch -internal/msan +internal/coverage/rtcov +internal/goexperiment +internal/unsafeheader +internal/cpu +internal/byteorder +internal/goos +internal/runtime/atomic +internal/runtime/syscall +sync/atomic math/bits -internal/itoa cmp unicode/utf8 -internal/runtime/syscall -internal/abi -internal/chacha8rand +internal/itoa +unicode internal/runtime/math +internal/abi internal/runtime/sys -unicode -internal/cpu +internal/chacha8rand crypto/internal/fips140/alias -sync/atomic -internal/runtime/atomic crypto/internal/fips140deps/byteorder +crypto/internal/fips140/subtle crypto/internal/boring/sig encoding -crypto/internal/fips140/subtle unicode/utf16 -container/list golang.org/x/crypto/internal/alias +container/list +internal/runtime/exithook golang.org/x/crypto/salsa20/salsa +internal/bytealg +crypto/internal/fips140deps/cpu +math internal/nettrace vendor/golang.org/x/crypto/cryptobyte/asn1 vendor/golang.org/x/crypto/internal/alias -internal/runtime/exithook log/internal log/slog/internal go.opentelemetry.io/otel/metric/embedded @@ -1081,229 +1120,226 @@ github.com/openpubkey/openpubkey/cosigner/msgs golang.org/x/exp/constraints golang.org/x/exp/slices -internal/bytealg -crypto/internal/fips140deps/cpu -math internal/race -internal/runtime/maps -internal/sync internal/stringslite +internal/sync +internal/runtime/maps go.opentelemetry.io/otel/internal runtime -sync iter +weak crypto/subtle +sync internal/reflectlite -weak -slices maps +slices internal/bisect internal/testlog internal/singleflight unique log/slog/internal/buffer -runtime/cgo errors sort +runtime/cgo internal/godebug -crypto/internal/fips140deps/godebug +internal/oserror path -math/rand -strconv -math/rand/v2 io -golang.org/x/text/internal/tag -internal/oserror vendor/golang.org/x/net/dns/dnsmessage -syscall +math/rand/v2 +strconv hash -bytes -strings +crypto/internal/fips140deps/godebug crypto/internal/randutil -internal/saferio -hash/crc32 +bytes +math/rand +golang.org/x/text/internal/tag reflect -crypto +strings net/netip +syscall +crypto +hash/crc32 golang.org/x/crypto/blowfish -vendor/golang.org/x/text/transform +internal/saferio golang.org/x/text/transform -crypto/internal/fips140 +vendor/golang.org/x/text/transform crypto/internal/impl +regexp/syntax bufio net/http/internal/ascii -regexp/syntax -html +crypto/internal/fips140 net/http/internal/testcert -crypto/internal/fips140/sha3 -crypto/tls/internal/fips140tls +html golang.org/x/text/runes crypto/internal/fips140/sha256 +crypto/internal/fips140/sha3 crypto/internal/fips140/sha512 +crypto/tls/internal/fips140tls +time +internal/syscall/execenv +internal/syscall/unix crypto/sha3 crypto/internal/fips140/hmac -crypto/internal/fips140hash -crypto/internal/fips140/check -crypto/internal/fips140/aes -crypto/internal/fips140/bigmod -crypto/internal/fips140/nistec/fiat -crypto/internal/fips140/tls12 -crypto/internal/fips140/edwards25519/field -crypto/internal/fips140/hkdf -internal/syscall/unix -internal/syscall/execenv -time regexp -crypto/internal/fips140/tls13 -crypto/internal/fips140/edwards25519 -crypto/internal/fips140/nistec +crypto/internal/fips140hash context io/fs internal/poll +crypto/internal/fips140/check go.opentelemetry.io/otel/internal/baggage internal/filepathlite +crypto/internal/fips140/bigmod +crypto/internal/fips140/aes +crypto/internal/fips140/tls12 +crypto/internal/fips140/hkdf +crypto/internal/fips140/nistec/fiat +crypto/internal/fips140/edwards25519/field embed github.com/spf13/afero/internal/common internal/fmtsort encoding/binary go.opentelemetry.io/otel/internal/attribute +crypto/internal/fips140/tls13 os +crypto/internal/fips140/edwards25519 +crypto/internal/fips140/nistec encoding/base64 -golang.org/x/sys/unix -vendor/golang.org/x/crypto/internal/poly1305 golang.org/x/crypto/internal/poly1305 +vendor/golang.org/x/crypto/internal/poly1305 +golang.org/x/sys/unix encoding/pem golang.org/x/crypto/nacl/secretbox -fmt crypto/internal/sysrand -golang.org/x/sys/cpu +fmt os/signal -net -internal/sysinfo +golang.org/x/sys/cpu +io/ioutil vendor/golang.org/x/sys/cpu path/filepath -io/ioutil +internal/sysinfo crypto/internal/entropy crypto/internal/fips140/drbg +os/exec +github.com/spf13/afero/mem +github.com/openpubkey/opkssh/internal/projectpath +golang.org/x/crypto/blake2b +golang.org/x/crypto/sha3 crypto/internal/fips140/aes/gcm crypto/internal/fips140only -crypto/internal/fips140/ed25519 crypto/internal/fips140/rsa -crypto/internal/fips140/mlkem crypto/internal/fips140/ecdh crypto/internal/fips140/ecdsa -os/exec -golang.org/x/crypto/blake2b -crypto/md5 -crypto/rc4 -golang.org/x/crypto/sha3 -github.com/spf13/afero/mem -crypto/cipher -github.com/openpubkey/opkssh/internal/projectpath -encoding/json math/big -github.com/lestrrat-go/option +encoding/json +crypto/md5 database/sql/driver encoding/hex +crypto/cipher +github.com/lestrrat-go/option +crypto/internal/fips140/ed25519 github.com/lestrrat-go/blackmagic github.com/lestrrat-go/httpcc github.com/lestrrat-go/jwx/jwa compress/flate -net/url -log crypto/internal/boring crypto/des +github.com/awnumar/memcall +crypto/internal/fips140/mlkem +crypto/rc4 vendor/golang.org/x/crypto/chacha20 -crypto/sha1 crypto/ecdh +crypto/sha1 crypto/sha512 crypto/aes crypto/hmac crypto/sha256 -vendor/golang.org/x/text/unicode/bidi +net/url vendor/golang.org/x/crypto/chacha20poly1305 +compress/gzip +log vendor/golang.org/x/text/unicode/norm vendor/golang.org/x/net/http2/hpack -mime -compress/gzip mime/quotedprintable -github.com/awnumar/memcall +mime +vendor/golang.org/x/text/unicode/bidi net/http/internal github.com/lestrrat-go/iter/arrayiter +crypto/rand +crypto/internal/boring/bbig +crypto/elliptic +encoding/asn1 +github.com/awnumar/memguard/core +crypto/ed25519 +crypto/dsa +crypto/internal/hpke github.com/lestrrat-go/iter/mapiter +crypto/rsa github.com/lestrrat-go/jwx/internal/base64 +github.com/lestrrat-go/jwx/internal/pool +github.com/lestrrat-go/jwx/internal/ecutil +vendor/golang.org/x/text/secure/bidirule golang.org/x/crypto/curve25519 -github.com/go-jose/go-jose/json +golang.org/x/crypto/ed25519 +vendor/golang.org/x/crypto/cryptobyte +crypto/x509/pkix github.com/lestrrat-go/jwx/internal/iter +github.com/lestrrat-go/jwx/internal/json +filippo.io/bigmod +github.com/awnumar/memguard +github.com/lestrrat-go/jwx/x25519 +vendor/golang.org/x/net/idna +github.com/go-jose/go-jose/json golang.org/x/crypto/pbkdf2 +github.com/sirupsen/logrus +log/slog encoding/gob github.com/muhlemmer/gu -vendor/golang.org/x/text/secure/bidirule github.com/zitadel/schema golang.org/x/text/internal/language +go.opentelemetry.io/otel/codes +go.opentelemetry.io/otel/attribute +crypto/ecdsa go.opentelemetry.io/otel/baggage github.com/davecgh/go-spew/spew github.com/pmezard/go-difflib/difflib gopkg.in/yaml.v3 flag +net runtime/debug -vendor/golang.org/x/net/idna -github.com/lestrrat-go/jwx/internal/json -github.com/sirupsen/logrus -log/slog -go.opentelemetry.io/otel/attribute -go.opentelemetry.io/otel/codes +github.com/go-logr/logr runtime/trace -text/template/parse -golang.org/x/text/internal/language/compact -crypto/rand -crypto/internal/boring/bbig -github.com/awnumar/memguard/core -crypto/elliptic -crypto/rsa -encoding/asn1 -crypto/ed25519 -crypto/internal/hpke -github.com/awnumar/memguard -crypto/dsa -github.com/lestrrat-go/jwx/internal/pool -github.com/lestrrat-go/jwx/internal/ecutil -github.com/lestrrat-go/jwx/x25519 -golang.org/x/crypto/ed25519 -filippo.io/bigmod -golang.org/x/text/language go.opentelemetry.io/otel/metric -github.com/go-logr/logr go.opentelemetry.io/otel/trace -testing -text/template +text/template/parse +github.com/go-jose/go-jose/cipher +golang.org/x/text/internal/language/compact +os/user golang.org/x/text/unicode/norm github.com/go-logr/logr/funcr -vendor/golang.org/x/crypto/cryptobyte -crypto/x509/pkix -github.com/gorilla/securecookie -os/user golang.org/x/crypto/chacha20 +golang.org/x/text/language +testing golang.org/x/crypto/ssh/internal/bcrypt_pbkdf +github.com/gorilla/securecookie encoding/csv -crypto/ecdsa github.com/go-logr/stdr +text/template github.com/stretchr/testify/assert/yaml html/template -github.com/go-jose/go-jose/cipher +vendor/golang.org/x/net/http/httpproxy +net/textproto github.com/google/uuid crypto/x509 -net/textproto -vendor/golang.org/x/net/http/httpproxy github.com/spf13/pflag vendor/golang.org/x/net/http/httpguts mime/multipart github.com/spf13/cobra -crypto/tls -github.com/lestrrat-go/jwx/cert github.com/lestrrat-go/jwx/jwk/internal/x509 +github.com/lestrrat-go/jwx/cert github.com/openpubkey/openpubkey/util github.com/go-jose/go-jose +crypto/tls golang.org/x/crypto/ssh github.com/openpubkey/openpubkey/oidc github.com/zitadel/oidc/pkg/crypto @@ -1311,21 +1347,21 @@ net/http github.com/lestrrat-go/httprc github.com/zitadel/logging -golang.org/x/oauth2/internal go.opentelemetry.io/otel/propagation net/http/httptest +golang.org/x/oauth2/internal github.com/spf13/afero -go.opentelemetry.io/otel/internal/global golang.org/x/oauth2 -github.com/lestrrat-go/jwx/jwk +go.opentelemetry.io/otel/internal/global github.com/stretchr/testify/assert -github.com/zitadel/oidc/pkg/oidc +github.com/lestrrat-go/jwx/jwk golang.org/x/oauth2/clientcredentials +github.com/zitadel/oidc/pkg/oidc github.com/openpubkey/opkssh/policy/files go.opentelemetry.io/otel github.com/zitadel/oidc/pkg/http -github.com/zitadel/oidc/pkg/client github.com/stretchr/testify/require +github.com/zitadel/oidc/pkg/client github.com/zitadel/oidc/pkg/client/rp github.com/lestrrat-go/jwx/internal/keyconv github.com/lestrrat-go/jwx/jws @@ -1335,8 +1371,8 @@ github.com/openpubkey/openpubkey/discover github.com/openpubkey/openpubkey/providers/mocks github.com/openpubkey/openpubkey/cosigner -github.com/openpubkey/openpubkey/verifier github.com/openpubkey/openpubkey/providers +github.com/openpubkey/openpubkey/verifier github.com/openpubkey/opkssh/sshcert github.com/openpubkey/openpubkey/client github.com/openpubkey/opkssh/policy @@ -1400,17 +1436,17 @@ --- PASS: TestRun/Login_command_with_provider_bad_provider_good_google_issuer_but_no_client_id_value (0.00s) --- PASS: TestRun/Login_command_with_provider_bad_provider_good_google_issuer_but_no_client_secret_value (0.00s) PASS -ok github.com/openpubkey/opkssh 0.019s +ok github.com/openpubkey/opkssh 0.055s === RUN TestAddErrors --- PASS: TestAddErrors (0.00s) === RUN TestCreateSSHCert ---- PASS: TestCreateSSHCert (0.40s) +--- PASS: TestCreateSSHCert (0.28s) === RUN TestIdentityString ---- PASS: TestIdentityString (0.22s) +--- PASS: TestIdentityString (0.44s) === RUN TestAuthorizedKeysCommand ---- PASS: TestAuthorizedKeysCommand (0.61s) +--- PASS: TestAuthorizedKeysCommand (0.42s) PASS -ok github.com/openpubkey/opkssh/commands 1.239s +ok github.com/openpubkey/opkssh/commands 1.148s ? github.com/openpubkey/opkssh/internal/projectpath [no test files] === RUN TestProvidersPolicyRow_GetExpirationPolicy --- PASS: TestProvidersPolicyRow_GetExpirationPolicy (0.00s) @@ -1475,95 +1511,96 @@ === RUN TestDump_Success === PAUSE TestDump_Success === CONT TestPolicyApproved -=== CONT TestPolicyApprovedOidcGroupWithAtSign === CONT TestLoadUserPolicy_FailUserLookup --- PASS: TestLoadUserPolicy_FailUserLookup (0.00s) +=== CONT TestDump_Success +--- PASS: TestDump_Success (0.00s) +=== CONT TestLoadSystemDefaultPolicy_Success +--- PASS: TestLoadSystemDefaultPolicy_Success (0.00s) +=== CONT TestLoadSystemDefaultPolicy_ErrorFile +--- PASS: TestLoadSystemDefaultPolicy_ErrorFile (0.00s) +=== CONT TestLoadPolicyAtPath_ReadError +--- PASS: TestLoadPolicyAtPath_ReadError (0.00s) +=== CONT TestLoadPolicyAtPath_BadPermissions +--- PASS: TestLoadPolicyAtPath_BadPermissions (0.00s) === CONT TestLoadPolicyAtPath_FileMissing --- PASS: TestLoadPolicyAtPath_FileMissing (0.00s) === CONT TestLoadUserPolicy_Success_SkipInvalidEntries -=== CONT TestLoadPolicyAtPath_BadPermissions --- PASS: TestLoadUserPolicy_Success_SkipInvalidEntries (0.00s) === CONT TestLoadUserPolicy_Success ---- PASS: TestLoadUserPolicy_Success (0.00s) -=== CONT TestLoadUserPolicy_ErrorFile ---- PASS: TestLoadUserPolicy_ErrorFile (0.00s) -=== CONT TestLoadUserPolicy_NoUserHomeDir ---- PASS: TestLoadUserPolicy_NoUserHomeDir (0.00s) +=== CONT TestPolicyApprovedOidcGroupWithAtSign === CONT TestLoad ---- PASS: TestLoadPolicyAtPath_BadPermissions (0.00s) === RUN TestLoad/both_policies_are_missing -=== CONT TestDump_Success ---- PASS: TestDump_Success (0.00s) -=== CONT TestLoadSystemDefaultPolicy_Success -=== NAME TestLoad/both_policies_are_missing multipolicyloader_test.go:187: Root policy: (*policy.Policy)(nil) multipolicyloader_test.go:188: User policy: (*policy.Policy)(nil) ---- PASS: TestLoadSystemDefaultPolicy_Success (0.00s) -=== CONT TestLoadSystemDefaultPolicy_ErrorFile ---- PASS: TestLoadSystemDefaultPolicy_ErrorFile (0.00s) -=== CONT TestLoadPolicyAtPath_ReadError -2025/04/08 05:21:19 warning: failed to load system default policy: failed to read system default policy file /etc/opk/auth_id: failed to describe the file at path: open /etc/opk/auth_id: file does not exist ---- PASS: TestLoadPolicyAtPath_ReadError (0.00s) +2026/05/12 13:48:51 warning: failed to load system default policy: failed to read system default policy file /etc/opk/auth_id: failed to describe the file at path: open /etc/opk/auth_id: file does not exist +=== CONT TestPolicyDeniedMissingOidcGroupsClaim +2026/05/12 13:48:51 warning: failed to load user policy: failed to read user policy file /home/foo/.opk/auth_id: error reading foo home policy using command sudo -n /usr/local/bin/opkssh readhome foo got