open-edge-platform · sfonn · Jul 31, 2025 · Jul 21, 2025 · Jul 21, 2025 · Jul 21, 2025
@@ -2283,6 +2283,7 @@
                 "os-update",
                 "otelcol-contrib",
                 "persistent-mount",
+                "platform-manageability-agent",
                 "platform-observability-agent",
                 "platform-telemetry-agent",
                 "platform-update-agent",

@@ -1,6 +1,6 @@
 {
   "Signatures": {
-    "node-agent-1.7.2.tar.gz": "3e331890a17826c836a7f97aad146ab4654d8d987d1e2f25c136d03042717dfe",
+    "node-agent-1.7.3.tar.gz": "68ccbd5e951934617c9d1a284e7637df5fee52b8c9fea61699ca7c3d505cdfd7",
     "node-agent.service": "aa4da847c625e36ba6e22d769e9442521ec6e8eeb542af8ef24f2cad60da03c2",
     "env_wrapper.sh": "ee5d31b33495426840a742c944088e7f7fe56ec95f0547990f9283e24bf792d1",
     "node-agent.conf": "f5304d46df115cbe2e8f9e018f22d03e19f3a2cd35ee269478454bf0b269b90f",

@@ -1,6 +1,6 @@
 Summary:        Edge node registration and trust management
 Name:           node-agent
-Version:        1.7.2
+Version:        1.7.3
 Release:        1%{?dist}
 License:        Apache-2.0
 Vendor:         Intel Corporation
@@ -12,7 +12,7 @@ Source2:        env_wrapper.sh
 Source3:        %{name}.conf
 Source4:        node_agent.te
 Source5:        node_agent.fc
-BuildRequires:  golang >= 1.24.1
+BuildRequires:  golang >= 1.24.4
 BuildRequires:  systemd-rpm-macros
 Requires(pre):  %{_bindir}/systemd-sysusers
 Requires:       (%{name}-selinux if selinux-policy-targeted)
@@ -89,6 +89,7 @@ mkdir -p %{buildroot}%{_sysconfdir}/intel_edge_node/tokens/license-agent
 mkdir -p %{buildroot}%{_sysconfdir}/intel_edge_node/tokens/platform-update-agent
 mkdir -p %{buildroot}%{_sysconfdir}/intel_edge_node/tokens/prometheus
 mkdir -p %{buildroot}%{_sysconfdir}/intel_edge_node/tokens/release-service
+mkdir -p %{buildroot}%{_sysconfdir}/intel_edge_node/tokens/platform-manageability-agent
 
 %files
 %{_bindir}/%{name}
@@ -117,6 +118,7 @@ mkdir -p %{buildroot}%{_sysconfdir}/intel_edge_node/tokens/release-service
 %dir %{_sysconfdir}/intel_edge_node/tokens/platform-update-agent
 %dir %{_sysconfdir}/intel_edge_node/tokens/prometheus
 %dir %{_sysconfdir}/intel_edge_node/tokens/release-service
+%dir %{_sysconfdir}/intel_edge_node/tokens/platform-manageability-agent
 
 %pre
 %sysusers_create_package %{name} %{SOURCE3}
@@ -157,6 +159,9 @@ sed -i '/client-proxy/{N;d;}' %{_sysconfdir}/edge-node/node/confs/%{name}.yaml
 %selinux_modules_uninstall -s %{selinuxtype} %{modulename}
 
 %changelog
+* Thu Jul 31 2025 Jagrat Acharya <jagrat.acharya@intel.com> - 1.7.3-1
+- Upgrade for platform-manageability-agent handling
+
 * Fri May 16 2025 Rajeev Ranjan <rajeev2.ranjan@intel.com> - 1.7.2-1
 - Caddy configuration not needed anymore
 

