Thanks for the suggestion about specifying the tcti socket. I'm getting a little
further now. When I run
sudo -u tss ./tpm2-abrmd --tcti socket
** (tpm2-abrmd:13481): CRITICAL **: Failed to acquire DBus name com.intel.tss2.Tabrmd. UID
59 must be allowed to "own" this name. Check DBus config.
This is because when I installed tpm2-abrmd (i.e., make install), it installed everything
under /usr/local/ including putting the dbus rule into
/usr/local/etc/dbus-1/system.d/tpm2-abrmd.conf, rather than into
/etc/dbus-1/system.d/tpm2-abrmd.conf. What is the appropriate way to change this?
Re-install tpm2-abrmd? If so, how do I tell make or configure to install everything
relative to root (/)? For other unrelated reasons, I also installed tpm2-abrmd to
/tmp/tpm2-abrmd using the DESTDIR argument for make; but this installs everything into
/tmp/tpm2-abrmd/usr/local (which was fine for that purpose) which isn't what I need.
From: Javier Martinez Canillas [mailto:email@example.com]
Sent: Wednesday, February 28, 2018 5:53 PM
To: Scheie, Peter M; tpm2(a)lists.01.org
Subject: Re: [tpm2] tpm2-abrmd can't connect to IBM's tpm_server
On 02/27/2018 07:51 PM, Scheie, Peter M wrote:
I'm trying to get tpm2-abrmd to connect to the IBM tpm_server
simulator, as described in
it fails saying
That document is pretty outdated, I've filled an issue to take care of it:
Failed to initialize device TCTI context: 0xa000a
Yes, my guess is that this is related to the fact that the tpm2-abrmd default TCTI is the
device one, so if you don't have a TPM device or are running with an user without
access to the TPM character device, then will fail with that error code.
I've tried versions 1119 and 974 of tpm_server, but got the same
result. For tpm2-abrmd, I'm using version 1.2.0 from the tarball under
'Releases'. Netstat shows tpm_server is listening on ports 2322 and 2321, so I
suspect something is wrong on the tpm2-abrmd end.
Can you share the command you are using to start the tpm2-abrmd? You need to pass the
--tcti socket option, i.e:
sudo -u tss /usr/local/sbin/tpm2-abrmd --tcti socket
Javier Martinez Canillas
Software Engineer - Desktop Hardware Enablement Red Hat