Ubuntu
swtpm package

Merge ~lvoytek/ubuntu/+source/swtpm:fix-datarootdir-jammy into ubuntu/+source/swtpm:ubuntu/jammy-devel

  1. Git
  2. lp:~lvoytek/ubuntu/+source/swtpm
  3. fix-datarootdir-jammy
  4. Merge into ubuntu/jammy-devel
Proposed by Lena Voytek
Status: Merged
Approved by: git-ubuntu bot
Approved revision: not available
Merged at revision: 466143890eb731be7db42051bf7f028b1d2dce32
Proposed branch: ~lvoytek/ubuntu/+source/swtpm:fix-datarootdir-jammy
Merge into: ubuntu/+source/swtpm:ubuntu/jammy-devel
Diff against target: 53 lines (+31/-0)
3 files modified
debian/changelog (+7/-0)
debian/patches/create-user-config-files-use-correct-swtpm-localca.patch (+23/-0)
debian/patches/series (+1/-0)
Reviewer Review Type Date Requested Status
git-ubuntu bot Approve
Bryce Harrington (community) Approve
Canonical Server Reporter Pending
Review via email: mp+441975@code.launchpad.net

Commit message

PPA: https://launchpad.net/~lvoytek/+archive/ubuntu/swtpm-fix-swtpm-localca-path

Kinetic MP: https://code.launchpad.net/~lvoytek/ubuntu/+source/swtpm/+git/swtpm/+merge/441974

Testing:

$ lxc launch ubuntu:jammy --vm test-swtpm
$ lxc exec test-swtpm bash

# apt update && apt dist-upgrade -y

# add-apt-repository ppa:lvoytek/swtpm-fix-swtpm-localca-path
# apt install swtpm swtpm-tools -y

# su ubuntu

$ cd
$ /usr/share/swtpm/swtpm-create-user-config-files --overwrite
$ swtpm_setup --tpm2 --tpmstate . --overwrite --create-ek-cert
Starting vTPM manufacturing as ubuntu:ubuntu @ Thu 27 Apr 2023 01:05:24 AM UTC
TPM is listening on Unix socket.
Successfully created RSA 2048 EK with handle 0x81010001.
  Invoking /usr/lib/x86_64-linux-gnu/swtpm/swtpm-localca --type ek --ek c4eb17fb4e5890c5cc6cf37dc5ac4c700b1914fae3ce9723e35d232aaf500ac76acd43bdc7a5d0fe5e63e851fe1e0994fadf9e3681d5839832d759b1b8d1a34350c03692d912dbea9db6bb609d8be61006413b38a583db23856a5b17b0cbc0c1aca8cbf449b050f56e45fa3c796a55ff34b374e947e726cf9170481dca18628015122ed2e4311d368de3b716fa53fb1cb6a891434d441b7430966772c0d49e6ca0e04c31f21c0e0b5e968d2402a7a1e6184ef59bf21e5f14c2cda588d0920b23b7eca9770b2fa2c023661b6361816849f90e901fa37fb694e20ac9f53f8fbef7fd957e8f41a601c09075ca69a6b01868a4085e23e614b5cfb48d30e2fbd2cc31 --dir . --tpm-spec-family 2.0 --tpm-spec-level 0 --tpm-spec-revision 164 --tpm-manufacturer id:00001014 --tpm-model swtpm --tpm-version id:20191023 --tpm2 --configfile /home/ubuntu/.config/swtpm-localca.conf --optsfile /home/ubuntu/.config/swtpm-localca.options
swtpm-localca: Creating root CA and a local CA's signing key and issuer cert.
swtpm-localca: Successfully created EK certificate locally.
Successfully created NVRAM area 0x1c00002 for RSA 2048 EK certificate.
Successfully created ECC EK with handle 0x81010016.
  Invoking /usr/lib/x86_64-linux-gnu/swtpm/swtpm-localca --type ek --ek x=46ecabb906a626430dab4802f849921d234203cb368a48c29070b0350cce1170a64cca8a675dc10701b90bc0211e9e78,y=c0cfa8edbda9c3683ba2736c3d1e040b1eb0dec5df0aebefcdf51ab6ed99c4470f4fdd4ec5657e0bb45cbb2bc8a42d96,id=secp384r1 --dir . --tpm-spec-family 2.0 --tpm-spec-level 0 --tpm-spec-revision 164 --tpm-manufacturer id:00001014 --tpm-model swtpm --tpm-version id:20191023 --tpm2 --configfile /home/ubuntu/.config/swtpm-localca.conf --optsfile /home/ubuntu/.config/swtpm-localca.options
swtpm-localca: Successfully created EK certificate locally.
Successfully created NVRAM area 0x1c00016 for ECC EK certificate.
Successfully activated PCR banks sha1,sha256 among sha1,sha256,sha384,sha512.
Successfully authored TPM state.
Ending vTPM manufacturing @ Thu 27 Apr 2023 01:05:25 AM UTC

