Bug#914297: apache2: getrandom call blocks on first startup, systemd kills with timeout
Alexander E. Patrakov
patrakov at gmail.com
Mon Dec 17 12:28:45 GMT 2018
Michael Biebl <biebl at debian.org>:
> On Sat, 15 Dec 2018 09:17:46 +0100 Stefan Fritsch <sf at sfritsch.de> wrote:
> > It turns out there was a similar bug against openssh which was closed as
> > wontfix [1]. I don't see how apache can do anything about this, either.
>
> There is. Don't request high-quality randomness during boot unless you
> explicitly need it.
Well, this problem is much more widespread (in terms of software that
requests entropy needlessly) than you might think. If you override the
unit for something as deterministic as systemd-tmpfiles-setup.service
to run it under strace and log the result, you'll see numerous calls
to getrandom().
This might need a release-note if no other solution appears (like e.g.
[imagine a strawman here, I am not serious] making haveged essential
and copying it into the initramfs).
--
Alexander E. Patrakov
More information about the Pkg-systemd-maintainers
mailing list