Feature #10779: Start haveged earlier in the boot process

Feature #10779

Start haveged earlier in the boot process

Added by intrigeri 2015-12-20 03:33:03 . Updated 2016-08-24 07:06:07 .

Status:

Resolved

Priority:

Normal

Assignee:

intrigeri

Category:

Target version:

Tails_3.0

Start date:

2015-12-20

Due date:

% Done:

100%

Feature Branch:

Type of work:

Code

Blueprint:

Starter:

Affected tool:

Deliverable for:

Description

On current devel (Jessie) branch, haveged starts relatively late in the boot process. On current sid, starts much earlier, presumably thanks to the changes introduced in 1.9.1-2. Let’s make sure this works fine in Tails 3.x.

Subtasks

Related issues

Related to Tails - Feature #7102: Evaluate how safe haveged is in a virtualized environment	Confirmed	2014-04-17
Related to Tails - ~~Feature #11758~~: Analyze early boot entropy gathering	Resolved	2016-09-02

History

#1 Updated by intrigeri 2015-12-20 03:33:28

related to Feature #7102: Evaluate how safe haveged is in a virtualized environment added

#2 Updated by intrigeri 2015-12-20 03:33:40

related to ~~Feature #5650~~: rngd added

#3 Updated by intrigeri 2015-12-20 03:36:21

The haveged maintainer doesn’t object to uploading to jessie-backports.

#4 Updated by intrigeri 2016-02-12 23:49:53

Target version changed from Tails_2.2 to Tails_2.4

#5 Updated by intrigeri 2016-02-21 14:25:19

Target version changed from Tails_2.4 to Tails_2.2

#6 Updated by intrigeri 2016-02-21 15:12:42

Status changed from Confirmed to In Progress
% Done changed from 0 to 10
Feature Branch set to feature/10779-start-haveged-earlier

#7 Updated by intrigeri 2016-02-21 17:19:51

Target version changed from Tails_2.2 to Tails_2.4

#8 Updated by intrigeri 2016-04-29 13:56:36

Target version changed from Tails_2.4 to Tails_2.6

#9 Updated by intrigeri 2016-06-09 15:07:07

related to deleted (~~~~Feature #5650~~: rngd~~)

#10 Updated by intrigeri 2016-06-09 15:07:24

blocks ~~Feature #5650~~: rngd added

#11 Updated by intrigeri 2016-06-10 05:28:35

blocked by deleted (~~~~Feature #5650~~: rngd~~)

#12 Updated by intrigeri 2016-06-10 05:33:21

Description updated
Target version changed from Tails_2.6 to Tails_3.0
Feature Branch deleted (~~feature/10779-start-haveged-earlier~~)

This branch breaks the boot on Jessie: live-config.service and systemd-udev-settle.service are stalled for a long time; the former has no timeout so this blocks the boot. Adding After=live-config.service systemd-udev-settle.service to haveged.service doesn’t help. Now, on Stretch the very same haveged package doesn’t break the boot, so I’ll just put that on my plate for 3.0 => next steps are:

on feature/stretch, make sure that haveged starts after its AppArmor profile is loaded (feature/10779-start-haveged-earlier has such stuff)
check that haveged starts at a suitable time during the boot process, on feature/stretch.

#13 Updated by intrigeri 2016-07-07 05:23:43

haveged 1.9.1-4 has some fixes in this area.

#14 Updated by intrigeri 2016-08-24 07:06:07

Status changed from In Progress to Resolved
% Done changed from 10 to 100

On Stretch, haveged starts as soon as apparmor.service is done, and it blocks sysinit.target so lots of other services are started after haveged, which is what we want.

#15 Updated by sycamoreone 2016-09-03 02:17:13

related to ~~Feature #11758~~: Analyze early boot entropy gathering added