Get rid of the postrandom script. It was born in a time when the

random script ran before filesystems were mounted, which is no longer the case. In random_start(), immediately delete each file that is fed into /dev/random, and recreate the default entropy file immediately after reading and deleting it. The logic used in random_stop() to determine which file to write to should probably be factored out and used here as well.
author: des <des@FreeBSD.org> 2014-11-02 01:47:27 +0000
committer: des <des@FreeBSD.org> 2014-11-02 01:47:27 +0000
commit: 79cf481147176a7adeb670c9a1d0012e2bb2c606 (patch)
tree: 54a33f8a84924e39197c127babbb6284c45fe5f6 /etc/rc.d/random
parent: 22a53e3b5ace7a690b1f0bb73f790f6d348f9b24 (diff)
download: FreeBSD-src-79cf481147176a7adeb670c9a1d0012e2bb2c606.zip
FreeBSD-src-79cf481147176a7adeb670c9a1d0012e2bb2c606.tar.gz
1 files changed, 34 insertions, 17 deletions
diff --git a/etc/rc.d/random b/etc/rc.d/random
index c7da932..2420a39 100755
--- a/etc/rc.d/random
+++ b/etc/rc.d/random
@@ -17,41 +17,58 @@ stop_cmd="random_stop"
 extra_commands="saveseed"
 saveseed_cmd="${name}_stop"
 
+save_dev_random()
+{
+	for f ; do
+		if :>>"$f" ; then
+			debug "saving entropy to $f"
+			dd if=/dev/random of="$f" bs=4096 count=1 2>/dev/null
+		fi
+	done
+}
+
 feed_dev_random()
 {
-	if [ -f "${1}" -a -r "${1}" -a -s "${1}" ]; then
-		cat "${1}" | dd of=/dev/random bs=8k 2>/dev/null
-	fi
+	for f ; do
+		if [ -f "$f" -a -r "$f" -a -s "$f" ] ; then
+			if dd if="$f" of=/dev/random bs=4096 2>/dev/null ; then
+				debug "entropy read from $f"
+				rm -f "$f"
+			fi
+		fi
+	done
 }
 
 random_start()
 {
+	echo -n 'Feeding entropy:'
+
+	if [ ! -w /dev/random ] ; then
+		warn "/dev/random is not writeable"
+		return 1
+	fi
+
 	# Reseed /dev/random with previously stored entropy.
-	case ${entropy_dir} in
+	case ${entropy_dir:=/var/db/entropy} in
 	[Nn][Oo])
 		;;
 	*)
-		entropy_dir=${entropy_dir:-/var/db/entropy}
-		if [ -d "${entropy_dir}" ]; then
-			if [ -w /dev/random ]; then
-				for seedfile in ${entropy_dir}/*; do
-					feed_dev_random "${seedfile}"
-				done
-			fi
+		if [ -d "${entropy_dir}" ] ; then
+			feed_dev_random "${entropy_dir}"/*
 		fi
 		;;
 	esac
 
-	case ${entropy_file} in
+	case ${entropy_file:=/entropy} in
 	[Nn][Oo] | '')
 		;;
 	*)
-		if [ -w /dev/random ]; then
-			feed_dev_random "${entropy_file}"
-			feed_dev_random /var/db/entropy-file
-		fi
+		feed_dev_random "${entropy_file}" /var/db/entropy-file
+		save_dev_random "${entropy_file}"
 		;;
 	esac
+
+	echo '.'
 }
 
 random_stop()
@@ -59,7 +76,7 @@ random_stop()
 	# Write some entropy so when the machine reboots /dev/random
 	# can be reseeded
 	#
-	case ${entropy_file} in
+	case ${entropy_file:=/entropy} in
 	[Nn][Oo] | '')
 		;;
 	*)
author	des <des@FreeBSD.org>	2014-11-02 01:47:27 +0000
committer	des <des@FreeBSD.org>	2014-11-02 01:47:27 +0000
commit	79cf481147176a7adeb670c9a1d0012e2bb2c606 (patch)
tree	54a33f8a84924e39197c127babbb6284c45fe5f6 /etc/rc.d/random
parent	22a53e3b5ace7a690b1f0bb73f790f6d348f9b24 (diff)
download	FreeBSD-src-79cf481147176a7adeb670c9a1d0012e2bb2c606.zip FreeBSD-src-79cf481147176a7adeb670c9a1d0012e2bb2c606.tar.gz