On Mi, 24.04.19 08:27, Adam Williamson (adamwill(a)fedoraproject.org) wrote:
> a. systemd starts before rngd.
> b. rngd runs before the entropy pool is full.
> c. the entropy pool needs to be full for systemd to start
> a before b before c before a before b before c before a? How's that
> So if you want rngd to stay and do something useful, then it needs to
> be modified to start *before* systemd, in the initrd, before systemd
> is invoked. i.e. not as regular service, but as kind of an init before
> the real init.
> The current mode is just entirely bogus...
This is all based, though, on your expectation that everything uses
non-blocking interfaces, right? For anything that *does* use
/dev/random or blocking getrandom() - which absolutely does happen,
even the docs say it's deprecated - rngd is still useful.
Well, the fix for that is probably not to clutter the system with rngd
though. Patching /dev/random out, and patching /dev/urandom into
those packages shouldn't be that difficult. It's low-hanging
fruit. Very low-hanging in fact, you don't get to fix bugs that often
by inserting a single character in your sources... ;-)
I mean, how is this ever going to be fixed if not by simply dropping
rngd from the default install and then fixing everything popping up?
You can't fix these things any other way, it doesn't work in
Lennart Poettering, Berlin