@@ -0,0 +1,21 @@
+#!/bin/bash
+
+set -eu
+
+update_infra_url() {
+	if [ -n "$PLATFORM_MANAGEABILITY_URL" ]; then
+		local UPDATED_PM_DISCOVERY_INFRA_URL
+		UPDATED_PM_DISCOVERY_INFRA_URL=$(sed "s/^  serviceURL: '.*'/  serviceURL: '$PLATFORM_MANAGEABILITY_URL'/" /etc/edge-node/node/confs/platform-manageability-agent.yaml)
+		echo -E "${UPDATED_PM_DISCOVERY_INFRA_URL}" > /etc/edge-node/node/confs/platform-manageability-agent.yaml
+	fi
+
+	if [ -n "$RPS_ADDRESS" ]; then
+		local UPDATED_RPS_DISCOVERY_INFRA_URL
+		UPDATED_RPS_DISCOVERY_INFRA_URL=$(sed "s/^rpsAddress: '.*'/rpsAddress: '$RPS_ADDRESS'/" /etc/edge-node/node/confs/platform-manageability-agent.yaml)
+		echo -E "${UPDATED_RPS_DISCOVERY_INFRA_URL}" > /etc/edge-node/node/confs/platform-manageability-agent.yaml
+	fi
+}
+
+update_infra_url
+
+exec "$@"
@@ -0,0 +1,2 @@
+g   bm-agents   500
+u   pm-agent    -:bm-agents     -   -   /usr/sbin/nologin
@@ -0,0 +1,40 @@
+[Unit]
+Description=Platform Manageability Agent
+Documentation=https://github.com/open-edge-platform/edge-node-agents/blob/main/platform-manageability-agent/README.md
+
+[Service]
+ExecStart=/etc/edge-node/node/confs/pm-agent /usr/bin/pm-agent -config /etc/edge-node/node/confs/platform-manageability-agent.yaml
+EnvironmentFile=/etc/edge-node/node/agent_variables
+StandardOutput=journal
+StandardError=journal
+RestartSec=60
+Restart=on-failure
+Group=bm-agents
+User=pm-agent
+CPUQuota=20%
+MemoryMax=128M
+
+PrivateTmp=yes
+ProtectControlGroups=yes
+ProtectKernelModules=yes
+ProtectKernelTunables=yes
+RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_NETLINK
+RestrictNamespaces=yes
+RestrictRealtime=yes
+RestrictSUIDSGID=yes
+MemoryDenyWriteExecute=yes
+LockPersonality=yes
+ProtectClock=yes
+ProtectHostname=yes
+ProtectKernelLogs=yes
+
+CapabilityBoundingSet=~CAP_LINUX_IMMUTABLE CAP_IPC_LOCK CAP_SYS_CHROOT CAP_BLOCK_SUSPEND CAP_LEASE
+CapabilityBoundingSet=~CAP_SYS_BOOT CAP_SYS_PTRACE CAP_SYS_RAWIO CAP_SYS_TIME CAP_SYS_TTY_CONFIG
+CapabilityBoundingSet=~CAP_WAKE_ALARM CAP_MAC_ADMIN CAP_MAC_OVERRIDE
+CapabilityBoundingSet=~CAP_SETPCAP CAP_CHOWN CAP_NET_ADMIN
+CapabilityBoundingSet=~CAP_CHOWN CAP_FSETID CAP_SETFCAP
+CapabilityBoundingSet=~CAP_DAC_READ_SEARCH CAP_FOWNER CAP_IPC_OWNER
+CapabilityBoundingSet=~CAP_KILL CAP_MKNOD CAP_BPF CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW
+
+[Install]
+WantedBy=multi-user.target
@@ -0,0 +1,9 @@
+{
+  "Signatures": {
+    "pm-agent-0.1.3.tar.gz": "5f7465881870267e3c50c61cc7fa54399b056b85e67d2d5444fcbaa52c24f131",
+    "platform-manageability-agent.service": "fdd68c7ab244785c4dda515bb0daff7abf75dec45ffa8e99f1f0c6e50fa1355d",
+    "env_wrapper.sh": "a1b68c509483801ec33ce810c7d3ab272b930a75add43370713b64ac2306a746",
+    "platform-manageability-agent.conf": "efe3d39585266222720a828f4617a25beaf6e6334ee7d9bfa57fba4e4bd7f6ef",
+    "platform-manageability-agent.sudoers": "c6129ef5c01b6e56db8b829e3f0cc1cf5a0333764120ef242d2a4a6df9334015"
+  }
+}
@@ -0,0 +1,82 @@
+Summary:        Platform managebility agent for out of band opration. 
+Name:           platform-manageability-agent
+Version:        0.1.3
+Release:        1%{?dist}
+License:        Apache-2.0
+Vendor:         Intel Corporation
+Distribution:   Edge Microvisor Toolkit
+URL:            https://github.com/open-edge-platform/edge-node-agents
+Source0:        %{url}/archive/refs/tags/%{name}/v%{version}.tar.gz#/pm-agent-%{version}.tar.gz
+Source1:        %{name}.conf
+Source2:        %{name}.service
+Source3:        env_wrapper.sh
