maybe chmod 0644 'apparmor.d/local/usr.bin.man'
maybe chmod 0644 'apparmor.d/local/usr.sbin.chronyd'
maybe chmod 0644 'apparmor.d/local/usr.sbin.clamd'
+maybe chmod 0644 'apparmor.d/local/usr.sbin.haveged'
maybe chmod 0644 'apparmor.d/local/usr.sbin.named'
maybe chmod 0644 'apparmor.d/local/usr.sbin.tcpdump'
maybe chmod 0644 'apparmor.d/usr.bin.freshclam'
maybe chmod 0644 'apparmor.d/usr.bin.man'
maybe chmod 0644 'apparmor.d/usr.sbin.chronyd'
maybe chmod 0644 'apparmor.d/usr.sbin.clamd'
+maybe chmod 0644 'apparmor.d/usr.sbin.haveged'
maybe chmod 0644 'apparmor.d/usr.sbin.mysqld'
maybe chmod 0644 'apparmor.d/usr.sbin.named'
maybe chmod 0644 'apparmor.d/usr.sbin.tcpdump'
maybe chmod 0644 'default/grub'
maybe chmod 0755 'default/grub.d'
maybe chmod 0644 'default/grub.d/init-select.cfg'
+maybe chmod 0644 'default/haveged'
maybe chmod 0644 'default/hwclock'
maybe chmod 0644 'default/icinga2'
maybe chmod 0644 'default/keyboard'
maybe chmod 0755 'init.d/cryptdisks-early'
maybe chmod 0755 'init.d/dbus'
maybe chmod 0755 'init.d/dovecot'
+maybe chmod 0755 'init.d/haveged'
maybe chmod 0755 'init.d/hwclock.sh'
maybe chmod 0755 'init.d/icinga2'
maybe chmod 0755 'init.d/keyboard-setup.sh'
maybe chmod 0755 'systemd/system/clamav-daemon.service.d'
maybe chmod 0644 'systemd/system/clamav-daemon.service.d/extend.conf'
maybe chmod 0755 'systemd/system/cloud-init.target.wants'
+maybe chmod 0755 'systemd/system/default.target.wants'
maybe chmod 0755 'systemd/system/getty.target.wants'
maybe chmod 0755 'systemd/system/getty@tty1.service.d'
maybe chmod 0644 'systemd/system/getty@tty1.service.d/noclear.conf'
--- /dev/null
+# Last Modified: Fri Aug 21 15:23:17 2015
+#include <tunables/global>
+
+/usr/sbin/haveged {
+ #include <abstractions/base>
+
+ # Required for ioctl RNDADDENTROPY
+ capability sys_admin,
+
+ owner @{PROC}/@{pid}/status r,
+
+ @{PROC}/sys/kernel/osrelease r,
+ @{PROC}/sys/kernel/random/poolsize r,
+ @{PROC}/sys/kernel/random/write_wakeup_threshold w,
+ /dev/random w,
+
+ /sys/devices/system/cpu/ r,
+ /sys/devices/system/cpu/cpu*/cache/ r,
+ /sys/devices/system/cpu/cpu*/cache/index*/{type,size,level} r,
+ /usr/sbin/haveged mr,
+
+ #include <local/usr.sbin.haveged>
+}
--- /dev/null
+# Configuration file for haveged
+
+# Options to pass to haveged:
+# -w sets low entropy watermark (in bits)
+DAEMON_ARGS="-w 1024"
--- /dev/null
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides: haveged
+# Required-Start: $remote_fs
+# Required-Stop: $remote_fs
+# Should-Start: $syslog
+# Should-Stop: $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Entropy daemon using the HAVEGE algorithm
+# Description: haveged uses HAVEGE (HArdware Volatile Entropy Gathering
+# and Expansion) to maintain a pool of random bytes used
+# to fill /dev/random whenever necessary.
+### END INIT INFO
+
+# Do NOT "set -e"
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+DESC="entropy daemon"
+NAME=haveged
+DAEMON=/usr/sbin/$NAME
+DAEMON_ARGS=""
+PIDFILE=/var/run/$NAME.pid
+SCRIPTNAME=/etc/init.d/$NAME
+
+# Exit if the package is not installed
+[ -x "$DAEMON" ] || exit 0
+
+# Read configuration variable file if it is present
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+
+# Load the VERBOSE setting and other rcS variables
+. /lib/init/vars.sh
+
+# Define LSB log_* functions.
+. /lib/lsb/init-functions
+
+do_start()
+{
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
+ || return 1
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
+ $DAEMON_ARGS \
+ || return 2
+}
+
+do_stop()
+{
+ start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME
+ RETVAL="$?"
+ [ "$RETVAL" = 2 ] && return 2
+ rm -f $PIDFILE
+ return "$RETVAL"
+}
+
+case "$1" in
+ start)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
+ do_start
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ stop)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ status)
+ status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $?
+ ;;
+ restart|force-reload)
+ log_daemon_msg "Restarting $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1)
+ do_start
+ case "$?" in
+ 0) log_end_msg 0 ;;
+ 1) log_end_msg 1 ;; # Old process is still running
+ *) log_end_msg 1 ;; # Failed to start
+ esac
+ ;;
+ *)
+ # Failed to stop
+ log_end_msg 1
+ ;;
+ esac
+ ;;
+ *)
+ echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2
+ exit 3
+ ;;
+esac
+
+:
--- /dev/null
+../init.d/haveged
\ No newline at end of file
--- /dev/null
+../init.d/haveged
\ No newline at end of file
--- /dev/null
+../init.d/haveged
\ No newline at end of file
--- /dev/null
+../init.d/haveged
\ No newline at end of file
--- /dev/null
+../init.d/haveged
\ No newline at end of file
--- /dev/null
+../init.d/haveged
\ No newline at end of file
--- /dev/null
+../init.d/haveged
\ No newline at end of file
--- /dev/null
+/lib/systemd/system/haveged.service
\ No newline at end of file
projects / config / helga-hetzner / etc.git / commitdiff