subject:"CVS commit\: \[tls\-earlyentropy\] src\/distrib\/utils\/sysinst"

Re: CVS commit: [tls-earlyentropy] src/distrib/utils/sysinst

2014-04-14 Thread Jukka Ruohonen

On Fri, Apr 11, 2014 at 07:14:41AM -0400, Greg Troxel wrote:
 All of this feels awkward.  Basically  it belongs in var, so I wonder
 about having a /rootvar or something in the root fs in the case when
 /var is not, and then /rootvar/db/entropy-file

Please no more root-level directories! Once upon a time, /cdrom perhaps
sounded like a good idea...

- Jukka.

Re: CVS commit: [tls-earlyentropy] src/distrib/utils/sysinst

2014-04-11 Thread Alan Barrett


On Wed, 09 Apr 2014, Thor Lancelot Simon wrote:

Modified Files:
src/distrib/utils/sysinst [tls-earlyentropy]: util.c

Log Message:
Try to persistently gather some entropy at install time, to give the
fresh system a better chance of not doing awful things like generating
guessable SSH host keys.

Handles both systems with /var on / and /var on its own filesystem.  Tries
to preserve old saved entropy when upgrading.


I see that you chose to use /etc/entropy-file when 
/var/db/entropy-file is not on the root file system.


Some other locations that I would consider include:

   /stand/ -- the entropy file may be used by the boot
  loader before a kernel is running, so that fits,
  but it's not a program, so that doesn't fit the
  description in hier(7).

   /libdata/ -- the entropy file is a non-executable file
  that is required at boot time, which seems to match
  the description in hier(7) perfectly.

--apb (Alan Barrett)

Re: CVS commit: [tls-earlyentropy] src/distrib/utils/sysinst

Re: CVS commit: [tls-earlyentropy] src/distrib/utils/sysinst

2 matches

Site Navigation

Mail list logo

Footer information