libvirt users - Oct 2019 - Re: Emulated TPM doesn't work on Debian Buster

On Mon, 2019-10-07 at 13:26 +0000, procmem@riseup.net
wrote:
> On 10/7/19 7:31 AM, Andrea Bolognani wrote:
> > On Sat, 2019-10-05 at 14:32 +0000, procmem@riseup.net wrote:
> > > Hi. I am very interested in the security properties a totally
open TPM
> > > can give our users  - its use as a universal smartcard to protect
all
> > > types of keys. When adding the virtual 1.2 or 2.0 TPM I get the
vague
> > > error below. OS is Debian stable with standard packages.
> > > 
> > > 
> > > Error starting domain: Unable to find 'swtpm' binary in
$PATH: No such
> > > file or directory
> > 
> > I wouldn't call this error message vague at all: it tells you
exactly
> > what the problem is, namely that libvirt needs the 'swtpm'
command
> > for your configuration but the latter is not available :)
> > 
> > Unfortunately it looks like swtpm it's not packaged for Debian, so
> > I'm afraid the solution is not just a simple apt-get away :(
> > 
> Thanks for letting me know. I assumed everything in libvirt was self
> contained and so I didn't expect it to need an extraneous package.
> Hopefully it'll land by Debian Bullseye.
libvirt calls out to several external tools, the most high-profile
example being of course QEMU ;)

-- 
Andrea Bolognani / Red Hat / Virtualization