[Bug 1098299] Re: entropy pool should be seeded earlier in boot process

[Steve Langasek]

I think I would argue that the bug here is on the side of the ssh
upstart job, which has a start condition of:

  start on filesystem or runlevel [2345]

/etc/rcS.d/S*urandom is guaranteeably run (via /etc/init/rc-
sysinit.conf) before 'runlevel' is emitted.  So the question is, why
does ssh need to start on 'filesystem', instead of waiting for
'runlevel'?  rc-sysinit itself runs (and fires off the 'runlevel' event)
as soon as it sees:

  start on (filesystem and static-network-up) or failsafe-boot

So in the common case, the only difference between the current behavior
and a 'start on runlevel' is that ssh will start before the network is
up, which seems of dubious value given the nature of the service.

In the pathological case, since 'failsafe-boot' is guaranteed to trigger
after a timeout, the system will still boot and ssh will still come up,
it may just not come up as quickly as it does currently.

I think we do want to translate /etc/init.d/urandom to an upstart job -
I frankly am just not sure at present how to write it correctly to
ensure it sequences before ssh without adding a lot of syntactic
boilerplate, given that urandom can't run until the filesystem is up
(for access to /var/lib), and 'start on starting ssh' is not right
either.

** Changed in: sysvinit (Ubuntu)
     Assignee: (unassigned) => Steve Langasek (vorlon)

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1098299

Title:
  entropy pool should be seeded earlier in boot process

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/installation-report/+bug/1098299/+subscriptions