From 352e209804c70b991feededc0a45762929840ace Mon Sep 17 00:00:00 2001
From: Colin Guthrie <colin@mageia.org>
Date: Mon, 12 Jan 2015 20:40:14 +0000
Subject: [PATCH] random-seed: avoid errors when we cannot write random-seed
 file

When we call 'systemd-random-seed load' with a read-only /var/lib/systemd,
the cleanup code (which rewrites the random-seed file) will fail and exit.

Arguably, if the filesystem is read-only and the random-seed file exists
then this will be possibly be quite bad for entroy on subsequent reboots
but it should still not make the unit fail.
---
 src/random-seed/random-seed.c | 30 +++++++++++++++++-------------
 1 file changed, 17 insertions(+), 13 deletions(-)

diff --git a/src/random-seed/random-seed.c b/src/random-seed/random-seed.c
index 06c123960..ce1bd195d 100644
--- a/src/random-seed/random-seed.c
+++ b/src/random-seed/random-seed.c
@@ -38,6 +38,7 @@ int main(int argc, char *argv[]) {
         ssize_t k;
         int r;
         FILE *f;
+        bool cleanup_seed_file = true;
 
         if (argc != 2) {
                 log_error("This program requires one argument.");
@@ -90,6 +91,7 @@ int main(int argc, char *argv[]) {
                                 r = -errno;
                                 goto finish;
                         }
+                        cleanup_seed_file = false;
                 }
 
                 random_fd = open("/dev/urandom", O_RDWR|O_CLOEXEC|O_NOCTTY, 0600);
@@ -140,20 +142,22 @@ int main(int argc, char *argv[]) {
                 goto finish;
         }
 
-        /* This is just a safety measure. Given that we are root and
-         * most likely created the file ourselves the mode and owner
-         * should be correct anyway. */
-        fchmod(seed_fd, 0600);
-        fchown(seed_fd, 0, 0);
+        if (cleanup_seed_file) {
+                /* This is just a safety measure. Given that we are root and
+                 * most likely created the file ourselves the mode and owner
+                 * should be correct anyway. */
+                fchmod(seed_fd, 0600);
+                fchown(seed_fd, 0, 0);
 
-        k = loop_read(random_fd, buf, buf_size, false);
-        if (k <= 0) {
-                log_error("Failed to read new seed from /dev/urandom: %s", r < 0 ? strerror(-r) : "EOF");
-                r = k == 0 ? -EIO : (int) k;
-        } else {
-                r = loop_write(seed_fd, buf, (size_t) k, false);
-                if (r < 0)
-                        log_error_errno(r, "Failed to write new random seed file: %m");
+                k = loop_read(random_fd, buf, buf_size, false);
+                if (k <= 0) {
+                        log_error("Failed to read new seed from /dev/urandom: %s", r < 0 ? strerror(-r) : "EOF");
+                        r = k == 0 ? -EIO : (int) k;
+                } else {
+                        r = loop_write(seed_fd, buf, (size_t) k, false);
+                        if (r < 0)
+                                log_error_errno(r, "Failed to write new random seed file: %m");
+                }
         }
 
 finish:
-- 
2.30.2