On So, 01.05.22 12:28, Jason A. Donenfeld (Jason@xxxxxxxxx) wrote:
> Hey,
>
> I've been working on my small seedrng utility, which is more or less
> the same thing as systemd-random-seed.service, with a few unimportant
> design differences here and there. As I'd worked with
> systemd-random-seed.service quite a bit before, its choices comprised
> much of my mental model starting out.
>
> One of the things I did like systemd-random-seed.service without
> really thinking too much about it is I made use of /var/lib/seedrng/,
> just as systemd uses /var/lib/systemd/random-seed/. Seems reasonable
> enough I guess. But I was thinking: wouldn't /var/cache/{blah}/ be the
> better for this? Seeds are supposed to be somewhat volatile, and
> shouldn't be copied between images, and the default behavior of
> /var/lib is usually to be copied, whereas /var/cache usually isn't.
> There's also /var/tmp too, right? Which is supposed to be never a
> tmpfs or something? But "cache" seems a bit more fitting than
> "temporary".
/var/tmp/ is definitely the wrong place: it's a shared namespace, thus
any unprivileged code can put stuff there, and fight for the file name
of the random seed. At best that's a DoS, at worst this will poison
the RNG pool, since unpriv code gets control on how to seed it.
> Anyway, I'm not really sure what makes the most sense, and it seems
> like FHS placement is more of an art than a science. I don't think I'm
> super far off, though, in at least wondering whether random seeds
> belong in /var/cache rather than /var/lib.
>
> Does anybody have opinions on this? Should I just submit a PR moving
> the systemd seeds to /var/cache and see what happens?
I think /var/cache/ is not the right place, because of the weak
persistency guarantees on it. i.e. /var/cache/ much like /var/tmp/
means "hey, please keep this, but it's OK if you don't". I think
that's too little though for the random seed, because if the random
seed is not kept it's entirely useless. There is no need to keep a
random seed in the file system if it would be flushed out on each
boot...
/var/lib/ otoh sounds much more appropriate as it means "please keep
this", and that's exactly the persistance requirement we want here.
Lennart
--
Lennart Poettering, Berlin
Re: should random seeds go into /var/cache?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: should random seeds go into /var/cache?
- From: Lennart Poettering <lennart@xxxxxxxxxxxxxx>
- Date: Mon, 2 May 2022 11:19:37 +0200
- Cc: systemd Mailing List <systemd-devel@xxxxxxxxxxxxxxxxxxxxx>
- In-reply-to: <CAHmME9ox_oB=KP07WXgY75QtidBRpogYR2+FtyoEJ2-o4ALDgg@mail.gmail.com>
- References: <CAHmME9ox_oB=KP07WXgY75QtidBRpogYR2+FtyoEJ2-o4ALDgg@mail.gmail.com>
- Follow-Ups:
- Re: should random seeds go into /var/cache?
- From: Jason A. Donenfeld
- Re: should random seeds go into /var/cache?
- References:
- should random seeds go into /var/cache?
- From: Jason A. Donenfeld
- should random seeds go into /var/cache?
- Prev by Date: Re: Q: logger: "invalid structured data parameter: 'fo\o="b\"a\"r"'"
- Next by Date: Re: Splitting sd-boot from systemd/bootctl for enabling sd-boot in Fedora
- Previous by thread: should random seeds go into /var/cache?
- Next by thread: Re: should random seeds go into /var/cache?
- Index(es):
 |