Blog | G5 Cyber Security

Fix bin_random_table & RANDOM_BOOT_ID Issues

G5 Cyber Security

TL;DR

The bin_random_table script and the RANDOM_BOOT_ID environment variable can cause problems with system startup, particularly on virtual machines. This guide explains how to identify and fix these issues.

Understanding the Problem

bin_random_table is a script that attempts to generate random data for use in cryptographic operations. Sometimes it fails, especially in environments with limited entropy (randomness). When this happens, it can leave files in /var/lib/bin_random_table and cause subsequent boots to hang or take a very long time.

The RANDOM_BOOT_ID variable is used to prevent replay attacks. However, if the system cannot generate a unique ID, it can also lead to boot problems.

Solution Steps

  1. Check for Existing Files
    • First, see if any files are left over from previous failed runs of bin_random_table. Run this command: 
      ls -l /var/lib/bin_random_table
    • If you see files listed, proceed to the next step. If not, skip to Step 4.
  2. Remove Existing Files

    Delete any files found in /var/lib/bin_random_table. Use this command:

    sudo rm -rf /var/lib/bin_random_table/*

    Warning: Be very careful with the rm -rf command! Double-check the path before running it.

  3. Disable bin_random_table (if necessary)

    If bin_random_table consistently fails on your system, you can disable it. This is often a good solution for virtual machines where generating sufficient entropy is difficult.

    • Edit the file /etc/default/grub with a text editor (e.g., nano): 
      sudo nano /etc/default/grub
    • Find the line starting with GRUB_CMDLINE_LINUX_DEFAULT= and add systemd.log_level=0 systemd.random_seed=off to it. For example: 
      GRUB_CMDLINE_LINUX_DEFAULT="quiet splash systemd.log_level=0 systemd.random_seed=off"
    • Update the GRUB configuration: 
      sudo update-grub
  4. Regenerate RANDOM_BOOT_ID

    If you suspect a problem with RANDOM_BOOT_ID, try regenerating it. This can sometimes resolve boot issues.

    • Run this command to force the regeneration of the ID: 
      sudo systemd-machine-id-setup
    • Reboot your system after running this command.
  5. Check System Logs

    If problems persist, examine the system logs for clues about what’s going wrong.

    • Use journalctl to view recent logs: 
      journalctl -b -1 -xe

      (The -b -1 option shows logs from the previous boot.)

    • Look for errors related to bin_random_table or systemd-random-seed.
Exit mobile version