Adrian Bunk dixit:
>As an example, what happens if I debootstrap and deploy the resulting
>filesytem to a large number of identical embedded systems without
>entropy sources?
Just get into a habit of not doing so, for example by modifying the
image during each writing process.
Having the
Theodore Y. Ts'o dixit:
>that problems helps most of our users, and we shouldn't let the
>perfect be the enemy of the good.
Agreed. Start small, then enhance one bootloader at a time.
Or boot protocol, I assume.
>Also note that the bootloader has depend on userspace to refresh the
>seed
Hi,
Michael Biebl writes:
> Am 14.05.2018 um 01:23 schrieb Meeuwissen Olaf:
>> Hi,
>>
>> Michael Biebl writes:
>>
>>> Am 11.05.2018 um 08:10 schrieb Meeuwissen Olaf:
Hi,
Thanks for the quick follow-up.
Michael Biebl writes:
> Control: tags -1 + moreinfo
>
Am 14.05.2018 um 01:23 schrieb Meeuwissen Olaf:
> Definitely not from my POV. I'm off now installing dbus myself because
> systemd-sysv didn't think it important enough to do that for me :-(
>
Well, the systemd package does do it for you, but you actively prevented
dbus from being installed,
Hi,
Michael Biebl writes:
> Am 11.05.2018 um 08:10 schrieb Meeuwissen Olaf:
>> Hi,
>>
>> Thanks for the quick follow-up.
>>
>> Michael Biebl writes:
>>
>>> Control: tags -1 + moreinfo
>>>
I have set up unattended-upgrades to reboot my machine at 04:00 when
necessary. Internally,
On Wed, May 09, 2018 at 11:46:00PM +0100, Ben Hutchings wrote:
>...
> # Security flaw and initial fix
>
> Recently it was discovered that getrandom() could return successfully
> before the RNG was really ready to produce unpredictable data. This
> issue was designated as CVE-2018-1108, and was
Control: tags -1 -patch
Felipe Sateler:
> On Sun, May 13, 2018 at 11:34 AM Niels Thykier wrote:
>
> [...]
>
> There is one case where I think things go wrong (but I haven't tested): A
> package including only an init script will not run invoke-rc.d but it won't
> have a
On Sun, 2018-05-13 at 11:27 +0200, Yves-Alexis Perez wrote:
> On Wed, 2018-05-09 at 23:46 +0100, Ben Hutchings wrote:
> > It is unlikely that any further fix will be forthcoming on the kernel
> > side, so I believe that we need to do one of:
> >
> > 1. Add entropy to the kernel during boot;
On Wed, 2018-05-09 at 23:46 +0100, Ben Hutchings wrote:
> It is unlikely that any further fix will be forthcoming on the kernel
> side, so I believe that we need to do one of:
>
> 1. Add entropy to the kernel during boot; either:
>a. Improve systemd-random-seed
>b. Recommend use of