Benjamin Kaduk <ka...@mit.edu> writes: > On Sun, May 06, 2018 at 07:05:56PM -0700, Russ Allbery wrote:
>> This seems trivial enough that the krb5-kdc package could just ship >> this service for now and gauge interest. I think all you'd need is a >> program that called getrandom() and then exited when it returned, run >> via systemd as a Type=oneshot service that krb5-kdc depends on and with >> a reasonable timeout. > I think that's what it would look like, yes. It's less clear that > putting it in krb5-kdc would actually do anything to gauge demand, > but I suppose I could be wrong. Yeah, that was probably the wrong phrasing. Proof of concept? To be usable by any other package, it would have to be a separate package, so it would be more of an immediate workaround. It would at least demonstrate whether this solution works, which is a good basis to talk to the systemd maintainers (either in Debian or upstream). -- Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/>
