On Thu, Nov 01, 2007 at 01:53:09PM -0600, Theo de Raadt wrote: > > I have a server running OpenBSD 4.2-current and acting as a > > name server. It always has these messages in the /var/log/daemon > > file upon startup: > > > > Oct 27 05:51:38 racine named[3780]: could not open entropy \ > > source /dev/arandom: file not found > > Oct 27 05:51:38 racine named[3780]: using pre-chroot entropy \ > > source /dev/arandom > > > > That never bothered me, until I needed to use Men and Mice > > DNS Server Controller management tools on my OBSD name server, > > but that is another story. > > Ignore the messages. They mean nothing. Our BIND, when running, > does not use that stupid mechanism for entropy.
I have ignored them, for a number of years and never worried about it. But management dictates we move to Men and Mice to manage dns. If I run their DNS Server Controller under linux emulation and the OpenBSD named is running as a chroot, it looks for a /dev/random or /dev/arandom inside the chroot. It fails if it is not there: Men and Mice DNS Server Controller for BIND[32343]: Unable to initalize crypting library. Random device not readable. So my choice was to give up OpenBSD as our name servers (never!) and run Linux or FreeBSD (also never!), or run OBSD named without the chroot. It seemed like a compromise I could live with. Men and Mice doesn't officially support OpenBSD, but it was semi-easy to get it running under linux emulation for the Server Controller. J.D. Carlson
