Fossil Forum

Warnings: /dev/null and /dev/urandom not available

Warnings: /dev/null and /dev/urandom not available

(1) By Lifepillar (lifepillar) on 2019-03-19 14:57:16 [link] [source]

I have setup a Fossil server with fossil --localauth --localhost -port 8080 --repolist /my/repos in my development machine running macOS High Sierra. When I access the Admin page of a repository I see these warnings:

WARNING: Device "/dev/null" is not available for reading and writing.

WARNING: Device "/dev/urandom" is not available for reading. This means that the pseudo-random number generator used by SQLite will be poorly seeded.

I couldn't find any information about how to fix them. Any Idea?

Using: fossil version 2.7 [9aa9ba8bd2] 2018-09-22 17:40:11 UTC

(2) By sean (jungleboogie) on 2019-03-19 15:17:17 in reply to 1 [link] [source]

Do you only see the message when using --localauth and a repo list? What about plain fossil server or fossil ui within your fossil repo?

(3) By Florian Balmer (florian.balmer) on 2019-03-19 15:46:34 in reply to 1 [link] [source]

Does it work with the --nojail option?

(4) By Lifepillar (lifepillar) on 2019-03-19 18:25:51 in reply to 3 [link] [source]

Thanks for your replies. I now realise that I should have provided more details. The issue appears only if I run fossil server as root: and in that case, yes, --nojail option solves it.

In fact, I have created a launchd plist in /Library/LaundhDaemons to launch Fossil as startup. It was running Fossil as root, but since that doesn't sound like an award-winning idea, rather than adding --nojail I have now set it to run as a different user.

For the record, the plist looks as follows:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "">
<plist version="1.0">

Adding the UserName key (which causes the job to be run as me) fixed my issue.

Thanks again!

(5) By Florian Balmer (florian.balmer) on 2019-03-19 21:34:12 in reply to 4 [link] [source]

I'm glad it works!

Yes, the --nojail option should probably be used for testing and debugging, only.

I've come across a similar issue with a shell script, and the solution was to make /dev/null explicitly available to the "chroot jail".

But neither do I remember how this was done in the script, nor do I know how Fossil achieves this, and why it failed in your case.

(6) By Richard Hipp (drh) on 2019-03-19 22:13:04 in reply to 5 [source]

Fossil itself makes no attempt to create /dev/null and /dev/urandom in its chroot jail. Is just expects those devices to be there. It is the system admin's responsibility to put them there.

On the server, I created the files (many years ago) using the "mknod" command, run as root. I always have to do "man mknod" to remember exactly how it is used, since I run it so infrequently. You will need the major and minor device numbers for /dev/null and /dev/urandom which you can obtain by running:

 ls -l /dev/null /dev/urandom

On my Ubuntu machine, they are 1,3 and 1,9. Probably it is the same for all Linuxes. But for different unixes, the numbers will be different. Yup - just checked on the mac and there the numbers are 3,1 and 14,1.

I think the right commands on Linux are like this (assuming $JAIL is the root of your chroot jail):

 mknod $JAIL/dev/null c 1 3
 mknod $JAIL/dev/urandom c 1 9

But maybe I'm wrong. Try it and see!

(7) By Florian Balmer (florian.balmer) on 2019-03-20 08:59:41 in reply to 6 [link] [source]

Thanks for the information. Ah yes, I think the shell script also worked with mknod, but deleted everything when done, so I must have assumed this is the usual way.

I always forget about the old Mailing List Archives, where this topic was also discussed:

(8) By Lifepillar (lifepillar) on 2019-03-23 15:18:43 in reply to 7 [link] [source]

I always forget about the old Mailing List Archives

It didn't occur to me to search there either (since Gmane has gone offline, I haven't found a convenient way to follow the many mailing lists I used to follow…).

Perhaps it would be possible to migrate the old posts into this forum?

(9) By Warren Young (wyoung) on 2019-03-24 05:30:30 in reply to 8 [link] [source]

Gmane has gone offline

So much for the argument that 3rd parties are reliable archivists for a project's discussion forum.

Not that we needed that particular example, as we had multiple prior examples. Whither Deja News, for example? Don't tell me Google Groups: there's tons of past posts on Usenet that you can no longer find through it.

That's the beauty of Fossil Forums: as long as one clone of the repo exists, the archive is complete and ready to be stood back up on an alternate substrate.

Call to action: clone this forum now, and script a regular sync.

Perhaps it would be possible to migrate the old posts into this forum?

Already discussed.

Someone's just got to get around to working through the details.