aa-allow-libvirt-pid-access : lp:~lvoytek/ubuntu/+source/swtpm : Git : Code : swtpm package : Ubuntu

Get this branch:: git clone -b aa-allow-libvirt-pid-access https://git.launchpad.net/~lvoytek/ubuntu/+source/swtpm

Only Lena Voytek can upload to this branch. If you are Lena Voytek please log in for upload directions.

Branch merges

Merged into ubuntu/+source/swtpm:ubuntu/devel at revision aca173688bf8445b1713ed75486dbbb170234fb9

git-ubuntu bot: Approve on 2022-11-23

Andreas Hasenack: Approve on 2022-11-23

Canonical Server Reporter: Pending requested 2022-10-25

Branch information

Name:: aa-allow-libvirt-pid-access

Repository:: lp:~lvoytek/ubuntu/+source/swtpm

Recent commits

aca1736... by Lena Voytek on 2022-10-24

changelog

979359f... by Lena Voytek on 2022-10-24

* d/usr.bin.swtpm: Allow swtpm to also access /run/libvirt/qemu/swtpm/*.pid
files that it does not own (LP: #1989100)

700e268... by Lena Voytek on 2022-10-11

changelog

ff42e33... by Lena Voytek on 2022-10-11

* d/usr.bin.swtpm: Update apparmor profile to match swtpm upstream
  In between adding the apparmor profile to Ubuntu and merging upstream
  additional rules were used to cover more common use cases. (LP: #1992377)
  - The six capability lines fix the broken upstream unit test cases:
    test_ctrlchannel, test_vtpm_proxy, test_tpm2_file_permissions,
    test_tpm2_save_load_state_2_block, and test_tpm2_ctrlchannel2
  - owner @{HOME}/** rwk was added as using a folder in one's home directory
    is common for managing tpm states
  - Access in the tmp directory is further generalized as this is where swtpm
    interacts with qemu and libvirt
  - The ability to read from /etc/nsswitch.conf was added for vtpm proxy to
    work

f252cc7... by Lena Voytek on 2022-04-12