lpsetup

Merge lp:~frankban/lpsetup/urandom-hack into lp:lpsetup

  1. urandom-hack
  2. Merge into trunk
Proposed by Francesco Banconi
Status: Merged
Merged at revision: 11
Proposed branch: lp:~frankban/lpsetup/urandom-hack
Merge into: lp:lpsetup
Diff against target: 55 lines (+13/-3)
2 files modified
lpsetup/subcommands/install.py (+12/-2)
lpsetup/subcommands/lxcinstall.py (+1/-1)
To merge this branch: bzr merge lp:~frankban/lpsetup/urandom-hack
Reviewer Review Type Date Requested Status
Gary Poster (community) Approve
Review via email: mp+101347@code.launchpad.net

Description of the change

Added the random/urandom hack (ported from setuplxc).

To post a comment you must log in.
Revision history for this message
Gary Poster (gary) wrote :

Thank you, Francesco. Please add an additional sentence to the help description that gives a serious warning about it. Draft of the kinds of things I'm thinking of: "This reduces the actual randomness of your system's random number generator and thereby reduces security. Use only if determined to be necessary for this machine, and only if the machine is only used for tasks identified as low-risk, such as running tests." Otherwise good.

review: Approve
lp:~frankban/lpsetup/urandom-hack updated
12. By Francesco Banconi

Added a warning about --use-urandom option.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'lpsetup/subcommands/install.py'
2--- lpsetup/subcommands/install.py 2012-03-30 10:52:41 +0000
3+++ lpsetup/subcommands/install.py 2012-04-10 09:27:39 +0000
4@@ -114,7 +114,7 @@
5
6 def initialize(
7 user, full_name, email, lpuser, private_key, public_key, valid_ssh_keys,
8- ssh_key_path, dependencies_dir, directory):
9+ ssh_key_path, use_urandom, dependencies_dir, directory):
10 """Initialize host machine."""
11 # Install necessary deb packages. This requires Oneiric or later.
12 call('apt-get', 'update')
13@@ -165,6 +165,12 @@
14 for line in lines:
15 location = line.format(checkout_dir=checkout_dir, lpuser=lpuser)
16 file_append(bzr_locations, location)
17+ # rng-tools is used to set /dev/urandom as random data source, avoiding
18+ # entropy exhaustion during automated parallel tests.
19+ if use_urandom:
20+ apt_get_install('rng-tools', caller=call)
21+ file_append('/etc/default/rng-tools', 'HRNGDEVICE=/dev/urandom')
22+ call('/etc/init.d/rng-tools', 'start')
23
24
25 def setup_apt(no_repositories=True):
26@@ -218,7 +224,7 @@
27 (initialize,
28 'user', 'full_name', 'email', 'lpuser',
29 'private_key', 'public_key', 'valid_ssh_keys', 'ssh_key_path',
30- 'dependencies_dir', 'directory'),
31+ 'use_urandom', 'dependencies_dir', 'directory'),
32 (setup_apt,
33 'no_repositories'),
34 (setup_launchpad,
35@@ -289,3 +295,7 @@
36 parser.add_argument(
37 '-N', '--no-repositories', action='store_true',
38 help='Do not add APT repositories.')
39+ parser.add_argument(
40+ '-U', '--use-urandom', action='store_true',
41+ help='Use /dev/urandom to feed /dev/random and avoid '
42+ 'entropy exhaustion.')
43
44=== modified file 'lpsetup/subcommands/lxcinstall.py'
45--- lpsetup/subcommands/lxcinstall.py 2012-03-30 16:52:14 +0000
46+++ lpsetup/subcommands/lxcinstall.py 2012-04-10 09:27:39 +0000
47@@ -158,7 +158,7 @@
48 (install.initialize,
49 'user', 'full_name', 'email', 'lpuser',
50 'private_key', 'public_key', 'valid_ssh_keys', 'ssh_key_path',
51- 'dependencies_dir', 'directory'),
52+ 'use_urandom', 'dependencies_dir', 'directory'),
53 (create_lxc,
54 'user', 'lxc_name', 'lxc_arch', 'lxc_os'),
55 (start_lxc,

Subscribers

People subscribed via source and target branches

to all changes: