This list of features makes me very nervous from a security standpoint. Are we talking about giving an agent an arbitrary shell command or file to install, and it goes and does that, or are we simply triggering a preconfigured action (at the time the agent itself was installed)? From: Steven Dake <sdake at redhat.com<mailto:sdake at redhat.com>> Reply-To: OpenStack Dev <openstack-dev at lists.openstack.org<mailto:openstack-dev at lists.openstack.org>> Date: Monday, December 9, 2013 at 11:41 AM To: OpenStack Dev <openstack-dev at lists.openstack.org<mailto:openstack-dev at lists.openstack.org>> Subject: Re: [openstack-dev] Unified Guest Agent proposal In terms of features: * run shell commands * install files (with selinux properties as well) * create users and groups (with selinux properties as well) * install packages via yum, apt-get, rpm, pypi * start and enable system services for systemd or sysvinit * Install and unpack source tarballs * run scripts * Allow grouping, selection, and ordering of all of the above operations -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20131209/20ae890a/attachment.html>