From: Harald Hoyer <harald@redhat.com>
Date: Wed, 18 Jan 2017 09:34:00 +0000 (+0100)
Subject: fips: precreate /dev/random /dev/urandom
X-Git-Tag: 045~50
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=1d832b4bf4598d4ed084a88dba687b796d644ea5;p=thirdparty%2Fdracut.git

fips: precreate /dev/random /dev/urandom

otherwise libgcrypt might be unhappy, if used before devtmpfs is mounted

https://bugzilla.redhat.com/show_bug.cgi?id=1401444
---

diff --git a/modules.d/01fips/module-setup.sh b/modules.d/01fips/module-setup.sh
index 65177a96a..263f981bc 100755
--- a/modules.d/01fips/module-setup.sh
+++ b/modules.d/01fips/module-setup.sh
@@ -46,5 +46,16 @@ install() {
 
     inst_multiple -o prelink
     inst_simple /etc/system-fips
+    [ -c ${initdir}/dev/random ] || mknod ${initdir}/dev/random c 1 8 \
+        || {
+            dfatal "Cannot create /dev/random"
+            dfatal "To create an initramfs with fips support, dracut has to run as root"
+            return 1
+        }
+    [ -c ${initdir}/dev/urandom ] || mknod ${initdir}/dev/urandom c 1 9 \
+        || {
+            dfatal "Cannot create /dev/random"
+            dfatal "To create an initramfs with fips support, dracut has to run as root"
+            return 1
+        }
 }
-