[systemd-devel] Properly handling rngd's complex dependencies
Mantas Mikulėnas
grawity at gmail.com
Thu Nov 22 09:49:07 PST 2012
On Thu, Nov 22, 2012 at 6:19 PM, Shea Levy <shea at shealevy.com> wrote:
> Hi all,
>
> rngd currently supports three sources of randomness to increase the kernel's
> entropy pool: The hwrng device, the trusted platform module device, and the
> RdRand x86 instruction. We don't want to start the daemon when none of the
> sources are available (as it will fail), but we want to start it as early as
> possible after some source is available so that programs requiring
> randomness have a good entropy pool available to them. Is there any way to
> express the following start-up behavior: "If the cpu supports RdRand*, then
> start rngd as soon as possible, otherwise start rngd as soon as either a
> hwrng device or a tpm device comes online"?
If I remember correctly, this can be done with udev rules... For CPUs,
check if ENV{MODALIAS} contains the right feature and add
TAG+="systemd" and ENV{SYSTEMD_WANTS}+="rngd.service", which will make
systemd start that service. Same for other device types.
--
Mantas Mikulėnas
More information about the systemd-devel
mailing list