From 6f6af862c6c3e2a92265a81d9e1be765edfc046d Mon Sep 17 00:00:00 2001
From: "Brian C. Lane" <bcl@redhat.com>
Date: Wed, 2 Sep 2015 10:32:30 -0700
Subject: [PATCH] livemedia-creator: Remove random-seed from images (#1258986)

systemd uses /var/lib/systemd/random-seed to add entropy to /dev/urandom
at boot time. During image creation this file is created, and if not
removed everything using the image will be adding the same seed.

This is only additional entropy, NOT a seed in the sense of a starting
point for a PRNG, so it will be mixed with other entropy as the system
runs. It isn't a good idea to use the same value everywhere so make sure
it is removed in %post

Resolves: rhbz#1258986
---
 docs/fedora-docker.ks        | 4 ++++
 docs/fedora-livemedia-ec2.ks | 4 ++++
 docs/fedora-livemedia.ks     | 2 ++
 docs/fedora-minimal.ks       | 3 +++
 docs/fedora-minimized.ks     | 3 +++
 docs/fedora-openstack.ks     | 5 +++++
 6 files changed, 21 insertions(+)

diff --git a/docs/fedora-docker.ks b/docs/fedora-docker.ks
index 261fc9a4..9b03ea37 100644
--- a/docs/fedora-docker.ks
+++ b/docs/fedora-docker.ks
@@ -28,6 +28,10 @@ clearpart --all --initlabel
 # Disk partitioning information
 part / --fstype="ext4" --size=3000
 
+%post
+# Remove random-seed
+rm /var/lib/systemd/random-seed
+%end
 
 %packages --nocore --instLangs en
 httpd
diff --git a/docs/fedora-livemedia-ec2.ks b/docs/fedora-livemedia-ec2.ks
index 6369afc8..315b86ab 100644
--- a/docs/fedora-livemedia-ec2.ks
+++ b/docs/fedora-livemedia-ec2.ks
@@ -115,3 +115,7 @@ passwd -d root > /dev/null
 
 %end
 
+%post
+# Remove random-seed
+rm /var/lib/systemd/random-seed
+%end
diff --git a/docs/fedora-livemedia.ks b/docs/fedora-livemedia.ks
index eafb6f2c..5e956736 100644
--- a/docs/fedora-livemedia.ks
+++ b/docs/fedora-livemedia.ks
@@ -289,6 +289,8 @@ fi
 echo 'File created by kickstart. See systemd-update-done.service(8).' \
     | tee /etc/.updated >/var/.updated
 
+# Remove random-seed
+rm /var/lib/systemd/random-seed
 %end
 
 %post --nochroot
diff --git a/docs/fedora-minimal.ks b/docs/fedora-minimal.ks
index bd918092..5dc42689 100644
--- a/docs/fedora-minimal.ks
+++ b/docs/fedora-minimal.ks
@@ -33,6 +33,9 @@ part swap --size=1000
 %post
 # Remove root password
 passwd -d root > /dev/null
+
+# Remove random-seed
+rm /var/lib/systemd/random-seed
 %end
 
 %packages
diff --git a/docs/fedora-minimized.ks b/docs/fedora-minimized.ks
index af681251..0c02845e 100644
--- a/docs/fedora-minimized.ks
+++ b/docs/fedora-minimized.ks
@@ -33,6 +33,9 @@ part swap --size=1000
 %post
 # Remove root password
 passwd -d root > /dev/null
+
+# Remove random-seed
+rm /var/lib/systemd/random-seed
 %end
 
 %packages
diff --git a/docs/fedora-openstack.ks b/docs/fedora-openstack.ks
index 678c487f..82cb5d68 100644
--- a/docs/fedora-openstack.ks
+++ b/docs/fedora-openstack.ks
@@ -32,6 +32,11 @@ clearpart --all
 # Disk partitioning information
 part / --fstype="ext4" --size=3000
 
+%post
+# Remove random-seed
+rm /var/lib/systemd/random-seed
+%end
+
 %packages
 @core
 kernel