Allow non-owned lockfile writes in /var/lib/libvirt/swtpm/
Bug #2072524 reported by
Lena Voytek
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | ||
---|---|---|---|---|---|---|
swtpm (Ubuntu) | Status tracked in Oracular | |||||
Jammy |
In Progress
|
Undecided
|
Lena Voytek | |||
Mantic |
In Progress
|
Undecided
|
Lena Voytek | |||
Noble |
In Progress
|
Undecided
|
Lena Voytek | |||
Oracular |
Fix Released
|
Undecided
|
Lena Voytek |
Bug Description
Based on the upstream comment here - https:/
Related branches
~lvoytek/ubuntu/+source/swtpm:add-sys-admin-oracular
Approved
for merging
into
ubuntu/+source/swtpm:ubuntu/devel
- git-ubuntu bot: Approve
- Bryce Harrington (community): Approve
- Canonical Server Reporter: Pending requested
-
Diff: 38 lines (+12/-0)2 files modifieddebian/changelog (+10/-0)
debian/usr.bin.swtpm (+2/-0)
Changed in swtpm (Ubuntu Jammy): | |
assignee: | nobody → Lena Voytek (lvoytek) |
Changed in swtpm (Ubuntu Mantic): | |
assignee: | nobody → Lena Voytek (lvoytek) |
Changed in swtpm (Ubuntu Noble): | |
assignee: | nobody → Lena Voytek (lvoytek) |
Changed in swtpm (Ubuntu Oracular): | |
assignee: | nobody → Lena Voytek (lvoytek) |
status: | New → In Progress |
Changed in swtpm (Ubuntu Jammy): | |
status: | New → In Progress |
Changed in swtpm (Ubuntu Mantic): | |
status: | New → In Progress |
Changed in swtpm (Ubuntu Noble): | |
status: | New → In Progress |
To post a comment you must log in.
This bug was fixed in the package swtpm - 0.7.3-0ubuntu7
---------------
swtpm (0.7.3-0ubuntu7) oracular; urgency=medium
* d/usr.bin.swtpm: libvirt/ swtpm/ to fix
- Add sys_admin capability to apparmor profile to allow access to kernel
modules such as tpm_vtpm_proxy (LP: #2071478)
- Allow non-owned lockfile write access in /var/lib/
apparmor denials when working with TPM2 locks (LP: #2072524)
-- Lena Voytek <email address hidden> Tue, 09 Jul 2024 06:06:00 -0700