Date: Tuesday, August 14, 2018 @ 11:39:29 Author: eworm Revision: 331489
upgpkg: haveged 1.9.4-2 run with dynamic user Modified: haveged/trunk/PKGBUILD haveged/trunk/haveged.service -----------------+ PKGBUILD | 4 ++-- haveged.service | 6 ++++-- 2 files changed, 6 insertions(+), 4 deletions(-) Modified: PKGBUILD =================================================================== --- PKGBUILD 2018-08-14 10:52:55 UTC (rev 331488) +++ PKGBUILD 2018-08-14 11:39:29 UTC (rev 331489) @@ -6,7 +6,7 @@ pkgname=haveged pkgver=1.9.4 -pkgrel=1 +pkgrel=2 pkgdesc='Entropy harvesting daemon using CPU timings' arch=('x86_64') url='https://github.com/jirka-h/haveged' @@ -18,7 +18,7 @@ 'haveged.service') sha256sums=('c4959d3cb1fa6391d16a3aa1ba4d82cd3a0d497206ae4b87d638088c0664e5aa' 'SKIP' - '7cb5d21d075650ad8f08f0ba958cc1bc39b5ff67ef484d9fce365febcaecb05c') + '5b9b5d90c70a60291f71f18e337c6822e8850945bddeef4d061acb0305bccf25') build() { cd $pkgname-$pkgver Modified: haveged.service =================================================================== --- haveged.service 2018-08-14 10:52:55 UTC (rev 331488) +++ haveged.service 2018-08-14 11:39:29 UTC (rev 331489) @@ -7,9 +7,11 @@ Before=sysinit.target shutdown.target [Service] -ExecStart=/usr/bin/haveged -F -w 1024 -v 1 +ExecStartPre=+/usr/bin/sysctl -w kernel.random.write_wakeup_threshold=1024 +ExecStart=/usr/bin/haveged --Foreground --verbose=1 SuccessExitStatus=143 -CapabilityBoundingSet=CAP_SYS_ADMIN +DynamicUser=on +AmbientCapabilities=CAP_SYS_ADMIN NoNewPrivileges=on PrivateDevices=on PrivateNetwork=on