output and err exec: "sudo": executable file not found in $PATH +=== CONT TestAddAllowedPrincipal +=== RUN TestAddAllowedPrincipal/empty_policy + policy_test.go:128: AddAllowedPrincipal(principal=test, userEmail=alice@example.com) + policy_test.go:129: Initial policy: &policy.Policy{Users:[]policy.User(nil)} === CONT TestPolicyDeniedNoUserEntry -2025/04/08 05:21:19 warning: failed to load user policy: failed to read user policy file /home/foo/.opk/auth_id: error reading foo home policy using command sudo -n /usr/local/bin/opkssh readhome foo got output and err exec: "sudo": executable file not found in $PATH +=== CONT TestPolicyDeniedOidcGroups +=== CONT TestPolicyDeniedBadUser +=== CONT TestPolicyEmailDifferentCase +=== CONT TestPolicyApprovedOidcGroups +--- PASS: TestLoadUserPolicy_Success (0.00s) +=== CONT TestLoadUserPolicy_ErrorFile +=== CONT TestLoadUserPolicy_NoUserHomeDir +--- PASS: TestLoadUserPolicy_NoUserHomeDir (0.00s) +=== CONT TestPolicyDeniedWrongIssuer === RUN TestLoad/only_root_policy_exists +=== RUN TestAddAllowedPrincipal/non-empty_policy._user_not_found + policy_test.go:128: AddAllowedPrincipal(principal=test, userEmail=bob@example.com) +=== NAME TestLoad/only_root_policy_exists multipolicyloader_test.go:187: Root policy: &policy.Policy{Users:[]policy.User{policy.User{IdentityAttribute:"alice@example.com", Principals:[]string{"test"}, Issuer:"https://example.com"}}} multipolicyloader_test.go:188: User policy: (*policy.Policy)(nil) -2025/04/08 05:21:19 warning: failed to load user policy: failed to read user policy file /home/foo/.opk/auth_id: error reading foo home policy using command sudo -n /usr/local/bin/opkssh readhome foo got output and err exec: "sudo": executable file not found in $PATH +=== NAME TestAddAllowedPrincipal/non-empty_policy._user_not_found + policy_test.go:129: Initial policy: &policy.Policy{Users:[]policy.User{policy.User{IdentityAttribute:"alice@example.com", Principals:[]string{"test", "test2"}, Issuer:"https://example.com"}}} +2026/05/12 13:48:51 warning: failed to load user policy: failed to read user policy file /home/foo/.opk/auth_id: error reading foo home policy using command sudo -n /usr/local/bin/opkssh readhome foo got output and err exec: "sudo": executable file not found in $PATH +=== RUN TestAddAllowedPrincipal/user_already_exists._new_principal + policy_test.go:128: AddAllowedPrincipal(principal=test3, userEmail=alice@example.com) + policy_test.go:129: Initial policy: &policy.Policy{Users:[]policy.User{policy.User{IdentityAttribute:"alice@example.com", Principals:[]string{"test", "test2"}, Issuer:"https://example.com"}}} +2026/05/12 13:48:51 Successfully added user with email alice@example.com with principal test3 to the policy file === RUN TestLoad/only_user_policy_exists multipolicyloader_test.go:187: Root policy: (*policy.Policy)(nil) multipolicyloader_test.go:188: User policy: &policy.Policy{Users:[]policy.User{policy.User{IdentityAttribute:"alice@example.com", Principals:[]string{"foo", "bob"}, Issuer:"https://example.com"}}} -2025/04/08 05:21:19 warning: failed to load system default policy: failed to read system default policy file /etc/opk/auth_id: failed to describe the file at path: open /etc/opk/auth_id: file does not exist +--- PASS: TestLoadUserPolicy_ErrorFile (0.00s) +=== RUN TestAddAllowedPrincipal/user_already_exists._principal_not_new. + policy_test.go:128: