From owner-svn-src-head@FreeBSD.ORG Fri Oct 11 20:21:46 2013 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id F1611A02; Fri, 11 Oct 2013 20:21:45 +0000 (UTC) (envelope-from des@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id CFA31211A; Fri, 11 Oct 2013 20:21:45 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.7/8.14.7) with ESMTP id r9BKLj0P092460; Fri, 11 Oct 2013 20:21:45 GMT (envelope-from des@svn.freebsd.org) Received: (from des@localhost) by svn.freebsd.org (8.14.7/8.14.5/Submit) id r9BKLiAo092449; Fri, 11 Oct 2013 20:21:44 GMT (envelope-from des@svn.freebsd.org) Message-Id: <201310112021.r9BKLiAo092449@svn.freebsd.org> From: Dag-Erling Smørgrav Date: Fri, 11 Oct 2013 20:21:44 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r256338 - in head/usr.sbin/bsdinstall: . scripts X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Oct 2013 20:21:46 -0000 Author: des Date: Fri Oct 11 20:21:44 2013 New Revision: 256338 URL: http://svnweb.freebsd.org/changeset/base/256338 Log: After installation, dump 4096 bytes from /dev/random to /entropy in the newly installed system. This should greatly increase the amount of entropy available when SSH host keys are generated during first boot. Reviewed by: markm, nathanw Approved by: re (gjb) Added: head/usr.sbin/bsdinstall/scripts/entropy (contents, props changed) Modified: head/usr.sbin/bsdinstall/bsdinstall.8 head/usr.sbin/bsdinstall/scripts/Makefile head/usr.sbin/bsdinstall/scripts/auto head/usr.sbin/bsdinstall/scripts/jail head/usr.sbin/bsdinstall/scripts/script Modified: head/usr.sbin/bsdinstall/bsdinstall.8 ============================================================================== --- head/usr.sbin/bsdinstall/bsdinstall.8 Fri Oct 11 20:15:38 2013 (r256337) +++ head/usr.sbin/bsdinstall/bsdinstall.8 Fri Oct 11 20:21:44 2013 (r256338) @@ -25,7 +25,7 @@ .\" .\" $FreeBSD$ .\" -.Dd January 21, 2013 +.Dd October 6, 2013 .Dt BSDINSTALL 8 .Os .Sh NAME @@ -60,6 +60,10 @@ targets. .Bl -tag -width ".Cm jail Ar destination" .It Cm auto Run the standard interactive installation, including disk partitioning. +.It Cm entropy +Reads a small amount of data from +.Pa /dev/random +and stores it in a file in the new system's root directory. .It Cm jail Ar destination Sets up a new chroot system at .Pa destination , Modified: head/usr.sbin/bsdinstall/scripts/Makefile ============================================================================== --- head/usr.sbin/bsdinstall/scripts/Makefile Fri Oct 11 20:15:38 2013 (r256337) +++ head/usr.sbin/bsdinstall/scripts/Makefile Fri Oct 11 20:21:44 2013 (r256338) @@ -1,8 +1,8 @@ # $FreeBSD$ -SCRIPTS= auto adduser checksum config docsinstall hostname jail keymap \ - mirrorselect mount netconfig netconfig_ipv4 netconfig_ipv6 rootpass \ - script services time umount wlanconfig +SCRIPTS= auto adduser checksum config docsinstall entropy hostname jail \ + keymap mirrorselect mount netconfig netconfig_ipv4 netconfig_ipv6 \ + rootpass script services time umount wlanconfig BINDIR= /usr/libexec/bsdinstall NO_MAN= true Modified: head/usr.sbin/bsdinstall/scripts/auto ============================================================================== --- head/usr.sbin/bsdinstall/scripts/auto Fri Oct 11 20:15:38 2013 (r256337) +++ head/usr.sbin/bsdinstall/scripts/auto Fri Oct 11 20:21:44 2013 (r256338) @@ -222,5 +222,8 @@ if [ $? -eq 0 ]; then chroot "$BSDINSTALL_CHROOT" /bin/sh 2>&1 fi +bsdinstall entropy +bsdinstall umount + echo "Installation Completed at $(date)" >> $BSDINSTALL_LOG Added: head/usr.sbin/bsdinstall/scripts/entropy ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/usr.sbin/bsdinstall/scripts/entropy Fri Oct 11 20:21:44 2013 (r256338) @@ -0,0 +1,29 @@ +#!/bin/sh +#- +# Copyright (c) 2013 Dag-Erling Smørgrav +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# +# $FreeBSD$ + +dd if=/dev/random of=$BSDINSTALL_CHROOT/entropy bs=4096 count=1 Modified: head/usr.sbin/bsdinstall/scripts/jail ============================================================================== --- head/usr.sbin/bsdinstall/scripts/jail Fri Oct 11 20:15:38 2013 (r256337) +++ head/usr.sbin/bsdinstall/scripts/jail Fri Oct 11 20:21:44 2013 (r256338) @@ -110,5 +110,7 @@ bsdinstall config || error cp /etc/resolv.conf $1/etc cp /etc/localtime $1/etc +bsdinstall entropy + echo "Installation Completed at $(date)" >> $BSDINSTALL_LOG Modified: head/usr.sbin/bsdinstall/scripts/script ============================================================================== --- head/usr.sbin/bsdinstall/scripts/script Fri Oct 11 20:15:38 2013 (r256337) +++ head/usr.sbin/bsdinstall/scripts/script Fri Oct 11 20:21:44 2013 (r256338) @@ -83,6 +83,7 @@ if [ -f /tmp/bsdinstall-installscript-ab rm $BSDINSTALL_CHROOT/tmp/installscript fi +bsdinstall entropy bsdinstall umount echo "Installation Completed at $(date)" >> $BSDINSTALL_LOG