Fixing Linux getrandom() in stable
Philipp Kern
pkern at debian.org
Thu May 10 18:41:38 BST 2018
On 5/10/18 7:30 PM, Michael Biebl wrote:
> So we'd shift the waiting for randomness-to-be-available from one
> service to another? I don't quite see yet, where the benefit is in that.
> What's better if a wait-for-rng-ready binary blocks on getrandom()
> instead of the krb5-kdc binary itself? We wouldn't shorten the time we
> have to wait this way.
Unless the services properly signal readiness (which admittedly they
should), you'd at least end up with a situation where you don't start
things prematurely. Like if, say, something on the machine depends on
krb5-kdc being up, it might be better to wait instead of trying to
contact a hanging kdc. But then the time is still better spent to
implement sd_notify(READY=1)... (But maybe not in stable?)
Kind regards
Philipp Kern
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-systemd-maintainers/attachments/20180510/0001c581/attachment-0002.sig>
More information about the Pkg-systemd-maintainers
mailing list