Fixing Linux getrandom() in stable

Benjamin Kaduk kaduk at mit.edu
Thu May 10 18:36:53 BST 2018


On Thu, May 10, 2018 at 07:30:46PM +0200, Michael Biebl wrote:
> 
> So we'd shift the waiting for randomness-to-be-available from one
> service to another? I don't quite see yet, where the benefit is in that.
> What's better if a wait-for-rng-ready binary blocks on getrandom()
> instead of the krb5-kdc binary itself? We wouldn't shorten the time we
> have to wait this way.

Nothing, if krb5-kdc is the only thing doing the waiting.
But the presumption was that there would be many things that would
need to wait, in which case doing it centrally reduces duplication
of effort.

-Ben




More information about the Pkg-systemd-maintainers mailing list