Date: Sat, 23 Jul 2005 07:05:59 +0400 From: Andrey Chernov <ache@FreeBSD.ORG> To: "Greg 'groggy' Lehey" <grog@FreeBSD.ORG> Cc: cvs-src@FreeBSD.ORG, src-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG Subject: Re: cvs commit: src/games/fortune/fortune fortune.c Message-ID: <20050723030559.GA29502@nagual.pp.ru> In-Reply-To: <20050723022138.GX842@wantadilla.lemis.com> References: <200507230146.j6N1koqL061690@repoman.freebsd.org> <20050723015517.GA28428@nagual.pp.ru> <20050723020120.GV842@wantadilla.lemis.com> <20050723020810.GA28712@nagual.pp.ru> <20050723022138.GX842@wantadilla.lemis.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --]
On Sat, Jul 23, 2005 at 11:51:38AM +0930, Greg 'groggy' Lehey wrote:
> I suspect that there's a large number of people out there who don't
> want to go to that much trouble just to get rid of Rush Limbaugh. For
Probably it should go to FAQ. Something like that: if you constantly see
"Rush Limbaugh" (or some else) quote, it means your /dev/random is not
initialized, and you are in great danger, please tune it properly.
Better have visible bad showstopper in that case. You _mask_ the real
problem, and it is _very_ dangerous from security point of view (f.e.
gnupg use /dev/random too) because /dev/random initialization not becomes
proper after this commit, only its incorrectnes made hidden.
> course. Would you like to investigate? I've been seeing problems in
> this are for the last few years. And of course, once we can be really
Personally me never see that. Look at the whole random section in
/etc/defaults/rc.conf:
entropy_file="/entropy" # Set to NO to disable caching entropy through reboots.
# /var/db/entropy-file is preferred if / is not avail.
entropy_dir="/var/db/entropy" # Set to NO to disable caching entropy via cron.
entropy_save_sz="2048" # Size of the entropy cache files.
entropy_save_num="8" # Number of entropy cache files to save.
harvest_interrupt="YES" # Entropy device harvests interrupt randomness
harvest_ethernet="YES" # Entropy device harvests ethernet randomness
harvest_p_to_p="YES" # Entropy device harvests point-to-point randomness
If you set entropy_file="NO", you must have at least
/var/db/entropy/saved-entropy.* across reboots. If it fix your fortune
problem, please back out your commit and fix /etc/defaults/rc.conf
instead.
--
http://ache.pp.ru/
[-- Attachment #2 --]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (FreeBSD)
iQCVAwUBQuG0F+JgpPLZnQjrAQKr+wQAjoD2pwgBw0B6w2hBv9l7A6o2Qlw6m2Hl
nUnutwyKQwDHveqL04NobKhjBzWQVjnDdrTkAifv5wwwhKNImoT51GXPjIs8Ffjh
4IuTs0QS0w00yvh7JP/n1XJ0x7B1GqKJUFj3vQZ841tBI6OtnoqerUD5uPSQbopX
xr+vkC9dgJ0=
=g335
-----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050723030559.GA29502>