Bug 688319

Summary: new ovirt-node tool for doing 3rd party plugin injection
Product: Red Hat Enterprise Linux 7 Reporter: Perry Myers <pmyers>
Component: ovirt-nodeAssignee: Fabian Deutsch <fdeutsch>
Status: CLOSED CURRENTRELEASE QA Contact: Virtualization Bugs <virt-bugs>
Severity: medium Docs Contact:
Priority: medium    
Version: 7.0CC: apevec, gouyang, leiwang, ovirt-maint, pcao, riehecky, tpoitras, ycui
Target Milestone: rcKeywords: FutureFeature
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ovirt-node-3.0.0-6.1.el7 Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-06-16 08:16:36 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 688324    
Bug Blocks: 514650, 688325, 688331, 891344, 1055798    

Description Perry Myers 2011-03-16 19:43:24 UTC 
Description of problem:
A RHEVH plugin-pack would be a tarball containing a set of RPMs and a kickstart file.  This would be passed through to underlying edit-livecd -k option.

This way we can more tightly control how edit-livecd is used.  Using this tool (ovirt-install-plugin) we would be able to limit edit-livecd usage to be only RPM installation and blacklisting.

This tool would also need to support arbitrary policy plugins so that we could restrict things like:
* whether or not kernel modules can be installed?
* whether or not packages w/o a valid gpg signature can be installed
* what gpg signatures would be allowed to install
* what areas of the filesystem can be written to
* what files/configuration are ok to modify vs. off limits
Comment 3 Ludek Smid 2014-06-16 08:16:36 UTC 
This request was resolved in Red Hat Enterprise Linux 7.0.

Contact your manager or support representative in case you have further questions about the request.