Having played with this commit request for a few hours, I've

convinced myself that it's better then what we have, but still
not perfect.

/etc/rc  : Attempt to seed /dev/random with multiple backoffs.

/etc/rc.shutdown : Attempt to write the entropy_file.

In debugging the above changes, I've run into some
inconsistancies... rc.shutdown is run via 'init 6', but
does not appear to be run via '/sbin/reboot'. Thus, this
set of changes improves life depending on the mechanism
used to shut the system down.

Submitted by:	Doug Barton <DougB@gorean.org>
Approved by:	markm

etc/rc

@@ -69,26 +69,19 @@ elif [ -r /etc/rc.conf ]; then
 	. /etc/rc.conf
 fi
 
-# Recover some entropy so the rebooting /dev/random can reseed
+
+# First pass at entropy recovery so the rebooting /dev/random can reseed.
 #
 case ${entropy_file} in
 [Nn][Oo] | '')
 	;;
 *)
 	if [ -w /dev/random ]; then
-		if [ -f ${entropy_file} -a -r ${entropy_file} ]; then
-			echo "Reading entropy file"
+		if [ -f "${entropy_file}" -a -r "${entropy_file}" -a \
+		    -s "${entropy_file}" ]; then
+			echo "Using ${entropy_file} as an entropy file"
 			cat ${entropy_file} > /dev/random 2> /dev/random
-			rm -f ${entropy_file}
-		else
-			echo "No entropy file, trying other sources"
-			# XXX temporary until we can get the entropy
-			# harvesting rate up
-			# Entropy below is not great, but better than nothing.
-			(ps -gauxwww; iostat; vmstat; dmesg) > /dev/random 2> /dev/random
-			( for i in /etc /var/run ; do
-				cd $i ; ls -al ; cat *
-			done ) > /dev/random 2> /dev/random
+			entropy_reseeded=yes
 		fi
 	fi
 	;;
@@ -183,6 +176,45 @@ if [ -n "${diskless_mount}" -a -r "${diskless_mount}" ]; then
 		sh ${diskless_mount}
 fi
 
+# Second attempt at reseeding, if needed.
+#
+case ${entropy_reseeded} in
+yes)
+	;;
+*)
+	case ${entropy_file} in
+	[Nn][Oo] | '')
+		;;
+	*)
+		if [ -w /dev/random ]; then
+			if [ -f "${entropy_file}" -a -r "${entropy_file}" -a \
+			    -s "${entropy_file}" ]; then
+				echo "Using ${entropy_file} as an entropy file"
+				cat ${entropy_file} > /dev/random 2> /dev/random
+			elif [ "${entropy_file}" != /var/db/entropy -a \
+			    -f /var/db/entropy -a -r /var/db/entropy -a \
+			    -s /var/db/entropy ]; then
+				echo "Using /var/db/entropy as an entropy file"
+				cat /var/db/entropy > /dev/random 2> /dev/random
+			else
+				echo "Can't use ${entropy_file} as an entropy file, trying other sources"
+				# XXX temporary until we can get the entropy
+				# harvesting rate up
+				# Entropy below is not great, but better than nothing.
+				(ps -gauxwww; iostat; vmstat; sysctl -a; dmesg) > /dev/random 2> /dev/random
+				( for i in /etc /var/run ; do
+					cd $i ; ls -al ; cat *
+				done ) > /dev/random 2> /dev/random
+			fi
+		fi
+		;;
+	esac
+	;;
+esac
+
+# Remove these to prevent problems on future reboots
+rm -f "${entropy_file}" /var/db/entropy
+
 adjkerntz -i
 
 purgedir() {

etc/rc.shutdown

@@ -62,9 +62,25 @@ case ${entropy_file} in
 	rm -f ${entropy_file}
 	oumask=`umask`
 	umask 077
-	touch ${entropy_file} && \
-		dd if=/dev/random of=${entropy_file} \
+	if touch ${entropy_file} ; then
+		entropy_file_confirmed="${entropy_file}"
+	else
+		# Try this as a reasonable alternative for read-only
+		# roots, diskless workstations, etc.
+		rm -f /var/db/entropy
+		if touch /var/db/entropy ; then
+			entropy_file_confirmed=/var/db/entropy
+		fi
+	fi
+	case ${entropy_file_confirmed} in
+	'')
+		echo "ERROR: entropy file write failed"
+		;;
+	*)
+		dd if=/dev/random of=${entropy_file_confirmed} \
 		   bs=4096 count=1 2> /dev/null
+		;;
+	esac
 	umask ${oumask}
 	;;
 esac