diskimage-builder/elements/oat-client/README.rst

==========
oat-client
==========
This element installs oat-client on the image, that's necessary for
trusted boot feature in Ironic to work.

Intel TXT will measure BIOS, Option Rom and Kernel/Ramdisk during trusted
boot, the oat-client will securely fetch the hash values from TPM.

.. note::
    This element only works on Fedora.

Put `fedora-oat.repo` into `/etc/yum.repos.d/`::

  export DIB_YUM_REPO_CONF=/etc/yum.repos.d/fedora-oat.repo

.. note::
    OAT Repo is lack of a GPG signature check on packages, which can be
    tracked on: https://github.com/OpenAttestation/OpenAttestation/issues/26
Add oat-client element This element installs oat-client on the image, that's necessary for trusted boot feature in Ironic to work. This element only works on Fedora. Intel TXT will measure BIOS, Option Rom and Kernel/Ramdisk during trusted boot, the oat-client will securely fetch the hash values from TPM. Change-Id: I0f1221b5708e9a5792df62ee6e73034f8bf1577c 2015-06-16 08:20:15 +00:00			`==========`
			`oat-client`
			`==========`
			`This element installs oat-client on the image, that's necessary for`
			`trusted boot feature in Ironic to work.`

			`Intel TXT will measure BIOS, Option Rom and Kernel/Ramdisk during trusted`
			`boot, the oat-client will securely fetch the hash values from TPM.`

			`.. note::`
			`This element only works on Fedora.`

			Put `fedora-oat.repo` into `/etc/yum.repos.d/`::

			`export DIB_YUM_REPO_CONF=/etc/yum.repos.d/fedora-oat.repo`

			`.. note::`
			`OAT Repo is lack of a GPG signature check on packages, which can be`
			`tracked on: https://github.com/OpenAttestation/OpenAttestation/issues/26`