From: Adolf Belka <adolf.belka@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: [PATCH 1/2] rng-tools: Move from core package to addon - fixes bug 12900
Date: Sun, 05 Feb 2023 20:51:12 +0100 [thread overview]
Message-ID: <8faaaecb-cf68-baec-d362-bf70385b3808@ipfire.org> (raw)
In-Reply-To: <3B3DA033-57AC-4733-B6B5-35F6E35A2CE6@ipfire.org>
[-- Attachment #1: Type: text/plain, Size: 12087 bytes --]
Hi Michael,
On 05/02/2023 19:53, Michael Tremer wrote:
> Hello Adolf,
>
> Thank you for the patch, but didn’t we agree to drop this package in last month’s call?
Yes but no further communication occurred on this and @Paul followed up
in the bug comments with a further entreaty to keep rng-tools as an addon.
I had also found that rng-tools is still used by the kernel, but only
after it has achieved its required entropy level by doing an XOR
inclusion of the entropy data post achieving its entropy level. So
rng-tools can still be used but only as a dilution of the entropy
sources for the kernel.
So I raised the patch to enable a conclusion on rng-tools.
If this was an incorrect approach to have taken I apologise.
Regards,
Adolf.
>
> -Michael
>
>> On 5 Feb 2023, at 19:06, Adolf Belka <adolf.belka(a)ipfire.org> wrote:
>>
>> - This patch is to move the rng-tools package from a core package to an addon. With the
>> kernel changes from 5.6 rngd is no longer needed to create the required kernel entropy.
>> - The results from HRNG's via rngd are used with an XOR after the entropy is
>> collected by the kernel. So the HWRNG output is used to dilute the kernel random number
>> data, which is already merged from several sources.
>> - Based on the above and @Paul's request in the bug report to have rng-tools kept as an
>> addon this patch set is submitted for consideration to keep rng-tools but as an addon.
>> - move rng-tools rootfile from common to packages
>> - Modify rng-tools lfs from core package to addon package
>> - Create rng-tools pak to install and uninstall - creating rc.d links for start & stop.
>> - Move rngd initscript from system to packages directory.
>> - Installed into my vm testbed and confirmed that it works. No rngd daemon installed
>> from iso install. After addon install rngd is present and running. Added various files
>> to be able to test the services wui page. rngd shows up and can be turned off and on
>>
>> Fixes: Bug#12900
>> Tested-by: Adolf Belka <adolf.belka(a)ipfire.org>
>> Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
>> ---
>> .../rootfiles/{common => packages}/rng-tools | 2 ++
>> lfs/rng-tools | 14 ++++++++-
>> src/initscripts/{system => packages}/rngd | 0
>> src/paks/rng-tools/install.sh | 30 +++++++++++++++++++
>> src/paks/rng-tools/uninstall.sh | 28 +++++++++++++++++
>> src/paks/rng-tools/update.sh | 26 ++++++++++++++++
>> 6 files changed, 99 insertions(+), 1 deletion(-)
>> rename config/rootfiles/{common => packages}/rng-tools (69%)
>> rename src/initscripts/{system => packages}/rngd (100%)
>> create mode 100644 src/paks/rng-tools/install.sh
>> create mode 100644 src/paks/rng-tools/uninstall.sh
>> create mode 100644 src/paks/rng-tools/update.sh
>>
>> diff --git a/config/rootfiles/common/rng-tools b/config/rootfiles/packages/rng-tools
>> similarity index 69%
>> rename from config/rootfiles/common/rng-tools
>> rename to config/rootfiles/packages/rng-tools
>> index 596a911c1..fbeda7800 100644
>> --- a/config/rootfiles/common/rng-tools
>> +++ b/config/rootfiles/packages/rng-tools
>> @@ -1,4 +1,6 @@
>> +usr/bin/randstat
>> usr/bin/rngtest
>> usr/sbin/rngd
>> #usr/share/man/man1/rngtest.1
>> #usr/share/man/man8/rngd.8
>> +etc/rc.d/init.d/rngd
>> diff --git a/lfs/rng-tools b/lfs/rng-tools
>> index cafb1bcda..6a85a8482 100644
>> --- a/lfs/rng-tools
>> +++ b/lfs/rng-tools
>> @@ -1,7 +1,7 @@
>> ###############################################################################
>> # #
>> # IPFire.org - A linux based firewall #
>> -# Copyright (C) 2007-2021 IPFire Team <info(a)ipfire.org> #
>> +# Copyright (C) 2007-2023 IPFire Team <info(a)ipfire.org> #
>> # #
>> # This program is free software: you can redistribute it and/or modify #
>> # it under the terms of the GNU General Public License as published by #
>> @@ -25,12 +25,19 @@
>> include Config
>>
>> VER = 6.14
>> +SUMMARY = This is a random number generator daemon
>>
>> THISAPP = rng-tools-$(VER)
>> DL_FILE = $(THISAPP).tar.gz
>> DL_FROM = $(URL_IPFIRE)
>> DIR_APP = $(DIR_SRC)/$(THISAPP)
>> TARGET = $(DIR_INFO)/$(THISAPP)
>> +PROG = rng-tools
>> +PAK_VER = 1
>> +
>> +DEPS =
>> +
>> +SERVICES = rngd
>>
>> ###############################################################################
>> # Top-level Rules
>> @@ -50,6 +57,9 @@ download :$(patsubst %,$(DIR_DL)/%,$(objects))
>>
>> b2 : $(subst %,%_BLAKE2,$(objects))
>>
>> +dist:
>> + @$(PAK)
>> +
>> ###############################################################################
>> # Downloading, checking, b2sum
>> ###############################################################################
>> @@ -77,5 +87,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
>> --without-rtlsdr
>> cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE)
>> cd $(DIR_APP) && make $(EXTRA_INSTALL) install
>> + #install initscript
>> + $(call INSTALL_INITSCRIPTS,$(SERVICES))
