[prev in list] [next in list] [prev in thread] [next in thread] 

List:       hurd-bug
Subject:    Re: [PATCH] sutils: add random device targets to MAKEDEV
From:       David Michael <fedora.dm0 () gmail ! com>
Date:       2014-06-17 19:16:42
Message-ID: CAEvUa7mypiq0kJrNuLWVYz-mXhbPEcb3bU1xfoLEftkc2SOv4w () mail ! gmail ! com
[Download RAW message or body]

Hi,

On Tue, Jun 17, 2014 at 12:33 PM, Justus Winter
<4winter@informatik.uni-hamburg.de> wrote:
> Quoting David Michael (2014-06-16 21:08:19)
>> (I'm not married to the seed file argument, in case there is a
>> better default location for it.)
>
> For the record, Debian uses /var/spool/random-seed.

The seed file was stored in various locations on different
systems--/var/spool/ in Debian, /var/lib/ in RHEL, /var/run/ in
random(4), /var/lib/systemd/ in most distros these days--so I just
picked the one closest to my interpretation of the FHS.  (I actually
think /var/lib/misc/ is the most FHS-compliant location in this case
but found no precedence for systems using it after a cursory look.)
I'd be happy to go with the Debian location, too, if upstream Hurd is
to follow those conventions.

>> +      random)
>> +       st $I root 644 /hurd/random --secure --seed-file /var/lib/random-seed;;
>
> But --secure doesn't seem to work yet, aiui we lack entropy sources.
> The Debian package however contains a patch to make --fast the
> default.  You could drop --secure, as it is the default in the stock
> sources, and will be in the Debian package once this issue is
> addressed.

Okay, thanks.  I saw that /dev/random used the default level on Debian
Hurd, but I didn't notice it was patched away from --secure.

Perhaps it would be best to hold off on applying this if /dev/random
won't have entropy behind it.

Thanks.

David

[prev in list] [next in list] [prev in thread] [next in thread]