[gentoo-commits] repo/gentoo:master commit in: sys-apps/rng-tools/, sys-apps/rng-tools/files/

Göktürk Yüksek Fri, 05 Mar 2021 22:04:31 -0800

commit:     0531b6667d7908ed3e8f09559cc51172d39d3873
Author:     Göktürk Yüksek <gokturk <AT> gentoo <DOT> org>
AuthorDate: Sat Mar  6 04:16:40 2021 +0000
Commit:     Göktürk Yüksek <gokturk <AT> gentoo <DOT> org>
CommitDate: Sat Mar  6 06:03:52 2021 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0531b666


sys-apps/rng-tools: fix the v6.11 bump

- Add support for the "use_aes" NIST option in initd and confd
- Ship the upstream systemd unit instead of the downstream one

Package-Manager: Portage-3.0.13, Repoman-3.0.2
Signed-off-by: Göktürk Yüksek <gokturk <AT> gentoo.org>

 sys-apps/rng-tools/files/rngd-confd-6.11           | 96 ++++++++++++++++++++++
 sys-apps/rng-tools/files/rngd-initd-6.11           | 68 +++++++++++++++
 ...-tools-6.11.ebuild => rng-tools-6.11-r1.ebuild} |  6 +-
 3 files changed, 167 insertions(+), 3 deletions(-)

diff --git a/sys-apps/rng-tools/files/rngd-confd-6.11 
b/sys-apps/rng-tools/files/rngd-confd-6.11
new file mode 100644
index 00000000000..ad4a6f29897
--- /dev/null
+++ b/sys-apps/rng-tools/files/rngd-confd-6.11
@@ -0,0 +1,96 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+# /etc/conf.d/rngd
+# Please see "/usr/sbin/rngd --help" and "man rngd" for more information
+
+# Space-delimited list of entropy sources to enable
+# Note that some of the entropy sources may require certain USE flags
+# to be enabled or require hardware support to function properly
+# Entropy sources not specified here (or in the exclude list below)
+# will be enabled/disabled based on rngd default behavior
+#
+# Choose from the list:
+#         hwrng:  Hardware RNG Device
+#         tpm:    TPM RNG Device (Deprecated)
+#         rdrand: Intel RDRAND Instruction RNG
+#         darn:   Power9 DARN Instruction RNG
+#         nist:   NIST Network Entropy Beacon
+#                 (UNSAFE for cryptographic operations)
+#         jitter: JITTER Entropy Generator
+#         pkcs11: PKCS11 Entropy Generator
+#
+#INCLUDE_ENTROPY_SOURCES="hwrng tpm rdrand darn nist jitter pkcs11"
+
+
+# Space-delimited list of entropy sources to disable
+# This is useful for disabling certain entropy sources even
+# when they are supported on the system
+#
+#EXCLUDE_ENTROPY_SOURCES="nist tpm"
+
+
+# Entropy source specific options:
+#
+#
+# hwrng device used for random number input:
+#
+#HWRNG_DEVICE="/dev/hwrng"
+#
+#
+# rdrand options:
+#         use_aes:(BOOLEAN)
+#
+#RDRAND_OPTIONS="use_aes:1"
+#
+#
+# darn options:
+#         use_aes:(BOOLEAN)
+#
+#DARN_OPTIONS="use_aes:1"
+#
+#
+# nist options:
+#         use_aes:(BOOLEAN)
+#
+#NIST_OPTIONS="use_aes:1"
+#
+#
+# jitter options:
+#         thread_count:(INTEGER)
+#         buffer_size:(INTEGER)
+#         refill_thresh:(INTEGER)
+#         retry_count:(INTEGER)
+#         retry_delay:(INTEGER)
+#         use_aes:(BOOLEAN)
+#
+#JITTER_OPTIONS="thread_count:4 buffer_size:16535 refill_thresh:16535"
+#JITTER_OPTIONS="${JITTER_OPTIONS} retry_count:1 retry_delay:-1 use_aes:1"
+#
+#
+# pkcs11 options:
+#         engine_path:(STRING)
+#         chunk_size:(INTEGER)
+#
+#PKCS11_OPTIONS="engine_path:/usr/lib64/opensc-pkcs11.so chunk_size:1"
+
+
+# Kernel device used for random number output
+#
+#RANDOM_DEVICE="/dev/random"
+
+
+# Random step (Number of bytes written to random-device at a time):
+#
+#STEP=64
+
+
+# Fill watermark
+# 0 <= n <= `sysctl kernel.random.poolsize`
+#
+#WATERMARK=2048
+
+
+# Any extra arguments for rngd
+#
+#EXTRA_ARGS=""

diff --git a/sys-apps/rng-tools/files/rngd-initd-6.11 
b/sys-apps/rng-tools/files/rngd-initd-6.11
new file mode 100644
index 00000000000..25d4c6b5e49
--- /dev/null
+++ b/sys-apps/rng-tools/files/rngd-initd-6.11
@@ -0,0 +1,68 @@
+#!/sbin/openrc-run
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+depend() {
+       need localmount
+       after urandom
+       provide entropy
+}
+
+command="/usr/sbin/rngd"
+description="Check and feed random data from hardware device to kernel entropy 
pool."
+pidfile="/run/${RC_SVCNAME}.pid"
+command_args=""
+command_args_background="--pid-file ${pidfile} --background"
+start_stop_daemon_args="--wait 1000"
+retry="SIGKILL/5000"
+
+
+# Parse rngd confd file for extra command line arguments
+start_pre() {
+    for entsrc in ${INCLUDE_ENTROPY_SOURCES}; do
+       command_args="${command_args} -n ${entsrc}"
+    done
+
+    for entsrc in ${EXCLUDE_ENTROPY_SOURCES}; do
+       command_args="${command_args} -x ${entsrc}"
+    done
+
+    if [ "x${HWRNG_DEVICE}" != "x" ]; then
+       command_args="${command_args} --rng-device=${HWRNG_DEVICE}"
+    fi
+
+    for entsrc_opt in ${RDRAND_OPTIONS}; do
+       command_args="${command_args} -O rdrand:${entsrc_opt}"
+    done
+
+    for entsrc_opt in ${DARN_OPTIONS}; do
+       command_args="${command_args} -O darn:${entsrc_opt}"
+    done
+
+    for entsrc_opt in ${NIST_OPTIONS}; do
+       command_args="${command_args} -O nist:${entsrc_opt}"
+    done
+
+    for entsrc_opt in ${JITTER_OPTIONS}; do
+       command_args="${command_args} -O jitter:${entsrc_opt}"
+    done
+
+    for entsrc_opt in ${PKCS11_OPTIONS}; do
+       command_args="${command_args} -O pkcs11:${entsrc_opt}"
+    done
+
+    if [ "x${RANDOM_DEVICE}" != "x" ]; then
+       command_args="${command_args} --random-device=${RANDOM_DEVICE}"
+    fi
+
+    if [ "x${STEP}" != "x" ]; then
+       command_args="${command_args} --random-step=${STEP}"
+    fi
+
+    if [ "x${WATERMARK}" != "x" ]; then
+       command_args="${command_args} --fill-watermark=${WATERMARK}"
+    fi
+
+    command_args="${command_args} ${EXTRA_ARGS}"
+    return 0
+}

diff --git a/sys-apps/rng-tools/rng-tools-6.11.ebuild 
b/sys-apps/rng-tools/rng-tools-6.11-r1.ebuild
similarity index 92%
rename from sys-apps/rng-tools/rng-tools-6.11.ebuild
rename to sys-apps/rng-tools/rng-tools-6.11-r1.ebuild
index 3e3aa014ffe..7b183b63ef9 100644
--- a/sys-apps/rng-tools/rng-tools-6.11.ebuild
+++ b/sys-apps/rng-tools/rng-tools-6.11-r1.ebuild
@@ -63,9 +63,9 @@ src_configure() {
 
 src_install() {
        default
-       newinitd "${FILESDIR}"/rngd-initd-6.7-r1 rngd
-       newconfd "${FILESDIR}"/rngd-confd-6.7 rngd
-       systemd_dounit "${FILESDIR}"/rngd.service
+       newinitd "${FILESDIR}"/rngd-initd-6.11 rngd
+       newconfd "${FILESDIR}"/rngd-confd-6.11 rngd
+       systemd_dounit "${S}"/rngd.service
 
        if use pkcs11; then
                local DISABLE_AUTOFORMATTING=1

[gentoo-commits] repo/gentoo:master commit in: sys-apps/rng-tools/, sys-apps/rng-tools/files/

Reply via email to