>> @rm -rf $(DIR_APP)
>> @$(POSTBUILD)
>> diff --git a/src/initscripts/system/rngd b/src/initscripts/packages/rngd
>> similarity index 100%
>> rename from src/initscripts/system/rngd
>> rename to src/initscripts/packages/rngd
>> diff --git a/src/paks/rng-tools/install.sh b/src/paks/rng-tools/install.sh
>> new file mode 100644
>> index 000000000..a53ccc43c
>> --- /dev/null
>> +++ b/src/paks/rng-tools/install.sh
>> @@ -0,0 +1,30 @@
>> +#!/bin/bash
>> +############################################################################
>> +# #
>> +# This file is part of the IPFire Firewall. #
>> +# #
>> +# IPFire is free software; you can redistribute it and/or modify #
>> +# it under the terms of the GNU General Public License as published by #
>> +# the Free Software Foundation; either version 2 of the License, or #
>> +# (at your option) any later version. #
>> +# #
>> +# IPFire is distributed in the hope that it will be useful, #
>> +# but WITHOUT ANY WARRANTY; without even the implied warranty of #
>> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
>> +# GNU General Public License for more details. #
>> +# #
>> +# You should have received a copy of the GNU General Public License #
>> +# along with IPFire; if not, write to the Free Software #
>> +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
>> +# #
>> +# Copyright (C) 2007-2023 IPFire-Team <info(a)ipfire.org>. #
>> +# #
>> +############################################################################
>> +#
>> +. /opt/pakfire/lib/functions.sh
>> +extract_files
>> +# create startlinks
>> +ln -sf ../init.d/rngd /etc/rc.d/rc0.d/K35rngd
>> +ln -sf ../init.d/rngd /etc/rc.d/rc3.d/S65rngd
>> +ln -sf ../init.d/rngd /etc/rc.d/rc6.d/K35rngd
>> +start_service --background rngd
>> diff --git a/src/paks/rng-tools/uninstall.sh b/src/paks/rng-tools/uninstall.sh
>> new file mode 100644
>> index 000000000..cc9fbb355
>> --- /dev/null
>> +++ b/src/paks/rng-tools/uninstall.sh
>> @@ -0,0 +1,28 @@
>> +#!/bin/bash
>> +############################################################################
>> +# #
>> +# This file is part of the IPFire Firewall. #
>> +# #
>> +# IPFire is free software; you can redistribute it and/or modify #
>> +# it under the terms of the GNU General Public License as published by #
>> +# the Free Software Foundation; either version 2 of the License, or #
>> +# (at your option) any later version. #
>> +# #
>> +# IPFire is distributed in the hope that it will be useful, #
>> +# but WITHOUT ANY WARRANTY; without even the implied warranty of #
>> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
>> +# GNU General Public License for more details. #
>> +# #
>> +# You should have received a copy of the GNU General Public License #
>> +# along with IPFire; if not, write to the Free Software #
>> +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
>> +# #
>> +# Copyright (C) 2007-2023 IPFire-Team <info(a)ipfire.org>. #
>> +# #
>> +############################################################################
>> +#
>> +. /opt/pakfire/lib/functions.sh
>> +stop_service rngd
>> +remove_files
>> +# Remove all start links.
>> +rm -rf /etc/rc.d/rc*.d/*rngd
>> diff --git a/src/paks/rng-tools/update.sh b/src/paks/rng-tools/update.sh
>> new file mode 100644
>> index 000000000..83bd0ad98
>> --- /dev/null
>> +++ b/src/paks/rng-tools/update.sh
>> @@ -0,0 +1,26 @@
>> +#!/bin/bash
>> +############################################################################
>> +# #
>> +# This file is part of the IPFire Firewall. #
>> +# #
>> +# IPFire is free software; you can redistribute it and/or modify #
>> +# it under the terms of the GNU General Public License as published by #
>> +# the Free Software Foundation; either version 2 of the License, or #
>> +# (at your option) any later version. #
>> +# #
>> +# IPFire is distributed in the hope that it will be useful, #
>> +# but WITHOUT ANY WARRANTY; without even the implied warranty of #
>> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
>> +# GNU General Public License for more details. #
>> +# #
>> +# You should have received a copy of the GNU General Public License #
>> +# along with IPFire; if not, write to the Free Software #
>> +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
>> +# #
>> +# Copyright (C) 2007-2023 IPFire-Team <info(a)ipfire.org>. #
>> +# #
>> +############################################################################
>> +#
>> +. /opt/pakfire/lib/functions.sh
>> +./uninstall.sh
>> +./install.sh
>> --
>> 2.39.1
>>
>
--
Sent from my laptop
next prev parent reply other threads:[~2023-02-05 19:51 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-02-05 18:06 Adolf Belka
2023-02-05 18:06 ` [PATCH 2/2] initscripts: Remove rngd from the core package initscripts Adolf Belka
2023-02-05 18:27 ` Bernhard Bitsch
2023-02-05 18:26 ` [PATCH 1/2] rng-tools: Move from core package to addon - fixes bug 12900 Bernhard Bitsch
2023-02-05 18:53 ` Michael Tremer
2023-02-05 19:51 ` Adolf Belka [this message]
2023-02-05 19:54 ` Michael Tremer
2023-02-05 22:55 ` Paul Simmons
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=8faaaecb-cf68-baec-d362-bf70385b3808@ipfire.org \
--to=adolf.belka@ipfire.org \
--cc=development@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox