From owner-cvs-all@FreeBSD.ORG Sat Jul 23 03:06:02 2005 Return-Path: X-Original-To: cvs-all@FreeBSD.ORG Delivered-To: cvs-all@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4809A16A41F; Sat, 23 Jul 2005 03:06:02 +0000 (GMT) (envelope-from ache@nagual.pp.ru) Received: from nagual.pp.ru (nagual.pp.ru [194.87.13.69]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0B62643D53; Sat, 23 Jul 2005 03:06:00 +0000 (GMT) (envelope-from ache@nagual.pp.ru) Received: from nagual.pp.ru (ache@localhost [127.0.0.1]) by nagual.pp.ru (8.13.4/8.13.4) with ESMTP id j6N35xUP029756; Sat, 23 Jul 2005 07:05:59 +0400 (MSD) (envelope-from ache@nagual.pp.ru) Received: (from ache@localhost) by nagual.pp.ru (8.13.4/8.13.4/Submit) id j6N35x4T029755; Sat, 23 Jul 2005 07:05:59 +0400 (MSD) (envelope-from ache) Date: Sat, 23 Jul 2005 07:05:59 +0400 From: Andrey Chernov To: "Greg 'groggy' Lehey" Message-ID: <20050723030559.GA29502@nagual.pp.ru> Mail-Followup-To: Andrey Chernov , Greg 'groggy' Lehey , src-committers@FreeBSD.ORG, cvs-src@FreeBSD.ORG, cvs-all@FreeBSD.ORG References: <200507230146.j6N1koqL061690@repoman.freebsd.org> <20050723015517.GA28428@nagual.pp.ru> <20050723020120.GV842@wantadilla.lemis.com> <20050723020810.GA28712@nagual.pp.ru> <20050723022138.GX842@wantadilla.lemis.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="+HP7ph2BbKc20aGI" Content-Disposition: inline In-Reply-To: <20050723022138.GX842@wantadilla.lemis.com> User-Agent: Mutt/1.5.9i Cc: cvs-src@FreeBSD.ORG, src-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG Subject: Re: cvs commit: src/games/fortune/fortune fortune.c X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 23 Jul 2005 03:06:02 -0000 --+HP7ph2BbKc20aGI Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Jul 23, 2005 at 11:51:38AM +0930, Greg 'groggy' Lehey wrote: > I suspect that there's a large number of people out there who don't > want to go to that much trouble just to get rid of Rush Limbaugh. For Probably it should go to FAQ. Something like that: if you constantly see=20 "Rush Limbaugh" (or some else) quote, it means your /dev/random is not=20 initialized, and you are in great danger, please tune it properly. Better have visible bad showstopper in that case. You _mask_ the real=20 problem, and it is _very_ dangerous from security point of view (f.e.=20 gnupg use /dev/random too) because /dev/random initialization not becomes= =20 proper after this commit, only its incorrectnes made hidden. > course. Would you like to investigate? I've been seeing problems in > this are for the last few years. And of course, once we can be really Personally me never see that. Look at the whole random section in=20 /etc/defaults/rc.conf: entropy_file=3D"/entropy" # Set to NO to disable caching entropy through re= boots. # /var/db/entropy-file is preferred if / is not ava= il. entropy_dir=3D"/var/db/entropy" # Set to NO to disable caching entropy via = cron. entropy_save_sz=3D"2048" # Size of the entropy cache files. entropy_save_num=3D"8" # Number of entropy cache files to save. harvest_interrupt=3D"YES" # Entropy device harvests interrupt randomness harvest_ethernet=3D"YES" # Entropy device harvests ethernet randomness harvest_p_to_p=3D"YES" # Entropy device harvests point-to-point randomne= ss If you set entropy_file=3D"NO", you must have at least=20 /var/db/entropy/saved-entropy.* across reboots. If it fix your fortune=20 problem, please back out your commit and fix /etc/defaults/rc.conf=20 instead. --=20 http://ache.pp.ru/ --+HP7ph2BbKc20aGI Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (FreeBSD) iQCVAwUBQuG0F+JgpPLZnQjrAQKr+wQAjoD2pwgBw0B6w2hBv9l7A6o2Qlw6m2Hl nUnutwyKQwDHveqL04NobKhjBzWQVjnDdrTkAifv5wwwhKNImoT51GXPjIs8Ffjh 4IuTs0QS0w00yvh7JP/n1XJ0x7B1GqKJUFj3vQZ841tBI6OtnoqerUD5uPSQbopX xr+vkC9dgJ0= =g335 -----END PGP SIGNATURE----- --+HP7ph2BbKc20aGI--