Processed: Re: Bug#1058928: bookworm-pu: package cryptsetup/2:2.6.1-4~deb12u2

2024-02-03 Thread Debian Bug Tracking System 
Processing control commands:

> tags -1 + confirmed
Bug #1058928 [release.debian.org] bookworm-pu: package 
cryptsetup/2:2.6.1-4~deb12u2
Added tag(s) confirmed.

-- 
1058928: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1058928
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1058928: bookworm-pu: package cryptsetup/2:2.6.1-4~deb12u2

2024-02-03 Thread Adam D. Barratt 
Control: tags -1 + confirmed

On Mon, 2023-12-18 at 14:10 +0100, Guilhem Moulin wrote:
> 1. cryptsetup-suspend 2:2.6.1-4~deb12u1 was found incompatible with
> systemd 254.1-3 and later, in particular with systemd/bookworm-
> backports.
> 
> 2. cryptsetup-initramfs 2:2.6.1-4~deb12u2 dos not support kernel
> shipping compressed modules under MODULES=dep, as is done by default
> with linux 6.6 (currently in Debian experimental).

Please go ahead.

Regards,

Adam

Bug#1058928: bookworm-pu: package cryptsetup/2:2.6.1-4~deb12u2

2023-12-22 Thread Guilhem Moulin 
Control: tag -1 - moreinfo

Hi,

On Thu, 21 Dec 2023 at 21:59:40 +, Jonathan Wiltshire wrote:
> On Mon, Dec 18, 2023 at 02:10:20PM +0100, Guilhem Moulin wrote:
>> [ Reason ]
>>
>> 1. cryptsetup-suspend 2:2.6.1-4~deb12u1 was found incompatible with
>> systemd 254.1-3 and later, in particular with systemd/bookworm-backports.
>>
>> 2. cryptsetup-initramfs 2:2.6.1-4~deb12u2 dos not support kernel
>> shipping compressed modules under MODULES=dep, as is done by default
>> with linux 6.6 (currently in Debian experimental).
>
> Aren't these problems better sorted out in the relevant suites, e.g. with
> Breaks? It seems an unnecessary change in stable when stable isn't actually
> broken.

It's correct that stable isn't broken at the moment, but some users also
build their own kernels, and we can't warn about the incompatibilty
there; they just won't be able to boot when these 3 conditions are
satisfied:

 1. Linux is configured with CONFIG_MODULE_COMPRESS_* (Debian currently
does that in experimental only but the setting is also available in
<6.0);
 2. initramfs.conf(5) sets MODULES=dep; and
 3. There is a device to be unlocked at initramfs stage (for instance
the root FS).

Moreover the issue stands in the way of kernel maintainers enabling
CONFIG_MODULE_COMPRESS_* in stable should that be needed or desired
in some point release.  (Compressed modules are already suported in
Bookworm's initramfs-tools, but currently not in cryptsetup-initramfs.)

The other issue I see with ‘Breaks: cryptsetup-initramfs (<< 2:2.6.1-6~)’
without having a recent enough cryptsetup-initramfs available is that
apt will hapilly suggest to remove cryptsetup-initramfs.  That too would
yield an unbootable system whenever there is any device to be unlocked
at initramfs stage.

Note that the proposed change is a no-op with Bookworm's current kernel
and systemd.  It just adds forward compatibility in the same way
initramfs-tools did.

-- 
Guilhem.


signature.asc
Description: PGP signature

Processed: Re: Bug#1058928: bookworm-pu: package cryptsetup/2:2.6.1-4~deb12u2

2023-12-22 Thread Debian Bug Tracking System 
Processing control commands:

> tag -1 - moreinfo
Bug #1058928 [release.debian.org] bookworm-pu: package 
cryptsetup/2:2.6.1-4~deb12u2
Removed tag(s) moreinfo.

-- 
1058928: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1058928
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Re: Bug#1058928: bookworm-pu: package cryptsetup/2:2.6.1-4~deb12u2

2023-12-21 Thread Debian Bug Tracking System 
Processing control commands:

> tag -1 moreinfo
Bug #1058928 [release.debian.org] bookworm-pu: package 
cryptsetup/2:2.6.1-4~deb12u2
Added tag(s) moreinfo.

-- 
1058928: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1058928
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1058928: bookworm-pu: package cryptsetup/2:2.6.1-4~deb12u2

2023-12-21 Thread Jonathan Wiltshire 
Control: tag -1 moreinfo

Hi,

On Mon, Dec 18, 2023 at 02:10:20PM +0100, Guilhem Moulin wrote:
> [ Reason ]
> 
> 1. cryptsetup-suspend 2:2.6.1-4~deb12u1 was found incompatible with
> systemd 254.1-3 and later, in particular with systemd/bookworm-backports.
> 
> 2. cryptsetup-initramfs 2:2.6.1-4~deb12u2 dos not support kernel
> shipping compressed modules under MODULES=dep, as is done by default
> with linux 6.6 (currently in Debian experimental).

Aren't these problems better sorted out in the relevant suites, e.g. with
Breaks? It seems an unnecessary change in stable when stable isn't actually
broken.

Thanks,

-- 
Jonathan Wiltshire  j...@debian.org
Debian Developer http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51
ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1

Bug#1058928: bookworm-pu: package cryptsetup/2:2.6.1-4~deb12u2

2023-12-18 Thread Guilhem Moulin 
Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: cryptse...@packages.debian.org
Control: affects -1 + src:cryptsetup

[ Reason ]

1. cryptsetup-suspend 2:2.6.1-4~deb12u1 was found incompatible with
systemd 254.1-3 and later, in particular with systemd/bookworm-backports.

