Mon Apr 11 20:49:27 UTC 202220220411204927

a/aaa_libraries-15.1-x86_64-3.txz: Rebuilt. Upgraded: libz.so.1.2.12, libexpat.so.1.8.8, libcap.so.2.64, libicudata.so.70.1, libicui18n.so.70.1, libicuio.so.70.1, libicutest.so.70.1, libicutu.so.70.1, libicuuc.so.70.1. The icu4c libraries are from the previous package (for temporary compatibility) and will be removed in a month or so. Removed: liblber-2.4.so.2.11.7, libldap-2.4.so.2.11.7. a/haveged-1.9.18-x86_64-1.txz: Upgraded. I've decided to turn this back on by default in light of comments in README.md. It doesn't hurt to have an additional source of entropy (especially in early boot), and the overhead from running this daemon is negligible. a/sysvinit-scripts-15.0-noarch-11.txz: Rebuilt. rc.S, rc.6: use a temporary umask and more syncing to avoid any races when creating the random seed directory and files. Use the poolsize rather than a hardcoded 512 bytes when creating a non-creditable seed in the fallback scripts. Thanks to Jason A. Donenfeld. a/xfsprogs-5.13.0-x86_64-3.txz: Rebuilt. Recompiled against icu4c-71.1. ap/inxi-3.3.15_1-noarch-1.txz: Upgraded. ap/sqlite-3.38.2-x86_64-2.txz: Rebuilt. Recompiled against icu4c-71.1. d/help2man-1.49.2-x86_64-1.txz: Upgraded. kde/attica-5.93.0-x86_64-1.txz: Upgraded. kde/baloo-5.93.0-x86_64-1.txz: Upgraded. kde/bluez-qt-5.93.0-x86_64-1.txz: Upgraded. kde/breeze-icons-5.93.0-noarch-1.txz: Upgraded. kde/extra-cmake-modules-5.93.0-x86_64-1.txz: Upgraded. kde/frameworkintegration-5.93.0-x86_64-1.txz: Upgraded. kde/kactivities-5.93.0-x86_64-1.txz: Upgraded. kde/kactivities-stats-5.93.0-x86_64-1.txz: Upgraded. kde/kapidox-5.93.0-x86_64-1.txz: Upgraded. kde/karchive-5.93.0-x86_64-1.txz: Upgraded. kde/kauth-5.93.0-x86_64-1.txz: Upgraded. kde/kbookmarks-5.93.0-x86_64-1.txz: Upgraded. kde/kcalendarcore-5.93.0-x86_64-1.txz: Upgraded. kde/kcmutils-5.93.0-x86_64-1.txz: Upgraded. kde/kcodecs-5.93.0-x86_64-1.txz: Upgraded. kde/kcompletion-5.93.0-x86_64-1.txz: Upgraded. kde/kconfig-5.93.0-x86_64-1.txz: Upgraded. kde/kconfigwidgets-5.93.0-x86_64-1.txz: Upgraded. kde/kcontacts-5.93.0-x86_64-1.txz: Upgraded. kde/kcoreaddons-5.93.0-x86_64-1.txz: Upgraded. kde/kcrash-5.93.0-x86_64-1.txz: Upgraded. kde/kdav-5.93.0-x86_64-1.txz: Upgraded. kde/kdbusaddons-5.93.0-x86_64-1.txz: Upgraded. kde/kdeclarative-5.93.0-x86_64-1.txz: Upgraded. kde/kded-5.93.0-x86_64-1.txz: Upgraded. kde/kdelibs4support-5.93.0-x86_64-1.txz: Upgraded. kde/kdesignerplugin-5.93.0-x86_64-1.txz: Upgraded. kde/kdesu-5.93.0-x86_64-1.txz: Upgraded. kde/kdewebkit-5.93.0-x86_64-1.txz: Upgraded. kde/kdnssd-5.93.0-x86_64-1.txz: Upgraded. kde/kdoctools-5.93.0-x86_64-1.txz: Upgraded. kde/kemoticons-5.93.0-x86_64-1.txz: Upgraded. kde/kfilemetadata-5.93.0-x86_64-1.txz: Upgraded. kde/kglobalaccel-5.93.0-x86_64-1.txz: Upgraded. kde/kguiaddons-5.93.0-x86_64-1.txz: Upgraded. kde/kholidays-5.93.0-x86_64-1.txz: Upgraded. kde/khtml-5.93.0-x86_64-1.txz: Upgraded. kde/ki18n-5.93.0-x86_64-1.txz: Upgraded. kde/kiconthemes-5.93.0-x86_64-1.txz: Upgraded. kde/kidletime-5.93.0-x86_64-1.txz: Upgraded. kde/kimageformats-5.93.0-x86_64-1.txz: Upgraded. kde/kinit-5.93.0-x86_64-1.txz: Upgraded. kde/kio-5.93.0-x86_64-1.txz: Upgraded. kde/kirigami2-5.93.0-x86_64-1.txz: Upgraded. kde/kitemmodels-5.93.0-x86_64-1.txz: Upgraded. kde/kitemviews-5.93.0-x86_64-1.txz: Upgraded. kde/kjobwidgets-5.93.0-x86_64-1.txz: Upgraded. kde/kjs-5.93.0-x86_64-1.txz: Upgraded. kde/kjsembed-5.93.0-x86_64-1.txz: Upgraded. kde/kmediaplayer-5.93.0-x86_64-1.txz: Upgraded. kde/knewstuff-5.93.0-x86_64-1.txz: Upgraded. kde/knotifications-5.93.0-x86_64-1.txz: Upgraded. kde/knotifyconfig-5.93.0-x86_64-1.txz: Upgraded. kde/kpackage-5.93.0-x86_64-1.txz: Upgraded. kde/kparts-5.93.0-x86_64-1.txz: Upgraded. kde/kpeople-5.93.0-x86_64-1.txz: Upgraded. kde/kplotting-5.93.0-x86_64-1.txz: Upgraded. kde/kpty-5.93.0-x86_64-1.txz: Upgraded. kde/kquickcharts-5.93.0-x86_64-1.txz: Upgraded. kde/kross-5.93.0-x86_64-1.txz: Upgraded. kde/krunner-5.93.0-x86_64-1.txz: Upgraded. kde/kservice-5.93.0-x86_64-1.txz: Upgraded. kde/ktexteditor-5.93.0-x86_64-1.txz: Upgraded. kde/ktextwidgets-5.93.0-x86_64-1.txz: Upgraded. kde/kunitconversion-5.93.0-x86_64-1.txz: Upgraded. kde/kwallet-5.93.0-x86_64-1.txz: Upgraded. kde/kwayland-5.93.0-x86_64-1.txz: Upgraded. kde/kwidgetsaddons-5.93.0-x86_64-1.txz: Upgraded. kde/kwindowsystem-5.93.0-x86_64-1.txz: Upgraded. kde/kxmlgui-5.93.0-x86_64-1.txz: Upgraded. kde/kxmlrpcclient-5.93.0-x86_64-1.txz: Upgraded. kde/modemmanager-qt-5.93.0-x86_64-1.txz: Upgraded. kde/networkmanager-qt-5.93.0-x86_64-1.txz: Upgraded. kde/oxygen-icons5-5.93.0-noarch-1.txz: Upgraded. kde/plasma-framework-5.93.0-x86_64-1.txz: Upgraded. kde/prison-5.93.0-x86_64-1.txz: Upgraded. kde/purpose-5.93.0-x86_64-1.txz: Upgraded. kde/qqc2-desktop-style-5.93.0-x86_64-1.txz: Upgraded. kde/solid-5.93.0-x86_64-1.txz: Upgraded. kde/sonnet-5.93.0-x86_64-1.txz: Upgraded. kde/syndication-5.93.0-x86_64-1.txz: Upgraded. kde/syntax-highlighting-5.93.0-x86_64-1.txz: Upgraded. kde/threadweaver-5.93.0-x86_64-1.txz: Upgraded. l/boost-1.78.0-x86_64-4.txz: Rebuilt. Recompiled against icu4c-71.1. l/harfbuzz-4.2.0-x86_64-2.txz: Rebuilt. Recompiled against icu4c-71.1. l/icu4c-71.1-x86_64-1.txz: Upgraded. Shared library .so-version bump. l/libcap-2.64-x86_64-1.txz: Upgraded. l/libical-3.0.14-x86_64-3.txz: Rebuilt. Recompiled against icu4c-71.1. l/libqalculate-4.1.1-x86_64-2.txz: Rebuilt. Recompiled against icu4c-71.1. l/libvisio-0.1.7-x86_64-9.txz: Rebuilt. Recompiled against icu4c-71.1. l/nodejs-16.14.2-x86_64-2.txz: Rebuilt. Recompiled against