# This unit is needed to run rngd as a non-privileged user.
# It performs a system set up which requires privileges.

[Unit]
Description=Hardware RNG Entropy Gatherer Wake threshold service
ConditionVirtualization=!container
Before=rngd.service

[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/bin/sh -c "PSIZE=$(cat /proc/sys/kernel/random/poolsize); let THRESH=$PSIZE*3/4; echo $THRESH>/proc/sys/kernel/random/write_wakeup_threshold; if [ -e /dev/hwrng ]; then chmod 0640 /dev/hwrng; chgrp rngd /dev/hwrng; fi"

[Install]
WantedBy=sysinit.target