1. Use install -d to create the entropy_dir if missing so that we can do it

all in one command, with no permissions race.
2. Simplify the rotation logic by cd'ing into the directory, with a test
   to make sure that it succeeds.
3. Remove any files numbered higher than entropy_save_num. This helps when
   the user reduces the number, and may be useful for other purposes down
   the road.
4. Simplify the rotation logic by first testing the common case (it's a
   regular file) then testing if something else exists with the same name
   using elif. Also switch from using jot to simpler countdown format.
5. Fix logger lines and error messages to be more consistent, and wrap the
   code more consistently in the 80 column range. The "not a regular file"
   error message was mistakenly wrapped entirely in "quotes" which caused
   logger to include line-wrapping whitespace. Change that to wrap only
   the variables in quotes, which is both consistent and works better.
6. Update copyright to reflect the fact that changes were made this year.

Parts of 2-4 were taken from etc/periodic/daily/310.accounting

libexec/save-entropy/save-entropy.sh

@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# Copyright (c) 2001-2006 Douglas Barton, DougB@FreeBSD.org
+# Copyright (c) 2001-2006,2012 Douglas Barton, dougb@FreeBSD.org
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without
@@ -29,7 +29,7 @@
 # This script is called by cron to store bits of randomness which are
 # then used to seed /dev/random on boot.
 
-# Originally developed by Doug Barton, DougB@FreeBSD.org
+# Originally developed by Doug Barton, dougb@FreeBSD.org
 
 PATH=/bin:/usr/bin
 
@@ -55,38 +55,36 @@ entropy_save_sz=${entropy_save_sz:-2048}
 entropy_save_num=${entropy_save_num:-8}
 
 if [ ! -d "${entropy_dir}" ]; then
-	umask 077
-	mkdir "${entropy_dir}" || {
-	    logger -is -t "$0" The entropy directory "${entropy_dir}" does not \
-exist, and cannot be created.  Therefore no entropy can be saved. ;
-	    exit 1;}
-	/usr/sbin/chown operator:operator "${entropy_dir}"
-	chmod 0700 "${entropy_dir}"
+	install -d -o operator -g operator -m 0700 "${entropy_dir}" || {
+		logger -is -t "$0" The entropy directory "${entropy_dir}" does \
+		    not exist, and cannot be created. Therefore no entropy can \
+		    be saved.; exit 1; }
 fi
 
+cd "${entropy_dir}" || {
+	logger -is -t "$0" Cannot cd to the entropy directory: "${entropy_dir}". \
+	    Entropy file rotation is aborted.; exit 1; }
+
+for f in saved-entropy.*; do
+	case "${f}" in saved-entropy.\*) continue ;; esac	# No files match
+	[ ${f#saved-entropy\.} -ge ${entropy_save_num} ] && unlink ${f}
+done
+
 umask 377
 
-esn_m1=$(( ${entropy_save_num} - 1 ))
-for file_num in `jot $esn_m1 $esn_m1 1`; do
-	if [ -e "${entropy_dir}/saved-entropy.${file_num}" ]; then
-		if [ -f "${entropy_dir}/saved-entropy.${file_num}" ]; then
-			new_file=saved-entropy.$(( $file_num + 1 ))
-			if [ -e "${entropy_dir}/${new_file}" ]; then
-				unlink ${entropy_dir}/${new_file}
-			fi
-			mv "${entropy_dir}/saved-entropy.${file_num}" \
-			    "${entropy_dir}/${new_file}"
-		else
-			logger -is -t "$0" \
-"${entropy_dir}/saved-entropy.${file_num} is not a regular file, and therefore \
-it will not be rotated. Entropy file harvesting is aborted."
-			exit 1
-		fi
+n=$(( ${entropy_save_num} - 1 ))
+while [ ${n} -ge 1 ]; do
+	if [ -f "saved-entropy.${n}" ]; then
+		mv "saved-entropy.${n}" "saved-entropy.$(( ${n} + 1 ))"
+	elif [ -e "saved-entropy.${n}" -o -L "saved-entropy.${n}" ]; then
+		logger -is -t "$0" \
+	"${entropy_dir}/saved-entropy.${n}" is not a regular file, and so \
+	    it will not be rotated. Entropy file rotation is aborted.
+		exit 1
 	fi
+	n=$(( ${n} - 1 ))
 done
 
-dd if=/dev/random of="${entropy_dir}/saved-entropy.1" \
-    bs="$entropy_save_sz" count=1 2> /dev/null
+dd if=/dev/random of=saved-entropy.1 bs=${entropy_save_sz} count=1 2>/dev/null
 
 exit 0
-