Re: Fixing Linux getrandom() in stable

2018-05-13 Thread Thorsten Glaser
Adrian Bunk dixit: >As an example, what happens if I debootstrap and deploy the resulting >filesytem to a large number of identical embedded systems without >entropy sources? Just get into a habit of not doing so, for example by modifying the image during each writing process. Having the

Re: Fixing Linux getrandom() in stable

2018-05-13 Thread Thorsten Glaser
Theodore Y. Ts'o dixit: >that problems helps most of our users, and we shouldn't let the >perfect be the enemy of the good. Agreed. Start small, then enhance one bootloader at a time. Or boot protocol, I assume. >Also note that the bootloader has depend on userspace to refresh the >seed

Bug#898388: systemd-sysv: shutdown command always fails

2018-05-13 Thread Meeuwissen Olaf
Hi, Michael Biebl writes: > Am 14.05.2018 um 01:23 schrieb Meeuwissen Olaf: >> Hi, >> >> Michael Biebl writes: >> >>> Am 11.05.2018 um 08:10 schrieb Meeuwissen Olaf: Hi, Thanks for the quick follow-up. Michael Biebl writes: > Control: tags -1 + moreinfo >

Bug#898388: systemd-sysv: shutdown command always fails

2018-05-13 Thread Michael Biebl
Am 14.05.2018 um 01:23 schrieb Meeuwissen Olaf: > Definitely not from my POV. I'm off now installing dbus myself because > systemd-sysv didn't think it important enough to do that for me :-( > Well, the systemd package does do it for you, but you actively prevented dbus from being installed,

Bug#898388: systemd-sysv: shutdown command always fails

2018-05-13 Thread Meeuwissen Olaf
Hi, Michael Biebl writes: > Am 11.05.2018 um 08:10 schrieb Meeuwissen Olaf: >> Hi, >> >> Thanks for the quick follow-up. >> >> Michael Biebl writes: >> >>> Control: tags -1 + moreinfo >>> I have set up unattended-upgrades to reboot my machine at 04:00 when necessary. Internally,

Re: Fixing Linux getrandom() in stable

2018-05-13 Thread Adrian Bunk
On Wed, May 09, 2018 at 11:46:00PM +0100, Ben Hutchings wrote: >... > # Security flaw and initial fix > > Recently it was discovered that getrandom() could return successfully > before the RNG was really ready to produce unpredictable data. This > issue was designated as CVE-2018-1108, and was

Re: Bug#887904: RFR: Make dh_installinit and dh_installsystemd debhelper autoscript snippets independent in c12 (Was: Re: Bug#887904: dh_installsystemd will unmask services *after* an attempt to start

2018-05-13 Thread Niels Thykier
Control: tags -1 -patch Felipe Sateler: > On Sun, May 13, 2018 at 11:34 AM Niels Thykier wrote: > > [...] > > There is one case where I think things go wrong (but I haven't tested): A > package including only an init script will not run invoke-rc.d but it won't > have a

Re: Fixing Linux getrandom() in stable

2018-05-13 Thread Ben Hutchings
On Sun, 2018-05-13 at 11:27 +0200, Yves-Alexis Perez wrote: > On Wed, 2018-05-09 at 23:46 +0100, Ben Hutchings wrote: > > It is unlikely that any further fix will be forthcoming on the kernel > > side, so I believe that we need to do one of: > > > > 1. Add entropy to the kernel during boot;

Re: Fixing Linux getrandom() in stable

2018-05-13 Thread Yves-Alexis Perez
On Wed, 2018-05-09 at 23:46 +0100, Ben Hutchings wrote: > It is unlikely that any further fix will be forthcoming on the kernel > side, so I believe that we need to do one of: > > 1. Add entropy to the kernel during boot; either: >a. Improve systemd-random-seed >b. Recommend use of