random translator
Hello,
/dev/u?random translators are required for e.g. proper ssh and opengpg.
ATM hurd depends on random-egd, which poses problem since it depends on
a module which is provided by perl, which does not have the "required"
priority, and since perl depends on hurd too, we get a dependency loop
which leeds to immediat configuration issues.
We've asked perl maintainers whether they could move the modules to
perl-base to avoid the issue, but that's of course not an easy thing to
ask.
There are couple other solutions on
https://www.gnu.org/software/hurd/hurd/translator/random.html
and notably Marcus' random translator, which does already work, and
avoids the perl dependency completely since it's pure C. It would also
avoid a separate daemon, which looks like a good thing to me.
The advantage of egd is that it already has some rules to gather entropy
from e.g. vmstat, w, df, etc. But that could easily be added to Marcus'
random translator later.
What do people think about it? I've attached a tested migration patch.
Samuel
diff --git a/debian/changelog b/debian/changelog
index 1a412ee..d85b3f8 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -7,8 +7,11 @@ hurd (20110519-4) UNRELEASED; urgency=low
* patches/libdiskfs_sync.patch: New patch to fix sync at shutdown.
* local/setup-translators: Set up entropy socket in /var/run instead of
/tmp, as the latter is world-writable.
+ * patches/libpthread_procfs.patch: Add random server.
+ * debian/control, debian/local/setup-translators: Use native random server
+ instead of random-egd.
- -- Samuel Thibault <sthibault@debian.org> Mon, 01 Aug 2011 22:53:23 +0200
+ -- Samuel Thibault <sthibault@debian.org> Thu, 18 Aug 2011 01:15:04 +0000
hurd (20110519-3) unstable; urgency=low
diff --git a/debian/control b/debian/control
index 289df72..969dc9e 100644
--- a/debian/control
+++ b/debian/control
@@ -16,12 +16,12 @@ Vcs-Git: git://git.debian.org/pkg-hurd/hurd.git
Package: hurd
Essential: yes
-Depends: ${misc:Depends}, sysv-rc, ${shlibs:Depends}, random-egd
+Depends: ${misc:Depends}, sysv-rc, ${shlibs:Depends}
Breaks: gnumach (<< 2:1.3.99.dfsg.cvs20070526-1), libc0.3 (<< 2.11.2-12)
Suggests: hurd-doc
-Provides: makedev, login
-Replaces: makedev, login
-Conflicts: makedev, login
+Provides: makedev, login, random-egd
+Replaces: makedev, login, random-egd
+Conflicts: makedev, login, random-egd
Architecture: hurd-i386
Description: The GNU Hurd
This is the GNU Hurd package. It contains essential system software and
diff --git a/debian/hurd.postinst b/debian/hurd.postinst
index 965f8ab..dbeef4b 100644
--- a/debian/hurd.postinst
+++ b/debian/hurd.postinst
@@ -57,6 +57,12 @@ fi
if [ "$1" = configure ] && [ "$2" ]; then
# Upgrade: create the missing device and server nodes
+ if showtrans /dev/random 2> /dev/null | grep -q entropy.sock
+ then
+ # old random-egd translator, remove
+ settrans -g /dev/random
+ settrans -g /dev/urandom
+ fi
/usr/lib/hurd/setup-translators -K
fi
diff --git a/debian/local/setup-translators b/debian/local/setup-translators
index 57dd676..f568465 100755
--- a/debian/local/setup-translators
+++ b/debian/local/setup-translators
@@ -145,8 +145,8 @@ else
md ptyq
md lprX 0123
md comX 0123
- st random 'random /var/run/entropy.sock' random
- st urandom 'random -u /var/run/entropy.sock' urandom
+ st random 'random --seed-file /var/run/random-seed --fast' random
+ st urandom 'random --seed-file /var/run/random-seed --fast' urandom
fi
st kbd 'symlink cons/kbd' kbd
diff --git a/debian/patches/libpthread_procfs.patch b/debian/patches/libpthread_procfs.patch
index 8e99f57..2ad9e2e 100644
--- a/debian/patches/libpthread_procfs.patch
+++ b/debian/patches/libpthread_procfs.patch
@@ -19,7 +19,7 @@ Index: hurd-debian/Makefile
hostmux usermux ftpfs trans \
console-client utils sutils ufs-fsck ufs-utils \
- benchmarks fstests
-+ benchmarks fstests procfs
++ benchmarks fstests procfs random
# Other directories
other-subdirs = hurd doc config release include
Reply to: