Walter Dnes wrote: > I'm a bit late updating a Lenovo laptop. Emerge wouldn't run due to a > conflict with virtual/libcrypt. As a workaround, I ran... > > time emerge --changed-use --deep --update @world --exclude virtual/libcrypt > > To quote Rowan and Martin "Later... that very same evening" (7 hours > and 265 packages) it finished. Now to tackle libcrypt. How do I handle > the following? As near as I can tell from the news item, glibc's > internal libcrypt is being replaced by an external libxcrypt but the > details are vague.. > > ===================================================================== > [thimk2][root][~] emerge -pv --changed-use --deep --update @world > > These are the packages that would be merged, in order: > > Calculating dependencies... done! > > Total: 0 packages, Size of downloads: 0 KiB > > WARNING: One or more updates/rebuilds have been skipped due to a dependency > conflict: > > sys-libs/glibc:2.2 > > (sys-libs/glibc-2.34-r10:2.2/2.2::gentoo, ebuild scheduled for merge) > USE="multiarch ssp (static-libs) -audit -caps (-cet) -compile-locales > (-crypt) (-custom-cflags) -doc -gd -headers-only (-multilib) > -multilib-bootstrap -nscd -profile (-selinux) -static-pie -suid -systemd > -systemtap -test (-vanilla)" conflicts with > sys-libs/glibc[crypt(+),static-libs(+)] required by > (virtual/libcrypt-1-r1-1:0/1::gentoo, installed) USE="static-libs" > > > > !!! The following installed packages are masked: > - virtual/libcrypt-1-r1::gentoo (masked by: package.mask) > /usr/portage/profiles/base/package.mask: > # Sam James <s...@gentoo.org> (2021-11-22) > # Mask the older libcrypt virtual (which accepted glibc[crypt]) to ease > # dependency resolution. In a fair number of cases, this has helped > # upgrades go through cleanly. > # Read the news item if you need help! > # (This mask is undone in musl profiles where the transition is not yet being > # made.) > # bug #699422. > > For more information, see the MASKED PACKAGES section in the emerge > man page or refer to the Gentoo Handbook. > ===================================================================== >
There's a news item on this. In case you don't have it for some reason, here's the info from it. [78] 2021-10-18 migrating from glibc[crypt] to libxcrypt in stable root@fireball / # eselect news read 78 2021-10-18-libxcrypt-migration-stable Title migrating from glibc[crypt] to libxcrypt in stable Author Andreas K. Hüttel <dilfri...@gentoo.org> Author Sam James <s...@gentoo.org> Posted 2021-10-18 Revision 1 The implementation of libcrypt.so within glibc has been deprecated for a long time and will be removed in the near future. For this reason, we are following other distributions (where this has been tested for years already) and switching to the external libxcrypt implementation, now also in stable installations. This will be a regular update, and in nearly all cases you will not have to take any action and not observe any problems. If you hit issues, please read on. ## Upgrades before 2021-11-01 We do recommend, however, that your system is *fully* up to date first. This is a standard recommendation but in this specific case, it is useful to have a simplified depgraph to ensure that Portage is able to smoothly calculate an upgrade path. Please take the opportunity to fully upgrade your systems now, before the migration occurs, to simplify matters This change will occur on 2021-11-01 for stable users. ~arch users by default should already have switched. ## General advice We also recommend being in a root shell (not via 'sudo' or similar tools) so that if any issues occur during the upgrade, you are not locked out of the console. It is not expected that any such issues will occur but this is a precaution. It is also recommended that users do _not_ have FEATURES="collision-protect" enabled because it is aggressive in protecting even orphaned files. Instead, use FEATURES="unmerge-orphans" which is almost identical in behaviour. ## Delaying the migration *or* circular dependencies If for whatever reason you do *not* wish to switch now - which is only delaying the inevitable - you need to take the following steps: * unmask and enable the crypt USE flag of sys-libs/glibc * mask the system USE flag of sys-libs/libxcrypt * mask >=virtual/libcrypt-2 * unmask virtual/libcrypt:0/1 If hitting circular dependencies involving Python 3.10, see the wiki for more details [3], but the same steps listed above must be taken (mask newer libcrypt temporarily, do a world upgrade, then unmask). ## Migrating early If you wish to manually migrate now, there are a series of steps described on the wiki (see below), but the outline is: * unforce the crypt USE flag of sys-libs/glibc and disable it * unmask the system and split-usr (if applicable) USE flag of sys-libs/libxcrypt and enable it * unmask ~virtual/libcrypt-2 ## PAM warning Please note that if you last changed your password before ~2008, it may be using md5crypt or similar other weak mechanisms in /etc/shadow; a bug in PAM [0][1] may mean that you were unable to login. We recommend using "passwd" to change/refresh your password so it is using modern methods. A new version of PAM has been added to the tree to resolve this issue. ## Build failures In some cases, Portage may schedule a rebuild of certain packages in an incorrect order [2]. If building a package fails, please try upgrading Python itself to help avoid spurious build failures, and then libcrypt and libxcrypt first: # emerge -v1 --ignore-built-slot-operator-deps=y dev-lang/python:3.8 dev-lang/python:3.9 # emerge -v1 virtual/libcrypt sys-libs/libxcrypt And then continue the world upgrade with Portage's "--keep-going=y". ## Blockers/conflicts If you hit blockers/conflicts, please see the wiki page linked below, but common helpful tips are: * try more backtracking (e.g. --backtrack=1000) * try --ignore-built-slot-operator-deps=y temporarily on the world upgrade, then run a world upgrade again without it. Do NOT attempt to unmerge glibc at any point. ## More help For more information or troubleshooting tips, please see: * https://wiki.gentoo.org/wiki/Project:Toolchain/libcrypt_implementation * https://bugs.gentoo.org/699422 * Reach out to our support channels (https://www.gentoo.org/support/) [0] https://bugs.gentoo.org/802267 [1] https://bugs.gentoo.org/802807 [2] https://bugs.gentoo.org/802210 [3] https://wiki.gentoo.org/wiki/User:Sam/Portage_help/Circular_dependencies#Python_and_libcrypt Hope that helps. I'd think it would. Dale :-) :-)