- 'random' implemented as an upstart job – this is an important dependency

  for sensitive services

svn-id: @11416

diff --git a/Makefile.am b/Makefile.am
index f70f9f9369e53f3c9cfe2789ca862737e3607bbb..d99b37b94c45d8a37c9f5c2e24a459beb07aea64 100644 (file)
--- a/Makefile.am
+++ b/Makefile.am
@@ -2,7 +2,7 @@
 #      $Id$
 #
 
-SUBDIRS = src ppp isapnp sysconfig rc.d doc man po
+SUBDIRS = src ppp isapnp sysconfig rc.d doc man po init
 
 sysconf_DATA = \
        adjtime \

diff --git a/configure.ac b/configure.ac
index dd2755d3e7d2ada888e0065e33cf204f1a82c42f..76dbf1ecbe0646f3728b9e7aecb2d9ea880987cc 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -28,6 +28,7 @@ updir='${sysconfigdir}/interfaces/up.d'
 downdir='${sysconfigdir}/interfaces/down.d'
 networkscriptsdir='${sysconfigdir}/network-scripts'
 rcdir='${sysconfdir}/rc.d'
+initdir='${sysconfdir}/init'
 docdir="${prefix}/doc/$PACKAGE-$VERSION"
 
 dnl i18n support
@@ -106,6 +107,7 @@ AC_SUBST(sysconfigdir)
 AC_SUBST(updir)
 AC_SUBST(downdir)
 AC_SUBST(rcdir)
+AC_SUBST(initdir)
 AC_SUBST(docdir)
 AC_SUBST(GLIBDIR)
 AC_SUBST(GLIBNAME)
@@ -222,5 +224,6 @@ AC_CONFIG_FILES([Makefile \
        sysconfig/interfaces/down.d/tnl/Makefile \
        rc.d/Makefile rc.d/init.d/Makefile \
        po/Makefile \
+       init/Makefile \
        ])
 AC_OUTPUT

diff --git a/init/Makefile.am b/init/Makefile.am
new file mode 100644 (file)
index 0000000..2e7a9a8
--- /dev/null
+++ b/init/Makefile.am
@@ -0,0 +1,7 @@
+@SET_MAKE@
+
+initdir = @initdir@
+
+init_DATA = random.conf
+
+EXTRA_DIST = $(init_DATA)

diff --git a/init/random.conf b/init/random.conf
new file mode 100644 (file)
index 0000000..1fdb26a
--- /dev/null
+++ b/init/random.conf
@@ -0,0 +1,27 @@
+description "Save random entropy on shutdown and restore it at boot time" 
+
+start on pld.sysinit_done
+stop on pld.shutdown_started
+
+env SEED_FILE=/var/run/random-seed
+
+pre-start script
+       poolfile=/proc/sys/kernel/random/poolsize
+       [ -r $poolfile ] && bytes="$(cat $poolfile)" || bytes=512
+       if [ -f $SEED_FILE ]; then
+               cat $SEED_FILE >/dev/urandom
+       else
+               touch $SEED_FILE
+       fi
+       chmod 600 $SEED_FILE
+       dd if=/dev/urandom of=$SEED_FILE count=1 bs=$bytes 2>/dev/null
+end script
+
+post-stop script
+       poolfile=/proc/sys/kernel/random/poolsize
+       [ -r $poolfile ] && bytes="$(cat $poolfile)" || bytes=512
+       touch $SEED_FILE
+       chmod 600 $SEED_FILE
+       dd if=/dev/urandom of=$SEED_FILE count=1 bs=$bytes 2>/dev/null
+end script
+

diff --git a/rc.d/init.d/random b/rc.d/init.d/random
index df2a7084a02feb88697953b895d22a109cfaf76d..046005adb652265b0037881a9a1ba56d0dc93d7d 100644 (file)
--- a/rc.d/init.d/random
+++ b/rc.d/init.d/random
@@ -12,16 +12,20 @@
 # Source function library.
 . /etc/rc.d/init.d/functions
 
+upstart_controlled start stop
+
 random_seed=/var/run/random-seed
 
 poolfile=/proc/sys/kernel/random/poolsize
 [ -r $poolfile ] && bytes="$(cat $poolfile)" || bytes=512
 
+
 # See how we were called.
 case "$1" in
   start)
        # Check if the service is already running?
        if [ ! -f /var/lock/subsys/random ]; then
+               emit starting JOB=random
                show "Initializing random number generator"
                busy
                # Carry a random seed from start-up to start-up
@@ -35,11 +39,13 @@ case "$1" in
                touch /var/lock/subsys/random
                deltext
                ok
+               emit started JOB=random
        fi
        ;;
   stop)
        if [ -f /var/lock/subsys/random ]; then
                # Carry a random seed from shut-down to start-up
+               emit stopping JOB=random
                show "Saving random seed"
                busy
                touch $random_seed
@@ -49,6 +55,7 @@ case "$1" in
                rm -f /var/lock/subsys/random
                deltext
                ok
+               emit stopped JOB=random
        fi
        ;;
   status)