On my system, pidfiles in /run/libvirt/qemu/swtpm/ are apparently created/owned by root, so the "owner /run/libvirt/qemu/swtpm/*.pid rwk," line in /etc/apparmor.d/usr.bin.swtpm doesn't grant swtpm access.
Workaround:
Add "/run/libvirt/qemu/swtpm/*.pid rwk," to the local override config in /etc/apparmor.d/local/usr.bin.swtpm, and then `sudo systemctl reload apparmor.service`.
On my system, pidfiles in /run/libvirt/ qemu/swtpm/ are apparently created/owned by root, so the "owner /run/libvirt/ qemu/swtpm/ *.pid rwk," line in /etc/apparmor. d/usr.bin. swtpm doesn't grant swtpm access.
Workaround:
Add "/run/libvirt/ qemu/swtpm/ *.pid rwk," to the local override config in /etc/apparmor. d/local/ usr.bin. swtpm, and then `sudo systemctl reload apparmor.service`.