0fb11190fa
This moves urandom to *bsd only and adds seedrng as a separate service for Linux. This fixes #510
54 lines
1.4 KiB
Plaintext
54 lines
1.4 KiB
Plaintext
#!@SBINDIR@/openrc-run
|
|
# Copyright (c) 2007-2022 The OpenRC Authors.
|
|
# See the Authors file at the top-level directory of this distribution and
|
|
# https://github.com/OpenRC/openrc/blob/HEAD/AUTHORS
|
|
#
|
|
# This file is part of OpenRC. It is subject to the license terms in
|
|
# the LICENSE file found in the top-level directory of this
|
|
# distribution and at https://github.com/OpenRC/openrc/blob/HEAD/LICENSE
|
|
# This file may not be copied, modified, propagated, or distributed
|
|
# except according to the terms contained in the LICENSE file.
|
|
|
|
: ${urandom_seed:=${URANDOM_SEED:-/var/lib/misc/random-seed}}
|
|
description="Initializes the random number generator."
|
|
|
|
depend()
|
|
{
|
|
after clock
|
|
need localmount
|
|
keyword -docker -jail -lxc -openvz -prefix -systemd-nspawn
|
|
}
|
|
|
|
save_seed()
|
|
{
|
|
local psz=1
|
|
|
|
if [ -e /proc/sys/kernel/random/poolsize ]; then
|
|
: $(( psz = $(cat /proc/sys/kernel/random/poolsize) / 4096 ))
|
|
fi
|
|
|
|
( # sub shell to prevent umask pollution
|
|
umask 077
|
|
dd if=/dev/urandom of="$urandom_seed" count=${psz} 2>/dev/null
|
|
)
|
|
}
|
|
|
|
start()
|
|
{
|
|
[ -c /dev/urandom ] || return
|
|
if [ -f "$urandom_seed" ]; then
|
|
ebegin "Initializing random number generator"
|
|
cat "$urandom_seed" > /dev/urandom
|
|
eend $? "Error initializing random number generator"
|
|
fi
|
|
rm -f "$urandom_seed" && save_seed
|
|
return 0
|
|
}
|
|
|
|
stop()
|
|
{
|
|
ebegin "Saving random seed"
|
|
save_seed
|
|
eend $? "Failed to save random seed"
|
|
}
|