From mboxrd@z Thu Jan 1 00:00:00 1970 From: Adolf Belka To: development@lists.ipfire.org Subject: Re: [PATCH 1/2] rng-tools: Move from core package to addon - fixes bug 12900 Date: Sun, 05 Feb 2023 20:51:12 +0100 Message-ID: <8faaaecb-cf68-baec-d362-bf70385b3808@ipfire.org> In-Reply-To: <3B3DA033-57AC-4733-B6B5-35F6E35A2CE6@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============5941698543028317654==" List-Id: --===============5941698543028317654== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hi Michael, On 05/02/2023 19:53, Michael Tremer wrote: > Hello Adolf, >=20 > Thank you for the patch, but didn=E2=80=99t we agree to drop this package i= n last month=E2=80=99s call? Yes but no further communication occurred on this and @Paul followed up=20 in the bug comments with a further entreaty to keep rng-tools as an addon. I had also found that rng-tools is still used by the kernel, but only=20 after it has achieved its required entropy level by doing an XOR=20 inclusion of the entropy data post achieving its entropy level. So=20 rng-tools can still be used but only as a dilution of the entropy=20 sources for the kernel. So I raised the patch to enable a conclusion on rng-tools. If this was an incorrect approach to have taken I apologise. Regards, Adolf. >=20 > -Michael >=20 >> On 5 Feb 2023, at 19:06, Adolf Belka wrote: >> >> - This patch is to move the rng-tools package from a core package to an ad= don. With the >> kernel changes from 5.6 rngd is no longer needed to create the required= kernel entropy. >> - The results from HRNG's via rngd are used with an XOR after the entropy = is >> collected by the kernel. So the HWRNG output is used to dilute the kern= el random number >> data, which is already merged from several sources. >> - Based on the above and @Paul's request in the bug report to have rng-too= ls kept as an >> addon this patch set is submitted for consideration to keep rng-tools b= ut as an addon. >> - move rng-tools rootfile from common to packages >> - Modify rng-tools lfs from core package to addon package >> - Create rng-tools pak to install and uninstall - creating rc.d links for = start & stop. >> - Move rngd initscript from system to packages directory. >> - Installed into my vm testbed and confirmed that it works. No rngd daemon= installed >> from iso install. After addon install rngd is present and running. Adde= d various files >> to be able to test the services wui page. rngd shows up and can be turn= ed off and on >> >> Fixes: Bug#12900 >> Tested-by: Adolf Belka >> Signed-off-by: Adolf Belka >> --- >> .../rootfiles/{common =3D> packages}/rng-tools | 2 ++ >> lfs/rng-tools | 14 ++++++++- >> src/initscripts/{system =3D> packages}/rngd | 0 >> src/paks/rng-tools/install.sh | 30 +++++++++++++++++++ >> src/paks/rng-tools/uninstall.sh | 28 +++++++++++++++++ >> src/paks/rng-tools/update.sh | 26 ++++++++++++++++ >> 6 files changed, 99 insertions(+), 1 deletion(-) >> rename config/rootfiles/{common =3D> packages}/rng-tools (69%) >> rename src/initscripts/{system =3D> packages}/rngd (100%) >> create mode 100644 src/paks/rng-tools/install.sh >> create mode 100644 src/paks/rng-tools/uninstall.sh >> create mode 100644 src/paks/rng-tools/update.sh >> >> diff --git a/config/rootfiles/common/rng-tools b/config/rootfiles/packages= /rng-tools >> similarity index 69% >> rename from config/rootfiles/common/rng-tools >> rename to config/rootfiles/packages/rng-tools >> index 596a911c1..fbeda7800 100644 >> --- a/config/rootfiles/common/rng-tools >> +++ b/config/rootfiles/packages/rng-tools >> @@ -1,4 +1,6 @@ >> +usr/bin/randstat >> usr/bin/rngtest >> usr/sbin/rngd >> #usr/share/man/man1/rngtest.1 >> #usr/share/man/man8/rngd.8 >> +etc/rc.d/init.d/rngd >> diff --git a/lfs/rng-tools b/lfs/rng-tools >> index cafb1bcda..6a85a8482 100644 >> --- a/lfs/rng-tools >> +++ b/lfs/rng-tools >> @@ -1,7 +1,7 @@ >> ##########################################################################= ##### >> # = # >> # IPFire.org - A linux based firewall = # >> -# Copyright (C) 2007-2021 IPFire Team = # >> +# Copyright (C) 2007-2023 IPFire Team = # >> # = # >> # This program is free software: you can redistribute it and/or modify = # >> # it under the terms of the GNU General Public License as published by = # >> @@ -25,12 +25,19 @@ >> include Config >> >> VER =3D 6.14 >> +SUMMARY =3D This is a random number generator daemon >> >> THISAPP =3D rng-tools-$(VER) >> DL_FILE =3D $(THISAPP).tar.gz >> DL_FROM =3D $(URL_IPFIRE) >> DIR_APP =3D $(DIR_SRC)/$(THISAPP) >> TARGET =3D $(DIR_INFO)/$(THISAPP) >> +PROG =3D rng-tools >> +PAK_VER =3D 1 >> + >> +DEPS =3D >> + >> +SERVICES =3D rngd >> >> ##########################################################################= ##### >> # Top-level Rules >> @@ -50,6 +57,9 @@ download :$(patsubst %,$(DIR_DL)/%,$(objects)) >> >> b2 : $(subst %,%_BLAKE2,$(objects)) >> >> +dist: >> + @$(PAK) >> + >> ##########################################################################= ##### >> # Downloading, checking, b2sum >> ##########################################################################= ##### >> @@ -77,5 +87,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) >> --without-rtlsdr >> cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE) >> cd $(DIR_APP) && make $(EXTRA_INSTALL) install >> + #install initscript >> + $(call INSTALL_INITSCRIPTS,$(SERVICES)) >> @rm -rf $(DIR_APP) >> @$(POSTBUILD) >> diff --git a/src/initscripts/system/rngd b/src/initscripts/packages/rngd >> similarity index 100% >> rename from src/initscripts/system/rngd >> rename to src/initscripts/packages/rngd >> diff --git a/src/paks/rng-tools/install.sh b/src/paks/rng-tools/install.sh >> new file mode 100644 >> index 000000000..a53ccc43c >> --- /dev/null >> +++ b/src/paks/rng-tools/install.sh >> @@ -0,0 +1,30 @@ >> +#!/bin/bash >> +#########################################################################= ### >> +# = # >> +# This file is part of the IPFire Firewall. = # >> +# = # >> +# IPFire is free software; you can redistribute it and/or modify = # >> +# it under the terms of the GNU General Public License as published by = # >> +# the Free Software Foundation; either version 2 of the License, or = # >> +# (at your option) any later version. = # >> +# = # >> +# IPFire is distributed in the hope that it will be useful, = # >> +# but WITHOUT ANY WARRANTY; without even the implied warranty of = # >> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the = # >> +# GNU General Public License for more details. = # >> +# = # >> +# You should have received a copy of the GNU General Public License = # >> +# along with IPFire; if not, write to the Free Software = # >> +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 US= A # >> +# = # >> +# Copyright (C) 2007-2023 IPFire-Team . = # >> +# = # >> +#########################################################################= ### >> +# >> +. /opt/pakfire/lib/functions.sh >> +extract_files >> +# create startlinks >> +ln -sf ../init.d/rngd /etc/rc.d/rc0.d/K35rngd >> +ln -sf ../init.d/rngd /etc/rc.d/rc3.d/S65rngd >> +ln -sf ../init.d/rngd /etc/rc.d/rc6.d/K35rngd >> +start_service --background rngd >> diff --git a/src/paks/rng-tools/uninstall.sh b/src/paks/rng-tools/uninstal= l.sh >> new file mode 100644 >> index 000000000..cc9fbb355 >> --- /dev/null >> +++ b/src/paks/rng-tools/uninstall.sh >> @@ -0,0 +1,28 @@ >> +#!/bin/bash >> +#########################################################################= ### >> +# = # >> +# This file is part of the IPFire Firewall. = # >> +# = # >> +# IPFire is free software; you can redistribute it and/or modify = # >> +# it under the terms of the GNU General Public License as published by = # >> +# the Free Software Foundation; either version 2 of the License, or = # >> +# (at your option) any later version. = # >> +# = # >> +# IPFire is distributed in the hope that it will be useful, = # >> +# but WITHOUT ANY WARRANTY; without even the implied warranty of = # >> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the = # >> +# GNU General Public License for more details. = # >> +# = # >> +# You should have received a copy of the GNU General Public License = # >> +# along with IPFire; if not, write to the Free Software = # >> +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 US= A # >> +# = # >> +# Copyright (C) 2007-2023 IPFire-Team . = # >> +# = # >> +#########################################################################= ### >> +# >> +. /opt/pakfire/lib/functions.sh >> +stop_service rngd >> +remove_files >> +# Remove all start links. >> +rm -rf /etc/rc.d/rc*.d/*rngd >> diff --git a/src/paks/rng-tools/update.sh b/src/paks/rng-tools/update.sh >> new file mode 100644 >> index 000000000..83bd0ad98 >> --- /dev/null >> +++ b/src/paks/rng-tools/update.sh >> @@ -0,0 +1,26 @@ >> +#!/bin/bash >> +#########################################################################= ### >> +# = # >> +# This file is part of the IPFire Firewall. = # >> +# = # >> +# IPFire is free software; you can redistribute it and/or modify = # >> +# it under the terms of the GNU General Public License as published by = # >> +# the Free Software Foundation; either version 2 of the License, or = # >> +# (at your option) any later version. = # >> +# = # >> +# IPFire is distributed in the hope that it will be useful, = # >> +# but WITHOUT ANY WARRANTY; without even the implied warranty of = # >> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the = # >> +# GNU General Public License for more details. = # >> +# = # >> +# You should have received a copy of the GNU General Public License = # >> +# along with IPFire; if not, write to the Free Software = # >> +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 US= A # >> +# = # >> +# Copyright (C) 2007-2023 IPFire-Team . = # >> +# = # >> +#########################################################################= ### >> +# >> +. /opt/pakfire/lib/functions.sh >> +./uninstall.sh >> +./install.sh >> --=20 >> 2.39.1 >> >=20 --=20 Sent from my laptop --===============5941698543028317654==--