18 Mar
2016
18 Mar
'16
5:37 p.m.
I also have had nothing access /dev/random in the last 48 hours.
I wrote a simple script to log available entropy every 10 seconds and ran
it for 36 hours. I had a maximum of 2043 and a minimum of 132, the graph
being quite erratic.
I suppose the question really is what's a sensible minimum level to be
happy?
On 16 March 2016 at 15:22, Roger Light <roger(a)atchoo.org> wrote:
Hi,
I've not had any output from the systemtap script so I don't believe
anything has accessed /dev/random since my last email. I'm running
exim4, spamd, php-fpm, sshd, nginx amongst others.
Same caveat as before - I might have missed something important.
Cheers,
Roger
On Mon, Mar 14, 2016 at 11:23 AM, Roger Light <roger(a)atchoo.org> wrote:
--
Robert Gauld
http://www.robertgauld.co.uk
Hi,
I listened to some of the ubuntu podcast on the way in to work this
morning and they mentioned the util "fatrace". Turns out you can't use
the fanotify functions with /dev, but I've managed to figure out a
good way of doing this.
Assuming you've got SystemTap (kernel probing functionality, see at
the end of the email) installed, then try:
sudo stap random_read.stp
where random_read.stp looks like:
probe kernel.function("random_read").call
{
printf("%s[%d] len:%d\n", execname(), tid(), $nbytes)
}
This will print out the executable name, process id and number of
bytes requested each time a process reads from /dev/random. You can
verify it with e.g.
dd if=/dev/random of=/dev/null count=1
FWIW, whilst I was testing I was using urandom_read instead and exim
was reading from there, not from random_read. ymmv. The only thing
I've seen so far is "dd" :) I'll leave it running and report back if I
spot anything.
This is the first time I've played with systemtap and I may have
missed something. I'm not sure that the ".call" should be there for
example.
Cheers,
Roger
Installation notes for ubuntu:
apt-get install systemtap
# Install kernel debug symbols, this is less optimal than it could be.
See
https://wiki.ubuntu.com/Kernel/Systemtap#Where_to_get_debug_symbols_for_ker…
codename=$(lsb_release -c | awk '{print $2}')
sudo tee /etc/apt/sources.list.d/ddebs.list << EOF
deb http://ddebs.ubuntu.com/ ${codename} main restricted universe
multiverse
deb http://ddebs.ubuntu.com/ ${codename}-security main restricted
universe multiverse
deb http://ddebs.ubuntu.com/ ${codename}-updates main restricted
universe multiverse
deb http://ddebs.ubuntu.com/ ${codename}-proposed main restricted
universe multiverse
EOF
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys
ECDCAD72428D7C01
sudo apt-get update
sudo apt-get install linux-image-$(uname -r)-dbgsym
On Mon, Mar 14, 2016 at 10:24 AM, Andy Smith <andy(a)bitfolk.com> wrote:
> On Mon, Mar 14, 2016 at 10:22:28AM +0000, Andy Smith wrote:
>> $ sudo strace -o open -p $(pgrep exim4) 2>&1 | grep random
>
> Hmm, maybe need a -ff on that to follow forks…
>
_______________________________________________
users mailing list
users(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/users
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.10 (GNU/Linux)
>
> iEYEAREDAAYFAlbmkVMACgkQIJm2TL8VSQuUkgCfdFHtYhq/iJsa3HXykeVA73GH
> gDMAn13IDR+rDx63BHFGp2HnGuJbTgEE
> =j5zJ
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> users mailing list
> users(a)lists.bitfolk.com
> https://lists.bitfolk.com/mailman/listinfo/users
>