From 11b00957be9f8661c4248d52bb20cdacdd442615 Mon Sep 17 00:00:00 2001 From: Patrick J Volkerding Date: Wed, 13 Jun 2018 21:55:19 +0000 Subject: Wed Jun 13 21:55:19 UTC 2018 a/etc-15.0-x86_64-5.txz: Rebuilt. Don't hardcode passwd/shadow/group additions in doinst.sh - get them from the .new files. a/sysvinit-scripts-2.1-noarch-11.txz: Rebuilt. rc.S: don't start rc.haveged in this script - move it to rc.M. rc.M: start rc.haveged after seeding /dev/urandom in rc.S, and after starting syslogd, klogd, and udev in rc.M. rc.M: start rc.rndg (we don't ship it or rng-tools) after udev. H. Peter Anvin says that it's fine to run both haveged and rndg, and I trust his opinion on that. Thanks to GazL. ap/at-3.1.20-x86_64-4.txz: Rebuilt. Fixed wrong variable in rc.atd. Thanks to upnort. n/libgcrypt-1.8.3-x86_64-1.txz: Upgraded. Use blinding for ECDSA signing to mitigate a novel side-channel attack. For more information, see: https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0495 (* Security fix *) --- source/a/sysvinit-scripts/scripts/rc.M | 10 ++++++++++ source/a/sysvinit-scripts/scripts/rc.S | 6 ------ source/a/sysvinit-scripts/sysvinit-scripts.SlackBuild | 2 +- 3 files changed, 11 insertions(+), 7 deletions(-) (limited to 'source/a/sysvinit-scripts') diff --git a/source/a/sysvinit-scripts/scripts/rc.M b/source/a/sysvinit-scripts/scripts/rc.M index 6bd667c5..30c85295 100644 --- a/source/a/sysvinit-scripts/scripts/rc.M +++ b/source/a/sysvinit-scripts/scripts/rc.M @@ -94,6 +94,16 @@ if grep -wq sysfs /proc/mounts && grep -q devtmpfs /proc/filesystems ; then fi fi +# Start the haveged entropy daemon: +if [ -x /etc/rc.d/rc.haveged ]; then + /etc/rc.d/rc.haveged start +fi + +# Start the rngd entropy daemon: +if [ -x /etc/rc.d/rc.rngd ]; then + /etc/rc.d/rc.rngd start +fi + # Initialize the networking hardware. if [ -x /etc/rc.d/rc.inet1 ]; then /etc/rc.d/rc.inet1 diff --git a/source/a/sysvinit-scripts/scripts/rc.S b/source/a/sysvinit-scripts/scripts/rc.S index c53548f4..793d9585 100644 --- a/source/a/sysvinit-scripts/scripts/rc.S +++ b/source/a/sysvinit-scripts/scripts/rc.S @@ -73,11 +73,6 @@ if grep -wq cgroup /proc/filesystems ; then fi fi -# Start the haveged entropy daemon: -if [ -x /etc/rc.d/rc.haveged ]; then - /etc/rc.d/rc.haveged start -fi - # Initialize the Logical Volume Manager. # This won't start unless we find /etc/lvmtab (LVM1) or # /etc/lvm/backup/ (LVM2). This is created by /sbin/vgscan, so to @@ -446,4 +441,3 @@ else dd if=/dev/urandom of=/etc/random-seed count=1 bs=512 2> /dev/null fi chmod 600 /etc/random-seed - diff --git a/source/a/sysvinit-scripts/sysvinit-scripts.SlackBuild b/source/a/sysvinit-scripts/sysvinit-scripts.SlackBuild index 6e47bc03..34ef07a7 100755 --- a/source/a/sysvinit-scripts/sysvinit-scripts.SlackBuild +++ b/source/a/sysvinit-scripts/sysvinit-scripts.SlackBuild @@ -25,7 +25,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=sysvinit-scripts VERSION=${VERSION:-2.1} ARCH=noarch -BUILD=${BUILD:-10} +BUILD=${BUILD:-11} # If the variable PRINT_PACKAGE_NAME is set, then this script will report what # the name of the created package would be, and then exit. This information -- cgit v1.2.3