Re: Problems with /dev/random

From: Branko Čibej <brane_at_xbc.nu>
Date: 2005-02-14 14:08:03 CET

Pete Gonzalez wrote:

> We recently encountered a problem where svnserve was hanging
> in the random number generator. (Apparently someone else
> encountered this problem and logged it as Debian Bug#285708.)
>
> The culprit was a Linux daemon that reads from "/dev/urandom"
> frequently. Although "/dev/urandom" returns immediately, it
> depletes the kernel entropy pool, causing "/dev/random" reads
> to stall indefinitely. I solved the problem by hacking the
> Subversion apr_private.h DEV_RANDOM to read from "/dev/urandom"
> instead of "/dev/random".
>
> Since this problem took several hours to figure out, I'd like
> to propose a few potential improvements:
>
> 1. Document this somewhere conspicuous

It is quite conspiciously documented for APR, in the FAQ and in the Vook

> 2. Make the default "/dev/urandom" (or a pseudorandom generator)
> instead of "/dev/random".

This is APR configuration. See apr's configure --with-devrandom.

> 3. Add a "configure" switch enabling admins to specify whether
> or not they want to make everyone wait for the kernel to
> generate random numbers. (In our scenario, this is ridiculous.)

It's already there.

-- Brane

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Mon Feb 14 14:12:19 2005

This message: [ Message body ]
Next message: Butlin, Jason \(UK - Epsom\): "RE: Merging problem (ASCII)"
Previous message: Madan U Sreenivasan: "Re: propset, revert - Is this the expected behavior"
In reply to: Pete Gonzalez: "Problems with /dev/random"
Next in thread: Pete Gonzalez: "Re: subversion _really_ slow"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]