[libvirt] "file '/dev/urandom' is not a supported random source"
Richard W.M. Jones
rjones at redhat.com
Tue Apr 5 14:09:06 UTC 2016
On Tue, Mar 22, 2016 at 02:49:42PM +0000, Richard W.M. Jones wrote:
>
> I got this error when trying to use /dev/urandom as a backend for
> virtio-rng. Is there a reason for that? Plain qemu allows you to
> specify /dev/urandom and seems to work OK.
>
> There's a tetchy bugzilla on this subject:
>
> https://bugzilla.redhat.com/show_bug.cgi?id=1074464
>
> but I think for cases where people don't care / throwaway appliances,
> we should allow /dev/urandom. The main reason is that it doesn't
> block.
Can we look at this again. I'm pretty convinced after reading that
bugzilla that libvirt is plain wrong about this, even for important
appliances. As long as the *host* has seeded the PRNG with real
entropy, seeding guests from /dev/urandom is fine.
Anyway for now I've had to disable virtio-rng in the libguestfs
libvirt backend (it's used by the direct backend, using /dev/urandom).
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-p2v converts physical machines to virtual machines. Boot with a
live CD or over the network (PXE) and turn machines into KVM guests.
http://libguestfs.org/virt-v2v
More information about the libvir-list
mailing list