12:05 p.m.
Originally reported at
https://src.fedoraproject.org/rpms/libvirt/pull-request/9
Daniel P. Berrangé (2):
rpm: ensure swtpm tools are installed with QEMU
rpm: fix ownership of the swtpm log directory
libvirt.spec.in | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
--
2.29.2
12:05 p.m.
New subject: [libvirt PATCH 1/2] rpm: ensure swtpm tools are installed with QEMU
These are needed for the <tpm> devices to be usable.
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
libvirt.spec.in | 3 +++
1 file changed, 3 insertions(+)
diff --git a/libvirt.spec.in b/libvirt.spec.in
index f20a1c741b..2e026b0423 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -735,6 +735,9 @@ Requires: xz
%if 0%{?fedora} || 0%{?rhel} > 7
Requires: systemd-container
%endif
+ %if 0%{?fedora} || 0%{?rhel} > 7
+Requires: swtpm-tools
+ %endif
%description daemon-driver-qemu
The qemu driver plugin for the libvirtd daemon, providing
--
2.29.2
12:05 p.m.
New subject: [libvirt PATCH 2/2] rpm: fix ownership of the swtpm log directory
As soon as a guest using a <tpm> device is launched, libvirt will change
the ownership to 'tss' user and group, which will cause RPM verify to
then fail.
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
libvirt.spec.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libvirt.spec.in b/libvirt.spec.in
index 2e026b0423..c455aa7788 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -1747,7 +1747,7 @@ exit 0
%{_datadir}/augeas/lenses/tests/test_libvirtd_qemu.aug
%{_libdir}/%{name}/connection-driver/libvirt_driver_qemu.so
%dir %attr(0711, root, root) %{_localstatedir}/lib/libvirt/swtpm/
-%dir %attr(0711, root, root) %{_localstatedir}/log/swtpm/libvirt/qemu/
+%dir %attr(0711, tss, tss) %{_localstatedir}/log/swtpm/libvirt/qemu/
%{_bindir}/virt-qemu-run
%{_mandir}/man1/virt-qemu-run.1*
%endif
--
2.29.2
4:20 a.m.
New subject: [libvirt PATCH 2/2] rpm: fix ownership of the swtpm log directory
On Mon, Jan 04, 2021 at 06:05:17PM +0000, Daniel P. Berrangé wrote:
As soon as a guest using a <tpm> device is launched, libvirt
will change
the ownership to 'tss' user and group, which will cause RPM verify to
then fail.
Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com>
---
libvirt.spec.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libvirt.spec.in b/libvirt.spec.in
index 2e026b0423..c455aa7788 100644
--- a/libvirt.spec.in
+++ b/libvirt.spec.in
@@ -1747,7 +1747,7 @@ exit 0
%{_datadir}/augeas/lenses/tests/test_libvirtd_qemu.aug
%{_libdir}/%{name}/connection-driver/libvirt_driver_qemu.so
%dir %attr(0711, root, root) %{_localstatedir}/lib/libvirt/swtpm/
-%dir %attr(0711, root, root) %{_localstatedir}/log/swtpm/libvirt/qemu/
+%dir %attr(0711, tss, tss) %{_localstatedir}/log/swtpm/libvirt/qemu/
Mode should have been changed to 0730 too, since that is what the
code (strangely) uses right now.
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
1:40 p.m.
On 1/4/21 1:05 PM, Daniel P. Berrangé wrote:
Originally reported at
https://src.fedoraproject.org/rpms/libvirt/pull-request/9
Daniel P. Berrangé (2):
rpm: ensure swtpm tools are installed with QEMU
rpm: fix ownership of the swtpm log directory
libvirt.spec.in | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
Reviewed-by: Laine Stump <laine(a)redhat.com>
for both.
(NB: for those who don't want to bother looking it up themselves - the
Fedora pull request only mentioned installing the swtpm package, but I
checked the spec file for swtpm to see what things only get installed by
the swtpm-tools sub-package, and found that (at least) swtpm_setup and
swtpm_ioctl (both used by libvirt via virCommand*()) are in swtpm-tools,
so this is the correct Requires:).
1417
days inactive
1418
days old
4 comments
2 participants
participants (2)
-
Daniel P. Berrangé -
Laine Stump