head	1.5;
access;
symbols;
locks; strict;
comment	@# @;


1.5
date	2012.11.17.01.49.05;	author svnexp;	state Exp;
branches;
next	1.4;

1.4
date	2012.09.11.05.04.59;	author obrien;	state Exp;
branches;
next	1.3;

1.3
date	2012.08.22.22.34.55;	author obrien;	state Exp;
branches;
next	1.2;

1.2
date	2012.08.22.20.56.53;	author obrien;	state Exp;
branches;
next	1.1;

1.1
date	2012.08.22.18.43.21;	author obrien;	state Exp;
branches;
next	;


desc
@@


1.5
log
@Switching exporter and resync
@
text
@#!/bin/sh
#
# $FreeBSD: head/etc/rc.d/postrandom 240336 2012-09-11 05:04:59Z obrien $
#

# PROVIDE: postrandom
# REQUIRE: initrandom random FILESYSTEMS
# BEFORE: LOGIN
# KEYWORD: nojail

. /etc/rc.subr

name="postrandom"
start_cmd="${name}_start"
stop_cmd=":"

# This will remove old ${entropy_file} and generate a new one.
# According to Bruce Schneier, this is strongly recommended in order
# to avoid using same ${entropy_file} across reboots.
# Reference: Chapter 10.6, Practical Cryptography, ISBN: 0-471-22357-3

postrandom_start()
{
	/etc/rc.d/random fastsaveseed

	case ${entropy_dir} in
	[Nn][Oo])
		;;
	*)
		entropy_dir=${entropy_dir:-/var/db/entropy}
		if [ -d "${entropy_dir}" ]; then
			if [ -w /dev/random ]; then
				rm -f ${entropy_dir}/*
			fi
		fi
		;;
	esac
}

load_rc_config random
run_rc_command "$1"
@


1.4
log
@SVN rev 240336 on 2012-09-11 05:04:59Z by obrien

Simply things so that "#REQUIRE: FILESYSTEMS" means the file
systems are fully "ready to go".

'FILESYSTEMS' states: "This is a dummy dependency, for services which
require file systems to be mounted before starting."  However, we have
'var' which is was run after 'FILESYSTEMS' and can mount /var if it
already isn't mounted.  Furthermore, several scripts cannot use /var
until 'cleanvar' has done its thing.  Thus "FILESYSTEMS" hasn't really
meant all critical file systems are fully usable.
@
text
@d3 1
a3 1
# $FreeBSD$
@


1.3
log
@SVN rev 239596 on 2012-08-22 22:34:55Z by obrien

The entire comment block is now spell checked this time --  I promise.
@
text
@d7 1
a7 1
# REQUIRE: initrandom random var
@


1.2
log
@SVN rev 239593 on 2012-08-22 20:56:53Z by obrien

Fix comment misspelling.

Submitted by:	kargl
@
text
@d18 1
a18 1
# According to Bruce Schneier, this is strongly recomended in order
d20 1
a20 1
# Reference: Chapter 10.6, Practical Cryptograpy, ISBN: 0-471-22357-3
@


1.1
log
@SVN rev 239569 on 2012-08-22 18:43:21Z by obrien

Remove old entropy seeding after consumption initializing /dev/random PRNG.
Not doing so opens us up to replay attacks.

Submitted by:	Arthur Mesh <arthurmesh@@gmail.com>
Sponsored by:	Juniper Networks
@
text
@d18 1
a18 1
# According to Bruce Schneier, this is stronly recomended in order
@