To post a comment you must log in.
Revision history for this message
Bryce Harrington (bryce) wrote :

See commentary on MP #441974, this is the same fix. I also confirmed the before and after results using the test case. LGTM, +1.

review: Approve
Revision history for this message
git-ubuntu bot (git-ubuntu-bot) wrote :

Approvers: bryce, lvoytek
Uploaders: bryce
MP auto-approved

review: Approve
Revision history for this message
Bryce Harrington (bryce) wrote :
Download full text (5.0 KiB)

Upload sponsored:

triage-jammy+22.04: ~/pkg/Swtpm/review-lp2016744/swtpm-gu$ debuild -S -uc -us --changes-option=-DVcs-Git=https://git.launchpad.net/~bryce/ubuntu/+source/swtpm --changes-option=-DVcs-Git-Ref=refs/heads/fix-datarootdir-jammy --changes-option=-DVcs-Git-Commit=466143890eb731be7db42051bf7f028b1d2dce32
 dpkg-buildpackage -us -uc -ui -i -I.bzr -I.svn -I.git -S --changes-option=-DVcs-Git=https://git.launchpad.net/~bryce/ubuntu/+source/swtpm --changes-option=-DVcs-Git-Ref=refs/heads/fix-datarootdir-jammy --changes-option=-DVcs-Git-Commit=466143890eb731be7db42051bf7f028b1d2dce32
dpkg-buildpackage: info: source package swtpm
dpkg-buildpackage: info: source version 0.6.3-0ubuntu3.2
dpkg-buildpackage: info: source distribution jammy
dpkg-buildpackage: info: source changed by Lena Voytek <email address hidden>
 dpkg-source -i -I.bzr -I.svn -I.git --before-build .
dpkg-source: info: using patch list from debian/patches/series
dpkg-source: info: applying 0001-Install-swtpm-localca-to-the-correct-path.patch
dpkg-source: info: applying no-autoconf-in-debian.patch
dpkg-source: info: applying openssl-not-certtool.patch
dpkg-source: info: applying create-user-config-files-use-correct-swtpm-localca.patch
 fakeroot debian/rules clean
dh clean
   dh_clean
 dpkg-source -i -I.bzr -I.svn -I.git -b .
dpkg-source: warning: Version number suggests Ubuntu changes, but there is no XSBC-Original-Maintainer field
dpkg-source: info: using source format '3.0 (quilt)'
dpkg-source: info: building swtpm using existing ./swtpm_0.6.3.orig.tar.gz
dpkg-source: info: using patch list from debian/patches/series
dpkg-source: info: building swtpm in swtpm_0.6.3-0ubuntu3.2.debian.tar.xz
dpkg-source: info: building swtpm in swtpm_0.6.3-0ubuntu3.2.dsc
 dpkg-genbuildinfo --build=source -O../swtpm_0.6.3-0ubuntu3.2_source.buildinfo
 dpkg-genchanges -DVcs-Git=https://git.launchpad.net/~bryce/ubuntu/+source/swtpm -DVcs-Git-Ref=refs/heads/fix-datarootdir-jammy -DVcs-Git-Commit=466143890eb731be7db42051bf7f028b1d2dce32 --build=source -O../swtpm_0.6.3-0ubuntu3.2_source.changes
dpkg-genchanges: info: not including original source code in upload
 dpkg-source -i -I.bzr -I.svn -I.git --after-build .
dpkg-source: info: unapplying create-user-config-files-use-correct-swtpm-localca.patch
dpkg-source: info: unapplying openssl-not-certtool.patch
dpkg-source: info: unapplying no-autoconf-in-debian.patch
dpkg-source: info: unapplying 0001-Install-swtpm-localca-to-the-correct-path.patch
dpkg-buildpackage: info: source-only, diff-only upload (original source NOT included)
Now running lintian swtpm_0.6.3-0ubuntu3.2_source.changes ...
Finished running lintian.
triage-jammy+22.04: ~/pkg/Swtpm/review-lp2016744/swtpm-gu$ changes_file="swtpm_0.6.3-0ubuntu3.2_source.changes"
triage-jammy+22.04: ~/pkg/Swtpm/review-lp2016744/swtpm-gu$ debsponsor "${changes_file}"
debsign: Can't find or can't read changes file swtpm_0.6.3-0ubuntu3.2_source.changes!
triage-jammy+22.04: ~/pkg/Swtpm/review-lp2016744/swtpm-gu$ changes_file="../swtpm_0.6.3-0ubuntu3.2_source.changes"
triage-jammy+22.04: ~/pkg/Swtpm/review-lp2016744/swtpm-gu$ debsponsor "${changes_file}"
 signfile dsc ../swtpm_0.6.3-0ubuntu3.2.dsc A661100B...

