Code review comment for ~lvoytek/ubuntu/+source/swtpm:swtpm-lp1950631-add-apparmor-jammy

It's not a secret thing at all, we just haven't yet open sourced
what we're doing only bc there are many moving parts. The
relevent part here is a bit like

    https://github.com/puzzleos/uefi-dev
    https://github.com/puzzleos/uefi-dev/blob/main/tools/run-sw-tpm

except written in golang (and more purpose driven).

So I think you're right about the local override being the
way. Giving swtpm full reign over $HOME is probably too much.
We should probably either

1. drop the ${HOME}/** rwk,

or pick a subdir like

2. ${HOME}/.cache/swtpm/** rwk

But whichever way you go, +1 from me, thank you.