+Source4:        %{name}.sudoers
+BuildRequires:  golang >= 1.24.4
+BuildRequires:  systemd-rpm-macros
+Requires:       rpc
+
+%global debug_package   %{nil}
+%global _build_id_links none
+%global modulename      pm_agent
+
+%description
+platform-manageability-agent detects what manageability features are available after the OS is deployed
+and performs device management operations requested by users.
+
+%prep
+%autosetup -n pm-agent-%{version}
+
+%build
+make pmabuild GO_MOD=vendor
+
+
+%install
+make pmainstall DESTDIR=%{buildroot} PREFIX=%{_prefix}
+
+mkdir -p %{buildroot}%{_sysusersdir}
+cp %{SOURCE1} %{buildroot}%{_sysusersdir}/%{name}.conf
+
+mkdir -p %{buildroot}%{_unitdir}
+cp %{SOURCE2} %{buildroot}%{_unitdir}
+
+install -d -m 755 %{buildroot}%{_sysconfdir}/edge-node/node/confs
+install -m 644 configs/platform-manageability-agent.yaml %{buildroot}%{_sysconfdir}/edge-node/node/confs/platform-manageability-agent.yaml
+install -m 744 %{SOURCE3} %{buildroot}%{_sysconfdir}/edge-node/node/confs/pm-agent
+
+mkdir -p %{buildroot}%{_sysconfdir}/sudoers.d
+cp %{SOURCE4} %{buildroot}%{_sysconfdir}/sudoers.d/platform-manageability-agent
+
+mkdir -p %{buildroot}%{_defaultlicensedir}/%{name}
+cp copyright %{buildroot}%{_defaultlicensedir}/%{name}
+
+
+%files
+%{_bindir}/pm-agent
+%{_unitdir}/%{name}.service
+%{_sysusersdir}/%{name}.conf
+
+%config %attr(-, -, bm-agents) %{_sysconfdir}/edge-node/node/confs
+%config %attr(-, pm-agent, bm-agents) %{_sysconfdir}/edge-node/node/confs/platform-manageability-agent.yaml
+%config %attr(-, pm-agent, bm-agents) %{_sysconfdir}/edge-node/node/confs/pm-agent
+%config %{_sysconfdir}/sudoers.d/platform-manageability-agent
+
+%license %{_defaultlicensedir}/%{name}/copyright
+
+%pre
+%sysusers_create_package %{name} %{SOURCE1}
+
+%post
+%{systemd_post %{name}.service}
+
+%preun
+%{systemd_preun %{name}.service}
+
+%postun
+%{systemd_postun_with_restart %{name}.service}
+
+%changelog
+* Wed Jul 30 2025 Jagrat Acharya <jagrat.acharya@intel.com> - 0.1.3-1
+- Binary name updated in spec file.
+- Original version for Edge Microvisor Toolkit. License verified.
+
+
@@ -0,0 +1 @@
+pm-agent  ALL=(root) NOPASSWD:/usr/bin/rpc,/usr/sbin/dmidecode,/usr/bin/systemctl,/usr/sbin/modprobe
@@ -14682,8 +14682,8 @@
         "type": "other",
         "other": {
           "name": "node-agent",
-          "version": "1.7.2",
-          "downloadUrl": "https://github.com/open-edge-platform/edge-node-agents/archive/refs/tags/node-agent/v1.7.2.tar.gz"
+          "version": "1.7.3",
+          "downloadUrl": "https://github.com/open-edge-platform/edge-node-agents/archive/refs/tags/node-agent/v1.7.3.tar.gz"
         }
       }
     },
@@ -21628,6 +21628,16 @@
         }
       }
     },
+    {
+      "component": {
+        "type": "other",
+        "other": {
+          "name": "platform-manageability-agent",
+          "version": "0.1.3",
+          "downloadUrl": "https://github.com/open-edge-platform/edge-node-agents/archive/refs/tags/platform-manageability-agent/v0.1.3.tar.gz"
+        }
+      }
+    },
     {
       "component": {
         "type": "other",

@@ -1,5 +1,6 @@
 {
     "packages": [
+      "platform-manageability-agent",
       "rpc",
       "intel-lms"
     ]
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		g bm-agents 500
		u pm-agent -:bm-agents - - /usr/sbin/nologin
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		pm-agent ALL=(root) NOPASSWD:/usr/bin/rpc,/usr/sbin/dmidecode,/usr/bin/systemctl,/usr/sbin/modprobe