1 Oct 2003 16:20
Re: Help, Help, I've ran out of entropy!
Oded Arbel <oded-linux@...>
2003-10-01 14:20:25 GMT
2003-10-01 14:20:25 GMT
On Wednesday 01 October 2003 16:47, Muli Ben-Yehuda wrote: > > > Why not use /dev/urandom? that one never blocks. > > > > 1. its lower quality > > I don't know what's your application, but I really doubt it matters. > > > 2. Its not my software, and I don't feel like messing around with the > > source code right now. I'll do that if I'll have no choice, but seeing as > > /dev/ random is important to have, I though I'd try to deal with the > > source of the problem first. > > Unix 101: use a symlink. Even better, recreate /dev/random with > /dev/urandom's minor number for this application. You are probably right on both issues, but I know how to implement work-arounds - this isn't my problem, I've put a work-around in place the minute I figured out why the server isn't working. I'd like to get some help where I don't have enough know-how and experience - understanding why /dev/random is empty and how to replenish it. > > I'm not using vanilla - I prefer buttermilk myself, but I have grsecurity > > patches. AFAIK, grsecurity shouldn't turn off any entropy generation - it > > relies on good quality entropy pool to add more randomacity to stuff the > > kernel does. > > Have you verified that it's not doing anything fishy? Ah.. no. I don't know how - I'm not intimate with grsecurity. can you offer some tips, please ? > > Then, could you please offer a hypothesis as to why my dev/random is > > empty ? > > Something exhausted it, or its not getting filled enough. You can > trace calls to it to rule out or confirm #1, Maybe it was the Cyrus IMAP server - it had tons of threads, all of them with numerous fds open on /dev/random. I restarted it and now it doesn't do that anymore - not even one fd open for /dev/random or urandom. > or you can find out what > exactly replenishes it with your current kernel, and then cause it to > be replenished. Sorry I can't be more specific. I guess I'll keep on googling Thanks! -- -- Oded ::.. "We should be concerned about the future because we will have to spend the rest of our lives there." ================================================================= To unsubscribe, send mail to linux-il-request@... with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail linux-il-request@...