[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: cprng sysctl: WARNING pseudorandom rekeying.
On Fri, 9 Nov 2012, Thor Lancelot Simon wrote:
> On Sat, Nov 10, 2012 at 12:39:59AM +0700, Robert Elz wrote:
> > How?
> > And if that's something that is supposed to be enabled, why does the
> > default install not just enable it?
> Did you install by upgrading? If so, I think what you've run into is
> that your boot loader configuration has the old default entries (or
> whatever changes you made to them) and not the new defaults.
I tried updating the "boot.cfg" bootloader configuration file as you
suggested, but the system fails to boot as the rndseed command is unknown;
what else is required to be updated, is it the on-disk bootblocks or just
the second stage /boot object?
I have done the usual "build.sh release", "build.sh install=/",
"postinstall" and "etcupdate"
(and src/UPDATING should mention this issue)
> If your system has few sources of entropy, and you don't have
> your bootblocks configured to load saved entropy, it is likely
> that the kernel will need to consume entropy for something
> before the rc scripts run and have a chance to load in the
> saved entropy from userspace.
what does the kernel "likely" need entropy for, before the rc scripts run?
> We do need to find a way to ensure that upgrades result in boot.conf
> files which will automatically load entropy if possible.
postinstall(8) is the usual way to handle this sort of thing..
Main Index |
Thread Index |