Index: save-entropy.sh
===================================================================
RCS file: /usr/ncvs/src/libexec/save-entropy/save-entropy.sh,v
retrieving revision 1.4
diff -u -r1.4 save-entropy.sh
--- save-entropy.sh	28 Aug 2006 06:41:50 -0000	1.4
+++ save-entropy.sh	5 May 2009 07:14:03 -0000
@@ -64,29 +64,37 @@
 	chmod 0700 "${entropy_dir}"
 fi
 
-umask 377
-
-esn_m1=$(( ${entropy_save_num} - 1 ))
-for file_num in `jot $esn_m1 $esn_m1 1`; do
-	if [ -e "${entropy_dir}/saved-entropy.${file_num}" ]; then
-		if [ -f "${entropy_dir}/saved-entropy.${file_num}" ]; then
-			new_file=saved-entropy.$(( $file_num + 1 ))
-			if [ -e "${entropy_dir}/${new_file}" ]; then
-				unlink ${entropy_dir}/${new_file}
-			fi
-			mv "${entropy_dir}/saved-entropy.${file_num}" \
-			    "${entropy_dir}/${new_file}"
-		else
+# Scan files 1..$entropy_save_num picking a non-existent file or
+# the oldest existing file
+save_file="${entropy_dir}/saved-entropy.1"
+if [ -e "${save_file}" ] ; then
+	if [ ! -f "${save_file}" ] ; then
+		logger -is -t "$0" \
+"${save_file} is not a regular file, and therefore \
+it will not be rotated. Entropy file harvesting is aborted."
+		exit 1
+	fi
+	next_try=2
+	while [ ${next_try} -le ${entropy_save_num} ]; do
+		next="${entropy_dir}/saved-entropy.${next_try}"
+		if [ ! -e "${next}" ] ; then
+			save_file="${next}"
+			break
+		elif [ ! -f "${next}" ] ; then
 			logger -is -t "$0" \
-"${entropy_dir}/saved-entropy.${file_num} is not a regular file, and therefore \
+"${next} is not a regular file, and therefore \
 it will not be rotated. Entropy file harvesting is aborted."
 			exit 1
+		elif [ "${next}" -ot "${save_file}" ] ; then
+			save_file="${next}"
 		fi
-	fi
-done
+		next_try=$(( ${next_try} + 1 ))
+	done
+fi
 
-dd if=/dev/random of="${entropy_dir}/saved-entropy.1" \
-    bs="$entropy_save_sz" count=1 2> /dev/null
+[ -e "${save_file}" ] && chmod 600 "${save_file}"
 
-exit 0
+dd if=/dev/random of="${save_file}" bs="$entropy_save_sz" count=1 2> /dev/null
+chmod 400 "${save_file}"
 
+exit 0