[OpenWrt-Devel] [PATCH RFC 3/5] base-files: move urandom seed bits into separate package

Petr Štetiar ynezz at true.cz
Mon May 20 12:13:23 EDT 2019 

So it's possible to install or remove it as needed.

Signed-off-by: Petr Štetiar <ynezz at true.cz>
---
 package/base-files/Makefile                        | 11 +++++++-
 package/base-files/files/etc/init.d/urandom_seed   | 12 --------
 .../base-files/files/lib/preinit/81_urandom_seed   | 24 ----------------
 package/base-files/files/sbin/urandom_seed         | 20 --------------
 package/system/urandom-seed/Makefile               | 32 ++++++++++++++++++++++
 .../urandom-seed/files/etc/init.d/urandom_seed     | 12 ++++++++
 .../urandom-seed/files/lib/preinit/81_urandom_seed | 24 ++++++++++++++++
 .../system/urandom-seed/files/sbin/urandom_seed    | 20 ++++++++++++++
 8 files changed, 98 insertions(+), 57 deletions(-)
 delete mode 100755 package/base-files/files/etc/init.d/urandom_seed
 delete mode 100644 package/base-files/files/lib/preinit/81_urandom_seed
 delete mode 100755 package/base-files/files/sbin/urandom_seed
 create mode 100644 package/system/urandom-seed/Makefile
 create mode 100755 package/system/urandom-seed/files/etc/init.d/urandom_seed
 create mode 100644 package/system/urandom-seed/files/lib/preinit/81_urandom_seed
 create mode 100755 package/system/urandom-seed/files/sbin/urandom_seed

diff --git a/package/base-files/Makefile b/package/base-files/Makefile
index 609ffa2c3891..91d677acb3be 100644
--- a/package/base-files/Makefile
+++ b/package/base-files/Makefile
@@ -12,7 +12,7 @@ include $(INCLUDE_DIR)/version.mk
 include $(INCLUDE_DIR)/feeds.mk
 
 PKG_NAME:=base-files
-PKG_RELEASE:=197
+PKG_RELEASE:=198
 PKG_FLAGS:=nonshared
 
 PKG_FILE_DEPENDS:=$(PLATFORM_DIR)/ $(GENERIC_PLATFORM_DIR)/base-files/
@@ -43,6 +43,15 @@ define Package/base-files
   VERSION:=$(PKG_RELEASE)-$(REVISION)
 endef
 
+define Package/urandom-seed
+  SECTION:=base
+  CATEGORY:=Base system
+  DEPENDS:=+libc +ubox-getrandom
+  TITLE:=/etc/urandom.seed handling for OpenWrt
+  URL:=http://openwrt.org/
+  VERSION:=$(PKG_RELEASE)-$(REVISION)
+endef
+
 define Package/base-files/conffiles
 /etc/config/
 /etc/config/network
diff --git a/package/base-files/files/etc/init.d/urandom_seed b/package/base-files/files/etc/init.d/urandom_seed
deleted file mode 100755
index 17d9c1340078..000000000000
--- a/package/base-files/files/etc/init.d/urandom_seed
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/bin/sh /etc/rc.common
-
-START=99
-USE_PROCD=1
-
-start_service() {
-    procd_open_instance "urandom_seed"
-    procd_set_param command "/sbin/urandom_seed"
-    procd_set_param stdout 1
-    procd_set_param stderr 1
-    procd_close_instance
-}
diff --git a/package/base-files/files/lib/preinit/81_urandom_seed b/package/base-files/files/lib/preinit/81_urandom_seed
deleted file mode 100644
index 26212c60b5e0..000000000000
--- a/package/base-files/files/lib/preinit/81_urandom_seed
+++ /dev/null
@@ -1,24 +0,0 @@
-#!/bin/sh
-
-log_urandom_seed() {
-    echo "urandom-seed: $1" > /dev/kmsg
-}
-
-_do_urandom_seed() {
-    [ -f "$1" ] || { log_urandom_seed "Seed file not found ($1)"; return; }
-    [ -O "$1" -a -G "$1" -a ! -x "$1" ] || { log_urandom_seed "Wrong owner / permissions for $1"; return; }
-
-    log_urandom_seed "Seeding with $1"
-    cat "$1" > /dev/urandom
-}
-
-do_urandom_seed() {
-    [ -c /dev/urandom ] || { log_urandom_seed "Something is wrong with /dev/urandom"; return; }
-
-    _do_urandom_seed "/etc/urandom.seed"
-
-    SEED="$(uci -q get system. at system[0].urandom_seed)"
-    [ "${SEED:0:1}" = "/" -a "$SEED" != "/etc/urandom.seed" ] && _do_urandom_seed "$SEED"
-}
-
-boot_hook_add preinit_main do_urandom_seed
diff --git a/package/base-files/files/sbin/urandom_seed b/package/base-files/files/sbin/urandom_seed
deleted file mode 100755
index 7043e8af4e6a..000000000000
--- a/package/base-files/files/sbin/urandom_seed
+++ /dev/null
@@ -1,20 +0,0 @@
-#!/bin/sh
-set -e
-
-trap '[ "$?" -eq 0 ] || echo "An error occured" >&2' EXIT
-
-save() {
-    touch "$1.tmp"
-    chown root:root "$1.tmp"
-    chmod 600 "$1.tmp"
-    getrandom 512 > "$1.tmp"
-    mv "$1.tmp" "$1"
-    echo "Seed saved ($1)"
-}
-
-SEED="$(uci -q get system. at system[0].urandom_seed || true)"
-[ "${SEED:0:1}" = "/" ] && save "$SEED"
-
-SEED=/etc/urandom.seed
-[ ! -f $SEED ] && save "$SEED"
-true
diff --git a/package/system/urandom-seed/Makefile b/package/system/urandom-seed/Makefile
new file mode 100644
index 000000000000..6bde2e0b8a42
--- /dev/null
+++ b/package/system/urandom-seed/Makefile
@@ -0,0 +1,32 @@
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=urandom-seed
+PKG_VERSION:=1.0
+PKG_RELEASE:=1
+PKG_LICENSE:=GPL-2.0
+
+PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/$(PKG_NAME)
+  SECTION:=base
+  CATEGORY:=Base system
+  DEPENDS:=+getrandom
+  TITLE:=/etc/urandom.seed handling for OpenWrt
+  URL:=http://openwrt.org/
+endef
+
+define Build/Prepare
+	mkdir -p $(PKG_BUILD_DIR)
+endef
+
+define Build/Compile/Default
+endef
+Build/Compile = $(Build/Compile/Default)
+
+define Package/$(PKG_NAME)/install
+	$(CP) ./files/* $(1)/
+endef
+
+$(eval $(call BuildPackage,urandom-seed))
diff --git a/package/system/urandom-seed/files/etc/init.d/urandom_seed b/package/system/urandom-seed/files/etc/init.d/urandom_seed
new file mode 100755
index 000000000000..17d9c1340078
--- /dev/null
+++ b/package/system/urandom-seed/files/etc/init.d/urandom_seed
@@ -0,0 +1,12 @@
+#!/bin/sh /etc/rc.common
+
+START=99
+USE_PROCD=1
+
+start_service() {
+    procd_open_instance "urandom_seed"
+    procd_set_param command "/sbin/urandom_seed"
+    procd_set_param stdout 1
+    procd_set_param stderr 1
+    procd_close_instance
+}
diff --git a/package/system/urandom-seed/files/lib/preinit/81_urandom_seed b/package/system/urandom-seed/files/lib/preinit/81_urandom_seed
new file mode 100644
index 000000000000..26212c60b5e0
--- /dev/null
+++ b/package/system/urandom-seed/files/lib/preinit/81_urandom_seed
@@ -0,0 +1,24 @@
+#!/bin/sh
+
+log_urandom_seed() {
+    echo "urandom-seed: $1" > /dev/kmsg
+}
+
+_do_urandom_seed() {
+    [ -f "$1" ] || { log_urandom_seed "Seed file not found ($1)"; return; }
+    [ -O "$1" -a -G "$1" -a ! -x "$1" ] || { log_urandom_seed "Wrong owner / permissions for $1"; return; }
+
+    log_urandom_seed "Seeding with $1"
+    cat "$1" > /dev/urandom
+}
+
+do_urandom_seed() {
+    [ -c /dev/urandom ] || { log_urandom_seed "Something is wrong with /dev/urandom"; return; }
+
+    _do_urandom_seed "/etc/urandom.seed"
+
+    SEED="$(uci -q get system. at system[0].urandom_seed)"
+    [ "${SEED:0:1}" = "/" -a "$SEED" != "/etc/urandom.seed" ] && _do_urandom_seed "$SEED"
+}
+
+boot_hook_add preinit_main do_urandom_seed
diff --git a/package/system/urandom-seed/files/sbin/urandom_seed b/package/system/urandom-seed/files/sbin/urandom_seed
new file mode 100755
index 000000000000..7043e8af4e6a
--- /dev/null
+++ b/package/system/urandom-seed/files/sbin/urandom_seed
@@ -0,0 +1,20 @@
+#!/bin/sh
+set -e
+
+trap '[ "$?" -eq 0 ] || echo "An error occured" >&2' EXIT
+
+save() {
+    touch "$1.tmp"
+    chown root:root "$1.tmp"
+    chmod 600 "$1.tmp"
+    getrandom 512 > "$1.tmp"
+    mv "$1.tmp" "$1"
+    echo "Seed saved ($1)"
+}
+
+SEED="$(uci -q get system. at system[0].urandom_seed || true)"
+[ "${SEED:0:1}" = "/" ] && save "$SEED"
+
+SEED=/etc/urandom.seed
+[ ! -f $SEED ] && save "$SEED"
+true
-- 
1.9.1


_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel

More information about the openwrt-devel mailing list