services: urandom-seed: Become a dependency of 'user-processes'.

This ensures that 'urandom-seed' is started before programs that rely on sources of randomness. Fixes <https://bugs.gnu.org/29773>. Reported by Leo Famulari <leo@famulari.name>. * gnu/services/base.scm (urandom-seed-shepherd-service): Change 'requirement' to (file-systems). (urandom-seed-service-type): Extend USER-PROCESSES-SERVICE-TYPE.
2024-11-07 15:36:20 -05:00 · 2017-12-20 11:09:03 +01:00 · 2017-12-20 11:09:03 +01:00 · 4e9fd50857
commit 4e9fd50857
parent 206a28d84a
1 changed files with 8 additions and 2 deletions
--- a/gnu/services/base.scm
+++ b/gnu/services/base.scm
@ -529,7 +529,7 @@ (define (urandom-seed-shepherd-service _)
  (list (shepherd-service
         (documentation "Preserve entropy across reboots for /dev/urandom.")
         (provision '(urandom-seed))
-         (requirement '(user-processes))
+         (requirement '(file-systems))
         (start #~(lambda _
                    ;; On boot, write random seed into /dev/urandom.
                    (when (file-exists? #$%random-seed-file)
@ -590,7 +590,13 @@ (define urandom-seed-service-type
  (service-type (name 'urandom-seed)
                (extensions
                 (list (service-extension shepherd-root-service-type
-                                          urandom-seed-shepherd-service)))
+                                          urandom-seed-shepherd-service)
+
+                       ;; Have 'user-processes' depend on 'urandom-seed'.
+                       ;; This ensures that user processes and daemons don't
+                       ;; start until we have seeded the PRNG.
+                       (service-extension user-processes-service-type
+                                          (const '(urandom-seed)))))
                (description
                 "Seed the @file{/dev/urandom} pseudo-random number
 generator (RNG) with the value recorded when the system was last shut