-
Notifications
You must be signed in to change notification settings - Fork 10
/
Copy pathsrandom
executable file
·111 lines (95 loc) · 2.74 KB
/
srandom
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
#!/bin/bash
# Copyright (C) 2015 Jonathan Senkerik
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
PATH=/usr/sbin:/usr/bin:/bin:/sbin
export PATH
is_mod_loaded(){
lsmod |grep -q srandom
return $?
}
is_srandom_OK(){
if [ `dd if=/dev/srandom count=4 bs=2k 2>/dev/null|hexdump -ve '4/2 "%02X " "\n"'|sort|uniq|wc -l` -eq 1024 ];then
return 0
else
return 1
fi
}
is_linked(){
S=`ls -i /dev/srandom|awk '{print $1}'`
U=`ls -i /dev/urandom|awk '{print $1}'`
if [[ $S -eq $U ]];then
return 0
else
return 1
fi
}
case "$1" in
set)
if is_mod_loaded >/dev/null; then
if is_linked >/dev/null; then
restorecon /dev/urandom >/dev/null 2>1
exit 0
else
if [ ! -f /dev/urandom.orig ];then
mv /dev/urandom /dev/urandom.orig
fi
ln /dev/srandom /dev/urandom
chcon system_u:object_r:urandom_device_t:s0 /dev/srandom >/dev/null 2>1
fi
else
echo "Module not loaded"
fi
;;
default)
rm -f /dev/urandom
mknod -m 444 /dev/urandom c 1 9
restorecon /dev/urandom >/dev/null 2>1
;;
status)
if is_mod_loaded >/dev/null; then
echo "Module loaded"
else
echo "Module not loaded"
fi
if [ -c /dev/srandom ];then
if is_srandom_OK >/dev/null; then
echo "srandom is functioning correctly"
else
echo "srandom FAILED to generate random numbers"
fi
if is_linked >/dev/null; then
echo "/dev/urandom is LINKED to /dev/srandom (system is using srandom)"
else
echo "/dev/urandom is NOT LINKED to /dev/srandom (system is using built-in generator)"
fi
cat /proc/srandom
fi
;;
*)
echo "NAME"
echo
echo " /usr/bin/srandom - /dev/srandom device configuration tool"
echo
echo "Usage"
echo
echo "/usr/bin/srandom [set|default|status]"
echo
echo " set - Set /dev/srandom as the system PRNG (/dev/urandom)."
echo
echo " default - Use the built-in PRNG as the system /dev/urandom."
echo
echo " status - Display status of srandom module."
echo
echo " help - Display this message"
echo
;;
esac