Read more...

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/changelog b/debian/changelog
2index fd88eee..91f618e 100644
3--- a/debian/changelog
4+++ b/debian/changelog
5@@ -1,3 +1,10 @@
6+swtpm (0.6.3-0ubuntu3.2) jammy; urgency=medium
7+
8+ * d/p/create-user-config-files-use-correct-swtpm-localca.patch: Fix the path
9+ to swtpm-localca used in swtpm-create-user-config-files (LP: #2016744)
10+
11+ -- Lena Voytek <lena.voytek@canonical.com> Wed, 26 Apr 2023 15:06:00 -0700
12+
13 swtpm (0.6.3-0ubuntu3.1) jammy; urgency=medium
14
15 * d/usr.bin.swtpm: Update apparmor profile to match swtpm upstream
16diff --git a/debian/patches/create-user-config-files-use-correct-swtpm-localca.patch b/debian/patches/create-user-config-files-use-correct-swtpm-localca.patch
17new file mode 100644
18index 0000000..e0e0f84
19--- /dev/null
20+++ b/debian/patches/create-user-config-files-use-correct-swtpm-localca.patch
21@@ -0,0 +1,23 @@
22+Description: Use the correct directory of swtpm-localca in swtpm-create-user-config-files
23+ With the location of swtpm-localca moved in
24+ 0001-Install-swtpm-localca-to-the-correct-path.patch, match that location in
25+ the swtpm-create-user-config-files script so it does not fail with cert
26+ creation enabled.
27+Author: Lena Voytek <lena.voytek@canonical.com>
28+Bug: https://github.com/stefanberger/swtpm/issues/749
29+Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/swtpm/+bug/2016744
30+Forwarded: not-needed
31+Last-Update: 2023-04-26
32+---
33+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
34+--- a/samples/swtpm-create-user-config-files.in
35++++ b/samples/swtpm-create-user-config-files.in
36+@@ -65,7 +65,7 @@
37+
38+ echo "Writing ${SWTPM_SETUP_CONF}."
39+ cat <<_EOF_ > "${SWTPM_SETUP_CONF}"
40+-create_certs_tool = @DATAROOTDIR@/swtpm/swtpm-localca
41++create_certs_tool = @LIBEXECDIR@/swtpm/swtpm-localca
42+ create_certs_tool_config = ${SWTPM_LOCALCA_CONF}
43+ create_certs_tool_options = ${SWTPM_LOCALCA_OPTIONS}
44+ _EOF_
45diff --git a/debian/patches/series b/debian/patches/series
46index 96cf98d..e33b17e 100644
47--- a/debian/patches/series
48+++ b/debian/patches/series
49@@ -1,3 +1,4 @@
50 0001-Install-swtpm-localca-to-the-correct-path.patch
51 no-autoconf-in-debian.patch
52 openssl-not-certtool.patch
53+create-user-config-files-use-correct-swtpm-localca.patch

Subscribers

People subscribed via source and target branches

to all changes: