From 4e9fd50857a917ea30106262e356838c4f45b6ba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Wed, 20 Dec 2017 11:09:03 +0100 Subject: [PATCH] services: urandom-seed: Become a dependency of 'user-processes'. This ensures that 'urandom-seed' is started before programs that rely on sources of randomness. Fixes . Reported by Leo Famulari . * gnu/services/base.scm (urandom-seed-shepherd-service): Change 'requirement' to (file-systems). (urandom-seed-service-type): Extend USER-PROCESSES-SERVICE-TYPE. --- gnu/services/base.scm | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/gnu/services/base.scm b/gnu/services/base.scm index 85c442b385..26525714a5 100644 --- a/gnu/services/base.scm +++ b/gnu/services/base.scm @@ -529,7 +529,7 @@ in KNOWN-MOUNT-POINTS when it is stopped." (list (shepherd-service (documentation "Preserve entropy across reboots for /dev/urandom.") (provision '(urandom-seed)) - (requirement '(user-processes)) + (requirement '(file-systems)) (start #~(lambda _ ;; On boot, write random seed into /dev/urandom. (when (file-exists? #$%random-seed-file) @@ -590,7 +590,13 @@ in KNOWN-MOUNT-POINTS when it is stopped." (service-type (name 'urandom-seed) (extensions (list (service-extension shepherd-root-service-type - urandom-seed-shepherd-service))) + urandom-seed-shepherd-service) + + ;; Have 'user-processes' depend on 'urandom-seed'. + ;; This ensures that user processes and daemons don't + ;; start until we have seeded the PRNG. + (service-extension user-processes-service-type + (const '(urandom-seed))))) (description "Seed the @file{/dev/urandom} pseudo-random number generator (RNG) with the value recorded when the system was last shut