8143361db9
when booting the system: journald reads from /dev/random, which receives entropy from haveged, which in turn logs to syslog before providing any. Ideally, haveged would provide a proper command-line flag to disable use of syslog. Will work with upstream to resolve this in a cleaner way. (bnc#959237) - Remove "After=systemd-random-seed.service" from systemd service file to avoid the potential for deadlocks when booting the system: systemd-random-seed needs /var to read its previous state; mounting /var needs journald; journald needs entropy; and entropy is provided by haveged, which needs systemd-random-seed. (bnc#959237) OBS-URL: https://build.opensuse.org/package/show/security/haveged?expand=0&rev=109
20 lines
572 B
Desktop File
20 lines
572 B
Desktop File
[Unit]
|
|
Description=Entropy Daemon based on the HAVEGE algorithm
|
|
Documentation=man:haveged(8) http://www.issihosts.com/haveged/
|
|
DefaultDependencies=no
|
|
ConditionVirtualization=!container
|
|
#Conflicts=shutdown.target
|
|
# Don't wait for systemd-random-seed.service, leads to deadlock with fips=1
|
|
#After=systemd-random-seed.service
|
|
Before=sysinit.target shutdown.target systemd-journald.service
|
|
|
|
[Service]
|
|
ExecStart=/usr/sbin/haveged -w 1024 -v 0 -F
|
|
CapabilityBoundingSet=CAP_SYS_ADMIN
|
|
PrivateNetwork=yes
|
|
Restart=always
|
|
SuccessExitStatus=137 143
|
|
|
|
[Install]
|
|
WantedBy=sysinit.target
|