Package: sicherboot Version: 0.1.5 Severity: wishlist Tags: patch Hi. Something I've been meaning to suggest for some time: avoid the dependency on uuid-runtime by using /proc/sys/kernel/random/uuid instead of uuidgen. Patch attached.
-- https://rjy.org.uk/
>From 9b9eda0672a0a75120c7e3d5fc27bc13bc117337 Mon Sep 17 00:00:00 2001 From: RjY <r...@users.sourceforge.net> Date: Mon, 10 Sep 2018 18:21:42 +0100 Subject: [PATCH] Obtain random uuid from /proc/sys, remove uuid-runtime dependency Avoid the dependency on uuid-runtime by asking the kernel for a random UUID via the /proc/sys/kernel/random interface. uuidgen and uuidd are excessive unless time-based UUIDs are required in abundance, while sicherboot needs only a single random UUID created at initial setup. (We may assume the /proc/sys interface always exists, as sicherboot is less useful on non-Linux kernels due to its hard dependency on systemd.) --- debian/control | 2 +- shippable.yml | 2 +- sicherboot | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/debian/control b/debian/control index dad6226..b572ec2 100644 --- a/debian/control +++ b/debian/control @@ -10,7 +10,7 @@ Vcs-Browser: https://github.com/julian-klode/sicherboot Package: sicherboot Architecture: all -Depends: ${misc:Depends}, ${shlibs:Depends}, efitools, binutils, systemd, uuid-runtime +Depends: ${misc:Depends}, ${shlibs:Depends}, efitools, binutils, systemd Enhances: dracut, systemd, initramfs-tools Description: systemd-boot integration with UEFI secure boot support sicher*boot manages kernels and systemd-boot on a secure boot diff --git a/shippable.yml b/shippable.yml index 176f9b6..81aafbe 100644 --- a/shippable.yml +++ b/shippable.yml @@ -7,5 +7,5 @@ build: pull: true ci: - touch /etc/kernel/cmdline - - apt-get install -y -qq efitools binutils systemd fakeroot uuid-runtime + - apt-get install -y -qq efitools binutils systemd fakeroot - run-parts -v tests diff --git a/sicherboot b/sicherboot index 8b47b4a..7a8617f 100755 --- a/sicherboot +++ b/sicherboot @@ -205,7 +205,7 @@ generate_keys() { chown root:root "${KEY_HOME}" chmod 700 "${KEY_HOME}" cd "${KEY_HOME}" - uuidgen > "${KEY_HOME}/uuid" + cat /proc/sys/kernel/random/uuid > "${KEY_HOME}/uuid" _generate_key PK PK _generate_key KEK PK _generate_key db KEK -- 2.19.0.rc2