From 8fcb9ca99b8d4fdf82b52933c622f8a21c28ca17 Mon Sep 17 00:00:00 2001
From: Xin LI <delphij@FreeBSD.org>
Date: Tue, 22 Jul 2014 06:40:27 +0000
Subject: Don't save entropy inside jails.

As of r126744, we no longer feed the entropy device in jails upon
start, and collecting them is no longer useful.

PR:		conf/126744
Submitted by:	Eugene Grosbein <eugen grosbein net> (with minor changes)
MFC after:	1 week
Approved by:	so (des)
---
 libexec/save-entropy/save-entropy.sh | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'libexec/save-entropy')

diff --git a/libexec/save-entropy/save-entropy.sh b/libexec/save-entropy/save-entropy.sh
index e96b543a76b8..880a988404d7 100755
--- a/libexec/save-entropy/save-entropy.sh
+++ b/libexec/save-entropy/save-entropy.sh
@@ -42,6 +42,8 @@ elif [ -r /etc/rc.conf ]; then
 	. /etc/rc.conf 2>/dev/null
 fi
 
+[ $(/sbin/sysctl -n security.jail.jailed) = 0 ] || exit 0
+
 case ${entropy_dir} in
 [Nn][Oo])
 	exit 0
-- 
cgit v1.3