From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michael Tremer To: development@lists.ipfire.org Subject: Re: [PATCH 1/2] rng-tools: Move from core package to addon - fixes bug 12900 Date: Sun, 05 Feb 2023 20:54:22 +0100 Message-ID: In-Reply-To: <8faaaecb-cf68-baec-d362-bf70385b3808@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============4055699196114666799==" List-Id: --===============4055699196114666799== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hello Adolf, > On 5 Feb 2023, at 20:51, Adolf Belka wrote: >=20 > Hi Michael, >=20 > On 05/02/2023 19:53, Michael Tremer wrote: >> Hello Adolf, >> Thank you for the patch, but didn=E2=80=99t we agree to drop this package = in last month=E2=80=99s call? > Yes but no further communication occurred on this and @Paul followed up in = the bug comments with a further entreaty to keep rng-tools as an addon. > I had also found that rng-tools is still used by the kernel, but only after= it has achieved its required entropy level by doing an XOR inclusion of the = entropy data post achieving its entropy level. So rng-tools can still be used= but only as a dilution of the entropy sources for the kernel. I am not sure this is correct, but something will happen... > So I raised the patch to enable a conclusion on rng-tools. >=20 > If this was an incorrect approach to have taken I apologise. No need to apologise. I just expected the patch to do something different :) But I am happy to go with this, too. -Michael >=20 > Regards, > Adolf. >=20 >> -Michael >>> On 5 Feb 2023, at 19:06, Adolf Belka wrote: >>>=20 >>> - This patch is to move the rng-tools package from a core package to an a= ddon. With the >>> kernel changes from 5.6 rngd is no longer needed to create the required= kernel entropy. >>> - The results from HRNG's via rngd are used with an XOR after the entropy= is >>> collected by the kernel. So the HWRNG output is used to dilute the kern= el random number >>> data, which is already merged from several sources. >>> - Based on the above and @Paul's request in the bug report to have rng-to= ols kept as an >>> addon this patch set is submitted for consideration to keep rng-tools b= ut as an addon. >>> - move rng-tools rootfile from common to packages >>> - Modify rng-tools lfs from core package to addon package >>> - Create rng-tools pak to install and uninstall - creating rc.d links for= start & stop. >>> - Move rngd initscript from system to packages directory. >>> - Installed into my vm testbed and confirmed that it works. No rngd daemo= n installed >>> from iso install. After addon install rngd is present and running. Adde= d various files >>> to be able to test the services wui page. rngd shows up and can be turn= ed off and on >>>=20 >>> Fixes: Bug#12900 >>> Tested-by: Adolf Belka >>> Signed-off-by: Adolf Belka >>> --- >>> .../rootfiles/{common =3D> packages}/rng-tools | 2 ++ >>> lfs/rng-tools | 14 ++++++++- >>> src/initscripts/{system =3D> packages}/rngd | 0 >>> src/paks/rng-tools/install.sh | 30 +++++++++++++++++++ >>> src/paks/rng-tools/uninstall.sh | 28 +++++++++++++++++ >>> src/paks/rng-tools/update.sh | 26 ++++++++++++++++ >>> 6 files changed, 99 insertions(+), 1 deletion(-) >>> rename config/rootfiles/{common =3D> packages}/rng-tools (69%) >>> rename src/initscripts/{system =3D> packages}/rngd (100%) >>> create mode 100644 src/paks/rng-tools/install.sh >>> create mode 100644 src/paks/rng-tools/uninstall.sh >>> create mode 100644 src/paks/rng-tools/update.sh >>>=20 >>> diff --git a/config/rootfiles/common/rng-tools b/config/rootfiles/package= s/rng-tools >>> similarity index 69% >>> rename from config/rootfiles/common/rng-tools >>> rename to config/rootfiles/packages/rng-tools >>> index 596a911c1..fbeda7800 100644 >>> --- a/config/rootfiles/common/rng-tools >>> +++ b/config/rootfiles/packages/rng-tools >>> @@ -1,4 +1,6 @@ >>> +usr/bin/randstat >>> usr/bin/rngtest >>> usr/sbin/rngd >>> #usr/share/man/man1/rngtest.1 >>> #usr/share/man/man8/rngd.8 >>> +etc/rc.d/init.d/rngd >>> diff --git a/lfs/rng-tools b/lfs/rng-tools >>> index cafb1bcda..6a85a8482 100644 >>> --- a/lfs/rng-tools >>> +++ b/lfs/rng-tools >>> @@ -1,7 +1,7 @@ >>> #########################################################################= ###### >>> # = # >>> # IPFire.org - A linux based firewall = # >>> -# Copyright (C) 2007-2021 IPFire Team = # >>> +# Copyright (C) 2007-2023 IPFire Team = # >>> # = # >>> # This program is free software: you can redistribute it and/or modify = # >>> # it under the terms of the GNU General Public License as published by = # >>> @@ -25,12 +25,19 @@ >>> include Config >>>=20 >>> VER =3D 6.14 >>> +SUMMARY =3D This is a random number generator daemon >>>=20 >>> THISAPP =3D rng-tools-$(VER) >>> DL_FILE =3D $(THISAPP).tar.gz >>> DL_FROM =3D $(URL_IPFIRE) >>> DIR_APP =3D $(DIR_SRC)/$(THISAPP) >>> TARGET =3D $(DIR_INFO)/$(THISAPP) >>> +PROG =3D rng-tools >>> +PAK_VER =3D 1 >>> + >>> +DEPS =3D >>> + >>> +SERVICES =3D rngd >>>=20 >>> #########################################################################= ###### >>> # Top-level Rules >>> @@ -50,6 +57,9 @@ download :$(patsubst %,$(DIR_DL)/%,$(objects)) >>>=20 >>> b2 : $(subst %,%_BLAKE2,$(objects)) >>>=20 >>> +dist: >>> + @$(PAK) >>> + >>> #########################################################################= ###### >>> # Downloading, checking, b2sum >>> #########################################################################= ###### >>> @@ -77,5 +87,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) >>> --without-rtlsdr >>> cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE) >>> cd $(DIR_APP) && make $(EXTRA_INSTALL) install >>> + #install initscript >>> + $(call INSTALL_INITSCRIPTS,$(SERVICES)) >>> @rm -rf $(DIR_APP) >>> @$(POSTBUILD) >>> diff --git a/src/initscripts/system/rngd b/src/initscripts/packages/rngd >>> similarity index 100% >>> rename from src/initscripts/system/rngd >>> rename to src/initscripts/packages/rngd >>> diff --git a/src/paks/rng-tools/install.sh b/src/paks/rng-tools/install.sh >>> new file mode 100644 >>> index 000000000..a53ccc43c >>> --- /dev/null >>> +++ b/src/paks/rng-tools/install.sh >>> @@ -0,0 +1,30 @@ >>> +#!/bin/bash >>> +########################################################################= #### >>> +# = # >>> +# This file is part of the IPFire Firewall. = # >>> +# = # >>> +# IPFire is free software; you can redistribute it and/or modify = # >>> +# it under the terms of the GNU General Public License as published by = # >>> +# the Free Software Foundation; either version 2 of the License, or = # >>> +# (at your option) any later version. = # >>> +# = # >>> +# IPFire is distributed in the hope that it will be useful, = # >>> +# but WITHOUT ANY WARRANTY; without even the implied warranty of = # >>> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the = # >>> +# GNU General Public License for more details. = # >>> +# = # >>> +# You should have received a copy of the GNU General Public License = # >>> +# along with IPFire; if not, write to the Free Software = # >>> +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 U= SA # >>> +# = # >>> +# Copyright (C) 2007-2023 IPFire-Team . = # >>> +# = # >>> +########################################################################= #### >>> +# >>> +. /opt/pakfire/lib/functions.sh >>> +extract_files >>> +# create startlinks >>> +ln -sf ../init.d/rngd /etc/rc.d/rc0.d/K35rngd >>> +ln -sf ../init.d/rngd /etc/rc.d/rc3.d/S65rngd >>> +ln -sf ../init.d/rngd /etc/rc.d/rc6.d/K35rngd >>> +start_service --background rngd >>> diff --git a/src/paks/rng-tools/uninstall.sh b/src/paks/rng-tools/uninsta= ll.sh >>> new file mode 100644 >>> index 000000000..cc9fbb355 >>> --- /dev/null >>> +++ b/src/paks/rng-tools/uninstall.sh >>> @@ -0,0 +1,28 @@ >>> +#!/bin/bash >>> +########################################################################= #### >>> +# = # >>> +# This file is part of the IPFire Firewall. = # >>> +# = # >>> +# IPFire is free software; you can redistribute it and/or modify = # >>> +# it under the terms of the GNU General Public License as published by = # >>> +# the Free Software Foundation; either version 2 of the License, or = # >>> +# (at your option) any later version. = # >>> +# = # >>> +# IPFire is distributed in the hope that it will be useful, = # >>> +# but WITHOUT ANY WARRANTY; without even the implied warranty of = # >>> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the = # >>> +# GNU General Public License for more details. = # >>> +# = # >>> +# You should have received a copy of the GNU General Public License = # >>> +# along with IPFire; if not, write to the Free Software = # >>> +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 U= SA # >>> +# = # >>> +# Copyright (C) 2007-2023 IPFire-Team . = # >>> +# = # >>> +########################################################################= #### >>> +# >>> +. /opt/pakfire/lib/functions.sh >>> +stop_service rngd >>> +remove_files >>> +# Remove all start links. >>> +rm -rf /etc/rc.d/rc*.d/*rngd >>> diff --git a/src/paks/rng-tools/update.sh b/src/paks/rng-tools/update.sh >>> new file mode 100644 >>> index 000000000..83bd0ad98 >>> --- /dev/null >>> +++ b/src/paks/rng-tools/update.sh >>> @@ -0,0 +1,26 @@ >>> +#!/bin/bash >>> +########################################################################= #### >>> +# = # >>> +# This file is part of the IPFire Firewall. = # >>> +# = # >>> +# IPFire is free software; you can redistribute it and/or modify = # >>> +# it under the terms of the GNU General Public License as published by = # >>> +# the Free Software Foundation; either version 2 of the License, or = # >>> +# (at your option) any later version. = # >>> +# = # >>> +# IPFire is distributed in the hope that it will be useful, = # >>> +# but WITHOUT ANY WARRANTY; without even the implied warranty of = # >>> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the = # >>> +# GNU General Public License for more details. = # >>> +# = # >>> +# You should have received a copy of the GNU General Public License = # >>> +# along with IPFire; if not, write to the Free Software = # >>> +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 U= SA # >>> +# = # >>> +# Copyright (C) 2007-2023 IPFire-Team . = # >>> +# = # >>> +########################################################################= #### >>> +# >>> +. /opt/pakfire/lib/functions.sh >>> +./uninstall.sh >>> +./install.sh >>> --=20 >>> 2.39.1 >>>=20 >=20 > --=20 > Sent from my laptop --===============4055699196114666799==--