diff --git a/ChangeLog b/ChangeLog index 3dae707e..af84c569 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,10 @@ # ChangeLog for Gentoo System Intialization ("rc") scripts # Copyright 1999-2007 Gentoo Foundation; Distributed under the GPLv2 + 21 Jun 2007; Mike Frysinger : + + Allow urandom location to be customized #134489. + 02 Jun 2007; Mike Frysinger : Fix from comio for /proc/filesystems typo in localmount #180621. diff --git a/conf.d/urandom b/conf.d/urandom new file mode 100644 index 00000000..0c3e63c9 --- /dev/null +++ b/conf.d/urandom @@ -0,0 +1,8 @@ +# /etc/conf.d/urandom + +# Sometimes you want to have urandom start before "localmount" +# (say for crypt swap), so you will need to customize this +# behavior. If you have /var on a separate partition, then +# make sure this path lives on your root device somewhere. + +URANDOM_SEED="/var/run/random-seed" diff --git a/init.d/urandom b/init.d/urandom index b901d6d8..ecded0a5 100755 --- a/init.d/urandom +++ b/init.d/urandom @@ -2,6 +2,8 @@ # Copyright 1999-2007 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 +URANDOM_SEED=${URANDOM_SEED:-/var/run/random-seed} + depend() { need localmount } @@ -13,23 +15,24 @@ save_seed() { poolsize=$(($(cat /proc/sys/kernel/random/poolsize) / 4096)) fi - umask 077 - dd if=/dev/urandom of=/var/run/random-seed count=${poolsize} 2>/dev/null + ( # sub shell to prevent umask pollution + umask 077 + dd if=/dev/urandom of="${URANDOM_SEED}" count=${poolsize} 2>/dev/null + ) } start() { [ -c /dev/urandom ] || return - if [ -f /var/run/random-seed ] ; then - cat /var/run/random-seed > /dev/urandom + if [ -f "${URANDOM_SEED}" ] ; then + cat "${URANDOM_SEED}" > /dev/urandom fi - if ! rm -f /var/run/random-seed ; then - ewarn "Skipping /var/run/random-seed initialization (ro root?)" + if ! rm -f "${URANDOM_SEED}" ; then + ewarn "Skipping ${URANDOM_SEED} initialization (ro root?)" return 0 fi ebegin "Initializing random number generator" save_seed eend $? "Error initializing random number generator" - umask 022 } stop() {