RHV hypervisors should be able to properly run on a host where official PCI-DSS profile for RHEL 8 is applied https://www.redhat.com/en/resources/pci-dss-compliance-coalfire-analyst-paper http://static.open-scap.org/ssg-guides/ssg-rhel8-guide-pci-dss.html https://www.pcisecuritystandards.org/document_library If running on the official PCI-DSS profile is not feasible due to technical limitations, then we need to create a hardening profile for RHV hypervisors based on the official PCI-DSS profile, where we would have disabled PCI-DSS features which blocks proper functionality of RHV hypervisor.
Test version: RHVH-4.5-20220425.0-RHVH-x86_64-dvd1.iso Engine: RHV 4.5.0-9 Test steps: 1. Install RHVH-4.5-20220425.0-RHVH-x86_64-dvd1.iso with PCI-DSS profile applied. 2. Reboot 3. Register to engine. Test Result: Instal RHVH with PCI-DSS profiles applied - pass Register host to engine with PCI-DSS - pass So the bug is fixed, change bug status to VERIFIED.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Low: RHV RHEL Host (ovirt-host) [ovirt-4.5.0] security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2022:4764