On Tue, Mar 22, 2016 at 02:49:42PM +0000, Richard W.M. Jones wrote:
I got this error when trying to use /dev/urandom as a backend for virtio-rng. Is there a reason for that? Plain qemu allows you to specify /dev/urandom and seems to work OK.
There's a tetchy bugzilla on this subject:
https://bugzilla.redhat.com/show_bug.cgi?id=1074464
but I think for cases where people don't care / throwaway appliances, we should allow /dev/urandom. The main reason is that it doesn't block.
Can we look at this again. I'm pretty convinced after reading that bugzilla that libvirt is plain wrong about this, even for important appliances. As long as the *host* has seeded the PRNG with real entropy, seeding guests from /dev/urandom is fine. Anyway for now I've had to disable virtio-rng in the libguestfs libvirt backend (it's used by the direct backend, using /dev/urandom). Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read my programming and virtualization blog: http://rwmj.wordpress.com virt-p2v converts physical machines to virtual machines. Boot with a live CD or over the network (PXE) and turn machines into KVM guests. http://libguestfs.org/virt-v2v