Public bug reported: https://launchpad.net/ubuntu/+source/libvirt/8.0.0-1ubuntu6 introduced a recommendation to "swtpm", so this package now gets installed by default when installing libvirt. But this broke UEFI:
touch /var/lib/libvirt/empty.iso virt-install --name t1 --os-variant fedora28 --memory 128 --wait -1 --noautoconsole --disk 'size=0.25,format=qcow2' --cdrom /var/lib/libvirt/empty.iso --boot uefi This fails: WARNING Requested memory 128 MiB is less than the recommended 1024 MiB for OS fedora28 Starting install... Allocating 't1.qcow2' | 0 B 00:00:00 ... Removing disk 't1.qcow2' | 0 B 00:00:00 ERROR internal error: Could not run '/usr/bin/swtpm_setup'. exitstatus: 1; Check error log '/var/log/swtpm/libvirt/qemu/t1-swtpm.log' for details. Domain installation does not appear to have been successful. # cat /var/log/swtpm/libvirt/qemu/t1-swtpm.log Starting vTPM manufacturing as swtpm:swtpm @ Thu 07 Apr 2022 07:11:55 AM UTC Successfully created RSA 2048 EK with handle 0x81010001. Invoking /usr/lib/x86_64-linux-gnu/swtpm/swtpm-localca --type ek --ek 91863a7321edf06c0feb6f388950774acca7813f0d595a78463c1ce29798ab015bebb70da8a1fb8c4c353507240d32afd0e51ff173068e86e40c8f71bfa311919dd8f840e7a11576515eff08739822cfe7d3c4cc0e228623f140fc2948a0c519bc2b3d06d0a7f5bd9add9d27d9d2132459ae7911dc441dd156c842ac7b8fcb5611e589fde7ca9516eaf3a32b64b7ece348b023a6567e64a9ad491c12b1309624f7fcaa4dc9f69387bc59a743c64db664f78258dccda63635e5e934f22e594e073906e737486268601fd812979a16db23faf0512d3b714d832d69a80fc01b31cec1d5603ee06544338907f38164636df6cfbdc1168ac5eda01ff5def64076e5e7 --dir /var/lib/libvirt/swtpm/ade6145c-3d22-46d8-8bbc-29792e4cfa0c/tpm2 --logfile /var/log/swtpm/libvirt/qemu/t1-swtpm.log --vmid t1:ade6145c-3d22-46d8-8bbc-29792e4cfa0c --tpm-spec-family 2.0 --tpm-spec-level 0 --tpm-spec-revision 164 --tpm-manufacturer id:00001014 --tpm-model swtpm --tpm-version id:20191023 --tpm2 --configfile /etc/swtpm-localca.conf --optsfile /etc/swtpm-localca.options Creating root CA and a local CA's signing key and issuer cert. Could not create root-CA:Can't load ./.rnd into RNG 40D7AD231A7F0000:error:12000079:random number generator:RAND_load_file:Cannot open file:../crypto/rand/randfile.c:106:Filename=./.rnd Cannot write random bytes: 40D7AD231A7F0000:error:12000079:random number generator:RAND_write_file:Cannot open file:../crypto/rand/randfile.c:240:Filename=./.rnd Error creating local CA's signing key and cert. swtpm-localca exit with status 1: An error occurred. Authoring the TPM state failed. Ending vTPM manufacturing @ Thu 07 Apr 2022 07:11:56 AM UTC When I uninstall swtpm, the domain creation/starting works (of course it does not actually do anything due to the fake empty iso, but it does get past that bug). ** Affects: libvirt (Ubuntu) Importance: Undecided Status: New ** Affects: libvirt (Ubuntu Jammy) Importance: Undecided Status: New ** Tags: jammy regression-release ** Also affects: libvirt (Ubuntu Jammy) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968131 Title: Starting VM with UEFI firmware fails with swtpm To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1968131/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs