1 files changed, 15 insertions, 14 deletions

diff --git a/source/a/sysvinit-scripts/scripts/rc.6 b/source/a/sysvinit-scripts/scripts/rc.6
index 1ebe12b69..6370a1a86 100644
--- a/source/a/sysvinit-scripts/scripts/rc.6
+++ b/source/a/sysvinit-scripts/scripts/rc.6
@@ -223,26 +223,27 @@ if [ -z "$container" ]; then
   # Any old seed that exists here shall be deemed useless:
   if [ -f /etc/random-seed ]; then
     rm -f /etc/random-seed
+    sync /etc
   fi
   if [ -x /usr/sbin/seedrng ]; then
     /usr/sbin/seedrng
   else # we have to fall back on the old method:
-    # Make sure the new seed storage directory exists:
-    if [ ! -d /var/lib/seedrng ]; then
-      mkdir -p /var/lib/seedrng
-      chmod 700 /var/lib/seedrng
-    fi
+    OLD_UMASK="$(umask)"
+    umask 077
+    mkdir -p /var/lib/seedrng
     echo "The SeedRNG utility was not found. Generating a non-creditable and"
     echo "inferior RNG seed: /var/lib/seedrng/seed.no-credit"
-    # To get a seed that matches the pool size, we'll use dd. This assumes that
-    # by the time the machine was shut down that the kernel had generated nearly
-    # a full entropy pool, but there is no guarantee of this.
-    if [ -r /proc/sys/kernel/random/poolsize ]; then
-      /bin/dd if=/dev/urandom of=/var/lib/seedrng/seed.no-credit count=1 bs=$(expr $(cat /proc/sys/kernel/random/poolsize) / 8) 2> /dev/null
-    else
-      /bin/dd if=/dev/urandom of=/var/lib/seedrng/seed.no-credit count=1 bs=512 2> /dev/null
-    fi
-    /bin/chmod 400 /var/lib/seedrng/seed.no-credit
+    SEED="$(cat /var/lib/seedrng/seed.* 2>/dev/null | base64)"
+    rm -f /var/lib/seedrng/seed.*
+    sync /var/lib/seedrng
+    POOLSIZE=$(expr $(cat /proc/sys/kernel/random/poolsize 2> /dev/null || echo 4096) / 8)
+    {
+      head -c $POOLSIZE /dev/urandom
+      echo "$SEED" | base64 -d
+    } | sha512sum | cut -d ' ' -f 1 > /var/lib/seedrng/seed.no-credit
+    umask "$OLD_UMASK"
+    unset OLD_UMASK
+    unset SEED
   fi
 fi