Package: autofs
Version: 5.1.2-1
Severity: important
Hello,
Following latest Debian/Stretch kernel (security) update - and the fix for
CVE-2018-1108 - autofs blocks until the kernel RNG reports its proper
initialization ("random: crng init done" in dmesg), which can take up to
*several minutes* in entropy-starving VMs.
Problem is the corresponding systemd unit is configured to timeout after 180
seconds. Past this timeout, AutoFS will be failed and won't start at all (until
manually restarted).
One can fix this issue by having entropy poured into the VMs using rng-tools
(along virtio-rng), haveged, etc.
I was wondering whether this might/ought not to be fixed in autofs itself ?
Best,
Cédric
PS: the (root) issue (kernel RNG blocking at boot) is already being discussed
on LKML: https://lkml.org/lkml/2018/4/29/121
--
Cédric Dufour @ Idiap Research Institute
