Message ID | 20240601223120.2123976-1-romain.naour@smile.fr |
---|---|
State | Accepted |
Headers | show |
Series | [1/2] package/tpm2-tss: create tss user and group for tpm /dev nodes | expand |
>>>>> "Romain" == Romain Naour <romain.naour@smile.fr> writes: > When systemd and tpm2-tss with fapi support are enabled, the fakeroot > script fail with: > <stdin>:35: Failed to resolve user 'tss': No such process. > When fapi support is enabled, tpm2-tss package install additionnal > configuration files that are expecting tss user and group exist [1]. > /etc/sysusers.d/tpm2-tss.conf > /etc/tmpfiles.d/tpm2-tss-fapi.conf > The build fail in the fakeroot environment while handling tmpfiles > installed by tpm2-tss with fapi by host-systemd. > tss user and group is currently created by the tpm2-abrmd package but > tpm2-tss package also provide a udev rule file tpm-udev.rules [2] that > set the ownership of dev nodes /dev/tpmX and /dev/tpmrmX to tss > user/group. So tpm2-tss package must define TPM2_TSS_USERS to create > tss user and group, not tpm2-abrmd package. > So, move TPM2_ABRMD_USERS to TPM2_TSS_USERS. > Note: tpm2-abrmd is nowadays deprecated since the in-kernel Ressource > Manager (available since kernel 4.12) is prefered [3]. > [1] https://github.com/tpm2-software/tpm2-tss/blob/4.1.3/INSTALL.md?plain=1#L184 > [2] https://github.com/tpm2-software/tpm2-tss/blob/4.1.3/dist/tpm-udev.rules > [3] https://github.com/tpm2-software/tpm2-abrmd/blob/3.0.0/README.md?plain=1#L39 > Signed-off-by: Romain Naour <romain.naour@smile.fr> Committed, thanks.
>>>>> "Peter" == Peter Korsgaard <peter@korsgaard.com> writes: >>>>> "Romain" == Romain Naour <romain.naour@smile.fr> writes: >> When systemd and tpm2-tss with fapi support are enabled, the fakeroot >> script fail with: >> <stdin>:35: Failed to resolve user 'tss': No such process. >> When fapi support is enabled, tpm2-tss package install additionnal >> configuration files that are expecting tss user and group exist [1]. >> /etc/sysusers.d/tpm2-tss.conf >> /etc/tmpfiles.d/tpm2-tss-fapi.conf >> The build fail in the fakeroot environment while handling tmpfiles >> installed by tpm2-tss with fapi by host-systemd. >> tss user and group is currently created by the tpm2-abrmd package but >> tpm2-tss package also provide a udev rule file tpm-udev.rules [2] that >> set the ownership of dev nodes /dev/tpmX and /dev/tpmrmX to tss >> user/group. So tpm2-tss package must define TPM2_TSS_USERS to create >> tss user and group, not tpm2-abrmd package. >> So, move TPM2_ABRMD_USERS to TPM2_TSS_USERS. >> Note: tpm2-abrmd is nowadays deprecated since the in-kernel Ressource >> Manager (available since kernel 4.12) is prefered [3]. >> [1] https://github.com/tpm2-software/tpm2-tss/blob/4.1.3/INSTALL.md?plain=1#L184 >> [2] https://github.com/tpm2-software/tpm2-tss/blob/4.1.3/dist/tpm-udev.rules >> [3] https://github.com/tpm2-software/tpm2-abrmd/blob/3.0.0/README.md?plain=1#L39 >> Signed-off-by: Romain Naour <romain.naour@smile.fr> > Committed, thanks. Committed to 2024.02.x, thanks.
diff --git a/package/tpm2-abrmd/tpm2-abrmd.mk b/package/tpm2-abrmd/tpm2-abrmd.mk index 8de233008e..0e62cb176a 100644 --- a/package/tpm2-abrmd/tpm2-abrmd.mk +++ b/package/tpm2-abrmd/tpm2-abrmd.mk @@ -29,8 +29,4 @@ define TPM2_ABRMD_INSTALL_INIT_SYSV $(TARGET_DIR)/etc/init.d/S80tpm2-abrmd endef -define TPM2_ABRMD_USERS - tss -1 tss -1 * - - - TPM2 Access Broker & Resource Management daemon -endef - $(eval $(autotools-package)) diff --git a/package/tpm2-tss/tpm2-tss.mk b/package/tpm2-tss/tpm2-tss.mk index 10d605fc65..b76d16e71e 100644 --- a/package/tpm2-tss/tpm2-tss.mk +++ b/package/tpm2-tss/tpm2-tss.mk @@ -42,4 +42,8 @@ else TPM2_TSS_CONF_OPTS += --disable-fapi endif +define TPM2_TSS_USERS + tss -1 tss -1 * - - - tss user for tpm2 +endef + $(eval $(autotools-package))
When systemd and tpm2-tss with fapi support are enabled, the fakeroot script fail with: <stdin>:35: Failed to resolve user 'tss': No such process. When fapi support is enabled, tpm2-tss package install additionnal configuration files that are expecting tss user and group exist [1]. /etc/sysusers.d/tpm2-tss.conf /etc/tmpfiles.d/tpm2-tss-fapi.conf The build fail in the fakeroot environment while handling tmpfiles installed by tpm2-tss with fapi by host-systemd. tss user and group is currently created by the tpm2-abrmd package but tpm2-tss package also provide a udev rule file tpm-udev.rules [2] that set the ownership of dev nodes /dev/tpmX and /dev/tpmrmX to tss user/group. So tpm2-tss package must define TPM2_TSS_USERS to create tss user and group, not tpm2-abrmd package. So, move TPM2_ABRMD_USERS to TPM2_TSS_USERS. Note: tpm2-abrmd is nowadays deprecated since the in-kernel Ressource Manager (available since kernel 4.12) is prefered [3]. [1] https://github.com/tpm2-software/tpm2-tss/blob/4.1.3/INSTALL.md?plain=1#L184 [2] https://github.com/tpm2-software/tpm2-tss/blob/4.1.3/dist/tpm-udev.rules [3] https://github.com/tpm2-software/tpm2-abrmd/blob/3.0.0/README.md?plain=1#L39 Signed-off-by: Romain Naour <romain.naour@smile.fr> --- package/tpm2-abrmd/tpm2-abrmd.mk | 4 ---- package/tpm2-tss/tpm2-tss.mk | 4 ++++ 2 files changed, 4 insertions(+), 4 deletions(-)