From owner-freebsd-questions@freebsd.org Sun Oct 11 03:05:42 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D77D9434B4C for ; Sun, 11 Oct 2020 03:05:42 +0000 (UTC) (envelope-from tech-lists@zyxst.net) Received: from out5-smtp.messagingengine.com (out5-smtp.messagingengine.com [66.111.4.29]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4C86BY1r8cz4bDr for ; Sun, 11 Oct 2020 03:05:40 +0000 (UTC) (envelope-from tech-lists@zyxst.net) Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.nyi.internal (Postfix) with ESMTP id 857BE5C00D3 for ; Sat, 10 Oct 2020 23:05:40 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute1.internal (MEProxy); Sat, 10 Oct 2020 23:05:40 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zyxst.net; h= date:from:to:subject:message-id:mime-version:content-type; s= fm3; bh=YPZSSVpNMWoEQpsfdZZjwOiKs/Hi8bWR80WO84WLRfM=; b=Y1lSX/3U mIivuV+a8QdNQbIOqYb+14j3Zh0W4TRuB0FkOxNjHI/W7jIXBFYWOwMZ5domLbeO EKM2lx3F3k4aKHxXFG7T1uopRXCbgwjB8hkv2FAcQrv3H5EhzPFcx1NhuC7FEtNp N2fZL2cjn2nLtza4e5XwmTzNMLhSAnetbL8ee5Hd0zQdt3P4C1dRaAJfTpGhliRf uw/nICUqBSDJ+av37EkSHdIQP8GOwHrQltV8+WiN046HKuKcNwP7LVxkPc8XJYa5 Sbl2f2bDCzERGs4vgg9z2xHWrbwaR+v30sQ2fnOv7uIJMg+X5CwASHkM+Bt4CDbt b6gMSOpfZ6RcPA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:message-id :mime-version:subject:to:x-me-proxy:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm1; bh=YPZSSVpNMWoEQpsfdZZjwOiKs/Hi8 bWR80WO84WLRfM=; b=nhf1LccNpJ0syvoHttFzDqXIeKZWQ7OcdiTryYvY24WAS bTkEjgXFjMnuLO87viEvl5QWhE14LCiyvC7qmfKE3oeELTiNVIZlgZXitFnMTjtr l3v2WUfmNh/XwY5rqJvz3thHPwKqLIe52mur6LMZshtrx+A+/LejX8RCECnD+fjR lopYHJjhdXsTOvjUkeHQwB2t111kC43QAWxrkdiMBmq1R7+rSJzywLjaHt3xxPmu jIJDgWpM2lCEhBH+pSuLg2KTz3ojbRPq8X6e+RZu3zCYgkuhJzpgq5WqmRyFdV2I FZS3QnwMPYcHzONkK92pXViYMj9JirHn4jtJIrOrA== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedujedrheeggdehjecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhepfffhvffukfggtggusehgtderredttd dvnecuhfhrohhmpehtvggthhdqlhhishhtshcuoehtvggthhdqlhhishhtshesiiihgihs thdrnhgvtheqnecuggftrfgrthhtvghrnhepvefghffftdefkeelleehtdejledvhfdvge eijeevfffguddvhfetgeejueejueeinecukfhppeekvddrjedtrdeluddruddtvdenucev lhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehtvggthhdqlh hishhtshesiiihgihsthdrnhgvth X-ME-Proxy: Received: from rpi4.gilescoppice.lan (axs-0-ipv4.zyxst.net [82.70.91.102]) by mail.messagingengine.com (Postfix) with ESMTPA id E8A41328005D for ; Sat, 10 Oct 2020 23:05:39 -0400 (EDT) Date: Sun, 11 Oct 2020 04:05:37 +0100 From: tech-lists To: freebsd-questions@freebsd.org Subject: errors happening with /usr/libexec/save-entropy on 12.1-p10 Message-ID: <20201011030537.GA30207@rpi4.gilescoppice.lan> Mail-Followup-To: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="BOKacYhQ+x31HxR3" Content-Disposition: inline X-Rspamd-Queue-Id: 4C86BY1r8cz4bDr X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=zyxst.net header.s=fm3 header.b=Y1lSX/3U; dkim=pass header.d=messagingengine.com header.s=fm1 header.b=nhf1LccN; dmarc=none; spf=pass (mx1.freebsd.org: domain of tech-lists@zyxst.net designates 66.111.4.29 as permitted sender) smtp.mailfrom=tech-lists@zyxst.net X-Spamd-Result: default: False [-5.50 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[zyxst.net:s=fm3,messagingengine.com:s=fm1]; NEURAL_HAM_MEDIUM(-1.02)[-1.021]; FROM_HAS_DN(0.00)[]; RWL_MAILSPIKE_GOOD(0.00)[66.111.4.29:from]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:66.111.4.29]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-1.00)[-0.998]; RCVD_COUNT_THREE(0.00)[4]; DMARC_NA(0.00)[zyxst.net]; DKIM_TRACE(0.00)[zyxst.net:+,messagingengine.com:+]; NEURAL_HAM_SHORT(-0.78)[-0.780]; SIGNED_PGP(-2.00)[]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:11403, ipnet:66.111.4.0/24, country:US]; MAILMAN_DEST(0.00)[freebsd-questions]; RCVD_IN_DNSWL_LOW(-0.10)[66.111.4.29:from] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 