as a temporary workaround, I hacked trousers' init script:
start)
log_daemon_msg "Starting $DESC" "$NAME"
if [ ! -e /dev/tpm* ]
then
log_warning_msg "device driver not loaded, skipping."
exit 0
fi
chown tss:tss /dev/tpm*
chown -R tss:tss /var/lib/tpm
start-stop-daemon --start --quiet --oknodo --pidfile
/var/run/${NAME}.pid --user ${USER} --chuid ${USER} --exec ${DAEMON} --
${DAEMON_OPTS}
RETVAL="$?"
log_end_msg $RETVAL
[ "$RETVAL" = 0 ] && pidof $DAEMON > /var/run/${NAME}.pid
exit $RETVAL
;;
I simply added:
chown tss:tss /dev/tpm*
chown -R tss:tss /var/lib/tpm
and now the daemon starts. The change of ownership of /var/lib/tpm
should however be done by the package postinst script, and the change of
ownership on the tpm device via udev; a permissions check should still
be added to the init script, and maybe some 'form' of temporary
remediation too
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/963587
Title:
Trousers fails to set tpm permissions properly.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/trousers/+bug/963587/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