2. cryptsetup-initramfs 2:2.6.1-4~deb12u2 dos not support kernel
shipping compressed modules under MODULES=dep, as is done by default
with linux 6.6 (currently in Debian experimental).

[ Impact ]

1. Users installing systemd from bookworm-backports will not be able to
use cryptsetup-suspend to suspend-on-ram.

2. Users installing linux ≥6.6.4-1~exp1 will not be able to boot under
MODULES=dep when there is any device to be unlocked at initramfs stage.
(initramfs.conf(5)'s defaults to MODULES=most, but not being able to
boot anymore is obviously a serious regression.)

[ Tests ]

DEP-8 check suspend-on-ram and initramfs unlocking for various setups,
all using stock bookworm packages.  In addition, manual tests were made
to check behaviour with systemd/bookworm-backports and/or linux-image-amd64/
experimental.

[ Risks ]

The patches were backported from sid, where 2:2.6.1-5 resp. 2:2.6.1-6
was uploaded to on Aug 27 resp. Dec 05.  The diff is pretty trivial and
doesn't affect libcryptsetup12 nor cryptsetup-bin.

[ Checklist ]

  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in stable
  [x] the issue is verified as fixed in unstable

[ Changes ]

 * Also add compressed kernel modules in the initramfs hook script.
 * Fix DEP-8 tests to work with compressed kernel modules.
 * Don't error out when /lib/systemd/system-sleep does not exist (cf.
   #1036920 and #1050606).

-- 
Guilhem.
diffstat for cryptsetup-2.6.1 cryptsetup-2.6.1

 changelog  |   18 ++
 initramfs/hooks/cryptroot  |4 ++--
 salsa-ci.yml   |1 +
 scripts/suspend/cryptsetup-suspend-wrapper |1 +
 tests/cryptroot-legacy.d/mock  |2 +-
 tests/utils/mkinitramfs|9 -
 6 files changed, 27 insertions(+), 8 deletions(-)

diff -Nru cryptsetup-2.6.1/debian/changelog cryptsetup-2.6.1/debian/changelog
--- cryptsetup-2.6.1/debian/changelog   2023-04-21 00:54:29.0 +0200
+++ cryptsetup-2.6.1/debian/changelog   2023-12-18 03:41:04.0 +0100
@@ -1,3 +1,21 @@
+cryptsetup (2:2.6.1-4~deb12u2) bookworm; urgency=medium
+
+  [ Michael Biebl ]
+  * cryptsetup-suspend-wrapper: Don't error out on missing
+/lib/systemd/system-sleep directory as systemd 254.1-3 and later no longer
+ship empty directories. (Closes: #1050606)
+
+  [ Kevin Locke ]
+  * cryptsetup-initramfs: Add support for compressed kernel modules, which is
+the default as linux-image 6.6.4-1~exp1. (Closes: #1036049, #1057441)
+
+  [ Guilhem Moulin ]
+  * add_modules(): Change suffix drop logic to match initramfs-tools.
+  * Fix DEP-8 tests with kernels shipping compressed modules.
+  * d/salsa-ci.yml: Set RELEASE=bookworm.
+
+ -- Guilhem Moulin   Mon, 18 Dec 2023 03:41:04 +0100
+
 cryptsetup (2:2.6.1-4~deb12u1) bookworm; urgency=medium
 
   * Rebuild for Bookworm.
diff -Nru cryptsetup-2.6.1/debian/initramfs/hooks/cryptroot 
cryptsetup-2.6.1/debian/initramfs/hooks/cryptroot
--- cryptsetup-2.6.1/debian/initramfs/hooks/cryptroot   2023-04-21 
00:54:29.0 +0200
+++ cryptsetup-2.6.1/debian/initramfs/hooks/cryptroot   2023-12-18 
03:41:04.0 +0100
@@ -266,8 +266,8 @@
 add_modules() {
 local glob="$1" found=n
 shift
-for mod in $(find -H "$@" -name "$glob.ko" -type f -printf '%f\n'); do
-manual_add_modules "${mod%.ko}"
+for mod in $(find -H "$@" -name "$glob.ko*" -type f -printf '%f\n'); do
+manual_add_modules "${mod%%.*}"
 found=y
 done
 [ "$found" = y ] && return 0 || return 1
diff -Nru cryptsetup-2.6.1/debian/salsa-ci.yml 
cryptsetup-2.6.1/debian/salsa-ci.yml
--- cryptsetup-2.6.1/debian/salsa-ci.yml2023-04-21 00:54:29.0 
+0200
+++ cryptsetup-2.6.1/debian/salsa-ci.yml2023-12-18 03:41:04.0 
+0100
@@ -3,6 +3,7 @@
   - 
https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/recipes/debian.yml
 
 variables:
+  RELEASE: 'bookworm'
   # Skip all DEP-8 tests except 'cryptroot-lvm': each 'cryptroot-*' test
   # takes 20-30min on Salsa CI runners as they don't support KVM acceleration
   # cf. https://salsa.debian.org/salsa-ci-team/pipeline/-/issues/266 ,
diff -Nru cryptsetup-2.6.1/debian/scripts/suspend/cryptsetup-suspend-wrapper 
cryptsetup-2.6.1/debian/scripts/suspend/cryptsetup-suspend-wrapper
--- cryptsetup-2.6.1/debian/scripts/suspend/cryptsetup-suspend-wrapper  
2023-04-21 00:54:29.0 +0200
+++ cryptsetup-2.6.1/debian/scripts/suspend/cryptsetup-suspend-wrapper  
2023-12-18 03:41:04.0 +0100
@@