On Wed, 24 Apr 2019 at 08:26, Lennart Poettering <mzerqung@0pointer.de> wrote:
On Mi, 24.04.19 06:40, Stephen John Smoogen (smooge@gmail.com) wrote:

> > As mentioned before: systemd itself already needs entropy itself (it
> > assigns a random 128bit id to each service invocation, dubbed the
> > "invocation ID" of it, and it generates the machine ID and seeds its
> > hash table hash functions), hence rngd doesn't cut it anyway, since it
> > starts after systemd, being a service managed by systemd. If rngd was
> > supposed to fill up the entropy pool at boot, it would have to run as
> > initial PID 1 in the initrd, before systemd, and then hand over to
> > systemd only after the pool is full. But it doesn't, hence rngd is
> > pointless: it runs too late to be useful.
> useful to systemd and your problems. What people are trying to say is that
> it is useful to their problems.

but it can't be. it's logically impossible. let me explain this again:

1. systemd needs entropy to start services and other purposes
2. if the entropy pool is not filled up systemd thus might need to
   wait for it to fill up, in a blocking fashion. When it blocks for
   that it won't start any services until it unblocks again.
3. rngd is supposed to fill up the entropy pool, thus allowing systemd
   to unblock and start the first services
4. rngd runs as regular service however, i.e.

And ther you have your ordering cycle:

a. systemd starts before rngd.
b. rngd runs before the entropy pool is full.
c. the entropy pool needs to be full for systemd to start

a before b before c before a before b before c before a? How's that

Again, I am not disagreeing that it isn't important.. I am just saying that the other people saying they need it later and you are coming across as saying get rid of it completely just because it doesn't meet your needs. Most of them are seeing the system way after your problem and needing it fixed then.

Let us look at it as a plumbing issue. We currently have a building with a bunch of pipes with small feeds and you as the morning janitor come in first of the day to wash the floors and clean things so other people can get to work. To fill your buckets you need a big basin to start up and have to instead wait around as the pipes fill up your cleaning bucket. You look around and see that people installed various buckets and pots to act as  basins in their rooms they use to wash their hands and fases with but you can't use them as they need to be cleaned first. No one sees your problem because by the time their day starts.. you have been in there for hours and got your drip drip going and done your work. The problem here is that how you have come across is "Well I need more water, so we should rip out all the basins until I get one too. Just use this mopbucket water like I do."  

I don't know if that is what you are meaning to say or not. If it isn't then I am just trying to explain why people are 'reacting' versus 'fixing'. Yes the problem needs to be solved sooner in the chain. You need a proper basin to fill up water in.  In fact we all need proper plumbing which helps each service we are running. Working out how to get it is what we should be doing but instead we are arguing over who is going to go on strike first to get it.

So if you want rngd to stay and do something useful, then it needs to
be modified to start *before* systemd, in the initrd, before systemd
is invoked. i.e. not as regular service, but as kind of an init before
the real init.

Which is what I was trying to say but you cut out.
The current mode is just entirely bogus...


Lennart Poettering, Berlin
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org

Stephen J Smoogen.