> For testing, it is important to be able to use Random instead of > SecureRandom. We should never be using the OS entropy for unit tests. >
Is this feasible to do? I assume that going that road implies scanning through all objects and classes and override the methods to consume "java.util.Random" instead of "SecureRandom". For example, the JVM may get stuck initializing "KeyGenerator", and changing that to Random seems a painful task. urandom is a perfectly acceptable option. I am not sure who maintains the > pre-commit machines these days. > Another thing to put into consideration is that changing the Java config will only fix the problem for Java, but the Docker image may get stuck with a similar issue in native or SSL. This makes installing the rng service the reliable way to make the docker image stable. > On Tue, Jan 14, 2020 at 1:05 PM Ahmed Hussein <a...@ahussein.me> wrote: > >> I tried setting JVM option "-Djava.security.egd=file:///dev/./urandom" >> from the command line but it did not work for me. >> In my case, I assume the JVM ignores "java.security.egd" because it is >> considered a security thing. >> >> On Tue, Jan 14, 2020 at 1:27 PM István Fajth <fapi...@gmail.com> wrote: >> >> > Hi, >> > >> > based on this article, we might not need infra to do this, but we can >> > specify the /dev/urandom as a random source directly to the JVM for test >> > runs with the option: -Djava.security.egd=file:///dev/urandom. >> > >> > >> https://security.stackexchange.com/questions/14386/what-do-i-need-to-configure-to-make-sure-my-software-uses-dev-urandom >> > >> > Pifta >> > >> > Sean Busbey <bus...@cloudera.com.invalid> ezt írta (időpont: 2020. jan. >> > 14., K, 20:14): >> > >> >> You should file an INFRA jira asking about this. They can get in touch >> >> with the folks who maintain the Hadoop labeled nodes. >> >> >> >> On Tue, Jan 14, 2020 at 12:42 PM Ahmed Hussein <a...@ahussein.me> wrote: >> >> > >> >> > Hi, >> >> > >> >> > I was investigating a JUnit test >> >> > (MAPREDUCE-7079:TestMRIntermediateDataEncryption >> >> > is failing in precommit builds >> >> > <https://issues.apache.org/jira/browse/MAPREDUCE-7079>) that was >> >> > consistently hanging on Linux VMs and failing Mapreduce pre-builds. >> >> > I found that the test hangs slows or hangs indefinitely whenever Java >> >> reads >> >> > the random file. >> >> > >> >> > I explored two different ways to get that test case to work properly >> on >> >> my >> >> > local Linux VM running rel7: >> >> > >> >> > 1. To install "haveged" and "rng-tools" on the virtual machine >> >> running >> >> > Rel7. Then, start rngd service {{sudo service rngd start}} . >> >> > 2. Change java configuration to load urandom >> >> > {{sudo vim $JAVA_HOME/jre/lib/security/java.security}} >> >> > ## Change the line “securerandom.source=file:/dev/random” to read: >> >> > securerandom.source=file:/dev/./urandom >> >> > >> >> > >> >> > Is it possible to apply any of the above solutions to the VM that >> runs >> >> the >> >> > precommit builds? >> >> >> >> >> >> >> >> -- >> >> busbey >> >> >> >> --------------------------------------------------------------------- >> >> To unsubscribe, e-mail: common-dev-unsubscr...@hadoop.apache.org >> >> For additional commands, e-mail: common-dev-h...@hadoop.apache.org >> >> >> >> >> > >> > -- >> > Pifta >> > >> >
