Re: svn commit: r239569 - head/etc/rc.d
Doug,
On Sun, Sep 02, 2012 at 03:20:31PM -0700, Doug Barton wrote:
> In the third case, the system boots, but is then rebooted again before
> the cron interval has had a chance to replace even 1 file. This is the
> case where removing the old entropy is particularly pathological. It
I believe you're missing the point that we don't just cleanup old
entropy file -- we re-generate it via "/etc/rc.d/random fastsaveseed" call in
postrandom_start()
> > +extra_commands="saveseed"
> > +saveseed_cmd="${name}_stop"
>
> I don't understand the need for this.
That's how "/etc/rc.d/random fastsaveseed" translates in to "/etc/rc.d/random
stop", which does the jobs of re-generating seed file.
In the end, assuming machine boots up passed postrandom script, we're left with
no stale seed files, but a freshly generated ${entropy_file_confirmed}, which
should be sufficient to seed next bootup.
Thanks
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 35 之 145 篇):