From dba4d21b5fccd6a91b349c76111205ee476ac4c4 Mon Sep 17 00:00:00 2001
From: Carmen Rata <carmen.rata@windriver.com>
Date: Thu, 22 Oct 2020 08:39:10 -0400
Subject: [PATCH] Fix user ownership for /usr/bin/swtpm_setup.sh

Updated user ownership to "root" for "swtpm_setup.sh"
to fix openscap security violation.
Verified that installation is successful for AIO-SX
and Standard 2+2 system configurations.
Executed certificate installation in a TPM system and
verified is successful..

Story: 2008037
Task: 40694

Change-Id: I7aa8e48d60f189627a4d57441aa1c342c4cb5c20
Signed-off-by: Carmen Rata <carmen.rata@windriver.com>
---
 security/swtpm/centos/swtpm.spec | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/security/swtpm/centos/swtpm.spec b/security/swtpm/centos/swtpm.spec
index 4ba9ce200..93a3fedf5 100644
--- a/security/swtpm/centos/swtpm.spec
+++ b/security/swtpm/centos/swtpm.spec
@@ -96,6 +96,7 @@ Requires:       swtpm fuse
 #STX
 #Requires:       trousers >= 0.3.9 tpm-tools >= 1.3.8-6 expect bash net-tools gnutls-utils
 Requires:       trousers >= 0.3.9 expect bash net-tools gnutls-utils
+Requires:       tpm2-abrmd
 
 %description    tools
 Tools for the TPM emulator from the swtpm package
@@ -133,7 +134,7 @@ Tools for the TPM emulator from the swtpm package
 %attr( 755, root, root) %{_bindir}/swtpm_cert
 %endif
 %attr( 755, root, root) %{_bindir}/swtpm_setup
-%attr( 755, tss , tss)  %{_bindir}/swtpm_setup.sh
+%attr( 755, root , tss)  %{_bindir}/swtpm_setup.sh
 %attr( 755, root, root) %{_bindir}/swtpm_ioctl
 %{_mandir}/man8/swtpm_bios.8*
 %{_mandir}/man8/swtpm_cert.8*