random_seed revision 1.1
1 #!/bin/sh 2 # 3 # $NetBSD: random_seed,v 1.1 2011/11/23 10:47:48 tls Exp $ 4 # 5 6 # PROVIDE: random_seed 7 # REQUIRE: mountcritlocal 8 # BEFORE: securelevel 9 # KEYWORD: shutdown 10 11 $_rc_subr_loaded . /etc/rc.subr 12 13 name="random_seed" 14 rcvar=$name 15 start_cmd="random_load" 16 stop_cmd="random_save" 17 18 random_file=${random_file:-/var/db/entropy-file} 19 20 fs_safe() 21 { 22 # 23 # Enforce that the file's on a local filesystem. 24 # Include only the types we can actually write. 25 # 26 fstype=$(df -G $1 | awk '$2 == "fstype" {print $1}') 27 case $fstype in 28 ffs) 29 return 0 30 ;; 31 lfs) 32 return 0 33 ;; 34 ext2fs) 35 return 0; 36 ;; 37 msdosfs) 38 return 0; 39 ;; 40 v7fs) 41 return 0; 42 ;; 43 esac 44 return 1 45 } 46 47 random_load() 48 { 49 if [ -f $random_file ]; then 50 51 if ! fs_safe $(dirname ${random_file}); then 52 return 1 53 fi 54 55 eval $(stat -s ${random_file}) 56 57 # The file must be owned by root, 58 if [ "$st_uid" != "0" ]; then 59 return 1 60 fi 61 # and root read/write only. 62 if [ "$(echo $st_mode | tail -c4)" != "600" ]; then 63 return 1 64 fi 65 66 if rndctl -L ${random_file}; then 67 echo "Loaded entropy from disk." 68 fi 69 70 fi 71 } 72 73 random_save() 74 { 75 oum=$(umask) 76 umask 077 77 78 rm -Pf ${random_file} 79 80 if ! fs_safe $(dirname ${random_file}); then 81 return 1 82 fi 83 84 if rndctl -S ${random_file}; then 85 echo "Saved entropy to disk." 86 fi 87 } 88 89 90 load_rc_config $name 91 run_rc_command "$1" 92
Indexes created Wed Oct 01 15:09:59 GMT 2025