Recently during a security audit, it was reported that why machine-config-daemon pod need to have HostNetwork and HostPID set to true.

This was done as part of PR https://github.com/openshift/machine-config-operator/pull/60/commits/fac6c5e950afe2709b99c22960bae3ed3902ad35 where in the past by rpm-ostree to perform OS update. With 4.12 we have evolved to directly run rpm-ostree rebase from container image. Also, extension container gets pulled locally on node in order to install extensions/RT kernel package.

As per slack conversation https://redhat-internal.slack.com/archives/C02CZNQHGN8/p1715075004233899, we should be able to remove them.

This bug is to investigate and if nothing else need these two privilege in in the MCD pod, then remove them.