Processed: Re: Bug#1058928: bookworm-pu: package cryptsetup/2:2.6.1-4~deb12u2
Processing control commands: > tags -1 + confirmed Bug #1058928 [release.debian.org] bookworm-pu: package cryptsetup/2:2.6.1-4~deb12u2 Added tag(s) confirmed. -- 1058928: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1058928 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1058928: bookworm-pu: package cryptsetup/2:2.6.1-4~deb12u2
Control: tags -1 + confirmed On Mon, 2023-12-18 at 14:10 +0100, Guilhem Moulin wrote: > 1. cryptsetup-suspend 2:2.6.1-4~deb12u1 was found incompatible with > systemd 254.1-3 and later, in particular with systemd/bookworm- > backports. > > 2. cryptsetup-initramfs 2:2.6.1-4~deb12u2 dos not support kernel > shipping compressed modules under MODULES=dep, as is done by default > with linux 6.6 (currently in Debian experimental). Please go ahead. Regards, Adam
Bug#1058928: bookworm-pu: package cryptsetup/2:2.6.1-4~deb12u2
Control: tag -1 - moreinfo Hi, On Thu, 21 Dec 2023 at 21:59:40 +, Jonathan Wiltshire wrote: > On Mon, Dec 18, 2023 at 02:10:20PM +0100, Guilhem Moulin wrote: >> [ Reason ] >> >> 1. cryptsetup-suspend 2:2.6.1-4~deb12u1 was found incompatible with >> systemd 254.1-3 and later, in particular with systemd/bookworm-backports. >> >> 2. cryptsetup-initramfs 2:2.6.1-4~deb12u2 dos not support kernel >> shipping compressed modules under MODULES=dep, as is done by default >> with linux 6.6 (currently in Debian experimental). > > Aren't these problems better sorted out in the relevant suites, e.g. with > Breaks? It seems an unnecessary change in stable when stable isn't actually > broken. It's correct that stable isn't broken at the moment, but some users also build their own kernels, and we can't warn about the incompatibilty there; they just won't be able to boot when these 3 conditions are satisfied: 1. Linux is configured with CONFIG_MODULE_COMPRESS_* (Debian currently does that in experimental only but the setting is also available in <6.0); 2. initramfs.conf(5) sets MODULES=dep; and 3. There is a device to be unlocked at initramfs stage (for instance the root FS). Moreover the issue stands in the way of kernel maintainers enabling CONFIG_MODULE_COMPRESS_* in stable should that be needed or desired in some point release. (Compressed modules are already suported in Bookworm's initramfs-tools, but currently not in cryptsetup-initramfs.) The other issue I see with ‘Breaks: cryptsetup-initramfs (<< 2:2.6.1-6~)’ without having a recent enough cryptsetup-initramfs available is that apt will hapilly suggest to remove cryptsetup-initramfs. That too would yield an unbootable system whenever there is any device to be unlocked at initramfs stage. Note that the proposed change is a no-op with Bookworm's current kernel and systemd. It just adds forward compatibility in the same way initramfs-tools did. -- Guilhem. signature.asc Description: PGP signature
Processed: Re: Bug#1058928: bookworm-pu: package cryptsetup/2:2.6.1-4~deb12u2
Processing control commands: > tag -1 - moreinfo Bug #1058928 [release.debian.org] bookworm-pu: package cryptsetup/2:2.6.1-4~deb12u2 Removed tag(s) moreinfo. -- 1058928: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1058928 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: Re: Bug#1058928: bookworm-pu: package cryptsetup/2:2.6.1-4~deb12u2
Processing control commands: > tag -1 moreinfo Bug #1058928 [release.debian.org] bookworm-pu: package cryptsetup/2:2.6.1-4~deb12u2 Added tag(s) moreinfo. -- 1058928: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1058928 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1058928: bookworm-pu: package cryptsetup/2:2.6.1-4~deb12u2
Control: tag -1 moreinfo Hi, On Mon, Dec 18, 2023 at 02:10:20PM +0100, Guilhem Moulin wrote: > [ Reason ] > > 1. cryptsetup-suspend 2:2.6.1-4~deb12u1 was found incompatible with > systemd 254.1-3 and later, in particular with systemd/bookworm-backports. > > 2. cryptsetup-initramfs 2:2.6.1-4~deb12u2 dos not support kernel > shipping compressed modules under MODULES=dep, as is done by default > with linux 6.6 (currently in Debian experimental). Aren't these problems better sorted out in the relevant suites, e.g. with Breaks? It seems an unnecessary change in stable when stable isn't actually broken. Thanks, -- Jonathan Wiltshire j...@debian.org Debian Developer http://people.debian.org/~jmw 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51 ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1
Bug#1058928: bookworm-pu: package cryptsetup/2:2.6.1-4~deb12u2
