Skip to content

Commit

Permalink
urandom: don't seed/store in containers
Browse files Browse the repository at this point in the history
  • Loading branch information
@Gottox
Cameron Nemo authored and Gottox committed Mar 16, 2019
1 parent d8bea12 commit 0566391
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 5 deletions.
6 changes: 4 additions & 2 deletions 3
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,8 +18,10 @@ sv exit /var/service/*

[ -x /etc/rc.shutdown ] && /etc/rc.shutdown

msg "Saving random seed..."
( umask 077; bytes=$(cat /proc/sys/kernel/random/poolsize) || bytes=512; dd if=/dev/urandom of=/var/lib/random-seed count=1 bs=$bytes >/dev/null 2>&1 )
if [ -z "$VIRTUALIZATION" ]; then
msg "Saving random seed..."
( umask 077; bytes=$(cat /proc/sys/kernel/random/poolsize) || bytes=512; dd if=/dev/urandom of=/var/lib/random-seed count=1 bs=$bytes >/dev/null 2>&1 )
fi

if [ -z "$VIRTUALIZATION" -a -n "$HARDWARECLOCK" ]; then
hwclock --systohc ${HARDWARECLOCK:+--$(echo $HARDWARECLOCK |tr A-Z a-z)}
Expand Down
8 changes: 5 additions & 3 deletions core-services/05-misc.sh
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,10 @@
# vim: set ts=4 sw=4 et:

msg "Initializing random seed..."
cp /var/lib/random-seed /dev/urandom >/dev/null 2>&1 || true
( umask 077; bytes=$(cat /proc/sys/kernel/random/poolsize) || bytes=512; dd if=/dev/urandom of=/var/lib/random-seed count=1 bs=$bytes >/dev/null 2>&1 )
if [ -z "$VIRTUALIZATION" ]; then
msg "Initializing random seed..."
cp /var/lib/random-seed /dev/urandom >/dev/null 2>&1 || true
( umask 077; bytes=$(cat /proc/sys/kernel/random/poolsize) || bytes=512; dd if=/dev/urandom of=/var/lib/random-seed count=1 bs=$bytes >/dev/null 2>&1 )
fi

msg "Setting up loopback interface..."
ip link set up dev lo
Expand Down

0 comments on commit 0566391

Please sign in to comment.