[
https://issues.apache.org/jira/browse/SOLR-10352?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15939053#comment-15939053
]
Mihaly Toth commented on SOLR-10352:
------------------------------------
I dont want to hijack the original intention of this issue. So let me know if
this is not the point ..
I think it is a valid point that entropy might run out also in production not
just in test suites. Just came to my mind what if we had non-blocking
SecureRandom as a default in the startup scripts. And - if overwritten - the
warning could give the feedback to the user.
I think this link was cited in one of the issues. It argues for the usage of
{{/dev/urandom}}:
http://www.2uo.de/myths-about-urandom/
> Low entropy warning in bin/solr script
> --------------------------------------
>
> Key: SOLR-10352
> URL: https://issues.apache.org/jira/browse/SOLR-10352
> Project: Solr
> Issue Type: Improvement
> Security Level: Public(Default Security Level. Issues are Public)
> Reporter: Ishan Chattopadhyaya
>
> We should add a warning in the startup script for Linux, if the output of the
> following is below a certain threshold (maybe 300?). The warning could
> indicate that features like UUIDField, SSL etc. might not work properly (or
> be slow). As a hint, we could then suggest the user to configure a non
> blocking SecureRandom (SOLR-10338) or install rng-tools, haveged etc.
> {quote}
> cat /proc/sys/kernel/random/entropy_avail
> {quote}
> Original discussion:
> https://issues.apache.org/jira/browse/SOLR-10338?focusedCommentId=15938904&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-15938904
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
