random_seed revision 1.3
1 #!/bin/sh 2 # 3 # $NetBSD: random_seed,v 1.3 2012/11/10 15:10:22 apb Exp $ 4 # 5 6 # PROVIDE: random_seed 7 # REQUIRE: mountcritlocal 8 # BEFORE: securelevel 9 # BEFORE: bootconf 10 # KEYWORD: shutdown 11 # 12 # The "BEFORE: securelevel" is a real dependency, in that 13 # this script won't work if run after the securelevel is changed. 14 # 15 # The "BEFORE: bootconf" is intended to cause this to 16 # be the first script to runs after mountcritlocal. 17 18 $_rc_subr_loaded . /etc/rc.subr 19 20 name="random_seed" 21 rcvar=$name 22 start_cmd="random_load" 23 stop_cmd="random_save" 24 25 random_file=${random_file:-/var/db/entropy-file} 26 27 fs_safe() 28 { 29 # 30 # Enforce that the file's on a local filesystem. 31 # Include only the types we can actually write. 32 # 33 fstype=$(df -G $1 | awk '$2 == "fstype" {print $1}') 34 case $fstype in 35 ffs) 36 return 0 37 ;; 38 lfs) 39 return 0 40 ;; 41 ext2fs) 42 return 0; 43 ;; 44 msdos) 45 return 0; 46 ;; 47 v7fs) 48 return 0; 49 ;; 50 esac 51 return 1 52 } 53 54 random_load() 55 { 56 if [ -f $random_file ]; then 57 58 if ! fs_safe $(dirname ${random_file}); then 59 return 1 60 fi 61 62 eval $(stat -s ${random_file}) 63 64 # The file must be owned by root, 65 if [ "$st_uid" != "0" ]; then 66 return 1 67 fi 68 # and root read/write only. 69 if [ "$(echo $st_mode | tail -c4)" != "600" ]; then 70 return 1 71 fi 72 73 if rndctl -L ${random_file}; then 74 echo "Loaded entropy from disk." 75 fi 76 77 fi 78 } 79 80 random_save() 81 { 82 oum=$(umask) 83 umask 077 84 85 rm -Pf ${random_file} 86 87 if ! fs_safe $(dirname ${random_file}); then 88 return 1 89 fi 90 91 if rndctl -S ${random_file}; then 92 echo "Saved entropy to disk." 93 fi 94 } 95 96 97 load_rc_config $name 98 run_rc_command "$1" 99
Indexes created Wed Oct 01 07:09:59 GMT 2025