Hi Rasmus, On Wed, Mar 23, 2022 at 2:43 AM Rasmus Villemoes <linux@xxxxxxxxxxxxxxxxxx> wrote: > > On 23/03/2022 03.50, Jason A. Donenfeld wrote: > > > - Since these seeding shell scripts have always been broken, because > > this is how the rng has always been, rather than trying to bolt on a > > very imperfect fix in the kernel for something that never worked > > right, we could suggest shell scripts take the path that I implemented > > for systemd: > > https://github.com/systemd/systemd/commit/da2862ef06f22fc8d31dafced6d2d6dc14f2ee0b > > In shell, this would look like: > > > > #!/bin/bash > > cat seedfile > /dev/urandom > > { cat seedfile; head -c 32 /dev/urandom; } | sha256sum | cut -d ' ' -f 1 > seedfile > > Maybe stating the obvious, but in the interest of preventing > proliferation of more broken shell scripts: The tail of the above should > be spelled > > ... > seedfile.tmp && mv seedfile.tmp seedfile > > or seedfile would be truncated before cat had a chance to read it. You're not wrong. The actual thing that got committed is: https://git.buildroot.net/buildroot/commit/?id=f0986de551f46e72268857fd817986e9be697cd0 which thankfully doesn't have this issue. Jason