9 # KEYWORD: nojail shutdown
14 start_cmd="random_start"
15 stop_cmd="random_stop"
17 extra_commands="saveseed"
18 saveseed_cmd="${name}_stop"
24 debug "saving entropy to $f"
25 dd if=/dev/random of="$f" bs=4096 count=1 2>/dev/null
33 if [ -f "$f" -a -r "$f" -a -s "$f" ] ; then
34 if dd if="$f" of=/dev/random bs=4096 2>/dev/null ; then
35 debug "entropy read from $f"
45 if [ ${harvest_mask} -gt 0 ]; then
46 echo -n 'Setting up harvesting:'
47 ${SYSCTL} kern.random.harvest.mask=${harvest_mask} > /dev/null
48 ${SYSCTL_N} kern.random.harvest.mask_symbolic
51 echo -n 'Feeding entropy:'
53 if [ ! -w /dev/random ] ; then
54 warn "/dev/random is not writeable"
58 # Reseed /dev/random with previously stored entropy.
59 case ${entropy_dir:=/var/db/entropy} in
63 if [ -d "${entropy_dir}" ] ; then
64 feed_dev_random "${entropy_dir}"/*
69 case ${entropy_file:=/entropy} in
73 feed_dev_random "${entropy_file}" /var/db/entropy-file
74 save_dev_random "${entropy_file}"
78 case ${entropy_boot_file:=/boot/entropy} in
82 save_dev_random "${entropy_boot_file}"
91 # Write some entropy so when the machine reboots /dev/random
94 case ${entropy_file:=/entropy} in
98 echo -n 'Writing entropy file:'
99 rm -f ${entropy_file} 2> /dev/null
102 if touch ${entropy_file} 2> /dev/null; then
103 entropy_file_confirmed="${entropy_file}"
105 # Try this as a reasonable alternative for read-only
106 # roots, diskless workstations, etc.
107 rm -f /var/db/entropy-file 2> /dev/null
108 if touch /var/db/entropy-file 2> /dev/null; then
109 entropy_file_confirmed=/var/db/entropy-file
112 case ${entropy_file_confirmed} in
114 warn 'write failed (read-only fs?)'
117 dd if=/dev/random of=${entropy_file_confirmed} \
118 bs=4096 count=1 2> /dev/null ||
119 warn 'write failed (unwriteable file or full fs?)'
126 case ${entropy_boot_file:=/boot/entropy} in
130 echo -n 'Writing early boot entropy file:'
131 rm -f ${entropy_boot_file} 2> /dev/null
134 if touch ${entropy_boot_file} 2> /dev/null; then
135 entropy_boot_file_confirmed="${entropy_boot_file}"
137 case ${entropy_boot_file_confirmed} in
139 warn 'write failed (read-only fs?)'
142 dd if=/dev/random of=${entropy_boot_file_confirmed} \
143 bs=4096 count=1 2> /dev/null ||
144 warn 'write failed (unwriteable file or full fs?)'