rngd-tools: run as unprivileged user

For better security and isolation, used the -D option to run as newly
created unprivileged user.

Build system: x86/64
Build-tested: x86/64-glibc
Run-tested: x86/64-glibc

Signed-off-by: John Audia <therealgraysky@proton.me>

utils/rng-tools/Makefile

@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=rng-tools
 PKG_VERSION:=6.17
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://codeload.github.com/nhorman/rng-tools/tar.gz/v$(PKG_VERSION)?
@@ -32,6 +32,7 @@ define Package/rng-tools
   CATEGORY:=Utilities
   TITLE:=Daemon for adding entropy to kernel entropy pool
   URL:=https://github.com/nhorman/rng-tools
+  USERID:=rngd=209:rngd=209
   DEPENDS:=+libopenssl +libcap +libcurl +jansson
 endef
 

utils/rng-tools/files/rngd.init

@@ -20,7 +20,7 @@ start_service() {
 	[ -z "$watermark" ] || watermark="-W ${watermark}"
 
 	procd_open_instance
-	procd_set_param command "$PROG" -f ${device} ${watermark}
+	procd_set_param command "$PROG" -D rngd:rngd -f ${device} ${watermark}
 	procd_set_param stderr 1
 	procd_close_instance
 }