This proposal competes directly with #27250, #27266, and #27279 as possible long term solutions to the Linux/systemd os.urandom deadlock bug described in #26839

Rather than adding new APIs, or making os.urandom potentially blocking on Linux (as it was in 3.5.0 and 3.5.1), it instead proposes that os.urandom immediately raise BlockingIOError if the kernel entropy pool has not yet been initialised.

This behaviour will mean that users attempting to gather strong entropy too early in the Linux boot process will fail rather than block, so affected scripts and programs can readily fall back to reading from /dev/urandom or using the random module APIs if they don't need cryptographically strong random data. Scripts that do need cryptographically strong random data can either poll os.urandom until it succeeds, or else fail explicitly and let their caller resolve the problem.

This proposal is reasonable to me and solves any problems I have with the default behavior of os.urandom.

Quoting http://bugs.python.org/issue27266#msg268043:

The key advantage the BlockingIOError model offers is that it's trivial to build a blocking version as a busy loop around the non-blocking version:

    def urandom_wait_for_entropy(num_bytes):
        while True:
            try:
                return os.urandom(num_bytes)
            except BlockingIOError:
                pass

And if you ignore the problem and just call os.urandom(), you'll almost certainly be fine unless you're working with Linux boot scripts or embedded ARM devices (in which case, this point will be minor compared to the other arcana you're dealing with).

This idea is the PEP 522 which was superseded by the PEP 524 (accepted in Python 3.6) which proposed to make os.urandom() blocking.