AddAllowedPrincipal(principal=test, userEmail=alice@example.com) + policy_test.go:129: Initial policy: &policy.Policy{Users:[]policy.User{policy.User{IdentityAttribute:"alice@example.com", Principals:[]string{"test"}, Issuer:"https://example.com"}}} +2026/05/12 13:48:51 warning: failed to load system default policy: failed to read system default policy file /etc/opk/auth_id: failed to describe the file at path: open /etc/opk/auth_id: file does not exist +2026/05/12 13:48:51 User with email alice@example.com already has access under the principal test, skipping... +--- PASS: TestAddAllowedPrincipal (0.02s) + --- PASS: TestAddAllowedPrincipal/empty_policy (0.00s) + --- PASS: TestAddAllowedPrincipal/non-empty_policy._user_not_found (0.00s) + --- PASS: TestAddAllowedPrincipal/user_already_exists._new_principal (0.00s) + --- PASS: TestAddAllowedPrincipal/user_already_exists._principal_not_new. (0.00s) === RUN TestLoad/both_user_and_root_policy_exist multipolicyloader_test.go:187: Root policy: &policy.Policy{Users:[]policy.User{policy.User{IdentityAttribute:"alice@example.com", Principals:[]string{"test"}, Issuer:"https://example.com"}, policy.User{IdentityAttribute:"charlie@example.com", Principals:[]string{"test"}, Issuer:"https://example.com"}}} multipolicyloader_test.go:188: User policy: &policy.Policy{Users:[]policy.User{policy.User{IdentityAttribute:"alice@example.com", Principals:[]string{"foo"}, Issuer:"https://example.com"}, policy.User{IdentityAttribute:"bob@example.com", Principals:[]string{"foo"}, Issuer:"https://example.com"}}} === RUN TestLoad/both_user_and_root_policy_exist_but_no_valid_user_policy_entries multipolicyloader_test.go:187: Root policy: &policy.Policy{Users:[]policy.User{policy.User{IdentityAttribute:"alice@example.com", Principals:[]string{"test"}, Issuer:"https://example.com"}, policy.User{IdentityAttribute:"charlie@example.com", Principals:[]string{"test"}, Issuer:"https://example.com"}}} multipolicyloader_test.go:188: User policy: &policy.Policy{Users:[]policy.User{policy.User{IdentityAttribute:"alice@example.com", Principals:[]string{"test"}, Issuer:"https://example.com"}, policy.User{IdentityAttribute:"bob@example.com", Principals:[]string{"test", "test2"}, Issuer:"https://example.com"}, policy.User{IdentityAttribute:"charlie@example.com", Principals:[]string{"test", "test2", "test3"}, Issuer:"https://example.com"}}} -2025/04/08 05:21:19 warning: user policy /home/foo/.opk/auth_id has no valid user entries; an entry is considered valid if it gives foo access. ---- PASS: TestLoad (0.00s) +2026/05/12 13:48:51 warning: user policy /home/foo/.opk/auth_id has no valid user entries; an entry is considered valid if it gives foo access. +--- PASS: TestLoad (0.02s) --- PASS: TestLoad/both_policies_are_missing (0.00s) --- PASS: TestLoad/only_root_policy_exists (0.00s) --- PASS: TestLoad/only_user_policy_exists (0.00s) --- PASS: TestLoad/both_user_and_root_policy_exist (0.00s) --- PASS: TestLoad/both_user_and_root_policy_exist_but_no_valid_user_policy_entries (0.00s) -=== CONT TestAddAllowedPrincipal -=== RUN TestAddAllowedPrincipal/empty_policy - policy_test.go:128: AddAllowedPrincipal(principal=test, userEmail=alice@example.com) - policy_test.go:129: Initial policy: &policy.Policy{Users:[]policy.User(nil)} -=== RUN TestAddAllowedPrincipal/non-empty_policy._user_not_found - policy_test.go:128: