sig_cloud/diskimage-builder
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1a8dc59871
diskimage-builder/elements/oat-client
History
Lin Tan 59f83ef37b Add oat-client element 
This element installs oat-client on the image, that's necessary for
trusted boot feature in Ironic to work. This element only works on Fedora.

Intel TXT will measure BIOS, Option Rom and Kernel/Ramdisk during trusted
boot, the oat-client will securely fetch the hash values from TPM.

Change-Id: I0f1221b5708e9a5792df62ee6e73034f8bf1577c
2015-06-26 09:57:12 +08:00
..
yum.repos.d Add oat-client element 2015-06-26 09:57:12 +08:00
element-deps Add oat-client element 2015-06-26 09:57:12 +08:00
package-installs.yaml Add oat-client element 2015-06-26 09:57:12 +08:00
README.rst Add oat-client element 2015-06-26 09:57:12 +08:00

README.rst 

==========
oat-client
==========
This element installs oat-client on the image, that's necessary for
trusted boot feature in Ironic to work.

Intel TXT will measure BIOS, Option Rom and Kernel/Ramdisk during trusted
boot, the oat-client will securely fetch the hash values from TPM.

.. note::
    This element only works on Fedora.

Put `fedora-oat.repo` into `/etc/yum.repos.d/`::

  export DIB_YUM_REPO_CONF=/etc/yum.repos.d/fedora-oat.repo

.. note::
    OAT Repo is lack of a GPG signature check on packages, which can be
    tracked on: https://github.com/OpenAttestation/OpenAttestation/issues/26