diff options
| author |   Göktürk Yüksek <gokturk@gentoo.org> | 2018-12-28 21:11:42 -0500 |
|---|---|---|
| committer | Göktürk Yüksek <gokturk@gentoo.org> | 2018-12-28 21:12:35 -0500 |
| commit | fcd29101d4458d6715c5aaa96c75da29e93f80b4 (patch) | |
| tree | a3cd1c06a661611d230437ac22c6b357929d2b47 /sys-apps/rng-tools/files/rngd-confd-6 | |
| parent | dev-libs/libfmt: 5.3.0 version bump (diff) | |
| download | gentoo-fcd29101d4458d6715c5aaa96c75da29e93f80b4.tar.gz gentoo-fcd29101d4458d6715c5aaa96c75da29e93f80b4.tar.bz2 gentoo-fcd29101d4458d6715c5aaa96c75da29e93f80b4.zip | |
sys-apps/rng-tools: rewrite initd and confd (6.6-r1 only)
Restructure the openrc init script and the accompanying confd file to
reflect the recent changes to rngd.
- Instead of having individual NO_FOO="1" style variables in the confd
file for each entropy source, maintain a single list of entropy
sources to enable. Likewise, maintain a list of entropy sources to
disable.
- Allow per-entropy-source options to be set inside the confd file.
- The init file defines $description now.
- Use $command_args_background instead of $command_args to specify the
daemon behavior.
- Allow default setting of --fill-watermark.
- Allow extra arguments to be passed to rngd from the confd file.
Bug: https://bugs.gentoo.org/650622
Bug: https://bugs.gentoo.org/673120
Package-Manager: Portage-2.3.52, Repoman-2.3.12
Signed-off-by: Göktürk Yüksek <gokturk@gentoo.org>
Diffstat (limited to 'sys-apps/rng-tools/files/rngd-confd-6')
| -rw-r--r-- | sys-apps/rng-tools/files/rngd-confd-6 | 82 |
1 files changed, 82 insertions, 0 deletions
diff --git a/sys-apps/rng-tools/files/rngd-confd-6 b/sys-apps/rng-tools/files/rngd-confd-6 new file mode 100644 index 000000000000..a30e8c4fdadc --- /dev/null +++ b/sys-apps/rng-tools/files/rngd-confd-6 @@ -0,0 +1,82 @@ +# Copyright 1999-2018 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +# /etc/conf.d/rngd +# Please see "/usr/sbin/rngd --help" and "man rngd" for more information + +# Space-delimited list of entropy sources to enable +# Note that some of the entropy sources may require certain USE flags +# to be enabled or require hardware support to function properly +# Entropy sources not specified here (or in the exclude list below) +# will be enabled/disabled based on rngd default behavior +# +# Choose from the list: +# hwrng: Hardware RNG Device +# tpm: TPM RNG Device (Deprecated) +# rdrand: Intel RDRAND Instruction RNG +# darn: Power9 DARN Instruction RNG +# nist: NIST Network Entropy Beacon +# (UNSAFE for cryptographic operations) +# jitter: JITTER Entropy generator +# +#INCLUDE_ENTROPY_SOURCES="hwrng tpm rdrand darn nist jitter" + + +# Space-delimited list of entropy sources to disable +# This is useful for disabling certain entropy sources even +# when they are supported on the system +# +#EXCLUDE_ENTROPY_SOURCES="nist tpm" + + +# Entropy source specific options: +# +# +# hwrng device used for random number input: +# +#HWRNG_DEVICE="/dev/hwrng" +# +# +# rdrand options: +# use_aes:(BOOLEAN) +# +#RDRAND_OPTIONS="use_aes:1" +# +# +# darn options: +# use_aes:(BOOLEAN) +# +#DARN_OPTIONS="use_aes:1" +# +# +# jitter options: +# thread_count:(INTEGER) +# buffer_size:(INTEGER) +# refill_thresh:(INTEGER) +# retry_count:(INTEGER) +# retry_delay:(INTEGER) +# use_aes:(BOOLEAN) +# +#JITTER_OPTIONS="thread_count:4 buffer_size:16535 refill_thresh:16535" +#JITTER_OPTIONS="${JITTER_OPTIONS} retry_count:1 retry_delay:-1 use_aes:1" + + +# Kernel device used for random number output +# +#RANDOM_DEVICE="/dev/random" + + +# Random step (Number of bytes written to random-device at a time): +# +#STEP=64 + + +# Fill watermark +# 0 <= n <= `sysctl kernel.random.poolsize` +# +#WATERMARK=2048 + + +# Any extra arguments for rngd +# +#EXTRA_ARGS="" |