[DRE-commits] [schleuder] 01/03: debian/tests/upstream-tests: Explain why we're using /dev/urandom
Georg Faerber
georg-alioth-guest at moszumanska.debian.org
Tue Oct 3 12:33:39 UTC 2017
This is an automated email from the git hooks/post-receive script.
georg-alioth-guest pushed a commit to branch master
in repository schleuder.
commit d997d9d254cc4a5d7eaa32619eff0c97c3e80a57
Author: Georg Faerber <georg at riseup.net>
Date: Tue Oct 3 13:14:50 2017 +0200
debian/tests/upstream-tests: Explain why we're using /dev/urandom
---
debian/tests/upstream-tests | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/debian/tests/upstream-tests b/debian/tests/upstream-tests
index 89d29a7..1f8aa26 100755
--- a/debian/tests/upstream-tests
+++ b/debian/tests/upstream-tests
@@ -2,6 +2,15 @@
set -e
+# Because GPG key operations rely heavily on entropy, we need to ensure
+# the pools are filled, so these operations are not blocked. We've used
+# haveged in the past, however, this doesn't work anymore if invoked a
+# container. That's why we're now using /dev/urandom, which gives
+# "unlimited randomness", and doesn't block, at the same time.
+# Warning: Don't use this approach in production, as this might lead to
+# less entropy (and pseudo-random bits) than reading from /dev/random.
+#
+# -- Georg Faerber <georg at riseup.net> Tue, 03 Oct 2017 11:20:13 +0200
rm /dev/random
ln -s /dev/urandom /dev/random
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-ruby-extras/schleuder.git
More information about the Pkg-ruby-extras-commits
mailing list