diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2022-04-20 02:44:21 +0200 |
---|---|---|
committer | William Hubbs <w.d.hubbs@gmail.com> | 2022-04-20 15:45:20 -0500 |
commit | 9b16bfe0e761067fd076d549e813c8f650c7f889 (patch) | |
tree | 3b433930647e5c3bc59c7164f14fe51451442006 /conf.d/seedrng | |
parent | c3545b54f3330d97e06599f97c91ab73e9892f83 (diff) |
seedrng: incorporate various improvements
There have been a number of subtle improvements and cleanups to seedrng,
including using openat and locking the directory fd instead of a
separate lock file. Also various stylistic cleanups.
This fixes #519.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to 'conf.d/seedrng')
-rw-r--r-- | conf.d/seedrng | 21 |
1 files changed, 9 insertions, 12 deletions
diff --git a/conf.d/seedrng b/conf.d/seedrng index 61670504..00cc2bd2 100644 --- a/conf.d/seedrng +++ b/conf.d/seedrng @@ -1,17 +1,14 @@ -# The convention in this file is to show the default settings -# commented out. +# The convention in this file is to show the default settings commented out. # -# Sometimes you want to have urandom start before "localmount" -# (say for crypt swap), so you will need to customize this -# behavior. If you have /var on a separate partition, make sure paths -# under /var are adjusted to point to locations on your -# root device. +# Sometimes you want to have urandom start before "localmount" (say for crypt +# swap), so you will need to customize this behavior. If you have /var on a +# separate partition, make sure paths under /var are adjusted to point to +# locations on your root device. # -# Set skip_credit to yes or true if you do not want seed files to -# actually credit the random number generator. -# For example, you should set this if you plan to replicate the file -# system image without removing the contents of ${seed_dir}. +# Set skip_credit to yes or true if you do not want seed files to actually +# credit the random number generator. For example, you should set this if you +# plan to replicate the file system image without removing the contents of +# ${seed_dir}. # -# lock_file=/var/run/seedrng.lock # seed_dir=/var/lib/seedrng # skip_credit=no |