Hi Steve,
after just "agreeing and tagging" before I have done an initial check on the
case.
Tasks:
Similar to the .spec file dir ownership needs to be set:
%dir %attr(0730, tss, tss) %{_localstatedir}/log/swtpm/libvirt/qemu/
We might want to look at the ALL swtpm related directories being:
swtpmLogDir: /var/log/swtpm/libvirt/qemu
swtpmStateDir: /run/libvirt/qemu/swtpm
swtpmStorageDir: /var/lib/libvirt/swtpm
Log and storage are static, but state is /run and thereby needs to be
recreated each time.
The actually used user is encoded in
/etc/libvirt/qemu.conf
# User for the swtpm TPM Emulator
#
# Default is 'tss'; this is the same user that tcsd (TrouSerS) installs
# and uses; alternative is 'root'
#
#swtpm_user = "tss"
#swtpm_group = "tss"
And we might want to switch that default by changing the config at PKG
build time.
That most likely also needs a change in the build time self tests and augeas
usage at
src/qemu/test_libvirtd_qemu.aug.in
113 { "swtpm_user" = "tss" }
114 { "swtpm_group" = "tss" }
Finally, so far it didn't exists but right now we should consider adding swtpm
as a suggests.
Once things are more complete and swtpm MIR is ready (bug 1948748) we can bump
this to a recommends then.
Next steps once I really get to this (after sprint week):
- get a PPA set up with the changes
- run various tests with/without PPA
- upload to Ubuntu
- clarify potential Debian usage
- bump to Recommends once MIR is ready
** Changed in: libvirt (Ubuntu)
Status: New => Triaged
** Changed in: libvirt (Ubuntu)
Importance: Undecided => High
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1948880
Title:
libvirt should not use user tss for swtpm
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1948880/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
