Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory (virt:rhel and virt-devel:rhel bug fix and enhancement update), and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.
https://access.redhat.com/errata/RHBA-2022:6446
Reproduce with module-virt-rhel-8060020220616155742-ad008a3a: swtpm-0.7.0-1.20211109gitb79fd91.module+el8.6.0+14480+c0a3aa0f.x86_64 libtpms-0.9.1-0.20211126git1ff6fe1f43.module+el8.6.0+14480+c0a3aa0f.x86_64 # rm -rf /var/lib/swtpm-localca/* ; for ((i = 0; i<200;i++)); do rm -rf /tmp/vtpm${i}; mkdir -p /tmp/vtpm${i}; swtpm_setup --tpm2 --tpmstate /tmp/vtpm${i} --create-ek-cert --create-platform-cert --pcr-banks sha256 2>&1 | grep -i read & done [1] 22359 … swtpm_localca exit with status 1: Need read rights on issuer certificate /var/lib/swtpm-localca/issuercert.pem for user root. … Verify with module-virt-rhel-8060020220729063509-ad008a3a: Swtpm-0.7.0-3.20211109gitb79fd91.module+el8.6.0+16156+d5629340.x86_64.rpm # rm -rf /var/lib/swtpm-localca/* ; for ((i = 0; i<200;i++)); do rm -rf /tmp/vtpm${i}; mkdir -p /tmp/vtpm${i}; swtpm_setup --tpm2 --tpmstate /tmp/vtpm${i} --create-ek-cert --create-platform-cert --pcr-banks sha256 2>&1 | grep -i read & done [1] 26784 … [54] 27424 [15] Exit 1 swtpm_setup --tpm2 --tpmstate /tmp/vtpm${i} --create-ek-cert --create-platform-cert --pcr-banks sha256 2>&1 | grep --color=auto -i read [55] 27508 … [200] 29711 ^-- No the issuercert error shows.