Re: git: a28ccb32bf56 - main - machine-id: generate a compact version of the uuid

Reply: Mark Millard : "Re: git: a28ccb32bf56 - main - machine-id: generate a compact version of the uuid"
In reply to: Mark Millard : "Re: git: a28ccb32bf56 - main - machine-id: generate a compact version of the uuid"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Tĳl Coosemans <tijl_at_FreeBSD.org>
Date: Sat, 04 Mar 2023 14:32:54 UTC

On Fri, 3 Mar 2023 10:36:20 -0800 Mark Millard <marklmi@yahoo.com> wrote:
> What are the properties for the content of /etc/hostid
> in FreeBSD? Where are they documented?
> 
> /etc/machine-id has strong property guarnatee
> requirements in linux and dbus (which linux indicates
> it has adopted requirements from):
> 
> https://man7.org/linux/man-pages/man5/machine-id.5.html
> 
> reports:
> 
> QUOTE
> The machine ID does not change based on local or network
> configuration or when hardware is replaced. Due to this and its
> greater length, it is a more useful replacement for the
> gethostid(3) call that POSIX specifies.
> 
> This machine ID adheres to the same format and logic as the D-Bus
> machine ID.
> END QUOTE

/etc/hostid is written once.  It does not change with network or
hardware changes.

> https://dbus.freedesktop.org/doc/dbus-uuidgen.1.html reports:
> ( used via dbus-uuidgen --ensure=/etc/machine-id as one way
> to get a linux-comaptibile /etc/machine-id for at least
> some types of contexts )
> 
> QUOTE
> The important properties of the machine UUID are that 1) it remains
> unchanged until the next reboot and 2) it is different for any two
> running instances of the OS kernel. That is, if two processes see
> the same UUID, they should also see the same shared memory, UNIX
> domain sockets, local X displays, localhost.localdomain resolution,
> process IDs, and so forth
> END QUOTE
> 
> 
> Does /etc/hostid generated the normal way in FreeBSD have such
> properties? (How do I look that up?)

Yes.  It's `kenv smbios.system.uuid` if that's available and generated
by uuidgen otherwise.  The code is in /etc/rc.d/hostid and
/etc/rc.d/hostid_save.

> Returning to:
> 
> https://man7.org/linux/man-pages/man5/machine-id.5.html
> 
> QUOTE
> This ID uniquely identifies the host. It should be considered
> "confidential", and must not be exposed in untrusted
> environments, in particular on the network. If a stable unique
> identifier that is tied to the machine is needed for some
> application, the machine ID or any part of it must not be used
> directly. Instead the machine ID should be hashed with a
> cryptographic, keyed hash function, using a fixed,
> application-specific key. That way the ID will be properly
> unique, and derived in a constant way from the machine ID but
> there will be no way to retrieve the original machine ID from the
> application-specific one.
> END QUOTE
> 
> Is that at least recommended for handling FreeBSD's /etc/hostid
> content?

No, the file is not documented at all, but this is a recommendation on
how to use the file not a restriction on the content like the other
quotes so this isn't an impediment to using the same ID in
/etc/machine-id.

> Is FreeBSD going to document /etc/machine-id content properties
> in a similar manor?
> 
> 
> If FreeBSD ends up with a /etc/machine-id that does not have
> the properties and recommended principles of use, it would
> appear that the /etc/machine-id path would be highly misleading
> and, so, inappropriate.