cvs commit: src/games/fortune/fortune fortune.c
Andrey Chernov
ache at FreeBSD.ORG
Sat Jul 23 03:06:02 GMT 2005
On Sat, Jul 23, 2005 at 11:51:38AM +0930, Greg 'groggy' Lehey wrote:
> I suspect that there's a large number of people out there who don't
> want to go to that much trouble just to get rid of Rush Limbaugh. For
Probably it should go to FAQ. Something like that: if you constantly see
"Rush Limbaugh" (or some else) quote, it means your /dev/random is not
initialized, and you are in great danger, please tune it properly.
Better have visible bad showstopper in that case. You _mask_ the real
problem, and it is _very_ dangerous from security point of view (f.e.
gnupg use /dev/random too) because /dev/random initialization not becomes
proper after this commit, only its incorrectnes made hidden.
> course. Would you like to investigate? I've been seeing problems in
> this are for the last few years. And of course, once we can be really
Personally me never see that. Look at the whole random section in
/etc/defaults/rc.conf:
entropy_file="/entropy" # Set to NO to disable caching entropy through reboots.
# /var/db/entropy-file is preferred if / is not avail.
entropy_dir="/var/db/entropy" # Set to NO to disable caching entropy via cron.
entropy_save_sz="2048" # Size of the entropy cache files.
entropy_save_num="8" # Number of entropy cache files to save.
harvest_interrupt="YES" # Entropy device harvests interrupt randomness
harvest_ethernet="YES" # Entropy device harvests ethernet randomness
harvest_p_to_p="YES" # Entropy device harvests point-to-point randomness
If you set entropy_file="NO", you must have at least
/var/db/entropy/saved-entropy.* across reboots. If it fix your fortune
problem, please back out your commit and fix /etc/defaults/rc.conf
instead.
--
http://ache.pp.ru/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 305 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/cvs-all/attachments/20050723/239761a5/attachment.bin
More information about the cvs-all
mailing list