conf/75722: /usr/libexec/save-entropy ignores entropy_save_sz [patch]

Ceri Davies ceri at submonkey.net
Tue Jan 4 13:10:20 GMT 2005 

The following reply was made to PR conf/75722; it has been noted by GNATS.

From: Ceri Davies <ceri at submonkey.net>
To: FreeBSD Gnats Submit <freebsd-gnats-submit at FreeBSD.org>
Cc:  
Subject: Re: conf/75722: /usr/libexec/save-entropy ignores entropy_save_sz [patch]
Date: Tue, 4 Jan 2005 13:07:32 +0000

 On Sun, Jan 02, 2005 at 04:47:41PM +0100, Nicolas Rachinsky wrote:
 
 > change entropy_save_sz to a non default value. It will be ignored.
 
 It is also ignored in /etc/rc.d/random, which the following patch
 corrects.  Unforunately, this now only saves 2048 bits by default,
 though since the entropy_save_sz variable is shared, one of them needs
 to change:
 
 Index: etc/rc.d/random
 ===================================================================
 RCS file: /home/ncvs/src/etc/rc.d/random,v
 retrieving revision 1.7
 diff -u -r1.7 random
 --- etc/rc.d/random	7 Oct 2004 13:55:26 -0000	1.7
 +++ etc/rc.d/random	4 Jan 2005 12:53:13 -0000
 @@ -80,7 +80,7 @@
  			;;
  		*)
  			dd if=/dev/random of=${entropy_file_confirmed} \
 -			   bs=4096 count=1 2> /dev/null
 +			   bs=${entropy_save_sz} count=1 2> /dev/null
  			echo '.'
  			;;
  		esac
 
 There are further problems with /etc/rc.d/random, which I will note
 here, as I am unsure of how it and save-entropy are supposed to work
 together.
 
 o  /etc/rc.d/random expects /var/db/entropy to be a file on one
    occasion, and a directory on another:
 
      31                 entropy_dir=${entropy_dir:-/var/db/entropy}
      32                 if [ -d "${entropy_dir}" ]; then
      33                         if [ -w /dev/random ]; then
      34                                 for seedfile in ${entropy_dir}/*; do
      35                                         feed_dev_random "${seedfile}"
      36                                 done
      37                         fi
      38                 fi
      39                 ;;
 
      69                         # Try this as a reasonable alternative for read-only
      70                         # roots, diskless workstations, etc.
      71                         rm -f /var/db/entropy
      72                         if touch /var/db/entropy; then
      73					entropy_file_confirmed=/var/db/entropy
      74                         fi
 
    Again, due to the variables being shared between here and
    save-entropy, I'm not sure of the appropriate fix.
 
 o  /etc/rc.d/random contains the following snippet:
 
      76                 case ${entropy_file_confirmed} in
      77                 '')
      78                         err 1 '${entropy_file_confirmed}:' \
      79                             ' entropy file write failed.'
      80                         ;;
 
    The intention here is presumably to print the failing filename, but
    it will always just print ": entropy file write failed.".
 
 Ceri

More information about the freebsd-bugs mailing list