[HEADS-UP] The systemd unit files I'll post

Lennart Poettering mzerqung at 0pointer.de
Thu Jul 15 17:51:06 UTC 2010


On Thu, 15.07.10 11:01, Stephen John Smoogen (smooge at gmail.com) wrote:

> > I am aware that doing things during package installation instead of
> > first-boot is problematic for system images that are distributed and
> > booted from multiple machines. Maybe for those cases (where r/o root
> > isn't doable) we should provide some easy infrastructure to generate all
> > keys on boot, controlled by some central switch.
> 
> I think this was looked at way in the past.. the issue was that there
> wasn't enough entropy to build all of them during install or first
> boot. This caused things to lock up as it was using /dev/random as
> /dev/urandom was not considered good enough for this.

Hmm, are you saying there is neither enough entropy at install nor on
first boot? When do you want to create the certs then?

Lennart

-- 
Lennart Poettering - Red Hat, Inc.


More information about the devel mailing list