Hi, On Tue, Jun 17, 2014 at 12:33 PM, Justus Winter <4win...@informatik.uni-hamburg.de> wrote: > Quoting David Michael (2014-06-16 21:08:19) >> (I'm not married to the seed file argument, in case there is a >> better default location for it.) > > For the record, Debian uses /var/spool/random-seed.
The seed file was stored in various locations on different systems--/var/spool/ in Debian, /var/lib/ in RHEL, /var/run/ in random(4), /var/lib/systemd/ in most distros these days--so I just picked the one closest to my interpretation of the FHS. (I actually think /var/lib/misc/ is the most FHS-compliant location in this case but found no precedence for systems using it after a cursory look.) I'd be happy to go with the Debian location, too, if upstream Hurd is to follow those conventions. >> + random) >> + st $I root 644 /hurd/random --secure --seed-file >> /var/lib/random-seed;; > > But --secure doesn't seem to work yet, aiui we lack entropy sources. > The Debian package however contains a patch to make --fast the > default. You could drop --secure, as it is the default in the stock > sources, and will be in the Debian package once this issue is > addressed. Okay, thanks. I saw that /dev/random used the default level on Debian Hurd, but I didn't notice it was patched away from --secure. Perhaps it would be best to hold off on applying this if /dev/random won't have entropy behind it. Thanks. David