AddAllowedPrincipal(principal=test, userEmail=bob@example.com) - policy_test.go:129: Initial policy: &policy.Policy{Users:[]policy.User{policy.User{IdentityAttribute:"alice@example.com", Principals:[]string{"test", "test2"}, Issuer:"https://example.com"}}} -=== RUN TestAddAllowedPrincipal/user_already_exists._new_principal - policy_test.go:128: AddAllowedPrincipal(principal=test3, userEmail=alice@example.com) - policy_test.go:129: Initial policy: &policy.Policy{Users:[]policy.User{policy.User{IdentityAttribute:"alice@example.com", Principals:[]string{"test", "test2"}, Issuer:"https://example.com"}}} -2025/04/08 05:21:19 Successfully added user with email alice@example.com with principal test3 to the policy file -=== RUN TestAddAllowedPrincipal/user_already_exists._principal_not_new. - policy_test.go:128: AddAllowedPrincipal(principal=test, userEmail=alice@example.com) - policy_test.go:129: Initial policy: &policy.Policy{Users:[]policy.User{policy.User{IdentityAttribute:"alice@example.com", Principals:[]string{"test"}, Issuer:"https://example.com"}}} -2025/04/08 05:21:19 User with email alice@example.com already has access under the principal test, skipping... ---- PASS: TestAddAllowedPrincipal (0.00s) - --- PASS: TestAddAllowedPrincipal/empty_policy (0.00s) - --- PASS: TestAddAllowedPrincipal/non-empty_policy._user_not_found (0.00s) - --- PASS: TestAddAllowedPrincipal/user_already_exists._new_principal (0.00s) - --- PASS: TestAddAllowedPrincipal/user_already_exists._principal_not_new. (0.00s) -=== CONT TestPolicyDeniedMissingOidcGroupsClaim -=== CONT TestPolicyApprovedOidcGroups -=== CONT TestPolicyDeniedBadUser -=== CONT TestPolicyEmailDifferentCase -=== CONT TestPolicyDeniedOidcGroups -=== CONT TestPolicyDeniedWrongIssuer ---- PASS: TestPolicyDeniedWrongIssuer (0.18s) ---- PASS: TestPolicyEmailDifferentCase (0.38s) ---- PASS: TestPolicyApprovedOidcGroups (0.42s) ---- PASS: TestPolicyDeniedBadUser (0.42s) ---- PASS: TestPolicyDeniedNoUserEntry (0.44s) ---- PASS: TestPolicyApprovedOidcGroupWithAtSign (0.50s) ---- PASS: TestPolicyApproved (0.61s) ---- PASS: TestPolicyDeniedOidcGroups (0.64s) ---- PASS: TestPolicyDeniedMissingOidcGroupsClaim (0.79s) +--- PASS: TestPolicyApprovedOidcGroupWithAtSign (0.41s) +--- PASS: TestPolicyDeniedOidcGroups (0.50s) +--- PASS: TestPolicyDeniedMissingOidcGroupsClaim (0.52s) +--- PASS: TestPolicyDeniedBadUser (0.58s) +--- PASS: TestPolicyApproved (0.59s) +--- PASS: TestPolicyApprovedOidcGroups (0.65s) +--- PASS: TestPolicyDeniedNoUserEntry (0.70s) +--- PASS: TestPolicyDeniedWrongIssuer (0.72s) +--- PASS: TestPolicyEmailDifferentCase (1.90s) PASS -ok github.com/openpubkey/opkssh/policy 0.795s +ok github.com/openpubkey/opkssh/policy 1.923s === RUN TestLog === RUN TestLog/empty === RUN TestLog/single_entry @@ -1578,25 +1615,25 @@ --- PASS: TestLog/check_clear (0.00s) === RUN TestPermissionsChecker === RUN TestPermissionsChecker/simple_happy_path_(all_match) -2025/04/08 05:21:19 Running, command: stat -c %U %G /test_file -2025/04/08 05:21:19 Got output: testOwner testGroup +2026/05/12 13:48:51 Running, command: stat -c %U %G /test_file +2026/05/12 13:48:51 Got output: testOwner testGroup === RUN TestPermissionsChecker/simple_happy_path_(owner_not_checked) -2025/04/08 05:21:19 Running, command: stat -c %U %G /test_file -2025/04/08 05:21:19 Got output: testOwner testGroup +2026/05/12 13:48:51 Running, command: