<div dir="ltr"><div>Hi,</div><div><br></div><div>I'll comment only on the init stuff, as I have no idea what rng-tools does.</div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sun, Nov 8, 2020 at 6:48 PM Thorsten Glaser <<a href="mailto:tg@debian.org">tg@debian.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Hi *,<br>
<br>
I’m copying this eMail to those who requested various starting<br>
methods for rngd and those who can probably help me with it.<br>
<br>
Background: I took over the heavily patched 2.x series of<br>
rng-tools as “rng-tools-debian”, which is currently started<br>
from a sysvinit script only.<br>
<br>
Now I have got requests for starting it different ways:<br>
<br>
• my own arngc (not packaged in Debian itself) starts it as<br>
client of an stunnel (for entropy distribution over the<br>
network), so it must avoid starting rngd from the init<br>
script… but might make use of stopping at system shutdown?<br>
(arngc is always started manually or late, it needs network<br>
and possibly additionally VPN set up)<br></blockquote><div><br></div><div>It is difficult to comment on this without more details. Maybe it would be possible to configure socket activation here? If not, the best option is likely to be a differently-named service, that starts it in the right way. Yet another option is to override the ExecStart= line from the main systemd service with a config override[1]</div><div><br></div><div>[1] <a href="https://www.freedesktop.org/software/systemd/man/systemd.unit.html#id-1.14.3">https://www.freedesktop.org/software/systemd/man/systemd.unit.html#id-1.14.3</a></div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<br>
• some people wish for a systemd script<br>
<br>
• according to some people, the /dev/hwrng device sometimes<br>
was not online when rngd was started, so we need a way to<br>
wait for that (the submitter suggested a systemd unit with<br>
multiple delayed restart attempts, which is… too crude)<br>
<br>
• some people use a HWRNG that only comes online after some<br>
activity (e.g. plugging in a USB device, or powering up<br>
the WLAN chip), and so want it started from udev (but how<br>
to stop in that case?)<br></blockquote><div><br></div><div>These two problems are actually the same (device being asynchronously ready), and starting from udev is the correct solution. However, you don't directly start it from udev, rather you tag with `SYSTEMD_WANTS=rng-tools.service`, and then it is just as if it was started at boot.</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<br>
My first question is to rngd upstream: does it, at all, make<br>
sense to start rngd multiple times? If so, how would I best<br>
manage that? If not, how would we best deal with possibly<br>
having multiple entropy sources?<br>
<br>
Then I need init system-related help. I need to write a<br>
systemd unit and a udev start script; I’ll probably factor<br>
out what the sysvinit script does and put that into a new<br>
shell script and start it from both sysvinit and systemd<br>
unit</blockquote><div><br></div><div>This is a good idea regardless of systemd units. Files in /etc/init.d are conffiles, and thus any logic is best shipped elsewhere. Due to conffile handling, some users might not get (possibly required) logic changes in the init script.</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"> and document that this is the script to start from<br>
one’s udev rules somewhere?<br></blockquote><div><br></div><div>As mentioned above, you can instruct udev to start a systemd service directly. I;m not clear on whether you want this only for systemd systems or everyone else too. In the latter case, you could probably add a RUN script that starts the init script when not running under systemd. </div><div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<br>
I also need information on how I can delay the rngd start<br>
to occur after udev has set up /dev/hwrng but not if there<br>
is nothing to set up for it, that is, no source, or already<br>
set up earlier / built into the kernel.<br></blockquote><div><br></div><div>Starting via udev should be the best way then.</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<br>
Then, I have a report in #466946 indicating that stopping<br>
rngd on system shutdown might not be needed; I asked on<br>
<a href="http://www.chiark.greenend.org.uk/pipermail/debian-init-diversity/2020-November/thread.html#3753" rel="noreferrer" target="_blank">http://www.chiark.greenend.org.uk/pipermail/debian-init-diversity/2020-November/thread.html#3753</a><br>
for comments on that. On one hand, not stopping rngd until<br>
the bitter end ensures it stays available; on the other<br>
hand, it can negatively affect things like umounting,<br>
cryptsetup unconfiguration, etc; in fact, on my own systems,<br>
I always get “process still running” messages from insserv(?)<br>
for the rngd instances started from arngc (see above).</blockquote><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<br>
So I was considering letting the init script stop all rngd<br>
instances (a simple pkill would do the trick, I assume) on<br>
system shutdown, but don’t know if that’s a good idea and<br>
if it would work with systemd.<br></blockquote><div><br></div><div>Please don't do this. Init scripts killing random processes is not a good idea (what if I ran stop while the system is up?).</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<br>
There’s also the question whether/how to stop the instances<br>
started by udev.<br></blockquote><div><br></div><div>At least under systemd, via SYSTEMD_WANTS they get treated as a service just like any other. Thus, the ExecStop will be run for the service at shutdown at the appropriate time (according to dependencies).</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
The question of whether to allow multiple rngd processes<br>
(see above) also comes into play.<br>
<br>
Finally: yes, I’m aware of rng-tools5 and its version 6.x,<br>
but the version “traditionally shipped with Debian” contains<br>
a lot of new functionality that never made it upstream and<br>
as such has many users; arngc, for example, requires this<br>
functionality, as do others (cf. #951799).<br>
<br>
Thanks in advance,<br>
//mirabilos<br>
-- <br>
22:20⎜<asarch> The crazy that persists in his craziness becomes a master<br>
22:21⎜<asarch> And the distance between the craziness and geniality is<br>
only measured by the success 18:35⎜<asarch> "Psychotics are consistently<br>
inconsistent. The essence of sanity is to be inconsistently inconsistent<br>
<br>
</blockquote></div><br clear="all"><div><br></div>-- <br><div dir="ltr" class="gmail_signature"><br>Saludos,<br>Felipe Sateler</div></div>