From e31be23d561e2d5787d5ad305bca082ce270ea5e Mon Sep 17 00:00:00 2001
From: Manuel Bentele
Date: Mon, 8 Nov 2021 13:12:03 +0100
Subject: [swtpm] Change permissions for cert dir user access

---
 core/modules/swtpm/module.build | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'core/modules/swtpm')

diff --git a/core/modules/swtpm/module.build b/core/modules/swtpm/module.build
index 0d4264b4..6157017f 100644
--- a/core/modules/swtpm/module.build
+++ b/core/modules/swtpm/module.build
@@ -1,4 +1,11 @@
 #!/bin/bash
+
+LIBVIRT_STPM_GRP="libvirt-tpm"
+
+module_init() {
+        groupadd --system "${LIBVIRT_STPM_GRP}"
+}
+
 fetch_source() {
 	autoclone
 }
@@ -61,6 +68,10 @@ build() {
 	make || perror "'make' failed."
 	DESTDIR="${DSTDIR}" make install || perror "'make install' failed."
 
+	# change group and permissions for libvirt-tpm members
+	chgrp "${LIBVIRT_STPM_GRP}" /var/lib/swtpm-localca
+	chmod 775 /var/lib/swtpm-localca
+
 	rm "${SRCDIR_BIN}/pkg-config"
 
 	# restore old environment so that following pkg-config calls are not modified
-- 
cgit v1.2.3-55-g7522