aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@libreoffice.org>2016-10-22 16:39:53 +0200
committerGuilhem Moulin <guilhem@libreoffice.org>2016-10-22 17:03:09 +0200
commitcbf0cecd44a6b422e208f3043f2ceaf7fd0a25a9 (patch)
tree7f66f6e88a5881a79118914146dbbedde13c5e6a
parentb1f33fda4070054abd97160bc59fef6cf94b20fb (diff)
Ensure module 'virtio-rng' is loaded in the guest before creation of key material.
-rwxr-xr-xtdf-postinst-udeb/debian/postinst13
-rwxr-xr-xtdf-postinst-udeb/finish-install.d/07tdf-postinst6
2 files changed, 16 insertions, 3 deletions
diff --git a/tdf-postinst-udeb/debian/postinst b/tdf-postinst-udeb/debian/postinst
new file mode 100755
index 0000000..fc933d3
--- /dev/null
+++ b/tdf-postinst-udeb/debian/postinst
@@ -0,0 +1,13 @@
+#!/bin/sh
+
+set -ue
+
+if [ "$1" = 'configure' ]; then
+ # Linux >=3.16 mixes output from the VirtIO RNG (/dev/hwrng) into
+ # /dev/random hence we no longer need to do this in userspace using
+ # `rngd`
+ register-module virtio-rng
+fi
+
+#DEBHELPER#
+exit 0
diff --git a/tdf-postinst-udeb/finish-install.d/07tdf-postinst b/tdf-postinst-udeb/finish-install.d/07tdf-postinst
index f8c0da2..0ee458c 100755
--- a/tdf-postinst-udeb/finish-install.d/07tdf-postinst
+++ b/tdf-postinst-udeb/finish-install.d/07tdf-postinst
@@ -3,8 +3,8 @@ set -e
. /usr/share/debconf/confmodule || true
-in-target modprobe 9pnet_virtio || true
-in-target modprobe 9p || true
+modprobe -va -d/target virtio-rng
+modprobe -va -d/target 9pnet_virtio 9p
virtfs="$(mktemp -d)"
mount -t 9p -o trans=virtio,version=9p2000.L virtfs "$virtfs" || true
@@ -91,7 +91,7 @@ fi
if [ -d /target/etc/salt ]; then
in-target sh -c '
- HOME="$(echo ~root)"
+ export HOME="$(echo ~root)" # use ~root/.rnd as OpenSSL seed file
pkidir="/etc/salt/pki/minion"
mkdir -p -m0700 "$pkidir"