From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH 1/2] random: Launch rngd earlier in the boot process
Date: Wed, 29 Apr 2020 19:33:03 +0000 [thread overview]
Message-ID: <20200429193304.21404-2-michael.tremer@ipfire.org> (raw)
In-Reply-To: <20200429193304.21404-1-michael.tremer@ipfire.org>
[-- Attachment #1: Type: text/plain, Size: 4733 bytes --]
We should initialise the kernel's PRNG as early as we can.
Starting rngd very early will seed the random number generator
when RDRAND or other hardware random number generators are available.
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
---
config/rootfiles/common/aarch64/initscripts | 2 +-
config/rootfiles/common/armv5tel/initscripts | 2 +-
config/rootfiles/common/i586/initscripts | 2 +-
config/rootfiles/common/x86_64/initscripts | 2 +-
lfs/initscripts | 2 +-
5 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/config/rootfiles/common/aarch64/initscripts b/config/rootfiles/common/aarch64/initscripts
index 54f6f92a3..d6f13224a 100644
--- a/config/rootfiles/common/aarch64/initscripts
+++ b/config/rootfiles/common/aarch64/initscripts
@@ -193,6 +193,7 @@ etc/rc.d/rcsysinit.d/S44smt
etc/rc.d/rcsysinit.d/S45udev_retry
etc/rc.d/rcsysinit.d/S50cleanfs
etc/rc.d/rcsysinit.d/S60setclock
+etc/rc.d/rcsysinit.d/S65rngd
etc/rc.d/rcsysinit.d/S70console
etc/rc.d/rcsysinit.d/S71pakfire
etc/rc.d/rcsysinit.d/S73swconfig
@@ -200,7 +201,6 @@ etc/rc.d/rcsysinit.d/S74cloud-init
etc/rc.d/rcsysinit.d/S75firstsetup
etc/rc.d/rcsysinit.d/S80localnet
etc/rc.d/rcsysinit.d/S85firewall
-etc/rc.d/rcsysinit.d/S92rngd
#etc/sysconfig
etc/sysconfig/createfiles
etc/sysconfig/firewall.local
diff --git a/config/rootfiles/common/armv5tel/initscripts b/config/rootfiles/common/armv5tel/initscripts
index 54f6f92a3..d6f13224a 100644
--- a/config/rootfiles/common/armv5tel/initscripts
+++ b/config/rootfiles/common/armv5tel/initscripts
@@ -193,6 +193,7 @@ etc/rc.d/rcsysinit.d/S44smt
etc/rc.d/rcsysinit.d/S45udev_retry
etc/rc.d/rcsysinit.d/S50cleanfs
etc/rc.d/rcsysinit.d/S60setclock
+etc/rc.d/rcsysinit.d/S65rngd
etc/rc.d/rcsysinit.d/S70console
etc/rc.d/rcsysinit.d/S71pakfire
etc/rc.d/rcsysinit.d/S73swconfig
@@ -200,7 +201,6 @@ etc/rc.d/rcsysinit.d/S74cloud-init
etc/rc.d/rcsysinit.d/S75firstsetup
etc/rc.d/rcsysinit.d/S80localnet
etc/rc.d/rcsysinit.d/S85firewall
-etc/rc.d/rcsysinit.d/S92rngd
#etc/sysconfig
etc/sysconfig/createfiles
etc/sysconfig/firewall.local
diff --git a/config/rootfiles/common/i586/initscripts b/config/rootfiles/common/i586/initscripts
index b32efd786..2db7f1aa3 100644
--- a/config/rootfiles/common/i586/initscripts
+++ b/config/rootfiles/common/i586/initscripts
@@ -192,13 +192,13 @@ etc/rc.d/rcsysinit.d/S44smt
etc/rc.d/rcsysinit.d/S45udev_retry
etc/rc.d/rcsysinit.d/S50cleanfs
etc/rc.d/rcsysinit.d/S60setclock
+etc/rc.d/rcsysinit.d/S65rngd
etc/rc.d/rcsysinit.d/S70console
etc/rc.d/rcsysinit.d/S71pakfire
etc/rc.d/rcsysinit.d/S74cloud-init
etc/rc.d/rcsysinit.d/S75firstsetup
etc/rc.d/rcsysinit.d/S80localnet
etc/rc.d/rcsysinit.d/S85firewall
-etc/rc.d/rcsysinit.d/S92rngd
#etc/sysconfig
etc/sysconfig/createfiles
etc/sysconfig/firewall.local
diff --git a/config/rootfiles/common/x86_64/initscripts b/config/rootfiles/common/x86_64/initscripts
index b32efd786..2db7f1aa3 100644
--- a/config/rootfiles/common/x86_64/initscripts
+++ b/config/rootfiles/common/x86_64/initscripts
@@ -192,13 +192,13 @@ etc/rc.d/rcsysinit.d/S44smt
etc/rc.d/rcsysinit.d/S45udev_retry
etc/rc.d/rcsysinit.d/S50cleanfs
etc/rc.d/rcsysinit.d/S60setclock
+etc/rc.d/rcsysinit.d/S65rngd
etc/rc.d/rcsysinit.d/S70console
etc/rc.d/rcsysinit.d/S71pakfire
etc/rc.d/rcsysinit.d/S74cloud-init
etc/rc.d/rcsysinit.d/S75firstsetup
etc/rc.d/rcsysinit.d/S80localnet
etc/rc.d/rcsysinit.d/S85firewall
-etc/rc.d/rcsysinit.d/S92rngd
#etc/sysconfig
etc/sysconfig/createfiles
etc/sysconfig/firewall.local
diff --git a/lfs/initscripts b/lfs/initscripts
index 37ca5cd3f..ba6c9f913 100644
--- a/lfs/initscripts
+++ b/lfs/initscripts
@@ -173,13 +173,13 @@ $(TARGET) :
ln -sf ../init.d/setclock /etc/rc.d/rcsysinit.d/S60setclock
ln -sf ../init.d/setclock /etc/rc.d/rc0.d/K47setclock
ln -sf ../init.d/setclock /etc/rc.d/rc6.d/K47setclock
+ ln -sf ../init.d/rngd /etc/rc.d/rcsysinit.d/S65rngd
ln -sf ../init.d/console /etc/rc.d/rcsysinit.d/S70console
ln -sf ../init.d/pakfire /etc/rc.d/rcsysinit.d/S71pakfire
ln -sf ../init.d/cloud-init /etc/rc.d/rcsysinit.d/S74cloud-init
ln -sf ../init.d/firstsetup /etc/rc.d/rcsysinit.d/S75firstsetup
ln -sf ../init.d/localnet /etc/rc.d/rcsysinit.d/S80localnet
ln -sf ../init.d/firewall /etc/rc.d/rcsysinit.d/S85firewall
- ln -sf ../init.d/rngd /etc/rc.d/rcsysinit.d/S92rngd
ln -sf ../init.d/vnstat /etc/rc.d/rc3.d/S01vnstat
ln -sf ../init.d/vnstat /etc/rc.d/rc0.d/K51vnstat
ln -sf ../init.d/vnstat /etc/rc.d/rc6.d/K51vnstat
--
2.20.1
next prev parent reply other threads:[~2020-04-29 19:33 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-04-29 19:33 Fixing problems installing IPFire on systems without randomness Michael Tremer
2020-04-29 19:33 ` Michael Tremer [this message]
2020-04-29 19:33 ` [PATCH 2/2] random: Initialise the kernel's PRNG earlier Michael Tremer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200429193304.21404-2-michael.tremer@ipfire.org \
--to=michael.tremer@ipfire.org \
--cc=development@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox