Re: cprng sysctl: WARNING pseudorandom rekeying.

To: Greg Troxel <gdt%ir.bbn.com@localhost>
Subject: Re: cprng sysctl: WARNING pseudorandom rekeying.
From: Taylor R Campbell <campbell+netbsd-tech-kern%mumble.net@localhost>
Date: Sat, 10 Nov 2012 00:02:24 +0000

   Date: Fri, 09 Nov 2012 18:53:45 -0500
   From: Greg Troxel <gdt%ir.bbn.com@localhost>

   FWIW, I agree with the notion that defaults should be at a path that is
   ~always in root; it's normal to have /var in a separate fileystem (at
   least for old-school UNIX types; I realize the kids these days think
   there should be one whole-disk fs as /).

It has always made me a trifle nervous that there are various things
such as dhcp clients touching /etc/rc.conf that require / to be
mounted writably.  I wonder whether there is some way we could nicely
separate the static essentials of / from the dynamic stuff like
/etc/rc.conf and the boot entropy, in order to keep /, including the
executables of /bin &c. and the bulk of the system configuration,
read-only.

I suppose a symlink farm pointing into /var might help /etc/rc.conf
and other dynamic parts of the system configuration, provided that
/var get mounted early enough, but that wouldn't help the boot loader
to find entropy in the /var partition.

Follow-Ups:
- Re: cprng sysctl: WARNING pseudorandom rekeying.
  - From: Robert Elz

References:
- Re: cprng sysctl: WARNING pseudorandom rekeying.
  - From: Greg Troxel

Prev by Date: Re: cprng sysctl: WARNING pseudorandom rekeying.
Next by Date: Re: cprng sysctl: WARNING pseudorandom rekeying.
Previous by Thread: Re: cprng sysctl: WARNING pseudorandom rekeying.
Next by Thread: Re: cprng sysctl: WARNING pseudorandom rekeying.
Indexes:

Home | Main Index | Thread Index | Old Index