swtpm fails in focal with apparmor
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libvirt (Ubuntu) |
Fix Released
|
Undecided
|
Christian Ehrhardt | ||
qemu (Ubuntu) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
Jan 13 17:49:22 ottawa audit[142634]: AVC apparmor="ALLOWED" operation="open" profile=
Jan 13 17:49:22 ottawa kernel: audit: type=1400 audit(157893776
Jan 13 17:49:22 ottawa audit[142635]: AVC apparmor="ALLOWED" operation=
Jan 13 17:49:22 ottawa kernel: audit: type=1400 audit(157893776
I've tried swtpm in my VM and it failed with apparor errors. I've set the profile to complain, and the above got "allowed" to make the VM run.
I guess the libvirt tpm specific apparor rules are incomplete or need adjustment for newer swtpm.
I got swtpm from github.
CVE References
Changed in qemu (Ubuntu): | |
status: | New → Invalid |
summary: |
- swtmp fails in focal with apparor + swtpm fails in focal with apparor |
Please cherrypick https:/ /libvirt. org/git/ ?p=libvirt. git;a=commitdif f;h=d660dd95ea9 1839156eb078710 e9d85a2f306ab5
or i guess it will be just part of the next new upstream release.