icu4c-71.1. l/qt5-5.15.3_20220407_9b1efa0e-x86_64-1.txz: Upgraded. Compiled against icu4c-71.1. l/qt5-webkit-5.212.0_alpha4-x86_64-9.txz: Rebuilt. Recompiled against icu4c-71.1. l/vte-0.66.2-x86_64-3.txz: Rebuilt. Recompiled against icu4c-71.1. n/dovecot-2.3.18-x86_64-4.txz: Rebuilt. Recompiled against icu4c-71.1. n/links-2.26-x86_64-1.txz: Upgraded. n/openssh-9.0p1-x86_64-1.txz: Upgraded. This update contains some potentially incompatible changes regarding the scp utility. For more information, see: https://www.openssh.com/releasenotes.html#9.0 n/php-7.4.28-x86_64-4.txz: Rebuilt. Recompiled against icu4c-71.1. n/postfix-3.7.0-x86_64-4.txz: Rebuilt. Recompiled against icu4c-71.1. n/samba-4.16.0-x86_64-2.txz: Rebuilt. Recompiled against icu4c-71.1. n/tin-2.6.1-x86_64-3.txz: Rebuilt. Recompiled against icu4c-71.1. t/texlive-2021.210418-x86_64-4.txz: Rebuilt. Recompiled against icu4c-71.1. x/xclock-1.1.1-x86_64-1.txz: Upgraded. x/xdpyinfo-1.3.3-x86_64-1.txz: Upgraded. extra/brltty/brltty-6.4-x86_64-5.txz: Rebuilt. Recompiled against icu4c-71.1. extra/php80/php80-8.0.17-x86_64-2.txz: Rebuilt. Recompiled against icu4c-71.1. extra/php81/php81-8.1.4-x86_64-2.txz: Rebuilt. Recompiled against icu4c-71.1. extra/sendmail/sendmail-8.17.1-x86_64-3.txz: Rebuilt. Recompiled against icu4c-71.1. extra/sendmail/sendmail-cf-8.17.1-noarch-3.txz: Rebuilt.
author: Patrick J Volkerding <volkerdi@slackware.com> 2022-04-11 20:49:27 +0000
committer: Eric Hameleers <alien@slackware.com> 2022-04-12 06:59:46 +0200
commit: 953ba4662ba606085f47de6b2fe08c1a80eb898f (patch)
tree: 12a231673d84c7bf867d925fa6a3b41c2c2808a4 /source/a/sysvinit-scripts/scripts/rc.S
parent: be3b3218759d05ff14a3109334760b1aa701429d (diff)
download: current-953ba4662ba606085f47de6b2fe08c1a80eb898f.tar.gz
current-953ba4662ba606085f47de6b2fe08c1a80eb898f.tar.xz
1 files changed, 25 insertions, 31 deletions
diff --git a/source/a/sysvinit-scripts/scripts/rc.S b/source/a/sysvinit-scripts/scripts/rc.S
index c49140616..6cb7e3915 100644
--- a/source/a/sysvinit-scripts/scripts/rc.S
+++ b/source/a/sysvinit-scripts/scripts/rc.S
@@ -474,44 +474,38 @@ fi
 # to generate good entropy. We'll favor using seedrng, but if it's missing
 # (shouldn't be) then we'll fall back on using the script method.
 if [ -z "$container" ]; then
-  # Make sure the new seed storage directory exists:
-  if [ ! -d /var/lib/seedrng ]; then
-    mkdir -p /var/lib/seedrng
-    chmod 700 /var/lib/seedrng
-  fi
   # If the old /etc/random-seed exists and no seedrng-generated seeds exist,
   # then we might as well use it for non-creditable entropy:
+  OLD_UMASK="$(umask)"
+  umask 077
   if [ -f /etc/random-seed ]; then
-    if ! /bin/ls /var/lib/seedrng/seed.* 1> /dev/null 2> /dev/null ; then
-      echo "Moving /etc/random-seed to /var/lib/seedrng/seed.no-credit."
