[systemd-devel] [PATCH] random-seed: Avoid errors (and unit failure) when we cannot write random-seed file.
David Herrmann
dh.herrmann at gmail.com
Sat Jan 17 02:58:48 PST 2015
Hi
On Mon, Jan 12, 2015 at 9:40 PM, Colin Guthrie <colin at mageia.org> wrote:
> When we call 'systemd-random-seed load' with a read-only /var/lib/systemd,
> the cleanup code (which rewrites the random-seed file) will fail and exit.
>
> Arguably, if the filesystem is read-only and the random-seed file exists
> then this will be possibly be quite bad for entroy on subsequent reboots
> but it should still not make the unit fail.
Applied!
Thanks
David
> ---
> src/random-seed/random-seed.c | 24 ++++++++++++++----------
> 1 file changed, 14 insertions(+), 10 deletions(-)
>
> diff --git a/src/random-seed/random-seed.c b/src/random-seed/random-seed.c
> index 06c1239..99497d6 100644
> --- a/src/random-seed/random-seed.c
> +++ b/src/random-seed/random-seed.c
> @@ -38,6 +38,7 @@ int main(int argc, char *argv[]) {
> ssize_t k;
> int r;
> FILE *f;
> + bool cleanup_seed_file = true;
>
> if (argc != 2) {
> log_error("This program requires one argument.");
> @@ -90,6 +91,7 @@ int main(int argc, char *argv[]) {
> r = -errno;
> goto finish;
> }
> + cleanup_seed_file = false;
> }
>
> random_fd = open("/dev/urandom", O_RDWR|O_CLOEXEC|O_NOCTTY, 0600);
> @@ -143,17 +145,19 @@ int main(int argc, char *argv[]) {
> /* This is just a safety measure. Given that we are root and
> * most likely created the file ourselves the mode and owner
> * should be correct anyway. */
> - fchmod(seed_fd, 0600);
> - fchown(seed_fd, 0, 0);
> + if (cleanup_seed_file) {
> + fchmod(seed_fd, 0600);
> + fchown(seed_fd, 0, 0);
>
> - k = loop_read(random_fd, buf, buf_size, false);
> - if (k <= 0) {
> - log_error("Failed to read new seed from /dev/urandom: %s", r < 0 ? strerror(-r) : "EOF");
> - r = k == 0 ? -EIO : (int) k;
> - } else {
> - r = loop_write(seed_fd, buf, (size_t) k, false);
> - if (r < 0)
> - log_error_errno(r, "Failed to write new random seed file: %m");
> + k = loop_read(random_fd, buf, buf_size, false);
> + if (k <= 0) {
> + log_error("Failed to read new seed from /dev/urandom: %s", r < 0 ? strerror(-r) : "EOF");
> + r = k == 0 ? -EIO : (int) k;
> + } else {
> + r = loop_write(seed_fd, buf, (size_t) k, false);
> + if (r < 0)
> + log_error_errno(r, "Failed to write new random seed file: %m");
> + }
> }
>
> finish:
> --
> 2.2.1
>
> _______________________________________________
> systemd-devel mailing list
> systemd-devel at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/systemd-devel
More information about the systemd-devel
mailing list