Red Hat Bugzilla – Bug 1285779
Do not access /dev/random in the selftest and use /dev/urandom instead of /dev/random if unavailable
Last modified: 2016-05-25 12:25:53 EDT
+++ This bug was initially created as a clone of Bug #1205217 +++
Same problem present in RHEL-6 (libgcrypt-1.4.5-11.el6_4).
SELinux blocks many confined domains from accessing /dev/random which is correct as pulling from it drains system entropy. libgcrypt should not try to access it and it should also gracefully fallback to /dev/urandom instead of abort.
The situation is different on RHEL-6 as the selftest is not run in the library constructor there. So although the problem is still there it is less pronounced and we do not have any customer case attached for RHEL-6.
Thanks for noting, Tomas. Taking it into consideration, I am further lowering the priority and severity.
Development Management has reviewed and declined this request.
You may appeal this decision by reopening this request.