-      mv /etc/random-seed /var/lib/seedrng/seed.no-credit
-      chmod 400 /var/lib/seedrng/seed.no-credit
-    fi
+    echo "Appending /etc/random-seed to /var/lib/seedrng/seed.no-credit."
+    SEED="$(base64 /etc/random-seed)"
+    rm -f /etc/random-seed
+    sync /etc
+    mkdir -p /var/lib/seedrng
+    echo "$SEED" | base64 -d >> /var/lib/seedrng/seed.no-credit
   fi
   # If we have the seedrng utility, we will use it to initialize the RNG:
   if [ -x /usr/sbin/seedrng ]; then
     /usr/sbin/seedrng
   else # we have to fall back on the old method:
-    if ! /bin/ls /var/lib/seedrng/seed.* 1> /dev/null 2> /dev/null ; then
-      echo "WARNING: no usable RNG seed was found in /var/lib/seedrng."
-    else
-      echo "The SeedRNG utility was not found. Seeding the RNG with an inferior method."
-      SEED="$(cat /var/lib/seedrng/seed.* | base64)"
-      rm -f /var/lib/seedrng/seed.*
-      sync /var/lib/seedrng
-      echo "$SEED" | base64 -d > /dev/urandom
-      # The seed saved below isn't going to be as large as the pool size, but
-      # it would only be used if the power fails before a proper shutdown is
-      # done. Nevertheless we'll try to get a little entropy saved from our
-      # previous seed(s) plus some bits from /dev/urandom (which *might* have
-      # some additional entropy in it). It's probably better than nothing.
-      echo "Saving a new uncreditable seed:  /var/lib/seedrng/seed.no-credit"
-      {
-        head -c 512 /dev/urandom
-        echo "$SEED" | base64 -d
-      } | sha256sum | cut -d ' ' -f 1 > /var/lib/seedrng/seed.no-credit
-      chmod 400 /var/lib/seedrng/seed.no-credit
-      unset SEED
-    fi
+    echo "The SeedRNG utility was not found. Seeding the RNG with an inferior method."
+    SEED="$(cat /var/lib/seedrng/seed.* 2> /dev/null | base64)"
+    rm -f /var/lib/seedrng/seed.*
+    sync /var/lib/seedrng
+    echo "$SEED" | base64 -d > /dev/urandom
+    # The seed saved below isn't going to be as large as the pool size.
+    # Nevertheless we'll try to get a little entropy saved from our
+    # previous seed(s) plus some bits from /dev/urandom (which *might* have
+    # some additional entropy in it). It's probably better than nothing.
+    echo "Saving a new uncreditable seed: /var/lib/seedrng/seed.no-credit"
+    POOLSIZE=$(expr $(cat /proc/sys/kernel/random/poolsize 2> /dev/null || echo 4096) / 8)
+    {
+      head -c $POOLSIZE /dev/urandom
+      echo "$SEED" | base64 -d
+    } | sha512sum | cut -d ' ' -f 1 > /var/lib/seedrng/seed.no-credit
   fi
+  unset SEED
+  umask "$OLD_UMASK"
 fi
author	Patrick J Volkerding <volkerdi@slackware.com>	2022-04-11 20:49:27 +0000
committer	Eric Hameleers <alien@slackware.com>	2022-04-12 06:59:46 +0200
commit	953ba4662ba606085f47de6b2fe08c1a80eb898f (patch)
tree	12a231673d84c7bf867d925fa6a3b41c2c2808a4 /source/a/sysvinit-scripts/scripts/rc.S
parent	be3b3218759d05ff14a3109334760b1aa701429d (diff)
download	current-953ba4662ba606085f47de6b2fe08c1a80eb898f.tar.gz current-953ba4662ba606085f47de6b2fe08c1a80eb898f.tar.xz