Re: cprng sysctl: WARNING pseudorandom rekeying.

[Iain Hibbert <plunky%rya-online.net@localhost>]

On Mon, 12 Nov 2012, Iain Hibbert wrote:

> On Fri, 9 Nov 2012, Thor Lancelot Simon wrote:
>
> > On Sat, Nov 10, 2012 at 12:39:59AM +0700, Robert Elz wrote:
> > >
> > > How?
> > >
> > > And if that's something that is supposed to be enabled, why does the
> > > default install not just enable it?
> >
> > Did you install by upgrading?  If so, I think what you've run into is
> > that your boot loader configuration has the old default entries (or
> > whatever changes you made to them) and not the new defaults.
>
> I tried updating the "boot.cfg" bootloader configuration file as you
> suggested, but the system fails to boot as the rndseed command is unknown;
> what else is required to be updated, is it the on-disk bootblocks or just
> the second stage /boot object?

So, I updated the second stage /boot file, changed my boot.cfg to include
the rndseed command as found in src/etc/etc.i386/boot.cfg

   menu=Boot normally:rndseed /root/entropy-file;boot netbsd

and changed my /etc/rc.conf to use the random_file as above

   random_file=/root/entropy-file

I verified that this works ("stop" creates the file, "start" removes it)

and rebooted, but it still produces warning messages (the "sysctl" one
during dev_mkdb, and the "kernel" one during fetchmail)

..so what is not working?

regards,
iain