[src/trunk]: src/sbin/rndctl Clarify wording further based on private feedback.

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/sbin/rndctl Clarify wording further based on private feedback.
From: riastradh <riastradh%NetBSD.org@localhost>
Date: Wed, 07 Apr 2021 02:03:07 +0000

details:   https://anonhg.NetBSD.org/src/rev/d1fbf49d8176
branches:  trunk
changeset: 954389:d1fbf49d8176
user:      riastradh <riastradh%NetBSD.org@localhost>
date:      Tue Apr 06 22:02:40 2021 +0000

description:
Clarify wording further based on private feedback.

diffstat:

 sbin/rndctl/rndctl.8 |  30 ++++++++++++++++++++----------
 1 files changed, 20 insertions(+), 10 deletions(-)

diffs (62 lines):

diff -r 7e375657d47a -r d1fbf49d8176 sbin/rndctl/rndctl.8
--- a/sbin/rndctl/rndctl.8      Tue Apr 06 21:59:58 2021 +0000
+++ b/sbin/rndctl/rndctl.8      Tue Apr 06 22:02:40 2021 +0000
@@ -1,4 +1,4 @@
-.\"    $NetBSD: rndctl.8,v 1.28 2021/04/06 12:32:39 riastradh Exp $
+.\"    $NetBSD: rndctl.8,v 1.29 2021/04/06 22:02:40 riastradh Exp $
 .\"
 .\" Copyright (c) 1997 Michael Graff
 .\" All rights reserved.
@@ -66,15 +66,23 @@
 This is mutually exclusive with
 .Fl t .
 .It Fl E
-Disable entropy estimation for the given device name or device type.
+Ignore estimates of entropy from the drivers for the given device name
+or type.
+.Pp
 If collection is still enabled, data is still collected and mixed into
-the internal entropy pool, but no entropy is assumed to be present.
+the internal entropy pool, but no entropy is assumed to be present and
+data from the selected devices will not unblock
+.Pa /dev/random .
 .It Fl e
-Re-enable entropy estimation for the given device name or device type.
-If the kernel's estimate for the given device is zero, as it is for
-devices of types other than
+Accept estimates of entropy from the drivers for the given device name
+or type.
+.Pp
+.Cm "rndctl -e"
+does not change the estimate provided by the driver; if the driver's
+estimate is zero, as it generally is for devices of types other than
 .Ic rng ,
-this does not increase the estimate.
+it remains zero after
+.Cm "rndctl -e" .
 .It Fl i
 With the
 .Fl L
@@ -86,9 +94,11 @@
 This is useful if the file is on a medium, such as an NFS share, that
 the operator does not know to be secret.
 .It Fl L
-Load saved entropy from file
+Load a seed from
 .Ar save-file
-and overwrite it with a seed derived by hashing it together with output
+generated by
+.Cm "rndctl -S" .
+Overwrite it with a seed derived by hashing it together with output
 from
 .Pa /dev/urandom
 so that the new seed has at least as much entropy as either the old
@@ -105,7 +115,7 @@
 .Ar devname
 specified.
 .It Fl S
-Save entropy to file
+Generate a seed from the system entropy pool and save it to
 .Ar save-file
 for later use with
 .Cm "rndctl -L" .

Prev by Date: [src/trunk]: src/usr.bin/xlint/lint1 lint: for shift in C99 mode, do not warn...
Next by Date: [src/trunk]: src/share/man/man4 Remove sentence that has not been true since ...
Previous by Thread: [src/trunk]: src/usr.bin/xlint/lint1 lint: for shift in C99 mode, do not warn...
Next by Thread: [src/trunk]: src/share/man/man4 Remove sentence that has not been true since ...
Indexes:

Home | Main Index | Thread Index | Old Index