From 468c8ba0103a776c78f08734efbef35e9ed4cf79 Mon Sep 17 00:00:00 2001 From: Justin Cormack Date: Fri, 16 Sep 2016 14:59:04 +0100 Subject: [PATCH] Add rngd Tweak the config to use RDSEED or (fallback) RDRAND. Makes sure we have initial random seed in cases where there is no other random source if these are supported. The default config in Alpine currently disables these, which makes it pretty useless, as there is no motherboard rng support any more. Replaces #517 Fix #514 Fix #183 Signed-off-by: Justin Cormack --- alpine/Dockerfile | 3 ++- alpine/base/alpine-base/Dockerfile | 5 +++-- alpine/base/alpine-base/repositories | 1 + alpine/etc/conf.d/rngd | 1 + 4 files changed, 7 insertions(+), 3 deletions(-) create mode 100644 alpine/etc/conf.d/rngd diff --git a/alpine/Dockerfile b/alpine/Dockerfile index f46448d09..295fc4e6a 100644 --- a/alpine/Dockerfile +++ b/alpine/Dockerfile @@ -1,4 +1,4 @@ -FROM mobylinux/alpine-base:1b684f4d3178e95649fbc3ecbca28834048fd3eb +FROM mobylinux/alpine-base:e9f02e5109222e03566777f7041aee192a976a56 ENV ARCH=x86_64 @@ -29,6 +29,7 @@ RUN \ rc-update add dmesg sysinit && \ rc-update add devfs sysinit && \ rc-update add hwdrivers sysinit && \ + rc-update add rngd && \ rc-update add sysfs && \ rc-update add sysfsconf && \ rc-update add fsck && \ diff --git a/alpine/base/alpine-base/Dockerfile b/alpine/base/alpine-base/Dockerfile index 31c53953b..a06130fba 100644 --- a/alpine/base/alpine-base/Dockerfile +++ b/alpine/base/alpine-base/Dockerfile @@ -4,7 +4,7 @@ COPY repositories /etc/apk/ RUN \ apk update && apk upgrade && \ - apk add \ + apk add --no-cache \ alpine-conf \ bind-tools \ busybox-initscripts \ @@ -22,10 +22,11 @@ RUN \ openrc \ openssh-client \ openssl \ + rng-tools@edgecommunity \ sfdisk \ strace \ sysklogd \ syslinux \ tar \ xz \ - && rm -rf /var/cache/apk/* + && true diff --git a/alpine/base/alpine-base/repositories b/alpine/base/alpine-base/repositories index c20c1a9fc..4a6bac478 100644 --- a/alpine/base/alpine-base/repositories +++ b/alpine/base/alpine-base/repositories @@ -1 +1,2 @@ http://dl-cdn.alpinelinux.org/alpine/v3.4/main +@edgecommunity http://dl-cdn.alpinelinux.org/alpine/edge/community diff --git a/alpine/etc/conf.d/rngd b/alpine/etc/conf.d/rngd new file mode 100644 index 000000000..3429fcc0f --- /dev/null +++ b/alpine/etc/conf.d/rngd @@ -0,0 +1 @@ +RNGD_OPTS=""