reassign 914297 systemd affects 914297 apache2 thanks On Saturday, 15 December 2018 02:24:54 CET Alexander E. Patrakov wrote: > Stefan Fritsch <s...@sfritsch.de>: > > The rng should be initialized after the seed is loaded from disk. > > This is false according to systemd developers. Its state is changed, > but it is still not initialized, because they think that the seed > might come from a gold master image.
That's broken, then. It turns out there was a similar bug against openssh which was closed as wontfix [1]. I don't see how apache can do anything about this, either. But I disagree with the systemd maintainers that there is nothing that systemd can do about this. They should credit the entropy loaded from the seed but save a new seed immediately after reading it during startup, to avoid that the same seed is used more than once. A second (but worse) alternative would be to provide something that waits for the RNG to be initialized that other services can depend on. Cheers, Stefan [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=912087