stat -c %U %G /test_file +2026/05/12 13:48:51 Got output: testOwner testGroup === RUN TestPermissionsChecker/simple_happy_path_(group_not_checked) -2025/04/08 05:21:19 Running, command: stat -c %U %G /test_file -2025/04/08 05:21:19 Got output: testOwner testGroup +2026/05/12 13:48:51 Running, command: stat -c %U %G /test_file +2026/05/12 13:48:51 Got output: testOwner testGroup === RUN TestPermissionsChecker/simple_happy_path_(only_perm_checked) === RUN TestPermissionsChecker/error_(owner_doesn't_match) -2025/04/08 05:21:19 Running, command: stat -c %U %G /test_file -2025/04/08 05:21:19 Got output: testOwner testGroup +2026/05/12 13:48:51 Running, command: stat -c %U %G /test_file +2026/05/12 13:48:51 Got output: testOwner testGroup === RUN TestPermissionsChecker/error_(owner_doesn't_match)#01 -2025/04/08 05:21:19 Running, command: stat -c %U %G /test_file -2025/04/08 05:21:19 Got output: testOwner testGroup +2026/05/12 13:48:51 Running, command: stat -c %U %G /test_file +2026/05/12 13:48:51 Got output: testOwner testGroup === RUN TestPermissionsChecker/error_(perms_don't_match) === RUN TestPermissionsChecker/error_(stat_command_error) -2025/04/08 05:21:19 Running, command: stat -c %U %G /test_file -2025/04/08 05:21:19 Got output: +2026/05/12 13:48:51 Running, command: stat -c %U %G /test_file +2026/05/12 13:48:51 Got output: --- PASS: TestPermissionsChecker (0.00s) --- PASS: TestPermissionsChecker/simple_happy_path_(all_match) (0.00s) --- PASS: TestPermissionsChecker/simple_happy_path_(owner_not_checked) (0.00s) @@ -1619,7 +1656,7 @@ --- PASS: TestToTable/multiple_rows_with_comment (0.00s) --- PASS: TestToTable/realistic_input (0.00s) PASS -ok github.com/openpubkey/opkssh/policy/files 0.004s +ok github.com/openpubkey/opkssh/policy/files 0.016s === RUN TestCASignerCreation === PAUSE TestCASignerCreation === RUN TestInvalidSshPublicKey @@ -1627,13 +1664,13 @@ === RUN TestSshCertCreation === PAUSE TestSshCertCreation === CONT TestCASignerCreation +--- PASS: TestCASignerCreation (0.00s) === CONT TestSshCertCreation === CONT TestInvalidSshPublicKey ---- PASS: TestCASignerCreation (0.00s) ---- PASS: TestInvalidSshPublicKey (0.24s) ---- PASS: TestSshCertCreation (0.66s) +--- PASS: TestInvalidSshPublicKey (0.43s) +--- PASS: TestSshCertCreation (0.57s) PASS -ok github.com/openpubkey/opkssh/sshcert 0.671s +ok github.com/openpubkey/opkssh/sshcert 0.579s create-stamp debian/debhelper-build-stamp dh_testroot -O--builddirectory=_build -O--buildsystem=golang dh_prep -O--builddirectory=_build -O--buildsystem=golang @@ -1670,12 +1707,14 @@ dpkg-buildpackage: info: binary-only upload (no source included) dpkg-genchanges: info: including full source code in upload I: copying local configuration +I: user script /srv/workspace/pbuilder/2485966/tmp/hooks/B01_cleanup starting +I: user script /srv/workspace/pbuilder/2485966/tmp/hooks/B01_cleanup finished I: unmounting dev/ptmx filesystem I: unmounting dev/pts filesystem I: unmounting dev/shm filesystem I: unmounting proc filesystem I: unmounting sys filesystem I: cleaning the build env -I: removing directory /srv/workspace/pbuilder/2419920 and its subdirectories -I: Current time: Tue Apr 8 05:21:32 -12 2025 -I: pbuilder-time-stamp: 1744132892 +I: removing directory /srv/workspace/pbuilder/2485966 and its subdirectories +I: Current time: Tue May 12 13:49:15 +14 2026 +I: pbuilder-time-stamp: 1778543355