[Bug 2072524] [NEW] Allow non-owned lockfile writes in /var/lib/libvirt/swtpm/

Mon, 08 Jul 2024 16:10:32 -0700 

Public bug reported:

Based on the upstream comment here -
https://github.com/stefanberger/swtpm/issues/852#issuecomment-2156039973
- users are having issues with apparmor denials when attempting to use
TPM2 NVRAM state lockfiles. This is due to the file not being owned by
the swtpm user. The issue is fixed by allowing write access to non-owned
lock files in /var/lib/libvirt/swtpm/. This was fixed upstream in my pr
here - https://github.com/stefanberger/swtpm/pull/868

** Affects: swtpm (Ubuntu)
     Importance: Undecided
     Assignee: Lena Voytek (lvoytek)
         Status: In Progress

** Affects: swtpm (Ubuntu Jammy)
     Importance: Undecided
     Assignee: Lena Voytek (lvoytek)
         Status: New

** Affects: swtpm (Ubuntu Mantic)
     Importance: Undecided
     Assignee: Lena Voytek (lvoytek)
         Status: New

** Affects: swtpm (Ubuntu Noble)
     Importance: Undecided
     Assignee: Lena Voytek (lvoytek)
         Status: New

** Affects: swtpm (Ubuntu Oracular)
     Importance: Undecided
     Assignee: Lena Voytek (lvoytek)
         Status: In Progress

** Also affects: swtpm (Ubuntu Mantic)
   Importance: Undecided
       Status: New

** Also affects: swtpm (Ubuntu Noble)
   Importance: Undecided
       Status: New

** Also affects: swtpm (Ubuntu Oracular)
   Importance: Undecided
       Status: New

** Also affects: swtpm (Ubuntu Jammy)
   Importance: Undecided
       Status: New

** Changed in: swtpm (Ubuntu Jammy)
     Assignee: (unassigned) => Lena Voytek (lvoytek)

** Changed in: swtpm (Ubuntu Mantic)
     Assignee: (unassigned) => Lena Voytek (lvoytek)

** Changed in: swtpm (Ubuntu Noble)
     Assignee: (unassigned) => Lena Voytek (lvoytek)

** Changed in: swtpm (Ubuntu Oracular)
     Assignee: (unassigned) => Lena Voytek (lvoytek)

** Changed in: swtpm (Ubuntu Oracular)
       Status: New => In Progress

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2072524

Title:
  Allow non-owned lockfile writes in /var/lib/libvirt/swtpm/

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/swtpm/+bug/2072524/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to