systematic way to refresh the random-seed again and again
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
systemd (Ubuntu) |
Won't Fix
|
Wishlist
|
Unassigned |
Bug Description
Background and rationale: There ought to be a nice systematic way to refresh the random-seed again and again, while the system is running normally, not just at boot time or at shutdown time.
Sometimes a system may crash without carrying out an orderly shutdown. Indeed some systems never carry out an orderly shutdown; they run until they die. Therefore all the reasons why it is important to refresh the random-seed during shutdown are also good reasons for refreshing it from time to time during normal operations ... not just at startup.
Desired behavior: The logical, systematic, traditional, and expected way to refresh the seed would be either "systemctl start systemd-
Observed behavior: "systemctl start systemd-
This is a significant regression relative to the pre-systemd behavior.
Constructive suggestion. See attached patch. Recipe:
:; systemctl start systemd-random-seed
-- Observe that /var/lib/
:; systemctl stop systemd-random-seed
-- Apply the patch.
:; systemctl daemon-reload
:; systemctl start systemd-random-seed
:; sleep 60
:; systemctl start systemd-random-seed
-- observe that the seed now does get refreshed.
There may be other ways of dealing with the issue, but this seems nice and simple.
Tangent: In a non-essential way, this might touch on decisions about how best to address https:/
Digression: There is a policy question as to how often to refresh the seed during normal operations. That is a question for another day.
-------------------
Observed on
:; lsb_release -rd
Description: Ubuntu 16.04.1 LTS
Release: 16.04
:; apt-cache policy systemd
systemd:
Installed: 229-4ubuntu13
Candidate: 229-4ubuntu13
Version table:
*** 229-4ubuntu13 500
500 http://
100 /var/lib/
229-4ubuntu10 500
500 http://
229-4ubuntu4 500
500 http://
information type: | Private Security → Public Security |
tags: | removed: patch |
The attachment "systematic way to refresh the randdom-seed" seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team.
[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.]