Project

General

Profile

Feature #10779

Start haveged earlier in the boot process

Added by intrigeri almost 4 years ago. Updated over 3 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
-
Target version:
Start date:
12/20/2015
Due date:
% Done:

100%

Feature Branch:
Type of work:
Code
Blueprint:
Starter:
Affected tool:

Description

On current devel (Jessie) branch, haveged starts relatively late in the boot process. On current sid, starts much earlier, presumably thanks to the changes introduced in 1.9.1-2. Let's make sure this works fine in Tails 3.x.


Related issues

Related to Tails - Feature #7102: Evaluate how safe haveged is in a virtualized environment Confirmed 04/17/2014
Related to Tails - Feature #11758: Analyze early boot entropy gathering Resolved 09/02/2016

Associated revisions

Revision 95ac525c (diff)
Added by intrigeri almost 4 years ago

Install haveged from Debian testing, so that it is started earlier in the boot process (Will-fix: #10779).

History

#1 Updated by intrigeri almost 4 years ago

  • Related to Feature #7102: Evaluate how safe haveged is in a virtualized environment added

#2 Updated by intrigeri almost 4 years ago

#3 Updated by intrigeri almost 4 years ago

The haveged maintainer doesn't object to uploading to jessie-backports.

#4 Updated by intrigeri almost 4 years ago

  • Target version changed from Tails_2.2 to Tails_2.4

#5 Updated by intrigeri almost 4 years ago

  • Target version changed from Tails_2.4 to Tails_2.2

#6 Updated by intrigeri almost 4 years ago

  • Status changed from Confirmed to In Progress
  • % Done changed from 0 to 10
  • Feature Branch set to feature/10779-start-haveged-earlier

#7 Updated by intrigeri almost 4 years ago

  • Target version changed from Tails_2.2 to Tails_2.4

#8 Updated by intrigeri over 3 years ago

  • Target version changed from Tails_2.4 to Tails_2.6

#9 Updated by intrigeri over 3 years ago

#10 Updated by intrigeri over 3 years ago

#11 Updated by intrigeri over 3 years ago

#12 Updated by intrigeri over 3 years ago

  • Description updated (diff)
  • Target version changed from Tails_2.6 to Tails_3.0
  • Feature Branch deleted (feature/10779-start-haveged-earlier)

This branch breaks the boot on Jessie: live-config.service and systemd-udev-settle.service are stalled for a long time; the former has no timeout so this blocks the boot. Adding After=live-config.service systemd-udev-settle.service to haveged.service doesn't help. Now, on Stretch the very same haveged package doesn't break the boot, so I'll just put that on my plate for 3.0 => next steps are:

  1. on feature/stretch, make sure that haveged starts after its AppArmor profile is loaded (feature/10779-start-haveged-earlier has such stuff)
  2. check that haveged starts at a suitable time during the boot process, on feature/stretch.

#13 Updated by intrigeri over 3 years ago

haveged 1.9.1-4 has some fixes in this area.

#14 Updated by intrigeri over 3 years ago

  • Status changed from In Progress to Resolved
  • % Done changed from 10 to 100

On Stretch, haveged starts as soon as apparmor.service is done, and it blocks sysinit.target so lots of other services are started after haveged, which is what we want.

#15 Updated by sycamoreone over 3 years ago

  • Related to Feature #11758: Analyze early boot entropy gathering added

Also available in: Atom PDF