Re: FYI/RFC: early-rng-init-tools

To: debian-devel@lists.debian.org
Subject: Re: FYI/RFC: early-rng-init-tools
From: Tollef Fog Heen <tfheen@err.no>
Date: Sat, 02 Mar 2019 10:05:18 +0100
Message-id: <[🔎] 87k1hhfxyp.fsf@err.no>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <Pine.BSM.4.64L.1902282028110.27890@herc.mirbsd.org> (Thorsten Glaser's message of "Thu, 28 Feb 2019 20:37:56 +0000 (UTC)")
References: <Pine.BSM.4.64L.1902241918320.19896@herc.mirbsd.org> <20190225190252.kz4kkmm5urbyfvr7@flow> <Pine.BSM.4.64L.1902282028110.27890@herc.mirbsd.org>

]] Thorsten Glaser 

> … this was not true for me. Not before init takes over, anyway (as
> haveged does not have any initramfs integration), but we’re talking
> about “crng init done” here, not “fast init done”. In my scenario,
> haveged was started much too late in the boot to be useful (after
> tomcat, even). But then, I use a non-parallel sysvinit startup. It’s
> fragile anyway; if you install more daemons, for example, it might
> also block before reaching the stage where haveged starts on your
> parallel systemd setup suddenly.

It starts much earlier in a systemd setup; in sysvinit it's in rc2.d,
whereas with systemd it just waits for apparmor.service,
system-random-seed.service and systemd-tmpfiles-setup.service, so the
risk of it being blocked is much smaller.

-- 
Tollef Fog Heen
UNIX is user friendly, it's just picky about who its friends are

Reply to:

Prev by Date: Re: Bug#923300: ITP: golang-github-openshift-imagebuilder -- Builds Dockerfile using the Docker client
Next by Date: Bug#923580: ITP: liburl-search-perl -- module to search for URLs in plain text
Previous by thread: Re: Bug#923300: ITP: golang-github-openshift-imagebuilder -- Builds Dockerfile using the Docker client
Next by thread: Re: FYI/RFC: early-rng-init-tools
Index(es):
- Date
- Thread