Summary: | app-crypt/trousers-0.3.1: tcsd fails to start, because of insufficient right for /dev/tpm0 | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Andrzej Soiński <jezrdna.bugzilla> |
Component: | Current packages | Assignee: | Crypto team [DISABLED] <crypto+disabled> |
Status: | RESOLVED FIXED | ||
Severity: | minor | ||
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Attachments: | patch for tcsd init script |
Description
Andrzej Soiński
2008-07-18 11:45:46 UTC
Created attachment 160712 [details, diff]
patch for tcsd init script
You could of course also write a udev rule to set the user/group for /dev/tpm* instead of running tcsd as root... Here's the rule from tpm-emulator. We should install it for trousers as well I think. /etc/udev/rules.d/60-tpm-emulator.rules:KERNEL=="tpm", NAME="%k", SYMLINK+="tpm0", GROUP="tss", MODE="0660" Well, the udev rule is not working for a real TPM device. /etc/udev/rules.d/45-tpm.rules : KERNEL=="tpm[0-9]*", MODE="0600", OWNER="tss", GROUP="tss" This is working pretty well on my Thinkpad. Also the ownership of the data file is wrong : chmod tss:tss /var/lib/tpm/ chmod tss:tss /var/lib/tpm/system.data udev rules added in 0.3.6. |