From 1c30e25f4adf015865d57a7b5ab670cde446c82c Mon Sep 17 00:00:00 2001
From: John Denker <jsd@av8n.com>
Date: Tue, 5 Nov 2013 17:00:29 -0700
Subject: first draft: urandom.conf startup script

---
 urandom.conf | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)
 create mode 100644 urandom.conf

diff --git a/urandom.conf b/urandom.conf
new file mode 100644
index 0000000..1b40057
--- /dev/null
+++ b/urandom.conf
@@ -0,0 +1,29 @@
+# urandom - load seed-file into kernel pseudorandom number generator
+#
+# This task is run on startup, as early as possible.
+
+description     "load seed-file into urandom"
+
+# Initialize the PRNG as early as possible.
+# Actually, nothing upstart can do is early enough,
+# but this is better than nothing.
+# Note that the root filesystem is probably still read-only at this point.
+start on startup
+
+# The "urandom" event means the PRNG has been initialized.
+# You it may be possible to use /dev/random before this, at your own risk.
+emits urandom
+
+task
+console output
+
+script
+  SAVEDFILE=/var/lib/urandom/random-seed        # probably belongs in a config file
+  if test -r "$SAVEDFILE" ; then
+    cat "$SAVEDFILE" > /dev/urandom
+    initctl emit urandom
+  fi
+end script
+
+# The seed file SHOULD NOT be reused.
+# We rely on urandom-save and urandom-adios to rewrite the seed file.
-- 
cgit v1.2.3