Package: release.debian.org Severity: normal Tags: bookworm User: release.debian@packages.debian.org Usertags: pu X-Debbugs-Cc: cryptse...@packages.debian.org Control: affects -1 + src:cryptsetup [ Reason ] 1. cryptsetup-suspend 2:2.6.1-4~deb12u1 was found incompatible with systemd 254.1-3 and later, in particular with systemd/bookworm-backports. 2. cryptsetup-initramfs 2:2.6.1-4~deb12u2 dos not support kernel shipping compressed modules under MODULES=dep, as is done by default with linux 6.6 (currently in Debian experimental). [ Impact ] 1. Users installing systemd from bookworm-backports will not be able to use cryptsetup-suspend to suspend-on-ram. 2. Users installing linux ≥6.6.4-1~exp1 will not be able to boot under MODULES=dep when there is any device to be unlocked at initramfs stage. (initramfs.conf(5)'s defaults to MODULES=most, but not being able to boot anymore is obviously a serious regression.) [ Tests ] DEP-8 check suspend-on-ram and initramfs unlocking for various setups, all using stock bookworm packages. In addition, manual tests were made to check behaviour with systemd/bookworm-backports and/or linux-image-amd64/ experimental. [ Risks ] The patches were backported from sid, where 2:2.6.1-5 resp. 2:2.6.1-6 was uploaded to on Aug 27 resp. Dec 05. The diff is pretty trivial and doesn't affect libcryptsetup12 nor cryptsetup-bin. [ Checklist ] [x] *all* changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in stable [x] the issue is verified as fixed in unstable [ Changes ] * Also add compressed kernel modules in the initramfs hook script. * Fix DEP-8 tests to work with compressed kernel modules. * Don't error out when /lib/systemd/system-sleep does not exist (cf. #1036920 and #1050606). -- Guilhem. diffstat for cryptsetup-2.6.1 cryptsetup-2.6.1 changelog | 18 ++ initramfs/hooks/cryptroot |4 ++-- salsa-ci.yml |1 + scripts/suspend/cryptsetup-suspend-wrapper |1 + tests/cryptroot-legacy.d/mock |2 +- tests/utils/mkinitramfs|9 - 6 files changed, 27 insertions(+), 8 deletions(-) diff -Nru cryptsetup-2.6.1/debian/changelog cryptsetup-2.6.1/debian/changelog --- cryptsetup-2.6.1/debian/changelog 2023-04-21 00:54:29.0 +0200 +++ cryptsetup-2.6.1/debian/changelog 2023-12-18 03:41:04.0 +0100 @@ -1,3 +1,21 @@ +cryptsetup (2:2.6.1-4~deb12u2) bookworm; urgency=medium + + [ Michael Biebl ] + * cryptsetup-suspend-wrapper: Don't error out on missing +/lib/systemd/system-sleep directory as systemd 254.1-3 and later no longer +ship empty directories. (Closes: #1050606) + + [ Kevin Locke ] + * cryptsetup-initramfs: Add support for compressed kernel modules, which is +the default as linux-image 6.6.4-1~exp1. (Closes: #1036049, #1057441) + + [ Guilhem Moulin ] + * add_modules(): Change suffix drop logic to match initramfs-tools. + * Fix DEP-8 tests with kernels shipping compressed modules. + * d/salsa-ci.yml: Set RELEASE=bookworm. + + -- Guilhem Moulin Mon, 18 Dec 2023 03:41:04 +0100 + cryptsetup (2:2.6.1-4~deb12u1) bookworm; urgency=medium * Rebuild for Bookworm. diff -Nru cryptsetup-2.6.1/debian/initramfs/hooks/cryptroot cryptsetup-2.6.1/debian/initramfs/hooks/cryptroot --- cryptsetup-2.6.1/debian/initramfs/hooks/cryptroot 2023-04-21 00:54:29.0 +0200 +++ cryptsetup-2.6.1/debian/initramfs/hooks/cryptroot 2023-12-18 03:41:04.0 +0100 @@ -266,8 +266,8 @@ add_modules() { local glob="$1" found=n shift -for mod in $(find -H "$@" -name "$glob.ko" -type f -printf '%f\n'); do -manual_add_modules "${mod%.ko}" +for mod in $(find -H "$@" -name "$glob.ko*" -type f -printf '%f\n'); do +manual_add_modules "${mod%%.*}" found=y done [ "$found" = y ] && return 0 || return 1 diff -Nru cryptsetup-2.6.1/debian/salsa-ci.yml cryptsetup-2.6.1/debian/salsa-ci.yml --- cryptsetup-2.6.1/debian/salsa-ci.yml2023-04-21 00:54:29.0 +0200 +++ cryptsetup-2.6.1/debian/salsa-ci.yml2023-12-18 03:41:04.0 +0100 @@ -3,6 +3,7 @@ - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/recipes/debian.yml variables: + RELEASE: 'bookworm' # Skip all DEP-8 tests except 'cryptroot-lvm': each 'cryptroot-*' test # takes 20-30min on Salsa CI runners as they don't support KVM acceleration # cf. https://salsa.debian.org/salsa-ci-team/pipeline/-/issues/266 , diff -Nru cryptsetup-2.6.1/debian/scripts/suspend/cryptsetup-suspend-wrapper cryptsetup-2.6.1/debian/scripts/suspend/cryptsetup-suspend-wrapper --- cryptsetup-2.6.1/debian/scripts/suspend/cryptsetup-suspend-wrapper 2023-04-21 00:54:29.0 +0200 +++ cryptsetup-2.6.1/debian/scripts/suspend/cryptsetup-suspend-wrapper 2023-12-18 03:41:04.0 +0100 @@