Add inst.rngd cmdline option
rngd should no long be needed, recent kernels have enough entropy out of the box. This leaves it in the boot.iso but only enables it if inst.rngd is passed on the kernel cmdline. Resolves: rhbz#2028720
This commit is contained in:
parent
7cdff9d315
commit
09acfd978e
11
80-rhel/config_files/common/inst.rngd.service
Normal file
11
80-rhel/config_files/common/inst.rngd.service
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=Hardware RNG Entropy Gatherer Daemon
|
||||||
|
ConditionVirtualization=!container
|
||||||
|
ConditionKernelCommandLine=|inst.rngd
|
||||||
|
ConditionKernelCommandLine=!inst.rngd=0
|
||||||
|
|
||||||
|
# The "-f" option is required for the systemd service rngd to work with Type=simple
|
||||||
|
[Service]
|
||||||
|
Type=simple
|
||||||
|
EnvironmentFile=/etc/sysconfig/rngd
|
||||||
|
ExecStart=/usr/sbin/rngd -f $RNGD_ARGS
|
@ -28,10 +28,6 @@ symlink /lib/systemd/system/anaconda.target etc/systemd/system/default.target
|
|||||||
mkdir etc/systemd/system/local-fs.target.wants/
|
mkdir etc/systemd/system/local-fs.target.wants/
|
||||||
symlink /lib/systemd/system/tmp.mount etc/systemd/system/local-fs.target.wants/tmp.mount
|
symlink /lib/systemd/system/tmp.mount etc/systemd/system/local-fs.target.wants/tmp.mount
|
||||||
|
|
||||||
## Start rngd
|
|
||||||
mkdir etc/systemd/system/basic.target.wants/
|
|
||||||
symlink /lib/systemd/system/rngd.service etc/systemd/system/basic.target.wants/rngd.service
|
|
||||||
|
|
||||||
## Disable unwanted systemd services
|
## Disable unwanted systemd services
|
||||||
systemctl disable systemd-readahead-collect.service \
|
systemctl disable systemd-readahead-collect.service \
|
||||||
systemd-readahead-replay.service \
|
systemd-readahead-replay.service \
|
||||||
@ -46,6 +42,7 @@ systemctl mask fedora-configure.service fedora-loadmodules.service \
|
|||||||
fedora-wait-storage.service media.mount \
|
fedora-wait-storage.service media.mount \
|
||||||
systemd-tmpfiles-clean.service systemd-tmpfiles-clean.timer \
|
systemd-tmpfiles-clean.service systemd-tmpfiles-clean.timer \
|
||||||
ldconfig.service
|
ldconfig.service
|
||||||
|
remove usr/lib/systemd/system/rngd.service
|
||||||
|
|
||||||
## remove because it cannot be disabled
|
## remove because it cannot be disabled
|
||||||
remove usr/lib/systemd/system-generators/lvm2-activation-generator
|
remove usr/lib/systemd/system-generators/lvm2-activation-generator
|
||||||
@ -83,6 +80,11 @@ install ${configdir}/pam.sshd etc/pam.d/sshd
|
|||||||
install ${configdir}/pam.sshd etc/pam.d/login
|
install ${configdir}/pam.sshd etc/pam.d/login
|
||||||
install ${configdir}/pam.sshd etc/pam.d/remote
|
install ${configdir}/pam.sshd etc/pam.d/remote
|
||||||
|
|
||||||
|
## set up inst.rngd support
|
||||||
|
install ${configdir}/inst.rngd.service etc/systemd/system/inst.rngd.service
|
||||||
|
mkdir etc/systemd/system/basic.target.wants/
|
||||||
|
symlink /etc/systemd/system/inst.rngd.service etc/systemd/system/basic.target.wants/inst.rngd.service
|
||||||
|
|
||||||
## set up "install" user account
|
## set up "install" user account
|
||||||
append etc/passwd "install:x:0:0:root:/root:/usr/libexec/anaconda/run-anaconda"
|
append etc/passwd "install:x:0:0:root:/root:/usr/libexec/anaconda/run-anaconda"
|
||||||
append etc/shadow "install::14438:0:99999:7:::"
|
append etc/shadow "install::14438:0:99999:7:::"
|
||||||
|
Loading…
Reference in New Issue
Block a user