From mboxrd@z Thu Jan 1 00:00:00 1970 From: ludo@gnu.org (Ludovic =?UTF-8?Q?Court=C3=A8s?=) Subject: bug#23605: /dev/urandom not seeded across reboots Date: Wed, 25 May 2016 18:54:58 +0200 Message-ID: <87vb229ixp.fsf@gnu.org> References: <20160523175832.GA10646@jasmine> <87d1obabj8.fsf@gnu.org> <20160525163815.GA19996@jasmine> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:36275) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1b5c6K-0001IT-18 for bug-guix@gnu.org; Wed, 25 May 2016 12:56:09 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1b5c6F-0000A4-Pq for bug-guix@gnu.org; Wed, 25 May 2016 12:56:06 -0400 Received: from debbugs.gnu.org ([208.118.235.43]:54405) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1b5c6F-00009s-M9 for bug-guix@gnu.org; Wed, 25 May 2016 12:56:03 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1b5c6F-0003DW-GT for bug-guix@gnu.org; Wed, 25 May 2016 12:56:03 -0400 Sender: "Debbugs-submit" Resent-Message-ID: In-Reply-To: <20160525163815.GA19996@jasmine> (Leo Famulari's message of "Wed, 25 May 2016 12:38:15 -0400") List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org Sender: "bug-Guix" To: Leo Famulari Cc: 23605@debbugs.gnu.org Leo Famulari skribis: > On Tue, May 24, 2016 at 02:24:59PM +0200, Ludovic Court=C3=A8s wrote: [...] >> Instead of spawning =E2=80=98cat=E2=80=99, we can do: >>=20 >> (when (file-exists? #$%random-seed-file) >> (call-with-input-file #$%random-seed-file >> (lambda (seed) >> (call-with-output-file "/dev/urandom" >> (lambda (random) >> (dump-port seed random)))))) >> #t ;service successfully =E2=80=9Cstarted=E2=80=9D > > I think I've done this correctly, as attached, but I can't test it yet > since I still get an error: "service: Wrong number of arguments in form > (service urandom-seed-service-type)". Yes, it=E2=80=99s: (service TYPE VALUE) but I think there=E2=80=99s no meaningful value for this service, so you co= uld do: (service urandom-seed-service-type #f) [...] > +(define (urandom-seed-shepherd-service) > + "Return a shepherd service for the /dev/urandom seed." > + (list (shepherd-service > + (documentation "Preserve entropy across reboots for /dev/urando= m.") I think you=E2=80=99ll need to specify that additional modules are needed (= for =E2=80=98make-bytevector=E2=80=99, =E2=80=98put-bytevector=E2=80=99, etc.): (shepherd-service ;; =E2=80=A6 (modules `((rnrs bytevectors) (rnrs io ports) ,@%default-modules))) (See (gnu services shepherd) for the definition of =E2=80=98%default-module= s=E2=80=99.) > + (stop #~(lambda _ > + (let ((buf (make-bytevector 512))) > + (call-with-input-file "/dev/urandom" > + (lambda (urandom) > + (get-bytevector-n! urandom buf 0 512) > + (call-with-output-file #$%random-seed-file ^^ Misleading indent here. > + (lambda (seed) > + (dump-port buf seed))) =E2=80=98dump-port=E2=80=99 from (guix build utils) takes an input port as = its 1st argument, and an output port as its 2nd argument. Here BUF is a bytevector, not a port. So instead, this should be: (lambda (seed) (put-bytevector seed buf)) Sounds like you=E2=80=99re pretty much there! :-) Thanks, Ludo=E2=80=99.