[Users] Trusted Pools and CentOS 6 packages

Nicolae Paladi n.paladi at gmail.com
Mon Oct 28 15:43:00 UTC 2013 

Hi,
I've followed the recipe (
https://github.com/OpenAttestation/OpenAttestation/wiki/OAT-for-RHEL-Recipe)
but didn't get it to run yet;
I think a step is missing -- the AIK is not available is
/usr/share/oat-client (it was not available in
/var/lig/oat-appraiser/ClientFiles either);
when I try to run provisioner.sh, I get the following:
provisioner.sh: line 7: systemctl: command not found
### ecStorage = NVRAM###
Performing TPM provisioning...710
DONE
Successfully initialized TPM
Performing HIS identity provisioning...FAILED
java.util.NoSuchElementException
        at java.util.StringTokenizer.nextToken(StringTokenizer.java:349)
        at
gov.niarl.his.privacyca.TpmModule.executeVer2Command(TpmModule.java:215)
        at
gov.niarl.his.privacyca.TpmModule.collateIdentityRequest(TpmModule.java:292)
        at
gov.niarl.his.privacyca.HisIdentityProvisioner.main(HisIdentityProvisioner.java:225)
Failed to receive AIC from Privacy CA, error 1
Registering identity with server...FAILED
java.io.FileNotFoundException: /usr/share/oat-client/aik.cer (No such file
or directory)
        at java.io.FileInputStream.open(Native Method)
        at java.io.FileInputStream.<init>(FileInputStream.java:137)
        at java.io.FileInputStream.<init>(FileInputStream.java:96)
        at gov.niarl.his.privacyca.TpmUtils.certFromFile(TpmUtils.java:612)
        at
gov.niarl.his.privacyca.HisRegisterIdentity.main(HisRegisterIdentity.java:99)
Failed to register identity with appraiser, error 1



Thanks,
/Nicolae


On 27 October 2013 22:55, Nicolae Paladi <n.paladi at gmail.com> wrote:

> Awesome, thanks!
>
> I'll try this out in the morning
>
> /Nicolae
>
>
> On 27 October 2013 17:03, Wei, Gang <gang.wei at intel.com> wrote:
>
>> Please refer to
>>
>> https://github.com/OpenAttestation/OpenAttestation/wiki/OAT-for-RHEL-Recipe
>> .
>>
>> Jimmy
>>
>>
>> > -----Original Message-----
>> > From: Doron Fediuck [mailto:dfediuck at redhat.com]
>> > Sent: Sunday, October 27, 2013 11:53 PM
>> > To: Nicolae Paladi
>> > Cc: users at ovirt.org; Wei, Gang
>> > Subject: Re: [Users] Trusted Pools and CentOS 6 packages
>> >
>> >
>> >
>> > ----- Original Message -----
>> > > From: "Nicolae Paladi" <n.paladi at gmail.com>
>> > > To: users at ovirt.org
>> > > Sent: Friday, October 25, 2013 7:16:30 PM
>> > > Subject: Re: [Users] Trusted Pools and CentOS 6 packages
>> > >
>> > > Doron Fediuck <dfediuck at ...> writes:
>> > >
>> > > >
>> > > > ----- Original Message -----
>> > > > > From: "Gianluca Cecchi" <gianluca.cecchi at ...>
>> > > > > To: "Doron Fediuck" <dfediuck at ...>
>> > > > > Cc: "Wei D Chen" <wei.d.chen at ...>, "users"
>> > > > <users at ...>, "Mei Yu"
>> > > > <mei.yu at ...>, "Ofri Masad"
>> > > > > <omasad at ...>, "Gang Wei" <gang.wei at ...>
>> > > > > Sent: Tuesday, June 11, 2013 2:29:54 AM
>> > > > > Subject: Re: [Users] Trusted Pools and CentOS 6 packages
>> > > > >
>> > > > > On Mon, Jun 10, 2013 at 6:36 PM, Doron Fediuck wrote:
>> > > > >
>> > > > > >
>> > > > > > That's nice of Jimmy to assist.
>> > > > > > Are you trying out the oVirt TCP feature or will you be using
>> OAT
>> > > > > > for something else?
>> > > > >
>> > > > > Actually the need was for OpenStack environment, but I'm going to
>> test
>> > > > > oVirt node too.
>> > > > >
>> > > > > Gianluca
>> > > > >
>> > > >
>> > > > Thanks for the info.
>> > > > Note that openstack and ovirt are using the same OAT infra,
>> > > > but implementing the logic in a different way.
>> > > > Let me know f you have a specific use case so I'll be able to
>> > > > provide additional details.
>> > > >
>> > >
>> > >
>> > > Hi,
>> > >
>> > > I have an environment where the oat-server is on a Ubuntu, while
>> > > the compute hosts are CentOS servers.
>> > >
>> > > I have installed the packages for the oat-server from the Ubuntu
>> > > repositories, and there is indeed a "ClientFiles" directory, but
>> > > but it lacks installation files (just the following:
>> > > endorsement.p12  install.bat  lib  OAT.properties
>> > OATprovisioner.properties
>> > > PrivacyCA.cer  TrustStore.jks)
>> > >
>> > >
>> > > The questions are:
>> > > * are there packages for centos 6.4 available?
>> > > * how can the client files be generated by the oat-server?
>> > >
>> > > cheers,
>> > > /Nicolae
>> > >
>> >
>> > Hi Nicolae,
>> > Adding Jimmy for RPM updates.
>> > Jimmy, are you packaging the OAT for el6 and where can it be found?
>> >
>> > Also, some of the issues are available here:
>> > http://www.ovirt.org/Trusted_compute_pools_deployment
>> >
>> > Doron
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20131028/75ee3245/attachment-0001.html>

More information about the Users mailing list