Subject: bind9 sucks up ALL bits from /dev/random
To: None <pkgsrc-users@NetBSD.org>
From: Rhialto <rhialto@falu.nl>
List: pkgsrc-users
Date: 09/06/2007 22:28:37
I happened to need some random bits, but /dev/random wouldn't give me
any without me waving my mouse around. So I looked around with "rndctl
-ls" and I saw this:
Source Bits Type Flags
cd1 47295 disk estimate, collect
cd0 12174606 disk estimate, collect
wd1 22281034 disk estimate, collect
wd0 193908119 disk estimate, collect
fd0 0 disk estimate, collect
pms0 16522995 tty estimate, collect
pckbd0 3319637 tty estimate, collect
rtk0 0 net collect
skc0 0 net collect
255350941 bits mixed into pool
0 bits currently stored in pool (max 4096)
187974849 bits of entropy discarded due to full pool
67376092 hard-random bits generated
710031604 pseudo-random bits generated
Note the "0 bits currently stored in pool".
Some time later the result was this:
then this
Source Bits Type Flags
cd1 47295 disk estimate, collect
cd0 12174606 disk estimate, collect
wd1 22282442 disk estimate, collect
wd0 193922518 disk estimate, collect
fd0 0 disk estimate, collect
pms0 16531734 tty estimate, collect
pckbd0 3323349 tty estimate, collect
rtk0 0 net collect
skc0 0 net collect
255379199 bits mixed into pool
0 bits currently stored in pool (max 4096)
187981064 bits of entropy discarded due to full pool
67398135 hard-random bits generated
710298073 pseudo-random bits generated
Still 0 bits in the pool, but 255379199 - 255350941 = 28258 had been put
in.
The only one having open /dev/random is named (version bind-9.4.1pl1).
$ fstat|grep random
named named 7041 5 / 10674 cr--r--r-- random r
This seems to be a potential problem to me. No singe program should hog
all random bits after all.
-Olaf.
--
___ Olaf 'Rhialto' Seibert -- You author it, and I'll reader it.
\X/ rhialto/at/xs4all.nl -- Cetero censeo "authored" delendum esse.