commit d0a013eaf89e8e1989edaa354b959bb23660dd92
parent d55adb7d501a8b5b23b8653c2ac657837f19c4ee
Author: oblique <psyberbits@gmail.com>
Date: Wed, 25 Mar 2015 01:21:01 +0200
Check every 2 seconds if haveged is needed
Diffstat:
2 files changed, 43 insertions(+), 8 deletions(-)
diff --git a/README.md b/README.md
@@ -13,6 +13,7 @@
### General
* bash (to run this script)
* util-linux (for getopt)
+* procps or procps-ng
* hostapd
* iproute2
* iw
diff --git a/create_ap b/create_ap
@@ -3,6 +3,7 @@
# general dependencies:
# bash (to run this script)
# util-linux (for getopt)
+# procps or procps-ng
# hostapd
# iproute2
# iw
@@ -40,6 +41,7 @@ usage() {
echo " --freq-band <GHz> Set frequency band. Valid inputs: 2.4, 5 (default: 2.4)"
echo " --driver Choose your WiFi adapter driver (default: nl80211)"
echo " --no-virt Do not create virtual interface"
+ echo " --no-haveged Do not run \`haveged' automatically when needed"
echo " --fix-unmanaged If NetworkManager shows your interface as unmanaged after you"
echo " close create_ap, then use this option to switch your interface"
echo " back to managed"
@@ -267,6 +269,29 @@ get_new_macaddr() {
echo $NEWMAC
}
+# start haveged when needed
+haveged_watchdog() {
+ local show_warn=0
+ while :; do
+ if [[ $(cat /proc/sys/kernel/random/entropy_avail) -lt 1000 ]]; then
+ if ! which haveged > /dev/null 2>&1; then
+ if [[ $show_warn -eq 0 ]]; then
+ echo "WARN: Low entropy detected. We recommend you to install \`haveged'"
+ show_warn=1
+ fi
+ elif ! pidof haveged > /dev/null 2>&1; then
+ echo "Low entropy detected, starting haveged"
+ # boost low-entropy
+ haveged -w 1024 -F > /dev/null 2>&1 &
+ local haveged_pid=$!
+ echo $haveged_pid > $CONFDIR/haveged.pid
+ wait $haveged_pid
+ fi
+ fi
+ sleep 2
+ done
+}
+
NETWORKMANAGER_CONF=/etc/NetworkManager/NetworkManager.conf
NM_OLDER_VERSION=1
@@ -422,6 +447,7 @@ NEW_MACADDR=
DAEMONIZE=0
LIST_RUNNING=0
STOP_ID=
+NO_HAVEGED=0
CONFDIR=
WIFI_IFACE=
@@ -434,10 +460,15 @@ OLD_MACADDR=
IP_ADDRS=
ROUTE_ADDRS=
+HAVEGED_WATCHDOG_PID=
+
_cleanup() {
trap "" SIGINT
trap "" SIGUSR1
+ # kill haveged_watchdog
+ [[ -n "$HAVEGED_WATCHDOG_PID" ]] && kill $HAVEGED_WATCHDOG_PID
+
# exiting
for x in $CONFDIR/*.pid; do
# even if the $CONFDIR is empty, the for loop will assign
@@ -574,7 +605,7 @@ trap "clean_exit" SIGINT
trap "clean_exit" SIGUSR1
ARGS=( "$@" )
-GETOPT_ARGS=$(getopt -o hc:w:g:dnm: -l "help","hidden","ieee80211n","ht_capab:","driver:","no-virt","fix-unmanaged","country:","freq-band:","mac:","daemon","stop:","list","version" -n $(basename $0) -- "$@")
+GETOPT_ARGS=$(getopt -o hc:w:g:dnm: -l "help","hidden","ieee80211n","ht_capab:","driver:","no-virt","fix-unmanaged","country:","freq-band:","mac:","daemon","stop:","list","version","no-haveged" -n $(basename $0) -- "$@")
[[ $? -ne 0 ]] && exit 1
eval set -- "$GETOPT_ARGS"
@@ -671,6 +702,10 @@ while :; do
shift
LIST_RUNNING=1
;;
+ --no-haveged)
+ shift
+ NO_HAVEGED=1
+ ;;
--)
shift
break
@@ -1122,13 +1157,6 @@ else
echo "No Internet sharing"
fi
-# boost low-entropy
-if [[ $(cat /proc/sys/kernel/random/entropy_avail) -lt 1000 ]]; then
- which haveged > /dev/null 2>&1 && {
- haveged -w 1024 -p $CONFDIR/haveged.pid
- }
-fi
-
# start dns + dhcp server
if [[ "$SHARE_METHOD" != "bridge" ]]; then
iptables -I INPUT -p tcp -m tcp --dport 53 -j ACCEPT || die
@@ -1144,6 +1172,12 @@ echo "hostapd command-line interface: hostapd_cli -p $CONFDIR/hostapd_ctrl"
trap "clean_exit" SIGINT
trap "clean_exit" SIGUSR1
+if [[ $NO_HAVEGED -eq 0 ]]; then
+ haveged_watchdog &
+ HAVEGED_WATCHDOG_PID=$!
+fi
+
+# start hostapd
hostapd $CONFDIR/hostapd.conf &
HOSTAPD_PID=$!
echo $HOSTAPD_PID > $CONFDIR/hostapd.pid
