[Pkg-sysvinit-devel] init.d/urandom : saving random-seed
Christoph Anton Mitterer
calestyo at scientia.net
Mon Aug 2 14:20:36 UTC 2010
On Sat, 2010-07-31 at 13:36 -0700, John Denker wrote:
> > And we should move the seed file to somewhere inside /etc or /lib. It is as
> > simple as that. /var cannot be used for any data you need at early
> > userspace.
>
> There are strong arguments for _not_ putting the random-seed in /etc
> or /lib. There are lots of systems out there which for security
> reasons and/or performance reasons have /etc and /lib on permanently
> readonly partitions.
It would perhaps also violate FHS...
> I think /var is as good a place as any. More generally, if a random-seed
> file is needed at all, it needs to be on a partition with the following
> properties:
> -- local
I'm not sure whether it's really strictly the case that /var is
completely local. It might be in Debian, but AFAIU the FHS
(http://www.pathname.com/fhs/pub/fhs-2.3.html#THEFILESYSTEM and
http://www.pathname.com/fhs/pub/fhs-2.3.html#THEVARHIERARCHY)
says that only parts of /var have to be locale ("non-shareable").
/lib/ doesn't fit either IMO,... /boot sounds perhaps ok?!
Cheers,
Chris.
More information about the Pkg-sysvinit-devel
mailing list