Rename MOUNTCRITLOCAL to CRITLOCALMOUNTED to avoid a name collision
on case insensitive file systems

Split the local disk availability step into two phases to allow scripts
that pre-populate parts of the system (e.g. a tmpfs based /var) an
easy place to plug in like:

# REQUIRE: mountcritlocal
# BEFORE: MOUNTCRITLOCAL

This also cleans up the existing special handling a bit by separating it
into new scripts. All later scripts now depend on MOUNTCRITLOCAL.
Discussed on tech-userlevel some time ago.

If no random seed file exists on boot, create one.

rndctl -S triggers entropy consolidation, so whatever we gathered
during kernel startup -- interrupt timings, autoconf timings, &c. --
will be incorporated into the seed and into subsequent data read from
/dev/urandom, just like if rndctl -L had run at this boot, and the
seed will carry them into the next boot too.

But it still avoids frequently consolidating entropy on any regular
schedule, in order to continue to mitigate iterative-guessing
attacks.

Omit needless verbiage in error message.

Pass full pathname to df, and print warning message on failure.

No need to extract dirname; `df -P /var/db/entropy-file' and `df -l
/var/db/entropy-file' work just fine.

Tweak logic to decide whether a medium is safe for an rndseed.

- Teach rndctl to load the seed, but treat it as zero entropy, if the
medium is read-only or if the update fails.

- Teach rndctl to accept `-i' flag instructing it to ignore the
entropy estimate in the seed.

- Teach /etc/rc.d/random_seed to:
(a) assume nonlocal file systems are unsafe, and use -i, but
(b) assume / is safe, even if it is nonlocal.
If the medium is nonwritable, leave it to rndctl to detect that.
(Could use statvfs and check for ST_LOCAL in rndctl, I guess, but I
already implemented it this way.)

Treating nonlocal / as safe is a compromise: it's up to the operator
to secure the network for (e.g.) nfs mounts, but that's true whether
we're talking entropy or not -- if the adversary has access to the
network that you've mounted / from, they can do a lot more damage
anyway; this reduces warning fatigue for diskless systems, e.g. test
racks.

Don't delete the random seed before issuing `rndctl -S'.

`rndctl -S' can replace the file just fine, and deleting it ahead of
time adds a window during which we can lose the seed altogether if
the system is interrupted by a crash or power outage.

XXX pullup

Allow random seed on zfs.

branches: 1.7.24; 1.7.26;
'file system' for consistency with documentation (instead of 'filesystem').

branches: 1.6.8;
better messages, more quoting.

Reinstate the dirname invocations that were recently removed from
rc.d/random_seed. The new dirname shell function provided by rc.subr
will be used, so it should work before the /usr file system is mounted.

This should fix a problem in which the fs_safe shell function failed when
passed the name of a file that did not exist.

Avoid using programs from /usr/bin. This should fix PR 47326.

- no need for "dirname", because "df -G" can take a file name directly.
- replace use of "awk" with a shell while read loop.
- replace use of "stat -s" with "ls -ldn".
- no need for "tail" now that the use of "stat" has changed.

While here, also add some shell quotes and improve the grammar in a comment.

Cause /etc/rc.d/random_seed to be the first script to run
after mountcritlocal. Everything else that runs after
mountcritlocal depends directly or indirectly on bootconf, so
making random_seed run before bootconf has the desired result.

branches: 1.2.2;
It's msdos, not msdosfs.

branches: 1.1.4;

Load entropy at system boot (only works at securelevel < 1); save
at system shutdown. Disable with random_seed=NO in rc.conf if desired.

Goes to some trouble to never load or save to network filesystems.

Entropy should really be loaded by the boot loader but I am still
sorting out how to pass it to the kernel.