[haveged] New module; used in stage31 to fill random pool

2 files changed, 25 insertions, 0 deletions

diff --git a/core/modules/haveged/data/etc/systemd/system/default.target.wants/haveged.service b/core/modules/haveged/data/etc/systemd/system/default.target.wants/haveged.service
new file mode 120000
index 00000000..9d39da30
--- /dev/null
+++ b/core/modules/haveged/data/etc/systemd/system/default.target.wants/haveged.service
@@ -0,0 +1 @@
+../haveged.service
\ No newline at end of file
diff --git a/core/modules/haveged/data/etc/systemd/system/haveged.service b/core/modules/haveged/data/etc/systemd/system/haveged.service
new file mode 100644
index 00000000..53cf36b8
--- /dev/null
+++ b/core/modules/haveged/data/etc/systemd/system/haveged.service
@@ -0,0 +1,24 @@
+[Unit]
+Description=Entropy daemon using the HAVEGE algorithm
+Documentation=man:haveged(8) http://www.issihosts.com/haveged/
+DefaultDependencies=no
+ConditionVirtualization=!container
+After=apparmor.service systemd-random-seed.service systemd-tmpfiles-setup.service
+Before=sysinit.target shutdown.target
+
+[Service]
+EnvironmentFile=-/etc/default/haveged
+ExecStart=/usr/sbin/haveged --Foreground --verbose=1 $DAEMON_ARGS
+SuccessExitStatus=143
+SecureBits=noroot-locked
+NoNewPrivileges=yes
+CapabilityBoundingSet=CAP_SYS_ADMIN
+PrivateTmp=yes
+PrivateDevices=yes
+PrivateNetwork=yes
+ProtectSystem=full
+ProtectHome=yes
+
+[Install]
+WantedBy=default.target
+