From owner-svn-src-all@FreeBSD.ORG Thu Oct 4 22:23:40 2012 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id C01FB106566C; Thu, 4 Oct 2012 22:23:40 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id A9AA08FC08; Thu, 4 Oct 2012 22:23:40 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id q94MNebU034668; Thu, 4 Oct 2012 22:23:40 GMT (envelope-from dougb@svn.freebsd.org) Received: (from dougb@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id q94MNedd034666; Thu, 4 Oct 2012 22:23:40 GMT (envelope-from dougb@svn.freebsd.org) Message-Id: <201210042223.q94MNedd034666@svn.freebsd.org> From: Doug Barton Date: Thu, 4 Oct 2012 22:23:40 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-9@freebsd.org X-SVN-Group: stable-9 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r241205 - stable/9/libexec/save-entropy X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Oct 2012 22:23:41 -0000 Author: dougb Date: Thu Oct 4 22:23:40 2012 New Revision: 241205 URL: http://svn.freebsd.org/changeset/base/241205 Log: MFC r240090: Improve file rotation Modified: stable/9/libexec/save-entropy/save-entropy.sh Directory Properties: stable/9/libexec/save-entropy/ (props changed) Modified: stable/9/libexec/save-entropy/save-entropy.sh ============================================================================== --- stable/9/libexec/save-entropy/save-entropy.sh Thu Oct 4 22:16:58 2012 (r241204) +++ stable/9/libexec/save-entropy/save-entropy.sh Thu Oct 4 22:23:40 2012 (r241205) @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (c) 2001-2006 Douglas Barton, DougB@FreeBSD.org +# Copyright (c) 2001-2006,2012 Douglas Barton, dougb@FreeBSD.org # All rights reserved. # # Redistribution and use in source and binary forms, with or without @@ -29,7 +29,7 @@ # This script is called by cron to store bits of randomness which are # then used to seed /dev/random on boot. -# Originally developed by Doug Barton, DougB@FreeBSD.org +# Originally developed by Doug Barton, dougb@FreeBSD.org PATH=/bin:/usr/bin @@ -55,38 +55,36 @@ entropy_save_sz=${entropy_save_sz:-2048} entropy_save_num=${entropy_save_num:-8} if [ ! -d "${entropy_dir}" ]; then - umask 077 - mkdir "${entropy_dir}" || { - logger -is -t "$0" The entropy directory "${entropy_dir}" does not \ -exist, and cannot be created. Therefore no entropy can be saved. ; - exit 1;} - /usr/sbin/chown operator:operator "${entropy_dir}" - chmod 0700 "${entropy_dir}" + install -d -o operator -g operator -m 0700 "${entropy_dir}" || { + logger -is -t "$0" The entropy directory "${entropy_dir}" does \ + not exist, and cannot be created. Therefore no entropy can \ + be saved.; exit 1; } fi +cd "${entropy_dir}" || { + logger -is -t "$0" Cannot cd to the entropy directory: "${entropy_dir}". \ + Entropy file rotation is aborted.; exit 1; } + +for f in saved-entropy.*; do + case "${f}" in saved-entropy.\*) continue ;; esac # No files match + [ ${f#saved-entropy\.} -ge ${entropy_save_num} ] && unlink ${f} +done + umask 377 -esn_m1=$(( ${entropy_save_num} - 1 )) -for file_num in `jot $esn_m1 $esn_m1 1`; do - if [ -e "${entropy_dir}/saved-entropy.${file_num}" ]; then - if [ -f "${entropy_dir}/saved-entropy.${file_num}" ]; then - new_file=saved-entropy.$(( $file_num + 1 )) - if [ -e "${entropy_dir}/${new_file}" ]; then - unlink ${entropy_dir}/${new_file} - fi - mv "${entropy_dir}/saved-entropy.${file_num}" \ - "${entropy_dir}/${new_file}" - else - logger -is -t "$0" \ -"${entropy_dir}/saved-entropy.${file_num} is not a regular file, and therefore \ -it will not be rotated. Entropy file harvesting is aborted." - exit 1 - fi +n=$(( ${entropy_save_num} - 1 )) +while [ ${n} -ge 1 ]; do + if [ -f "saved-entropy.${n}" ]; then + mv "saved-entropy.${n}" "saved-entropy.$(( ${n} + 1 ))" + elif [ -e "saved-entropy.${n}" -o -L "saved-entropy.${n}" ]; then + logger -is -t "$0" \ + "${entropy_dir}/saved-entropy.${n}" is not a regular file, and so \ + it will not be rotated. Entropy file rotation is aborted. + exit 1 fi + n=$(( ${n} - 1 )) done -dd if=/dev/random of="${entropy_dir}/saved-entropy.1" \ - bs="$entropy_save_sz" count=1 2> /dev/null +dd if=/dev/random of=saved-entropy.1 bs=${entropy_save_sz} count=1 2>/dev/null exit 0 -