[Buildroot] [PATCH v2] package/initscripts: refactor S20urandom

Peter Korsgaard peter at korsgaard.com
Fri Oct 25 19:20:55 UTC 2019


>>>>> "unixmania" == unixmania  <unixmania at gmail.com> writes:

 > From: Carlos Santos <unixmania at gmail.com>
 > Adapt the format to the current template, used in other init scripts,
 > but do not use start/stop functions due to peculiarities.

 > Treat RNG initialization and random seed backup as separate operations.

 > Read /proc/sys/kernel/random/poolsize to calculate the pool size, as
 > suggestred by the urandom manual page.

 > Ensure that the random seed file has the correct size to prevent dumping
 > an empty file to /dev/urandom on the first boot.

 > Save the seed at /var/lib/random-seed as other non-systemd distributions
 > do (e.g.  RHEL6), since /etc can be in a red-only rootfs. The Filesystem
 > Hierarchy Standard defines that /var/lib holds persistent data modified
 > by programs as they run.

 > Users willing to use a different path just need to redefine URANDOM_SEED
 > in /etc/default/urandom instead of rewriting the init script.

 > Signed-off-by: Carlos Santos <unixmania at gmail.com>
 > ---
 > CC: Matthew Weber <matthew.weber at collins.com>
 > ---
 > Changes v1->v2
 >   - Convert start and stop function in init_rng and save_random_seed to
 >     avoid duplicated code.
 >   - Improve sanity checks
 >   - Keep failing gracefully in read-only rootfs cases, as pointed by
 >     Matthew Weber.
 > ---
 >  package/initscripts/init.d/S20urandom | 98 ++++++++++++++++-----------
 >  1 file changed, 60 insertions(+), 38 deletions(-)

 > diff --git a/package/initscripts/init.d/S20urandom b/package/initscripts/init.d/S20urandom
 > index cababe1023..4f6936a200 100644
 > --- a/package/initscripts/init.d/S20urandom
 > +++ b/package/initscripts/init.d/S20urandom
 > @@ -1,51 +1,73 @@
 >  #! /bin/sh
 >  #
 > -# urandom	This script saves the random seed between reboots.
 > -#		It is called from the boot, halt and reboot scripts.
 > -#
 > -# Version:	@(#)urandom  1.33  22-Jun-1998  miquels at cistron.nl
 > +# Preserve the random seed between reboots. See urandom(4).
 >  #
 
 > +# Quietly do nothing if /dev/urandom does not exist
 >  [ -c /dev/urandom ] || exit 0
 > -#. /etc/default/rcS
 
 > -case "$1" in
 > -	start|"")
 > -		# check for read only file system
 > -		if ! touch /etc/random-seed 2>/dev/null
 > -		then
 > -			echo "read-only file system detected...done"
 > -			exit
 > -		fi
 > -		if [ "$VERBOSE" != no ]
 > -		then
 > -			printf "Initializing random number generator... "
 > +URANDOM_SEED="/var/lib/random-seed"
 > +
 > +# shellcheck source=/dev/null
 > +[ -r "/etc/default/urandom" ] && . "/etc/default/urandom"
 > +
 > +if pool_bits=$(cat /proc/sys/kernel/random/poolsize 2> /dev/null); then
 > +	pool_size=$((pool_bits/8))
 > +else
 > +	pool_size=512
 > +fi
 > +
 > +check_file_size() {
 > +	[ -f "$URANDOM_SEED" ] || return 1
 > +	# Try to read two blocks but exactly one will be read if the file has
 > +	# the correct size.
 > +	size=$(dd if="$URANDOM_SEED" bs="$pool_size" count=2 2> /dev/null | wc -c)

That seems like a quite complicated way of checking the size. We indeed
do not enable the stat busybox applet by default, but the only reason
for doing this over just wc -c < $URANDOM_SEED would be to protect
against wasting time reading a huge file.

But OK, it doesn't hurt like this.

 > +	if touch "$URANDOM_SEED" 2> /dev/null; then
 >  		umask 077
 > -		dd if=/dev/urandom of=/etc/random-seed count=1 \
 > -			>/dev/null 2>&1 || echo "urandom start: failed."
 > +		dd if=/dev/urandom of="$URANDOM_SEED" bs="$pool_size" count=1 2> /dev/null
 > +		status=$?
 >  		umask 022

It is not so nice to hardcode 022 here, so I changed it to read the
previous umask value and restore it.

Committed with that change, thanks.

-- 
Bye, Peter Korsgaard


More information about the buildroot mailing list