Author matejcik
Recipients matejcik
Date 2015-10-16.13:49:55
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1445003396.34.0.246344104115.issue25420@psf.upfronthosting.co.za>
In-reply-to
Content
When imported, the random module creates and seeds an implicit instance, even when it is never used.

The RNG is seeded from os.urandom, which as of python 3.5 uses the potentially blocking getrandom() call.

This causes problems e.g. on our build VMs that don't have true entropy, so getrandom() blocks forever -- unlike /dev/urandom, getrandom() in kernel waits until 128 bits of true entropy are available to reseed the RNG. And as it happens, the usual setup.py will very indirectly "import random" somewhere deep in its dependencies.

I can foresee a similar issue if someone uses python early in the boot process.

A possible workaround is to monkeypatch os.urandom (in this particular case, to return a string of zeroes and remove randomness entirely to get reproducible builds)
History
Date User Action Args
2015-10-16 13:49:56matejciksetrecipients: + matejcik
2015-10-16 13:49:56matejciksetmessageid: <1445003396.34.0.246344104115.issue25420@psf.upfronthosting.co.za>
2015-10-16 13:49:56matejciklinkissue25420 messages
2015-10-16 13:49:55matejcikcreate