From owner-cvs-all Thu Jan 11 11: 3: 3 2001 Delivered-To: cvs-all@freebsd.org Received: from earth.backplane.com (placeholder-dcat-1076843399.broadbandoffice.net [64.47.83.135]) by hub.freebsd.org (Postfix) with ESMTP id 6D3C937B69E; Thu, 11 Jan 2001 11:02:37 -0800 (PST) Received: (from dillon@localhost) by earth.backplane.com (8.11.1/8.9.3) id f0BJ1jU72510; Thu, 11 Jan 2001 11:01:45 -0800 (PST) (envelope-from dillon) Date: Thu, 11 Jan 2001 11:01:45 -0800 (PST) From: Matt Dillon Message-Id: <200101111901.f0BJ1jU72510@earth.backplane.com> To: Sheldon Hearn Cc: obrien@FreeBSD.ORG, Doug Barton , cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG Subject: Re: cvs commit: src/etc crontab rc src/etc/defaults rc.conf src/etc/mtree BSD.root.dist src/libexec Makefile src/libexec/save-entropy Makefile save-entropy.sh References: <8537.979239256@axl.fw.uunet.co.za> Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I'm going to be blunt: Hell will freeze over before I allow the entropy file to be placed in /. It makes absolutely no sense whatsoever to break our ability to mount a read-only / just because nobody is willing to do some minor shifting of things in /etc/rc. We have a directory for variable data, it's called /var. We have a directory for persistent state files, it's called /var/db. They must be used, ESPECIALLY for something like this. This whole entropy thing has been a holy mess, and placing the file in / makes it even more of a mess. We don't need the level of randomness-paranoia that is being programmed into the system. -Matt :On Thu, 11 Jan 2001 10:33:17 PST, "David O'Brien" wrote: : :> Why use /.entropy as the default rather than /var//entropy ? :> / is often quite small, and everyone knows /var must (1) be writeable, :> and (2) have space for things to grow in. : :I'm pretty sure that this has all been discussed before, with quite a :bit of consensus (although some might bitch about the period in the :directory name '/.entropy'. : :The entropy seed files need to be in the root partition because a seeded :entropy device is needed _very_ early on. Specifically, it's needed by :at least mount_mfs(8). If we wait 'til /var is mounted, we have to wait :for everything in /etc/fstab to be mounted, so you end up with :mount_mfs(8) blocking on the entropy device. : :Hope that helps. : :Ciao, :Sheldon. : : To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message