OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Re: /dev/random as (chrooted) named's entropy source [current]

From: Dave Anderson (davedaveanderson.com)
Date: Thu Apr 03 2008 - 10:25:49 CDT

On Thu, 3 Apr 2008, Jan Stary wrote:

>Trying to give named its own random-source, I stopped named, did
>
># cd /var/named/dev/
># /dev/MAKEDEV arandom
># ls -l
>total 0
>crw-r--r-- 1 root wheel 45, 4 Apr 3 14:16 arandom
>srw-rw-rw- 1 root wheel 0 Apr 3 13:51 log
>crw-r--r-- 1 root wheel 45, 3 Apr 3 14:16 prandom
>crw-r--r-- 1 root wheel 45, 0 Apr 3 14:16 random
>crw-r--r-- 1 root wheel 45, 1 Apr 3 14:16 srandom
>crw-r--r-- 1 root wheel 45, 2 Apr 3 14:16 urandom
>
>and started named again. Now the log says
>
>named[25688]: /usr/src/usr.sbin/bind/lib/isc/unix/errno2result.c:111: unexpected error:
>named[25688]: unable to convert errno to isc_result: 6: Device not configured
>named[25688]: could not open entropy source /dev/arandom: unexpected error
>named[25688]: using pre-chroot entropy source /dev/arandom
>
>So why is /var/named/dev/arandom "not configured". Is there something
>that needs to be done beside MAKEDEV?

Is /var marked 'nodev' in /etc/fstab?

        Dave

--
Dave Anderson
<davedaveanderson.com>