| 272461 |
03-Oct-2014 |
gjb |
Copy stable/10@r272459 to releng/10.1 as part of
the 10.1-RELEASE process.
Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation
|
| 269220 |
29-Jul-2014 |
delphij |
MFC r268979:
Don't save entropy inside jails.
As of r126744, we no longer feed the entropy device in jails upon
start, and collecting them is no longer useful.
PR: conf/126744
Submitted by: Eugene Grosbein <eugen grosbein net> (with minor changes)
Approved by: so (des)
|
| 256281 |
10-Oct-2013 |
gjb |
Copy head (r256279) to stable/10 as part of the 10.0-RELEASE cycle.
Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation
|
| 240090 |
04-Sep-2012 |
dougb |
1. Use install -d to create the entropy_dir if missing so that we can do it
all in one command, with no permissions race.
2. Simplify the rotation logic by cd'ing into the directory, with a test
to make sure that it succeeds.
3. Remove any files numbered higher than entropy_save_num. This helps when
the user reduces the number, and may be useful for other purposes down
the road.
4. Simplify the rotation logic by first testing the common case (it's a
regular file) then testing if something else exists with the same name
using elif. Also switch from using jot to simpler countdown format.
5. Fix logger lines and error messages to be more consistent, and wrap the
code more consistently in the 80 column range. The "not a regular file"
error message was mistakenly wrapped entirely in "quotes" which caused
logger to include line-wrapping whitespace. Change that to wrap only
the variables in quotes, which is both consistent and works better.
6. Update copyright to reflect the fact that changes were made this year.
Parts of 2-4 were taken from etc/periodic/daily/310.accounting
|
| 161683 |
28-Aug-2006 |
dougb |
1. Attempt to take one bullet out of the foot-shooting gun by silently
ignoring errors when sourcing rc.conf* files. The most common error
occurs when users put a command of some sort into those files.
(ifconfig is a popular choice)
2. Make the file rotation logic simpler by starting one down from
the "top" of the list, rather than at the top.
3. Try to make file rotation more secure by calling unlink(1) on all
new file names before rotating an old file to the new name, rather than
merely calling 'rm -f' on any files that exceed the number of files
to save.
|
| 144889 |
11-Apr-2005 |
dougb |
The script mistakenly ignores the entropy_save_sz variable from
rc.conf[.local]. Fix this, and leave the default as 2048.
Update the copyright year to include the present.
Update the assignment of the copyright to be me personally,
instead of "The FreeBSD Project" which is not a legal entity,
and therefore not a proper assignee. My intention remains the
same however, that this code continue to be BSD licensed, and
freely available to anyone that wants it under those terms.
PR: conf/75722
Submitted by: Nicolas Rachinsky <list@rachinsky.de>
|
| 139103 |
21-Dec-2004 |
ru |
Start the dreaded NOFOO -> NO_FOO conversion.
OK'ed by: core
|
| 112940 |
01-Apr-2003 |
ru |
Mark bits that do not require an object directory as such.
|
| 75286 |
07-Apr-2001 |
ru |
beforeinstall -> SCRIPTS.
|
| 71014 |
14-Jan-2001 |
dougb |
Move the process of storing entropy from /dev/random and reseeding with
it at boot time closer to the way we want it to be in the final version.
* Move the default directory to /var/db/entropy
* Run the entropy saving cron job every 11 minutes. This seems
to be a better default, although still bikeshed material.
* Feed /dev/random some cheesy "entropy" from various commands
and files before the disks are mounted. This gives /dev/random
a better chance of running without blocking early.
* Move the reseeding with previously stored entropy to the point
immediately after the disks are mounted.
* Make the harvesting script a little safer in regards to the
possibility of accidentally overwriting something other
than a regular file.
|
| 70922 |
11-Jan-2001 |
dougb |
Add a system to save entropy from /dev/random periodically so that
it can be used to reseed at boot time. This will greatly increase
the chances that there will be sufficient entropy available at
boot time to prevent long delays.
For /etc/rc, remove the vmstat and iostat runs from the attempt
to provide some cheesy randomness if the files fail, since
those programs are dynamically linked, and ldd seems to want
some randomness to do its magic.
Guidance and parameters for this project were provided by
Mark Murray, based on the requirements of the Yarrow
algorithm. Some helpful suggestions for implementation
(including the tip about iostat and vmstat) were provided
by Sheldon Hearn. All blame for problems or mistakes is
mine of course.
|