This bug was fixed in the package swtpm - 0.6.3-0ubuntu3.3
---
swtpm (0.6.3-0ubuntu3.3) jammy; urgency=medium
* d/usr.bin.swtpm:
- Add sys_admin capability to apparmor profile to allow access to kernel
modules such as tpm_vtpm_proxy (LP: #2071478)
- Allow non-owned loc
I got confirmation from Lena that the correct versions from proposed
were used.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2071478
Title:
Add sys_admin capability to apparmor profile by default
Re-ran tests to confirm. I made sure 0.7.3-0ubuntu5.24.04.1 was used in
noble, and 0.6.3-0ubuntu3.3 in jammy. Both tests are still successful.
Thanks!
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2071
Thanks for the verification Lena, could you please confirm if the test
plan execution from comment #6 was executed with the swtpm version from
proposed? I can see that the proposed pocket was added, but given the
default pinning it has nowadays (which makes it lower prio than updates
or release), I
This bug was fixed in the package swtpm - 0.7.3-0ubuntu5.24.04.1
---
swtpm (0.7.3-0ubuntu5.24.04.1) noble; urgency=medium
* d/usr.bin.swtpm:
- Add sys_admin capability to apparmor profile to allow access to kernel
modules such as tpm_vtpm_proxy (LP: #2071478)
- Allow n
Tested on a local jammy and noble system:
$ sudo cat
Hello Lena, or anyone else affected,
Accepted swtpm into jammy-proposed. The package will build now and be
available at https://launchpad.net/ubuntu/+source/swtpm/0.6.3-0ubuntu3.3
in a few hours, and then in the -proposed repository.
Please help us by testing this new package. See
https://wiki.u
** Merge proposal linked:
https://code.launchpad.net/~lvoytek/ubuntu/+source/swtpm/+git/swtpm/+merge/470383
** Merge proposal linked:
https://code.launchpad.net/~lvoytek/ubuntu/+source/swtpm/+git/swtpm/+merge/470384
--
You received this bug notification because you are a member of Ubuntu
** Description changed:
+ [Impact]
+
+ The default apparmor profile for swtpm blocks access to kernel modules,
+ which causes a failure when using the --vtpm-proxy argument, since it
+ requires tpm_vtpm_proxy.
+
+ The fix for this should be backported so the vtpm-proxy works for users
+ by defau
Removing mantic - EOL
** Changed in: swtpm (Ubuntu Mantic)
Status: In Progress => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2071478
Title:
Add sys_admin capability to apparmor
This bug was fixed in the package swtpm - 0.7.3-0ubuntu7
---
swtpm (0.7.3-0ubuntu7) oracular; urgency=medium
* d/usr.bin.swtpm:
- Add sys_admin capability to apparmor profile to allow access to kernel
modules such as tpm_vtpm_proxy (LP: #2071478)
- Allow non-owned lock
** Changed in: swtpm (Ubuntu Noble)
Status: New => In Progress
** Changed in: swtpm (Ubuntu Mantic)
Status: New => In Progress
** Changed in: swtpm (Ubuntu Jammy)
Status: New => In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which
** Merge proposal linked:
https://code.launchpad.net/~lvoytek/ubuntu/+source/swtpm/+git/swtpm/+merge/468957
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2071478
Title:
Add sys_admin capability
** Description changed:
Based on the upstream discussion here -
- https://github.com/stefanberger/swtpm/discussions/866 - swtpm should be
- allowed to run under root by default. This is fixed by adding capability
- sys_admin to the apparmor profile.
+ https://github.com/stefanberger/swtpm/discus
14 matches
Mail list logo
