Bug#1056665: tpm-udev: Please ship /usr/lib/sysusers.d/tpm2-tss.conf for dracut

Fri, 24 Nov 2023 07:45:13 -0800 

Package: tpm-udev
Version: 0.6
Severity: minor
X-Debbugs-Cc: [email protected]

Dear Maintainer,

To support a TPM2.0 module in the initramfs, e.g. for automatic
unlocking of encrypted disks, dracut copies the udev rules from this
package to the initramfs.

dracut also expects /usr/lib/sysusers.d/tpm2-tss.conf to be present
describing the necessary users for the udev rules, see
https://github.com/dracutdevs/dracut/blob/059/modules.d/91tpm2-tss/module-setup.sh#L34-L39

Without it the tss user and group are not created in the dracut
initramfs, resulting in various error messages, but not breaking
anything obvious:

> Nov 24 16:23:14 de-otn-server1 systemd-tmpfiles[390]: Failed to parse ACL 
> "default:group:tss:rwx": Invalid argument. Ignoring
> Nov 24 16:23:14 de-otn-server1 systemd-tmpfiles[390]: Failed to parse ACL 
> "default:group:tss:rwx": Invalid argument. Ignoring
...
> Nov 24 16:23:14 de-otn-server1 systemd-tmpfiles[478]: 
> /usr/lib/tmpfiles.d/tpm2-tss-fapi.conf:2: Failed to resolve user 'tss': No 
> such process
> Nov 24 16:23:14 de-otn-server1 systemd-tmpfiles[478]: Failed to parse ACL 
> "default:group:tss:rwx": Invalid argument. Ignoring
> Nov 24 16:23:14 de-otn-server1 systemd-tmpfiles[478]: 
> /usr/lib/tmpfiles.d/tpm2-tss-fapi.conf:4: Failed to resolve user 'tss': No 
> such process
> Nov 24 16:23:14 de-otn-server1 systemd-tmpfiles[478]: Failed to parse ACL 
> "default:group:tss:rwx": Invalid argument. Ignoring
...
> Nov 24 16:23:14 de-otn-server1 systemd-udevd[520]: 
> /usr/lib/udev/rules.d/60-tpm-udev.rules:3 Unknown user 'tss', ignoring
> Nov 24 16:23:14 de-otn-server1 systemd-udevd[520]: 
> /usr/lib/udev/rules.d/60-tpm-udev.rules:4 Unknown user 'tss', ignoring
> Nov 24 16:23:14 de-otn-server1 systemd-udevd[520]: 
> /usr/lib/udev/rules.d/60-tpm-udev.rules:4 Unknown group 'tss', ignoring

Please consider shipping such a file in this package, containing e.g.:

> u tss - "TPM software stack" /var/lib/tpm /bin/false

-- System Information:
Debian Release: trixie/sid
Architecture: amd64 (x86_64)

Kernel: Linux 6.5.0-1-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_WARN
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: SELinux: enabled - Mode: Enforcing - Policy name: bauen1-policy

Versions of packages tpm-udev depends on:
ii  adduser  3.137
ii  udev     254.5-1

tpm-udev recommends no packages.

tpm-udev suggests no packages.

-- debconf-show failed

Reply via email to