diff options
author | John Denker <jsd@av8n.com> | 2013-11-05 17:00:54 -0700 |
---|---|---|
committer | John Denker <jsd@av8n.com> | 2013-11-05 17:04:12 -0700 |
commit | 686444948276dbd6565e0bb8cec5b3d998a1621d (patch) | |
tree | 054f176e2f6f8e79708a36a377e6c79fbf27c833 | |
parent | 1c30e25f4adf015865d57a7b5ab670cde446c82c (diff) |
first draft: urandom-save
-rw-r--r-- | urandom-save.conf | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/urandom-save.conf b/urandom-save.conf new file mode 100644 index 0000000..eecac2d --- /dev/null +++ b/urandom-save.conf @@ -0,0 +1,25 @@ +# urandom-save - save a new seed-file, for use by kernel PRNG at next boot +# + +description "save seed-file for use by kernel PRNG" + +# a) We should refresh the seed-file as soon as possible +# i.e. as soon as the filesystem is mounted and writeable. +# b) We should also refresh it again as late as possible, +# i.e. when shutting down, i.e. runlevels other than 2345 +start on (filesystem or runlevel [!2345]) + +task +console output + +script + SAVEDFILE=/var/lib/urandom/random-seed # probably belongs in a config file +# 512 is usually the right size, as documented in drivers/char/random.c + POOLSIZE=512 # size in bytes + if test -f /proc/sys/kernel/random/poolsize \ + && ProcPoolSize="$(cat /proc/sys/kernel/random/poolsize)" ; then +# Kernels 2.6.12 and later report poolsize in bits; we convert to bytes here: + POOLSIZE=$((ProcPoolSize/8)) + fi + dd if=/dev/urandom of=$SAVEDFILE bs=$POOLSIZE count=1 >/dev/null 2>&1 +end script |