mirror of
https://git.FreeBSD.org/src.git
synced 2025-01-10 14:02:43 +00:00
f297a20e30
save file was /var/db/entropy, which also happens to be the directory where the individual entropy files created by /usr/libexec/save-entropy are stored. Change the suggestion to be /var/db/entropy-file instead. In an error condition where the shutdown file is not created, the error message accessed a variable that doesn't exist. PR: conf/75722 Submitted by: Nicolas Rachinsky <list@rachinsky.de>
93 lines
1.6 KiB
Bash
93 lines
1.6 KiB
Bash
#!/bin/sh
|
|
#
|
|
# $FreeBSD$
|
|
#
|
|
|
|
# PROVIDE: random
|
|
# REQUIRE: var initrandom
|
|
# BEFORE: netif
|
|
# KEYWORD: nojail shutdown
|
|
|
|
. /etc/rc.subr
|
|
|
|
name="random"
|
|
start_cmd="random_start"
|
|
stop_cmd="random_stop"
|
|
|
|
feed_dev_random()
|
|
{
|
|
if [ -f "${1}" -a -r "${1}" -a -s "${1}" ]; then
|
|
cat "${1}" | dd of=/dev/random bs=8k 2>/dev/null
|
|
fi
|
|
}
|
|
|
|
random_start()
|
|
{
|
|
# Reseed /dev/random with previously stored entropy.
|
|
case ${entropy_dir} in
|
|
[Nn][Oo])
|
|
;;
|
|
*)
|
|
entropy_dir=${entropy_dir:-/var/db/entropy}
|
|
if [ -d "${entropy_dir}" ]; then
|
|
if [ -w /dev/random ]; then
|
|
for seedfile in ${entropy_dir}/*; do
|
|
feed_dev_random "${seedfile}"
|
|
done
|
|
fi
|
|
fi
|
|
;;
|
|
esac
|
|
|
|
case ${entropy_file} in
|
|
[Nn][Oo] | '')
|
|
;;
|
|
*)
|
|
if [ -w /dev/random ]; then
|
|
feed_dev_random "${entropy_file}"
|
|
fi
|
|
;;
|
|
esac
|
|
}
|
|
|
|
random_stop()
|
|
{
|
|
# Write some entropy so when the machine reboots /dev/random
|
|
# can be reseeded
|
|
#
|
|
case ${entropy_file} in
|
|
[Nn][Oo] | '')
|
|
;;
|
|
*)
|
|
echo -n 'Writing entropy file:'
|
|
rm -f ${entropy_file}
|
|
oumask=`umask`
|
|
umask 077
|
|
if touch ${entropy_file}; then
|
|
entropy_file_confirmed="${entropy_file}"
|
|
else
|
|
# Try this as a reasonable alternative for read-only
|
|
# roots, diskless workstations, etc.
|
|
rm -f /var/db/entropy-file
|
|
if touch /var/db/entropy-file; then
|
|
entropy_file_confirmed=/var/db/entropy-file
|
|
fi
|
|
fi
|
|
case ${entropy_file_confirmed} in
|
|
'')
|
|
err 1 'entropy file write failed.'
|
|
;;
|
|
*)
|
|
dd if=/dev/random of=${entropy_file_confirmed} \
|
|
bs=4096 count=1 2> /dev/null
|
|
echo '.'
|
|
;;
|
|
esac
|
|
umask ${oumask}
|
|
;;
|
|
esac
|
|
}
|
|
|
|
load_rc_config $name
|
|
run_rc_command "$1"
|