Bug#908518: sicherboot: avoid uuid-runtime dependency by using kernel directly

Mon, 10 Sep 2018 11:18:40 -0700 

Package: sicherboot
Version: 0.1.5
Severity: wishlist
Tags: patch

Hi. Something I've been meaning to suggest for some time: avoid the
dependency on uuid-runtime by using /proc/sys/kernel/random/uuid instead
of uuidgen. Patch attached.

-- 
https://rjy.org.uk/

>From 9b9eda0672a0a75120c7e3d5fc27bc13bc117337 Mon Sep 17 00:00:00 2001
From: RjY <r...@users.sourceforge.net>
Date: Mon, 10 Sep 2018 18:21:42 +0100
Subject: [PATCH] Obtain random uuid from /proc/sys, remove uuid-runtime
 dependency

Avoid the dependency on uuid-runtime by asking the kernel for a random
UUID via the /proc/sys/kernel/random interface. uuidgen and uuidd are
excessive unless time-based UUIDs are required in abundance, while
sicherboot needs only a single random UUID created at initial setup.

(We may assume the /proc/sys interface always exists, as sicherboot is
less useful on non-Linux kernels due to its hard dependency on systemd.)
---
 debian/control | 2 +-
 shippable.yml  | 2 +-
 sicherboot     | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/debian/control b/debian/control
index dad6226..b572ec2 100644
--- a/debian/control
+++ b/debian/control
@@ -10,7 +10,7 @@ Vcs-Browser: https://github.com/julian-klode/sicherboot
 
 Package: sicherboot
 Architecture: all
-Depends: ${misc:Depends}, ${shlibs:Depends}, efitools, binutils, systemd, uuid-runtime
+Depends: ${misc:Depends}, ${shlibs:Depends}, efitools, binutils, systemd
 Enhances: dracut, systemd, initramfs-tools
 Description: systemd-boot integration with UEFI secure boot support
  sicher*boot manages kernels and systemd-boot on a secure boot
diff --git a/shippable.yml b/shippable.yml
index 176f9b6..81aafbe 100644
--- a/shippable.yml
+++ b/shippable.yml
@@ -7,5 +7,5 @@ build:
     pull: true
   ci:
     - touch /etc/kernel/cmdline
-    - apt-get install -y -qq efitools binutils systemd fakeroot uuid-runtime
+    - apt-get install -y -qq efitools binutils systemd fakeroot
     - run-parts -v tests
diff --git a/sicherboot b/sicherboot
index 8b47b4a..7a8617f 100755
--- a/sicherboot
+++ b/sicherboot
@@ -205,7 +205,7 @@ generate_keys() {
     chown root:root "${KEY_HOME}"
     chmod 700 "${KEY_HOME}"
     cd "${KEY_HOME}"
-    uuidgen > "${KEY_HOME}/uuid"
+    cat /proc/sys/kernel/random/uuid > "${KEY_HOME}/uuid"
     _generate_key PK PK
     _generate_key KEK PK
     _generate_key db KEK
-- 
2.19.0.rc2

Reply via email to