swtpm_setup: Only change file and directory ownership if needed

Change the file and directory ownership of tcsd related files only if it
is absolutely needed. It is not needed if we are running as user TCSD_USER
in group TCSD_GROUP because then the files were created with the needed
owner and group. This avoids problems when trying to change file ownership
when invoked by libvirt where we do not have the capabilities to change
file ownership even as root.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>

src/swtpm_setup/swtpm_setup.sh.in

@@ -550,16 +550,16 @@ EOF
 		else
 			chmod 0640 "$TCSD_CONFIG"
 		fi
-		if [ $(id -u) -eq 0 ]; then
+		if [ $(id -u) -eq 0 ] && \
+		   [ $(id -u) -ne $(id -u @TSS_USER@) -o $(id -g) -ne $(id -g @TSS_GROUP@) ]; then
 			chown "@TSS_USER@:@TSS_GROUP@" "$TCSD_CONFIG" 2>/dev/null
-			chown "@TSS_USER@:@TSS_GROUP@" "$TCSD_DATA_DIR" 2>/dev/null
-			chown "@TSS_USER@:@TSS_GROUP@" "$TCSD_DATA_FILE" 2>/dev/null
-		fi
 			if [ $? -ne 0 ]; then
 				logerr "Could not change ownership on $TCSD_CONFIG to ${user}:${group}."
-			ls -l "$TCSD_CONFIG"
 				return 1
 			fi
+			chown "@TSS_USER@:@TSS_GROUP@" "$TCSD_DATA_DIR" 2>/dev/null
+			chown "@TSS_USER@:@TSS_GROUP@" "$TCSD_DATA_FILE" 2>/dev/null
+		fi
 
 		# make sure tcsd is gone
 		stop_tcsd 1