This patch will probably raise a few eyebrows. Mark Kettenis (senior openbsd dev) sent a mail to another developer concerning getentropy(): Noticed the following commit: > CVSROOT: /cvs > Module name: ports > Changes by: robert@cvs.openbsd.org 2016/01/02 06:57:12 > > Modified files: > mail/zarafa/zarafa: Makefile > mail/zarafa/zarafa/patches: patch-common_platform_linux_cpp > patch-configure_ac > > Log message: > use getentropy(2) instead of directly opening /dev/urandom; > this unbreaks zarafa-webapp running with chroot'd php This really looks like a case where you should be calling arc4random_buf(3) instead of getentropy(2). In fact calling getentropy(2) is almost always the wrong approach. OpenBSD subsequently amended the man page for getentropy() to clarify this: http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/getentropy.2?query=getentropy&sec=2 getentropy() is not intended for regular code; please use the arc4random(3) family of functions instead. Attached is a patch that replaces getentropy() with arc4random_buf(). Feedback welcomed. **Trac**: **Username**: logan