nixo
/
guix-devel
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

services: urandom-seed: Set umask to 077 while shutting down. 

* gnu/services/base.scm (urandom-seed-shepherd-service): Call 'umask'.
master
Leo Famulari 2016-05-29 11:13:59 -04:00
parent df2dd07b88
commit 8fe5d95e66
No known key found for this signature in database
GPG Key ID: 2646FA30BACA7F08
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
gnu/services/base.scm
View File

@ -460,10 +460,12 @@ stopped before 'kill' is called."
(let ((buf (make-bytevector 512)))
(call-with-input-file "/dev/urandom"
(lambda (urandom)
(get-bytevector-n! urandom buf 0 512)
(call-with-output-file #$%random-seed-file
(lambda (seed)
(put-bytevector seed buf)))
(let ((previous-umask (umask #o077)))
(get-bytevector-n! urandom buf 0 512)
(call-with-output-file #$%random-seed-file
(lambda (seed)
(put-bytevector seed buf)))
(umask previous-umask))
#t)))))
(modules `((rnrs bytevectors)
(rnrs io ports)