urandom: don't seed/store in containers

2 files changed, 9 insertions, 5 deletions

diff --git a/3 b/3
index 42d6c22..20d7c99 100755
--- a/3
+++ b/3
@@ -18,8 +18,10 @@ sv exit /var/service/*
 
 [ -x /etc/rc.shutdown ] && /etc/rc.shutdown
 
-msg "Saving random seed..."
-( umask 077; bytes=$(cat /proc/sys/kernel/random/poolsize) || bytes=512; dd if=/dev/urandom of=/var/lib/random-seed count=1 bs=$bytes >/dev/null 2>&1 )
+if [ -z "$VIRTUALIZATION" ]; then
+    msg "Saving random seed..."
+    ( umask 077; bytes=$(cat /proc/sys/kernel/random/poolsize) || bytes=512; dd if=/dev/urandom of=/var/lib/random-seed count=1 bs=$bytes >/dev/null 2>&1 )
+fi
 
 if [ -z "$VIRTUALIZATION" -a -n "$HARDWARECLOCK" ]; then
     hwclock --systohc ${HARDWARECLOCK:+--$(echo $HARDWARECLOCK |tr A-Z a-z)}
diff --git a/core-services/05-misc.sh b/core-services/05-misc.sh
index 743dcdb..8aabaa0 100644
--- a/core-services/05-misc.sh
+++ b/core-services/05-misc.sh
@@ -1,8 +1,10 @@
 # vim: set ts=4 sw=4 et:
 
-msg "Initializing random seed..."
-cp /var/lib/random-seed /dev/urandom >/dev/null 2>&1 || true
-( umask 077; bytes=$(cat /proc/sys/kernel/random/poolsize) || bytes=512; dd if=/dev/urandom of=/var/lib/random-seed count=1 bs=$bytes >/dev/null 2>&1 )
+if [ -z "$VIRTUALIZATION" ]; then
+    msg "Initializing random seed..."
+    cp /var/lib/random-seed /dev/urandom >/dev/null 2>&1 || true
+    ( umask 077; bytes=$(cat /proc/sys/kernel/random/poolsize) || bytes=512; dd if=/dev/urandom of=/var/lib/random-seed count=1 bs=$bytes >/dev/null 2>&1 )
+fi
 
 msg "Setting up loopback interface..."
 ip link set up dev lo