Am Montag, 27. Mai 2019, 23:29:43 CEST schrieb Petr Štetiar: Hi Petr,
> So it's possible to install or remove it as needed. > > Signed-off-by: Petr Štetiar <yn...@true.cz> > --- > package/base-files/Makefile | 11 +++++++- > package/base-files/files/etc/init.d/urandom_seed | 12 -------- > .../base-files/files/lib/preinit/81_urandom_seed | 24 ---------------- > package/base-files/files/sbin/urandom_seed | 20 -------------- > package/system/urandom-seed/Makefile | 32 > ++++++++++++++++++++++ .../urandom-seed/files/etc/init.d/urandom_seed | > 12 ++++++++ > .../urandom-seed/files/lib/preinit/81_urandom_seed | 24 ++++++++++++++++ > .../system/urandom-seed/files/sbin/urandom_seed | 20 ++++++++++++++ > 8 files changed, 98 insertions(+), 57 deletions(-) > delete mode 100755 package/base-files/files/etc/init.d/urandom_seed > delete mode 100644 package/base-files/files/lib/preinit/81_urandom_seed > delete mode 100755 package/base-files/files/sbin/urandom_seed > create mode 100644 package/system/urandom-seed/Makefile > create mode 100755 > package/system/urandom-seed/files/etc/init.d/urandom_seed create mode > 100644 package/system/urandom-seed/files/lib/preinit/81_urandom_seed create > mode 100755 package/system/urandom-seed/files/sbin/urandom_seed > > diff --git a/package/base-files/Makefile b/package/base-files/Makefile > index 609ffa2c3891..91d677acb3be 100644 > --- a/package/base-files/Makefile > +++ b/package/base-files/Makefile > @@ -12,7 +12,7 @@ include $(INCLUDE_DIR)/version.mk > include $(INCLUDE_DIR)/feeds.mk > > PKG_NAME:=base-files > -PKG_RELEASE:=197 > +PKG_RELEASE:=198 > PKG_FLAGS:=nonshared > > PKG_FILE_DEPENDS:=$(PLATFORM_DIR)/ $(GENERIC_PLATFORM_DIR)/base-files/ > @@ -43,6 +43,15 @@ define Package/base-files > VERSION:=$(PKG_RELEASE)-$(REVISION) > endef > > +define Package/urandom-seed > + SECTION:=base > + CATEGORY:=Base system > + DEPENDS:=+libc +ubox-getrandom > + TITLE:=/etc/urandom.seed handling for OpenWrt > + URL:=http://openwrt.org/ > + VERSION:=$(PKG_RELEASE)-$(REVISION) > +endef > + > define Package/base-files/conffiles > /etc/config/ > /etc/config/network > diff --git a/package/base-files/files/etc/init.d/urandom_seed > b/package/base-files/files/etc/init.d/urandom_seed deleted file mode 100755 > index 17d9c1340078..000000000000 > --- a/package/base-files/files/etc/init.d/urandom_seed > +++ /dev/null > @@ -1,12 +0,0 @@ > -#!/bin/sh /etc/rc.common > - > -START=99 > -USE_PROCD=1 > - > -start_service() { > - procd_open_instance "urandom_seed" > - procd_set_param command "/sbin/urandom_seed" > - procd_set_param stdout 1 > - procd_set_param stderr 1 > - procd_close_instance > -} > diff --git a/package/base-files/files/lib/preinit/81_urandom_seed > b/package/base-files/files/lib/preinit/81_urandom_seed deleted file mode > 100644 > index 26212c60b5e0..000000000000 > --- a/package/base-files/files/lib/preinit/81_urandom_seed > +++ /dev/null > @@ -1,24 +0,0 @@ > -#!/bin/sh > - > -log_urandom_seed() { > - echo "urandom-seed: $1" > /dev/kmsg > -} > - > -_do_urandom_seed() { > - [ -f "$1" ] || { log_urandom_seed "Seed file not found ($1)"; return; } > - [ -O "$1" -a -G "$1" -a ! -x "$1" ] || { log_urandom_seed "Wrong owner > / permissions for $1"; return; } - > - log_urandom_seed "Seeding with $1" > - cat "$1" > /dev/urandom > -} > - > -do_urandom_seed() { > - [ -c /dev/urandom ] || { log_urandom_seed "Something is wrong with > /dev/urandom"; return; } - > - _do_urandom_seed "/etc/urandom.seed" > - > - SEED="$(uci -q get system.@system[0].urandom_seed)" > - [ "${SEED:0:1}" = "/" -a "$SEED" != "/etc/urandom.seed" ] && > _do_urandom_seed "$SEED" -} > - > -boot_hook_add preinit_main do_urandom_seed > diff --git a/package/base-files/files/sbin/urandom_seed > b/package/base-files/files/sbin/urandom_seed deleted file mode 100755 > index 7043e8af4e6a..000000000000 > --- a/package/base-files/files/sbin/urandom_seed > +++ /dev/null > @@ -1,20 +0,0 @@ > -#!