Comment 9 for bug 1948880

#1 old state

ubuntu@node-horsea:~$ sudo ls -laFR /var/log/swtpm/libvirt/qemu /run/libvirt/qemu/swtpm /var/lib/libvirt/swtpm
/run/libvirt/qemu/swtpm:
total 4
drwxrwx--- 2 libvirt-qemu tss 80 Nov 15 13:43 ./
drwxr-xr-x 5 root root 180 Nov 15 13:43 ../
-rw-r--r-- 1 tss tss 4 Nov 15 13:43 4-f-tpm-swtpm.pid
srw------- 1 libvirt-qemu kvm 0 Nov 15 13:43 4-f-tpm-swtpm.sock=

/var/lib/libvirt/swtpm:
total 12
drwx--x--x 3 root root 4096 Nov 15 13:43 ./
drwxr-xr-x 8 root root 4096 Nov 15 13:38 ../
drwx--x--x 3 root root 4096 Nov 15 13:43 65113265-34d6-4358-b562-4d7508d6ff17/

/var/lib/libvirt/swtpm/65113265-34d6-4358-b562-4d7508d6ff17:
total 12
drwx--x--x 3 root root 4096 Nov 15 13:43 ./
drwx--x--x 3 root root 4096 Nov 15 13:43 ../
drwx------ 2 tss tss 4096 Nov 15 13:43 tpm2/

/var/lib/libvirt/swtpm/65113265-34d6-4358-b562-4d7508d6ff17/tpm2:
total 16
drwx------ 2 tss tss 4096 Nov 15 13:43 ./
drwx--x--x 3 root root 4096 Nov 15 13:43 ../
-rw-r----- 1 tss tss 0 Nov 15 13:43 .lock
-rw------- 1 tss tss 6098 Nov 15 13:43 tpm2-00.permall

/var/log/swtpm/libvirt/qemu:
total 16
drwx-wx--- 2 tss tss 4096 Nov 15 13:38 ./
drwx--x--x 3 root root 4096 Nov 15 13:38 ../
-rw-r--r-- 1 tss tss 4744 Nov 15 13:43 f-tpm-swtpm.log

We see a few things effectively owned by the guest libvirt-qemu user.
And others by tss, mostly the state file and log files.

And the processes are running as tss
1 106 9007 1 20 0 7492 4136 - Ss ? 0:00
/usr/bin/swtpm socket --daemon --ctrl type=unixio,path=/run/libvirt/qemu/swtpm/
4-f-tpm-swtpm.sock,mode=0600 --tpmstate dir=/var/lib/libvirt/swtpm/65113265-
34d6-4358-b562-4d7508d6ff17/tpm2,mode=0600 --log file=/var/log/swtpm/libvirt/
qemu/f-tpm-swtpm.log --tpm2 --pid file=/run/libvirt/qemu/swtpm/4-f-tpm-swtpm.pid

$ id tss
uid=106(tss) gid=111(tss) groups=111(tss)
$ id swtpm
uid=116(swtpm) gid=126(swtpm) groups=126(swtpm)