From mboxrd@z Thu Jan 1 00:00:00 1970 From: ludo@gnu.org (Ludovic =?UTF-8?Q?Court=C3=A8s?=) Subject: bug#29773: urandom-seed-service should run earlier in the boot process Date: Thu, 21 Dec 2017 10:10:29 +0100 Message-ID: <87ind0a1kq.fsf@gnu.org> References: <20171219191348.GA19177@jasmine.lan> <87tvwlzop3.fsf@gnu.org> <20171220230751.GA18857@jasmine.lan> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:42596) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eRwsi-0002Fn-HF for bug-guix@gnu.org; Thu, 21 Dec 2017 04:11:13 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eRwsY-0001G8-0Q for bug-guix@gnu.org; Thu, 21 Dec 2017 04:11:12 -0500 Received: from debbugs.gnu.org ([208.118.235.43]:36502) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1eRwsX-0001Ft-RG for bug-guix@gnu.org; Thu, 21 Dec 2017 04:11:01 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1eRwsX-0005U7-L8 for bug-guix@gnu.org; Thu, 21 Dec 2017 04:11:01 -0500 Sender: "Debbugs-submit" Resent-Message-ID: In-Reply-To: <20171220230751.GA18857@jasmine.lan> (Leo Famulari's message of "Wed, 20 Dec 2017 18:07:51 -0500") List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org Sender: "bug-Guix" To: Leo Famulari Cc: 29773@debbugs.gnu.org --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Leo Famulari skribis: > On Wed, Dec 20, 2017 at 11:19:36AM +0100, Ludovic Court=C3=A8s wrote: >> There=E2=80=99s a =E2=80=98user-processes=E2=80=99 service that serves a= similar purpose. >>=20 >> With the attached patches =E2=80=98urandom-seed=E2=80=99 becomes a depen= dency of >> =E2=80=98user-processes=E2=80=99, meaning that daemons & co. start after >> =E2=80=98urandom-seed=E2=80=99. >>=20 >> WDYT? > > In general, I think it's a good approach. > > Currently, the urandom-seed-service seems to non-deterministically but > typically start after the udev-service, so that /dev/hwrng is always set > up by udev before the urandom-seed-service tries to use it. > > With these patches, that's not the case. This breaks the hwrng seeding > feature added in 9a56cf2b5b (services: urandom-seed: Try using a HWRNG > to seed the Linux CRNG at boot). > > I'll try rearranging the service dependency graph. The attached patch does the trick, AFAICS: --=-=-= Content-Type: text/x-patch Content-Disposition: inline diff --git a/gnu/services/base.scm b/gnu/services/base.scm index acc5c33f5..7fc8f6aa7 100644 --- a/gnu/services/base.scm +++ b/gnu/services/base.scm @@ -529,7 +529,10 @@ in KNOWN-MOUNT-POINTS when it is stopped." (list (shepherd-service (documentation "Preserve entropy across reboots for /dev/urandom.") (provision '(urandom-seed)) - (requirement '(file-systems)) + + ;; Depend on udev so that /dev/hwrng is available. + (requirement '(file-systems udev)) + (start #~(lambda _ ;; On boot, write random seed into /dev/urandom. (when (file-exists? #$%random-seed-file) --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable > Watching a fresh system boot repeatedly, I noticed that the host keys > always seem to be generated immediately after Linux reports "random: > crng init done". > > To me, this suggests that OpenSSH is using the getrandom() syscall. If > so, any GuixSD host keys created with glibc >=3D 2.25 and OpenSSH >=3D 7.2 > should be unpredictable. But I'm not sure if that's what's happening or > not. Nice. The problem though is that =E2=80=98ssh-keygen -A=E2=80=99 runs from the ac= tivation snippet, which itself runs before shepherd is started. To work around that, we should either introduce a separate =E2=80=98ssh-key= gen=E2=80=99 service that =E2=80=98ssh-daemon=E2=80=99 would depend on, or invoke =E2=80= =98ssh-keygen=E2=80=99 from the =E2=80=98start=E2=80=99 method of the =E2=80=98ssh-daemon=E2=80=99 serv= ice. >> +(define (user-processes-shepherd-service requirements) >> + "Return the 'user-processes' Shepherd service with dependencies on >> +REQUIREMENTS (a list of service names). >> + >> +This is a synchronization point used to make sure user processes and da= emons >> +get started only after crucial initial services have been started---file >> +system mounts, etc. This is similar to 'target' in systemd." > > To clarify, user-processes may be similar to the sysinit target in > systemd. Systemd targets are sort of like run-levels, and there are > several of them, such as the multi-user target, the graphical target, > etc. Indeed, I=E2=80=99ve fixed it locally. If that=E2=80=99s OK I=E2=80=99ll push these patches later today. Thank you, Ludo=E2=80=99. --=-=-=--