etc/rc.d/random

   1 #!/bin/sh
   2 #
   3 # $FreeBSD$
   4 #
   5
   6 # PROVIDE: random
   7 # REQUIRE: FILESYSTEMS
   8 # BEFORE: netif
   9 # KEYWORD: nojail shutdown
  10
  11 . /etc/rc.subr
  12
  13 name="random"
  14 start_cmd="random_start"
  15 stop_cmd="random_stop"
  16
  17 extra_commands="saveseed"
  18 saveseed_cmd="${name}_stop"
  19
  20 save_dev_random()
  21 {
  22         for f ; do
  23                 if :>>"$f" ; then
  24                         debug "saving entropy to $f"
  25                         dd if=/dev/random of="$f" bs=4096 count=1 2>/dev/null
  26                 fi
  27         done
  28 }
  29
  30 feed_dev_random()
  31 {
  32         for f ; do
  33                 if [ -f "$f" -a -r "$f" -a -s "$f" ] ; then
  34                         if dd if="$f" of=/dev/random bs=4096 2>/dev/null ; then
  35                                 debug "entropy read from $f"
  36                                 rm -f "$f"
  37                         fi
  38                 fi
  39         done
  40 }
  41
  42 random_start()
  43 {
  44         echo -n 'Feeding entropy:'
  45
  46         if [ ! -w /dev/random ] ; then
  47                 warn "/dev/random is not writeable"
  48                 return 1
  49         fi
  50
  51         # Reseed /dev/random with previously stored entropy.
  52         case ${entropy_dir:=/var/db/entropy} in
  53         [Nn][Oo])
  54                 ;;
  55         *)
  56                 if [ -d "${entropy_dir}" ] ; then
  57                         feed_dev_random "${entropy_dir}"/*
  58                 fi
  59                 ;;
  60         esac
  61
  62         case ${entropy_file:=/entropy} in
  63         [Nn][Oo] | '')
  64                 ;;
  65         *)
  66                 feed_dev_random "${entropy_file}" /var/db/entropy-file
  67                 save_dev_random "${entropy_file}"
  68                 ;;
  69         esac
  70
  71         echo '.'
  72 }
  73
  74 random_stop()
  75 {
  76         # Write some entropy so when the machine reboots /dev/random
  77         # can be reseeded
  78         #
  79         case ${entropy_file:=/entropy} in
  80         [Nn][Oo] | '')
  81                 ;;
  82         *)
  83                 echo -n 'Writing entropy file:'
  84                 rm -f ${entropy_file} 2> /dev/null
  85                 oumask=`umask`
  86                 umask 077
  87                 if touch ${entropy_file} 2> /dev/null; then
  88                         entropy_file_confirmed="${entropy_file}"
  89                 else
  90                         # Try this as a reasonable alternative for read-only
  91                         # roots, diskless workstations, etc.
  92                         rm -f /var/db/entropy-file 2> /dev/null
  93                         if touch /var/db/entropy-file 2> /dev/null; then
  94                                 entropy_file_confirmed=/var/db/entropy-file
  95                         fi
  96                 fi
  97                 case ${entropy_file_confirmed} in
  98                 '')
  99                         warn 'write failed (read-only fs?)'
 100                         ;;
 101                 *)
 102                         dd if=/dev/random of=${entropy_file_confirmed} \
 103                            bs=4096 count=1 2> /dev/null
 104                         echo '.'
 105                         ;;
 106                 esac
 107                 umask ${oumask}
 108                 ;;
 109         esac
 110 }
 111
 112 load_rc_config $name
 113 run_rc_command "$1"