Date: Thu, 17 Jul 2014 09:33:29 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 191918] New: /usr/libexec/save-entropy wastes entropy for each running jail Message-ID: <bug-191918-8@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=191918 Bug ID: 191918 Summary: /usr/libexec/save-entropy wastes entropy for each running jail Product: Base System Version: 9.2-STABLE Hardware: Any OS: Any Status: Needs Triage Severity: Affects Some People Priority: --- Component: misc Assignee: freebsd-bugs@FreeBSD.org Reporter: eugen@grosbein.net Created attachment 144748 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=144748&action=edit stop save-ontropy if jailed /etc/rc.d/initrandom uses saved entropy to seed it to /dev/random. This script has "KEYWORD: nojail" so it is not run when full-blown jail starts, that's just fine. Default /etc/crontab runs /usr/libexec/save-entropy to save entropy for host and for each jail, that's not fine. Jailed /usr/libexec/save-entropy invocations just waste entropy. Workaround: comment out /usr/libexec/save-entropy in /etc/crontab for each running jail and each future jail. Fix: use attached patch to fix save-entropy so it just stops if jailed. -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-191918-8>