first draft: urandom-save

1 files changed, 25 insertions, 0 deletions

diff --git a/urandom-save.conf b/urandom-save.conf
new file mode 100644
index 0000000..eecac2d
--- /dev/null
+++ b/urandom-save.conf
@@ -0,0 +1,25 @@
+# urandom-save - save a new seed-file, for use by kernel PRNG at next boot
+#
+
+description     "save seed-file for use by kernel PRNG"
+
+# a) We should refresh the seed-file as soon as possible
+# i.e. as soon as the filesystem is mounted and writeable.
+# b) We should also refresh it again as late as possible,
+# i.e. when shutting down, i.e. runlevels other than 2345
+start on (filesystem or runlevel [!2345])
+
+task
+console output
+
+script
+  SAVEDFILE=/var/lib/urandom/random-seed        # probably belongs in a config file
+# 512 is usually the right size, as documented in drivers/char/random.c
+  POOLSIZE=512                     # size in bytes
+  if test -f /proc/sys/kernel/random/poolsize  \
+         && ProcPoolSize="$(cat /proc/sys/kernel/random/poolsize)" ; then
+# Kernels 2.6.12 and later report poolsize in bits; we convert to bytes here:
+    POOLSIZE=$((ProcPoolSize/8))
+  fi
+  dd if=/dev/urandom of=$SAVEDFILE bs=$POOLSIZE count=1 >/dev/null 2>&1
+end script