/bin/sh > -set -e > - > -trap '[ "$?" -eq 0 ] || echo "An error occured" >&2' EXIT > - > -save() { > - touch "$1.tmp" > - chown root:root "$1.tmp" > - chmod 600 "$1.tmp" > - getrandom 512 > "$1.tmp" > - mv "$1.tmp" "$1" > - echo "Seed saved ($1)" > -} > - > -SEED="$(uci -q get system.@system[0].urandom_seed || true)" > -[ "${SEED:0:1}" = "/" ] && save "$SEED" > - > -SEED=/etc/urandom.seed > -[ ! -f $SEED ] && save "$SEED" > -true > diff --git a/package/system/urandom-seed/Makefile > b/package/system/urandom-seed/Makefile new file mode 100644 > index 000000000000..6bde2e0b8a42 > --- /dev/null > +++ b/package/system/urandom-seed/Makefile > @@ -0,0 +1,32 @@ > +include $(TOPDIR)/rules.mk > + > +PKG_NAME:=urandom-seed > +PKG_VERSION:=1.0 > +PKG_RELEASE:=1 > +PKG_LICENSE:=GPL-2.0 > + > +PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME) > + > +include $(INCLUDE_DIR)/package.mk > + > +define Package/$(PKG_NAME) > + SECTION:=base > + CATEGORY:=Base system > + DEPENDS:=+getrandom > + TITLE:=/etc/urandom.seed handling for OpenWrt > + URL:=http://openwrt.org/ > +endef > + > +define Build/Prepare > + mkdir -p $(PKG_BUILD_DIR) > +endef > + > +define Build/Compile/Default > +endef > +Build/Compile = $(Build/Compile/Default) > + > +define Package/$(PKG_NAME)/install > + $(CP) ./files/* $(1)/ > +endef > + > +$(eval $(call BuildPackage,urandom-seed)) > diff --git a/package/system/urandom-seed/files/etc/init.d/urandom_seed > b/package/system/urandom-seed/files/etc/init.d/urandom_seed new file mode > 100755 > index 000000000000..17d9c1340078 > --- /dev/null > +++ b/package/system/urandom-seed/files/etc/init.d/urandom_seed > @@ -0,0 +1,12 @@ > +#!/bin/sh /etc/rc.common > + > +START=99 > +USE_PROCD=1 > + > +start_service() { > + procd_open_instance "urandom_seed" > + procd_set_param command "/sbin/urandom_seed" > + procd_set_param stdout 1 > + procd_set_param stderr 1 > + procd_close_instance Just as a recommendation: what about the script is invoked, say, once every hour or so? > +} > diff --git a/package/system/urandom-seed/files/lib/preinit/81_urandom_seed > b/package/system/urandom-seed/files/lib/preinit/81_urandom_seed new file > mode 100644 > index 000000000000..26212c60b5e0 > --- /dev/null > +++ b/package/system/urandom-seed/files/lib/preinit/81_urandom_seed > @@ -0,0 +1,24 @@ > +#!/bin/sh > + > +log_urandom_seed() { > + echo "urandom-seed: $1" > /dev/kmsg > +} > + > +_do_urandom_seed() { > + [ -f "$1" ] || { log_urandom_seed "Seed file not found ($1)"; return; } > + [ -O "$1" -a -G "$1" -a ! -x "$1" ] || { log_urandom_seed "Wrong owner > / permissions for $1"; return; } + > + log_urandom_seed "Seeding with $1" > + cat "$1" > /dev/urandom > +} > + > +do_urandom_seed() { > + [ -c /dev/urandom ] || { log_urandom_seed "Something is wrong with > /dev/urandom"; return; } + > + _do_urandom_seed "/etc/urandom.seed" > + > + SEED="$(uci -q get system.@system[0].urandom_seed)" > + [ "${SEED:0:1}" = "/" -a "$SEED" != "/etc/urandom.seed" ] && > _do_urandom_seed "$SEED" +} > + > +boot_hook_add preinit_main do_urandom_seed > diff --git a/package/system/urandom-seed/files/sbin/urandom_seed > b/package/system/urandom-seed/files/sbin/urandom_seed new file mode 100755 > index 000000000000..7043e8af4e6a > --- /dev/null > +++ b/package/system/urandom-seed/files/sbin/urandom_seed > @@ -0,0 +1,20 @@ > +#!/bin/sh > +set -e > + > +trap '[ "$?" -eq 0 ] || echo "An error occured" >&2' EXIT > + > +save() { > + touch "$1.tmp" > + chown root:root "$1.tmp" > + chmod 600 "$1.tmp" > + getrandom 512 > "$1.tmp" > + mv "$1.tmp" "$1" > + echo "Seed saved ($1)" > +} > + > +SEED="$(uci -q get system.@system[0].urandom_seed || true)" > +[ "${SEED:0:1}" = "/" ] && save "$SEED" > + > +SEED=/etc/urandom.seed > +[ ! -f $SEED ] && save "$SEED" > +true Ciao Stephan _______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
