UTIL: Use sss_atomic_read_s in generate_csprng_buffer There was a bug in generate_csprng_buffer() where if we read the exact amount of bytes from /dev/urandom, we would always return EIO. Instead, let's reuse the existing code from sss_atomic_read_s() which fixes this bug and reduces code duplication. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> Reviewed-by: Fabiano Fidêncio <fabiano@fidencio.org>

Secrets: Add encryption at rest Generates a master key file if it doesn't exist and encrypts secrets using the master key contained in the file. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>