systematic way to refresh the random-seed again and again

The attachment "systematic way to refresh the randdom-seed" seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.]

John, we had a long discussion about how often the pollinate service should refresh the kernel's entropy pool in https://bugs.launchpad.net/ubuntu/+source/pollen/+bug/1246098

If users want to refresh their entropy beyond the kernel's native refresh mechanisms, it'd be simple enough to add a cron entry or systemd timer unit for pollinate to collect new entropy from a server of the user's choice.

Thanks

The policy questions are only very distantly tangential to the topic of
this report.

The point is, no matter what policy is adopted, there needs to be a way
to *implement* the policy. There needs to be some concrete *command*
to put into the cron entry or whatever.

The logical, systematic, traditional, and expected command to use for
this would be "systemctl start systemd-random-seed" or the equivalent.

I am quite aware that dd(1) or write(2) could be used to achieve the
same result, but that would require duplication of code and duplication
of effort. There is a smallish but nonzero amount of logic that the
code needs to implement. The difficulties are exacerbated by the
incompatible locations
  /var/lib/urandom/random-seed
and
  /var/lib/systemd/random-seed

So the point remains: There ought to be a nice standard systematic
structured method for carrying out whatever policy is adopted.

Wherever it goes, this part of the random-seed problems is not the responsibility of the installer. Reassigning to systemd for now because that's where systemd-random-seed.service lives.

I retract patch and recipe mentioned in the initial report. The
problem is messier than I initially thought.

One fundamental consideration is that apparently systemctl won't
start a service that is marked active, and won't stop a service
that is marked inactive. This is inconsistent with longstanding
initscript behavior, where you can start (or stop) something as
many times as you like.

0) Simple question: Is there a way to teach the system to ignore
the nominal state and just run ExecStart or ExecStop as directed?
Maybe type=stateless rather than type=oneshot? This would make
things a whole lot simpler.

1) Arguably "most" of the problem goes away if we document "restart"
(as in "systemctl restart systemd-random-seed") as the proper way
to refresh the seed. That leaves init.d/urandom in a bad state,
because it knows nothing of "restart".

2) Here's another approach to consider: A paire of separate services:
  systemctl start systemd-random-seed-load
and
  systemctl start systemd-random-seed-save

The latter is /started/ (not stopped!) at shutdown time. Neither
service has an ExecStop method. Neither service ever becomes active.
Either one can be started as many times as desired, in any order.

This is the only way I can think of to capture the semantics of the
longstanding init.d/urandom script.

The present systemd-random-seed script can trivially be reimplemented
in terms of the new pair of services.

This approach (2) would still require some changes to init.d/urandom,
but not quite as ugly as approach (1) would require.

OK, I implemented approach (2) from the previous comment.
The work consists of six steps, in two groups of three:

++ create system/systemd-random-seed-load.service
++ create system/systemd-random-seed-save.service
-- get rid of the old system/systemd-random-seed.service

++ create system/sysinit.target.wants/systemd-random-seed-load.service
++ create system/shutdown.target.wants/systemd-random-seed-save.service
-- get rid of the old system/sysinit.target.wants/systemd-random-seed.service

The two new .service files are simple and straightforward. See attached patch.

I retract my previous speculation about reimplementing the old
systemd-random-seed.service because AFAICT it was only invoked from
sysinit.target ... and anybody else who tried it almost certainly wasn't
getting acceptable results.

We must drop the whole idea of a systemd-random-seed "service" with an active
state bookended by a single start-event and a single stop-event. That might
have seemed elegant at first glance, but it did not capture the right semantics.
It did not meet the security needs.

Implementing two separate one-shot services does what is needed. It is
close to the longstanding init.d/urandom behavior.

Here's an even simpler argument why random-seed-load and random-seed-save should
be seen as two separate stateless services, not as the "start" and "stop" of some
single long-lived service.

Suppose that during boot-up, random-seed-load fails for some reason. There are
definitely ways this could happen. (OTOH there are a surprising number of things
that could go wrong that systemd-random-seed save does /not/ report as an error
... but that is a topic for another day.)

Now suppose that in the minutes, hours, or days that follow, the problem is resolved.
Desired behavior: We really want the 'save' service to be performed at shutdown.

The currently-observed behavior is that if 'load' failed then 'save' will never be
performed. This is a Bad Thing from the security point of view.

Splitting the services as discussed above makes this issue (among others) go away.

Hi John,

We get the current random seed unit from systemd. Please file a bug with the upstream systemd project, or discuss these changes on the systemd mailing list.

Once your changes are accepted by systemd, we will inherit them.

Thanks!

please reopen if this is still an issue