On Fri, Jun 01, 2018 at 03:35:51PM -0400, Daniel Jakots wrote:
> Great! Would you mind documenting the creation of *random devices?
> Feel free to take the diff and commit on my behalf if you agree (I'm
> sure you'll want to change some wordings ;)). I'm don't know if we need
> to document for null and zero as well.
> +Random devices
> +--------------
> +Some PHP software need to access device special files to get entropy.
> +To create such a device, you can use mknod(1):
> +
> + # mkdir -p ${CHROOT_DIR}/dev
> + # mknod -m 644 urandom 45 0
> + # mknod -m 644 srandom 45 1
> + # ln -s ${CHROOT_DIR}/dev/urandom ${CHROOT_DIR}/dev/{a,}random
> +
> +Please note this requires a partition mounted without the 'nodev'
> flags, +thus a dedicated partition is better.
Indeed, this directory should be on a dedicated partition to
avoid mounting /var without the nodev option.
What I did is put /var/www/dev on a tiny read-only mfs which is
good enough for a random device node.
fstab: swap /var/www/dev mfs ro,nosuid,-s512K,-P/var/www/dev.tmpl 0 0
$ ls -l /var/www/dev.tmpl
total 0
crw-r--r-- 1 root daemon - 119, 0 Apr 18 10:34 urandom
No comments:
Post a Comment