11 Oct 2020 03:05:42 -0000 --BOKacYhQ+x31HxR3 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi, I've noticed recently in the daily security email that *sometimes* when this is run out of /etc/crontab on a 12.1-p10 system: # Save some entropy so that /dev/random can re-seed on boot. */11 * * * * operator /usr/libexec/save-entropy that it'll generate an error visible in the security email like this: [redacted] kernel log messages: +pid 12995 (dd), uid 2 inumber 2086730 on /: filesystem full (the filesystem has plenty of inodes spare and plenty of space) It's the only one I've seen so far (12.1-p10) with this issue. 12-stable doesn't have this problem, but the /usr/libexec/save-entropy is=20 significantly different: [12.1-p10 snip] umask 377 n=3D$(( ${entropy_save_num} - 1 )) while [ ${n} -ge 1 ]; do if [ -f "saved-entropy.${n}" ]; then mv "saved-entropy.${n}" "saved-entropy.$(( ${n} + 1 ))" elif [ -e "saved-entropy.${n}" -o -L "saved-entropy.${n}" ]; then logger -is -t "$0" \ "${entropy_dir}/saved-entropy.${n}" is not a regular file, and so \ it will not be rotated. Entropy file rotation is aborted. exit 1 fi n=3D$(( ${n} - 1 )) done dd if=3D/dev/random of=3Dsaved-entropy.1 bs=3D${entropy_save_sz} count=3D1 = 2>/dev/null exit 0 [snip] Weird umask too. What's also weird is that it doesn't happen when it's *not* expected to be under load. $FreeBSD: stable/12/libexec/save-entropy/save-entropy.sh 355748 2019-12-14 09:49:09Z delphij $ has this: [12-stable-r365826-snip] # 3. Check if the pointer we have in hand is really a regular file or # an empty slot, and bail out as that means there is no available slot. # if [ -e "${save_file}" -a ! -f "${save_file}" ]; then logger -is -t "$0" \ No available slot in "${entropy_dir}", save entropy is abo= rted. exit 1 fi # Save entropy to the selected slot. chmod 600 "${save_file}" 2>/dev/null || : dd if=3D/dev/random of=3D"${save_file}" bs=3D${entropy_save_sz} count=3D1 2= >/dev/null chflags nodump "${save_file}" 2>/dev/null || : fsync "${save_file}" "." [snip] What I'm asking is, would transplanting a working 12-stable /usr/libexec/sa= ve-entropy=20 into the 12.1-p10 system having the problem be a simple fix or are there other things I've not considered, like the entropy subsystem being=20 significantly modified between 12.1-R and recent 12-stable? thanks, --=20 J. --BOKacYhQ+x31HxR3 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEE8n3tWhxW11Ccvv9/s8o7QhFzNAUFAl+CdngACgkQs8o7QhFz NAXxFQ/+KwmWfp2gpeWIrDZlb9okyNq4veCTJk9z+NCUGxE0FngYiTLGa+65el4U tnphFtMpfEAQOHa61vwytsm605krlX6ULWaxfjJULvFDiQbNY6urbrW3i0uM7dgt jIJznmFp4bpsfDLtz/+yr+tART2+OgevqPSaVnSuEnBnht8XPyWM0TeO97jFhrUq /mpnQAxVYlfdGjFjSGd2PIdO+dxSTwCxTzOoBZD5hVMzgs0zSIJeHBHS8hIYqHE5 Ulp4N8BMCp+WsAu3v+zgv9gObotyNWC92K0mj5XivRvbnfTd7uh6nK1Mlaw+mTra iCNH+b60V3/5YqQ+20RiH6nMz3tT3au6i4CptP3f8oVxH5FX25BvV6GszwIzIcE6 XwHu/9sfkdk6K+LfunYg0zci5/s/ZgSimp+l2VSCeErm1xjRLX219t5rwgfqAysp C31lME6aOCZS6BaQ63yZK3TPBF7HASaUzwkgBd/IB15o1uTIq4tEXoCLUz7g/C70 pmfbgUNwteSYiXix0JhX9ZmA4Y8o3pBkN4z/j9d6vXdrrMswvy2vDBkQAHwyRZll b7zVbRL2d4n0xD/Ju1ZNtPKWMw0iKtqC3OCdtlWutBOnw+83+i7eLB/Bk7PNulGG aSN/ykSe8NETdnZgyUKB1UUoRAnnSkAWDnzp6URO/KVkqkgKOlM= =+gov -----END PGP SIGNATURE----- --BOKacYhQ+x31HxR3--