From owner-freebsd-bugs@FreeBSD.ORG Tue Jan 4 13:10:20 2005 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5869416A4CE for ; Tue, 4 Jan 2005 13:10:20 +0000 (GMT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2028143D48 for ; Tue, 4 Jan 2005 13:10:20 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.1/8.13.1) with ESMTP id j04DAK4i032015 for ; Tue, 4 Jan 2005 13:10:20 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.1/8.13.1/Submit) id j04DAJXY032014; Tue, 4 Jan 2005 13:10:19 GMT (envelope-from gnats) Date: Tue, 4 Jan 2005 13:10:19 GMT Message-Id: <200501041310.j04DAJXY032014@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org From: Ceri Davies Subject: Re: conf/75722: /usr/libexec/save-entropy ignores entropy_save_sz [patch] X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Ceri Davies List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Jan 2005 13:10:20 -0000 The following reply was made to PR conf/75722; it has been noted by GNATS. From: Ceri Davies To: FreeBSD Gnats Submit Cc: Subject: Re: conf/75722: /usr/libexec/save-entropy ignores entropy_save_sz [patch] Date: Tue, 4 Jan 2005 13:07:32 +0000 On Sun, Jan 02, 2005 at 04:47:41PM +0100, Nicolas Rachinsky wrote: > change entropy_save_sz to a non default value. It will be ignored. It is also ignored in /etc/rc.d/random, which the following patch corrects. Unforunately, this now only saves 2048 bits by default, though since the entropy_save_sz variable is shared, one of them needs to change: Index: etc/rc.d/random =================================================================== RCS file: /home/ncvs/src/etc/rc.d/random,v retrieving revision 1.7 diff -u -r1.7 random --- etc/rc.d/random 7 Oct 2004 13:55:26 -0000 1.7 +++ etc/rc.d/random 4 Jan 2005 12:53:13 -0000 @@ -80,7 +80,7 @@ ;; *) dd if=/dev/random of=${entropy_file_confirmed} \ - bs=4096 count=1 2> /dev/null + bs=${entropy_save_sz} count=1 2> /dev/null echo '.' ;; esac There are further problems with /etc/rc.d/random, which I will note here, as I am unsure of how it and save-entropy are supposed to work together. o /etc/rc.d/random expects /var/db/entropy to be a file on one occasion, and a directory on another: 31 entropy_dir=${entropy_dir:-/var/db/entropy} 32 if [ -d "${entropy_dir}" ]; then 33 if [ -w /dev/random ]; then 34 for seedfile in ${entropy_dir}/*; do 35 feed_dev_random "${seedfile}" 36 done 37 fi 38 fi 39 ;; 69 # Try this as a reasonable alternative for read-only 70 # roots, diskless workstations, etc. 71 rm -f /var/db/entropy 72 if touch /var/db/entropy; then 73 entropy_file_confirmed=/var/db/entropy 74 fi Again, due to the variables being shared between here and save-entropy, I'm not sure of the appropriate fix. o /etc/rc.d/random contains the following snippet: 76 case ${entropy_file_confirmed} in 77 '') 78 err 1 '${entropy_file_confirmed}:' \ 79 ' entropy file write failed.' 80 ;; The intention here is presumably to print the failing filename, but it will always just print ": entropy file write failed.". Ceri