198184Sgordon#!/bin/sh 298184Sgordon# 398184Sgordon# $FreeBSD$ 498184Sgordon# 598184Sgordon 698184Sgordon# PROVIDE: random 7240336Sobrien# REQUIRE: initrandom FILESYSTEMS 8113676Smtm# BEFORE: netif 9136224Smtm# KEYWORD: nojail shutdown 1098184Sgordon 1198184Sgordon. /etc/rc.subr 1298184Sgordon 1398184Sgordonname="random" 1498184Sgordonstart_cmd="random_start" 1598184Sgordonstop_cmd="random_stop" 1698184Sgordon 17239569Sobrienextra_commands="saveseed" 18239569Sobriensaveseed_cmd="${name}_stop" 19239569Sobrien 2098184Sgordonfeed_dev_random() 2198184Sgordon{ 2298184Sgordon if [ -f "${1}" -a -r "${1}" -a -s "${1}" ]; then 2398184Sgordon cat "${1}" | dd of=/dev/random bs=8k 2>/dev/null 2498184Sgordon fi 2598184Sgordon} 2698184Sgordon 2798184Sgordonrandom_start() 2898184Sgordon{ 2998184Sgordon # Reseed /dev/random with previously stored entropy. 3098184Sgordon case ${entropy_dir} in 3198184Sgordon [Nn][Oo]) 3298184Sgordon ;; 3398184Sgordon *) 3498184Sgordon entropy_dir=${entropy_dir:-/var/db/entropy} 3598184Sgordon if [ -d "${entropy_dir}" ]; then 3698184Sgordon if [ -w /dev/random ]; then 3798184Sgordon for seedfile in ${entropy_dir}/*; do 3898184Sgordon feed_dev_random "${seedfile}" 3998184Sgordon done 4098184Sgordon fi 4198184Sgordon fi 4298184Sgordon ;; 4398184Sgordon esac 4498184Sgordon 4598184Sgordon case ${entropy_file} in 4698184Sgordon [Nn][Oo] | '') 4798184Sgordon ;; 4898184Sgordon *) 4998184Sgordon if [ -w /dev/random ]; then 5098184Sgordon feed_dev_random "${entropy_file}" 51167185Snjl feed_dev_random /var/db/entropy-file 5298184Sgordon fi 5398184Sgordon ;; 5498184Sgordon esac 5598184Sgordon} 5698184Sgordon 5798184Sgordonrandom_stop() 5898184Sgordon{ 59125580Sjohan # Write some entropy so when the machine reboots /dev/random 6098184Sgordon # can be reseeded 6198184Sgordon # 6298184Sgordon case ${entropy_file} in 6398184Sgordon [Nn][Oo] | '') 6498184Sgordon ;; 6598184Sgordon *) 6698184Sgordon echo -n 'Writing entropy file:' 67167185Snjl rm -f ${entropy_file} 2> /dev/null 6898184Sgordon oumask=`umask` 6998184Sgordon umask 077 70167185Snjl if touch ${entropy_file} 2> /dev/null; then 7198184Sgordon entropy_file_confirmed="${entropy_file}" 7298184Sgordon else 7398184Sgordon # Try this as a reasonable alternative for read-only 7498184Sgordon # roots, diskless workstations, etc. 75167185Snjl rm -f /var/db/entropy-file 2> /dev/null 76167185Snjl if touch /var/db/entropy-file 2> /dev/null; then 77144891Sdougb entropy_file_confirmed=/var/db/entropy-file 7898184Sgordon fi 7998184Sgordon fi 8098184Sgordon case ${entropy_file_confirmed} in 8198184Sgordon '') 82167185Snjl warn 'write failed (read-only fs?)' 8398184Sgordon ;; 8498184Sgordon *) 8598184Sgordon dd if=/dev/random of=${entropy_file_confirmed} \ 8698184Sgordon bs=4096 count=1 2> /dev/null 8798184Sgordon echo '.' 8898184Sgordon ;; 8998184Sgordon esac 9098184Sgordon umask ${oumask} 9198184Sgordon ;; 9298184Sgordon esac 9398184Sgordon} 9498184Sgordon 9598184Sgordonload_rc_config $name 9698184Sgordonrun_rc_command "$1" 97