svn commit: r256338 - in head/usr.sbin/bsdinstall: . scripts

Fri, 11 Oct 2013 13:22:24 -0700 

Author: des
Date: Fri Oct 11 20:21:44 2013
New Revision: 256338
URL: http://svnweb.freebsd.org/changeset/base/256338

Log:
  After installation, dump 4096 bytes from /dev/random to /entropy in the
  newly installed system.  This should greatly increase the amount of
  entropy available when SSH host keys are generated during first boot.
  
  Reviewed by:    markm, nathanw
  Approved by:  re (gjb)

Added:
  head/usr.sbin/bsdinstall/scripts/entropy   (contents, props changed)
Modified:
  head/usr.sbin/bsdinstall/bsdinstall.8
  head/usr.sbin/bsdinstall/scripts/Makefile
  head/usr.sbin/bsdinstall/scripts/auto
  head/usr.sbin/bsdinstall/scripts/jail
  head/usr.sbin/bsdinstall/scripts/script

Modified: head/usr.sbin/bsdinstall/bsdinstall.8
==============================================================================
--- head/usr.sbin/bsdinstall/bsdinstall.8       Fri Oct 11 20:15:38 2013        
(r256337)
+++ head/usr.sbin/bsdinstall/bsdinstall.8       Fri Oct 11 20:21:44 2013        
(r256338)
@@ -25,7 +25,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd January 21, 2013
+.Dd October 6, 2013
 .Dt BSDINSTALL 8
 .Os
 .Sh NAME
@@ -60,6 +60,10 @@ targets.
 .Bl -tag -width ".Cm jail Ar destination"
 .It Cm auto
 Run the standard interactive installation, including disk partitioning.
+.It Cm entropy
+Reads a small amount of data from
+.Pa /dev/random
+and stores it in a file in the new system's root directory.
 .It Cm jail Ar destination
 Sets up a new chroot system at
 .Pa destination ,

Modified: head/usr.sbin/bsdinstall/scripts/Makefile
==============================================================================
--- head/usr.sbin/bsdinstall/scripts/Makefile   Fri Oct 11 20:15:38 2013        
(r256337)
+++ head/usr.sbin/bsdinstall/scripts/Makefile   Fri Oct 11 20:21:44 2013        
(r256338)
@@ -1,8 +1,8 @@
 # $FreeBSD$
 
-SCRIPTS= auto adduser checksum config docsinstall hostname jail keymap \
-        mirrorselect mount netconfig netconfig_ipv4 netconfig_ipv6 rootpass \
-        script services time umount wlanconfig
+SCRIPTS= auto adduser checksum config docsinstall entropy hostname jail \
+        keymap mirrorselect mount netconfig netconfig_ipv4 netconfig_ipv6 \
+        rootpass script services time umount wlanconfig
 BINDIR= /usr/libexec/bsdinstall
 
 NO_MAN=        true

Modified: head/usr.sbin/bsdinstall/scripts/auto
==============================================================================
--- head/usr.sbin/bsdinstall/scripts/auto       Fri Oct 11 20:15:38 2013        
(r256337)
+++ head/usr.sbin/bsdinstall/scripts/auto       Fri Oct 11 20:21:44 2013        
(r256338)
@@ -222,5 +222,8 @@ if [ $? -eq 0 ]; then
        chroot "$BSDINSTALL_CHROOT" /bin/sh 2>&1
 fi
 
+bsdinstall entropy
+bsdinstall umount
+
 echo "Installation Completed at $(date)" >> $BSDINSTALL_LOG
 

Added: head/usr.sbin/bsdinstall/scripts/entropy
==============================================================================
--- /dev/null   00:00:00 1970   (empty, because file is newly added)
+++ head/usr.sbin/bsdinstall/scripts/entropy    Fri Oct 11 20:21:44 2013        
(r256338)
@@ -0,0 +1,29 @@
+#!/bin/sh
+#-
+# Copyright (c) 2013 Dag-Erling Smørgrav
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in the
+#    documentation and/or other materials provided with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+# ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+# SUCH DAMAGE.
+#
+# $FreeBSD$
+
+dd if=/dev/random of=$BSDINSTALL_CHROOT/entropy bs=4096 count=1

Modified: head/usr.sbin/bsdinstall/scripts/jail
==============================================================================
--- head/usr.sbin/bsdinstall/scripts/jail       Fri Oct 11 20:15:38 2013        
(r256337)
+++ head/usr.sbin/bsdinstall/scripts/jail       Fri Oct 11 20:21:44 2013        
(r256338)
@@ -110,5 +110,7 @@ bsdinstall config  || error
 cp /etc/resolv.conf $1/etc
 cp /etc/localtime $1/etc
 
+bsdinstall entropy
+
 echo "Installation Completed at $(date)" >> $BSDINSTALL_LOG
 

Modified: head/usr.sbin/bsdinstall/scripts/script
==============================================================================
--- head/usr.sbin/bsdinstall/scripts/script     Fri Oct 11 20:15:38 2013        
(r256337)
+++ head/usr.sbin/bsdinstall/scripts/script     Fri Oct 11 20:21:44 2013        
(r256338)
@@ -83,6 +83,7 @@ if [ -f /tmp/bsdinstall-installscript-ab
        rm $BSDINSTALL_CHROOT/tmp/installscript
 fi
 
+bsdinstall entropy
 bsdinstall umount
 
 echo "Installation Completed at $(date)" >> $BSDINSTALL_LOG
_______________________________________________
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

Reply via email to