summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--config/chroot_apt/preferences4
-rw-r--r--config/chroot_local-includes/lib/systemd/system/haveged.service.d/after-AppArmor.conf2
-rw-r--r--config/chroot_local-patches/apparmor-adjust-haveged-profile.diff12
3 files changed, 18 insertions, 0 deletions
diff --git a/config/chroot_apt/preferences b/config/chroot_apt/preferences
index 411b2aa..3bbb964 100644
--- a/config/chroot_apt/preferences
+++ b/config/chroot_apt/preferences
@@ -66,6 +66,10 @@ Package: firmware-zd1211
Pin: release o=Debian,n=sid
Pin-Priority: 999
+Package: haveged
+Pin: release o=Debian,n=stretch
+Pin-Priority: 999
+
Package: grub-common
Pin: origin deb.tails.boum.org
Pin-Priority: 999
diff --git a/config/chroot_local-includes/lib/systemd/system/haveged.service.d/after-AppArmor.conf b/config/chroot_local-includes/lib/systemd/system/haveged.service.d/after-AppArmor.conf
new file mode 100644
index 0000000..544fb7d
--- /dev/null
+++ b/config/chroot_local-includes/lib/systemd/system/haveged.service.d/after-AppArmor.conf
@@ -0,0 +1,2 @@
+[Unit]
+After=apparmor.service
diff --git a/config/chroot_local-patches/apparmor-adjust-haveged-profile.diff b/config/chroot_local-patches/apparmor-adjust-haveged-profile.diff
new file mode 100644
index 0000000..2adef84
--- /dev/null
+++ b/config/chroot_local-patches/apparmor-adjust-haveged-profile.diff
@@ -0,0 +1,12 @@
+--- a/etc/apparmor.d/usr.sbin.haveged 2015-09-06 19:29:20.000000000 +0000
++++ b/etc/apparmor.d/usr.sbin.haveged 2016-02-21 16:41:45.176000000 +0000
+@@ -1,7 +1,7 @@
+ # Last Modified: Fri Aug 21 15:23:17 2015
+ #include <tunables/global>
+
+-/usr/sbin/haveged {
++/usr/sbin/haveged flags=(attach_disconnected) {
+ #include <abstractions/base>
+
+ # Required for ioctl RNDADDENTROPY
+