[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#23605: /dev/urandom not seeded across reboots
|
From: |
Leo Famulari |
|
Subject: |
bug#23605: /dev/urandom not seeded across reboots |
|
Date: |
Fri, 27 May 2016 21:05:01 -0400 |
|
User-agent: |
Mutt/1.6.0 (2016-04-01) |
Okay, I finally have some code that works! (attached)
I tested it by using `inotifywait -m /dev/urandom` [0] to see that
/dev/urandom was indeed being open and closed for writing when running
`herd {start, stop} urandom-seed`. If you can suggest a way to see
exactly what is being written to /dev/urandom, I would like to verify it
more fully.
If you test it, don't be surprised that the random-seed is empty the
first time you start the service. It is `touch`-ed at boot but filled
during shutdown.
The big caveat is that the only way I could make it work was to use the
old service API. I just couldn't figure out how to use the extensible
service API for a service that takes to arguments.
If this is a problem, then your help is wanted!
I also had to change the location of %random-seed-file from
/var/run/random-seed to /var/lib/random-seed, because /var/run is
cleared upon reboot. This is specified in the FHS standard [1]. Debian
puts it at /var/lib/urandom/random-seed.
[0] From the inotify-tools package
[1]
http://www.pathname.com/fhs/pub/fhs-2.3.html#VARRUNRUNTIMEVARIABLEDATA
0001-services-Add-urandom-seed-service.patch
Description: Text Data
bug#23605: /dev/urandom not seeded across reboots, Leo Famulari, 2016/05/27
bug#23605: /dev/urandom not seeded across reboots,
Leo Famulari <=