lpsetup

Merge lp:~frankban/lpsetup/urandom-hack into lp:lpsetup

  1. urandom-hack
  2. Merge into trunk
Proposed by Francesco Banconi
Status: Merged
Merged at revision: 11
Proposed branch: lp:~frankban/lpsetup/urandom-hack
Merge into: lp:lpsetup
Diff against target: 55 lines (+13/-3)
2 files modified
lpsetup/subcommands/install.py (+12/-2)
lpsetup/subcommands/lxcinstall.py (+1/-1)
To merge this branch: bzr merge lp:~frankban/lpsetup/urandom-hack
Reviewer Review Type Date Requested Status
Gary Poster (community) Approve
Review via email: mp+101347@code.launchpad.net

Description of the change

Added the random/urandom hack (ported from setuplxc).

To post a comment you must log in.
Revision history for this message
Gary Poster (gary) wrote :

Thank you, Francesco. Please add an additional sentence to the help description that gives a serious warning about it. Draft of the kinds of things I'm thinking of: "This reduces the actual randomness of your system's random number generator and thereby reduces security. Use only if determined to be necessary for this machine, and only if the machine is only used for tasks identified as low-risk, such as running tests." Otherwise good.

review: Approve
lp:~frankban/lpsetup/urandom-hack updated
12. By Francesco Banconi

Added a warning about --use-urandom option.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'lpsetup/subcommands/install.py'
--- lpsetup/subcommands/install.py 2012-03-30 10:52:41 +0000
+++ lpsetup/subcommands/install.py 2012-04-10 09:27:39 +0000
@@ -114,7 +114,7 @@
114114
115def initialize(115def initialize(
116 user, full_name, email, lpuser, private_key, public_key, valid_ssh_keys,116 user, full_name, email, lpuser, private_key, public_key, valid_ssh_keys,
117 ssh_key_path, dependencies_dir, directory):117 ssh_key_path, use_urandom, dependencies_dir, directory):
118 """Initialize host machine."""118 """Initialize host machine."""
119 # Install necessary deb packages. This requires Oneiric or later.119 # Install necessary deb packages. This requires Oneiric or later.
120 call('apt-get', 'update')120 call('apt-get', 'update')
@@ -165,6 +165,12 @@
165 for line in lines:165 for line in lines:
166 location = line.format(checkout_dir=checkout_dir, lpuser=lpuser)166 location = line.format(checkout_dir=checkout_dir, lpuser=lpuser)
167 file_append(bzr_locations, location)167 file_append(bzr_locations, location)
168 # rng-tools is used to set /dev/urandom as random data source, avoiding
169 # entropy exhaustion during automated parallel tests.
170 if use_urandom:
171 apt_get_install('rng-tools', caller=call)
172 file_append('/etc/default/rng-tools', 'HRNGDEVICE=/dev/urandom')
173 call('/etc/init.d/rng-tools', 'start')
168174
169175
170def setup_apt(no_repositories=True):176def setup_apt(no_repositories=True):
@@ -218,7 +224,7 @@
218 (initialize,224 (initialize,
219 'user', 'full_name', 'email', 'lpuser',225 'user', 'full_name', 'email', 'lpuser',
220 'private_key', 'public_key', 'valid_ssh_keys', 'ssh_key_path',226 'private_key', 'public_key', 'valid_ssh_keys', 'ssh_key_path',
221 'dependencies_dir', 'directory'),227 'use_urandom', 'dependencies_dir', 'directory'),
222 (setup_apt,228 (setup_apt,
223 'no_repositories'),229 'no_repositories'),
224 (setup_launchpad,230 (setup_launchpad,
@@ -289,3 +295,7 @@
289 parser.add_argument(295 parser.add_argument(
290 '-N', '--no-repositories', action='store_true',296 '-N', '--no-repositories', action='store_true',
291 help='Do not add APT repositories.')297 help='Do not add APT repositories.')
298 parser.add_argument(
299 '-U', '--use-urandom', action='store_true',
300 help='Use /dev/urandom to feed /dev/random and avoid '
301 'entropy exhaustion.')
292302
=== modified file 'lpsetup/subcommands/lxcinstall.py'
--- lpsetup/subcommands/lxcinstall.py 2012-03-30 16:52:14 +0000
+++ lpsetup/subcommands/lxcinstall.py 2012-04-10 09:27:39 +0000
@@ -158,7 +158,7 @@
158 (install.initialize,158 (install.initialize,
159 'user', 'full_name', 'email', 'lpuser',159 'user', 'full_name', 'email', 'lpuser',
160 'private_key', 'public_key', 'valid_ssh_keys', 'ssh_key_path',160 'private_key', 'public_key', 'valid_ssh_keys', 'ssh_key_path',
161 'dependencies_dir', 'directory'),161 'use_urandom', 'dependencies_dir', 'directory'),
162 (create_lxc,162 (create_lxc,
163 'user', 'lxc_name', 'lxc_arch', 'lxc_os'),163 'user', 'lxc_name', 'lxc_arch', 'lxc_os'),
164 (start_lxc,164 (start_lxc,

Subscribers

People subscribed via source and target branches

to all changes: