urandom: don't seed/store in containers

Author: Cameron Nemo

3

@@ -18,8 +18,10 @@ sv exit /var/service/*
 
 [ -x /etc/rc.shutdown ] && /etc/rc.shutdown
 
-msg "Saving random seed..."
-( umask 077; bytes=$(cat /proc/sys/kernel/random/poolsize) || bytes=512; dd if=/dev/urandom of=/var/lib/random-seed count=1 bs=$bytes >/dev/null 2>&1 )
+if [ -z "$VIRTUALIZATION" ]; then
+    msg "Saving random seed..."
+    ( umask 077; bytes=$(cat /proc/sys/kernel/random/poolsize) || bytes=512; dd if=/dev/urandom of=/var/lib/random-seed count=1 bs=$bytes >/dev/null 2>&1 )
+fi
 
 if [ -z "$VIRTUALIZATION" -a -n "$HARDWARECLOCK" ]; then
     hwclock --systohc ${HARDWARECLOCK:+--$(echo $HARDWARECLOCK |tr A-Z a-z)}

core-services/05-misc.sh

@@ -1,8 +1,10 @@
 # vim: set ts=4 sw=4 et:
 
-msg "Initializing random seed..."
-cp /var/lib/random-seed /dev/urandom >/dev/null 2>&1 || true
-( umask 077; bytes=$(cat /proc/sys/kernel/random/poolsize) || bytes=512; dd if=/dev/urandom of=/var/lib/random-seed count=1 bs=$bytes >/dev/null 2>&1 )
+if [ -z "$VIRTUALIZATION" ]; then
+    msg "Initializing random seed..."
+    cp /var/lib/random-seed /dev/urandom >/dev/null 2>&1 || true
+    ( umask 077; bytes=$(cat /proc/sys/kernel/random/poolsize) || bytes=512; dd if=/dev/urandom of=/var/lib/random-seed count=1 bs=$bytes >/dev/null 2>&1 )
+fi
 
 msg "Setting up loopback interface..."
 ip link set up dev lo