random_seed revision 1.5
1 #!/bin/sh 2 # 3 # $NetBSD: random_seed,v 1.5 2012/12/17 18:20:50 apb Exp $ 4 # 5 6 # PROVIDE: random_seed 7 # REQUIRE: mountcritlocal 8 # BEFORE: securelevel 9 # BEFORE: bootconf 10 # KEYWORD: shutdown 11 # 12 # The "BEFORE: securelevel" is a real dependency, in that 13 # this script won't work if run after the securelevel is changed. 14 # 15 # The "BEFORE: bootconf" is intended to cause this to 16 # be the first script that runs after mountcritlocal. 17 18 $_rc_subr_loaded . /etc/rc.subr 19 20 name="random_seed" 21 rcvar=$name 22 start_cmd="random_load" 23 stop_cmd="random_save" 24 25 random_file=${random_file:-/var/db/entropy-file} 26 27 fs_safe() 28 { 29 # 30 # Enforce that the file's on a local filesystem. 31 # Include only the types we can actually write. 32 # 33 fstype=$(df -G "$1" | 34 while read line ; do 35 set -- $line 36 if [ "$2" = "fstype" ]; then echo "$1" ; break ; fi 37 done ) 38 case $fstype in 39 ffs) 40 return 0 41 ;; 42 lfs) 43 return 0 44 ;; 45 ext2fs) 46 return 0; 47 ;; 48 msdos) 49 return 0; 50 ;; 51 v7fs) 52 return 0; 53 ;; 54 esac 55 return 1 56 } 57 58 random_load() 59 { 60 if [ -f $random_file ]; then 61 62 if ! fs_safe "$(dirname "${random_file}")"; then 63 return 1 64 fi 65 66 set -- $(ls -ldn "${random_file}") 67 st_mode="$1" # should be "-rw-------" 68 st_uid="$3" # should be "0" for root 69 70 # The file must be owned by root, 71 if [ "$st_uid" != "0" ]; then 72 return 1 73 fi 74 # and root read/write only. 75 if [ "$st_mode" != "-rw-------" ]; then 76 return 1 77 fi 78 79 if rndctl -L "${random_file}"; then 80 echo "Loaded entropy from disk." 81 fi 82 83 fi 84 } 85 86 random_save() 87 { 88 oum=$(umask) 89 umask 077 90 91 rm -Pf "${random_file}" 92 93 if ! fs_safe "$(dirname "${random_file}")"; then 94 return 1 95 fi 96 97 if rndctl -S "${random_file}"; then 98 echo "Saved entropy to disk." 99 fi 100 } 101 102 103 load_rc_config $name 104 run_rc_command "$1" 105
Indexes created Wed Oct 01 19:09:53 GMT 2025