[gentoo-commits] data/gentoo-news:master commit in: 2021-10-18-libxcrypt-migration-stable/
commit: 11dac3088fb3e629e0b899248e1228ad723e40f6 Author: Sam James gentoo org> AuthorDate: Tue Feb 8 03:21:38 2022 + Commit: Sam James gentoo org> CommitDate: Tue Feb 8 03:21:38 2022 + URL:https://gitweb.gentoo.org/data/gentoo-news.git/commit/?id=11dac308 2021-10-18-libxcrypt-migration-stable: mention circular dependencies Signed-off-by: Sam James gentoo.org> .../2021-10-18-libxcrypt-migration-stable.en.txt | 8 +++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/2021-10-18-libxcrypt-migration-stable/2021-10-18-libxcrypt-migration-stable.en.txt b/2021-10-18-libxcrypt-migration-stable/2021-10-18-libxcrypt-migration-stable.en.txt index d821eac..74e80d5 100644 --- a/2021-10-18-libxcrypt-migration-stable/2021-10-18-libxcrypt-migration-stable.en.txt +++ b/2021-10-18-libxcrypt-migration-stable/2021-10-18-libxcrypt-migration-stable.en.txt @@ -43,7 +43,7 @@ aggressive in protecting even orphaned files. Instead, use FEATURES="unmerge-orphans" which is almost identical in behaviour. -## Delaying the migration +## Delaying the migration *or* circular dependencies If for whatever reason you do *not* wish to switch now - which is only delaying the inevitable - you @@ -53,6 +53,11 @@ need to take the following steps: * mask >=virtual/libcrypt-2 * unmask virtual/libcrypt:0/1 +If hitting circular dependencies involving Python 3.10, +see the wiki for more details [3], but the same steps +listed above must be taken (mask newer libcrypt temporarily, +do a world upgrade, then unmask). + ## Migrating early If you wish to manually migrate now, there are a series @@ -102,3 +107,4 @@ For more information or troubleshooting tips, please see: [0] https://bugs.gentoo.org/802267 [1] https://bugs.gentoo.org/802807 [2] https://bugs.gentoo.org/802210 +[3] https://wiki.gentoo.org/wiki/User:Sam/Portage_help/Circular_dependencies#Python_and_libcrypt
[gentoo-commits] data/gentoo-news:master commit in: 2021-10-18-libxcrypt-migration-stable/
commit: b76a1d4a5fa5a0e2a81d93c086d3077da82de89b Author: Sam James gentoo org> AuthorDate: Thu Dec 16 06:25:26 2021 + Commit: Sam James gentoo org> CommitDate: Thu Dec 16 06:25:26 2021 + URL:https://gitweb.gentoo.org/data/gentoo-news.git/commit/?id=b76a1d4a 2021-10-18-libxcrypt-migration-stable: improve readability a bit Bug: https://bugs.gentoo.org/699422 Bug: https://bugs.gentoo.org/809410 Signed-off-by: Sam James gentoo.org> .../2021-10-18-libxcrypt-migration-stable.en.txt | 31 +- 1 file changed, 24 insertions(+), 7 deletions(-) diff --git a/2021-10-18-libxcrypt-migration-stable/2021-10-18-libxcrypt-migration-stable.en.txt b/2021-10-18-libxcrypt-migration-stable/2021-10-18-libxcrypt-migration-stable.en.txt index 1b80f95..d821eac 100644 --- a/2021-10-18-libxcrypt-migration-stable/2021-10-18-libxcrypt-migration-stable.en.txt +++ b/2021-10-18-libxcrypt-migration-stable/2021-10-18-libxcrypt-migration-stable.en.txt @@ -13,7 +13,10 @@ this has been tested for years already) and switching to the external libxcrypt implementation, now also in stable installations. This will be a regular update, and in nearly all cases you -will not have to take any action and not observe any problems. +will not have to take any action and not observe any problems. If +you hit issues, please read on. + +## Upgrades before 2021-11-01 We do recommend, however, that your system is *fully* up to date first. This is a standard recommendation but in this @@ -21,6 +24,14 @@ specific case, it is useful to have a simplified depgraph to ensure that Portage is able to smoothly calculate an upgrade path. +Please take the opportunity to fully upgrade your +systems now, before the migration occurs, to simplify matters + +This change will occur on 2021-11-01 for stable users. +~arch users by default should already have switched. + +## General advice + We also recommend being in a root shell (not via 'sudo' or similar tools) so that if any issues occur during the upgrade, you are not locked out of the console. It is not expected @@ -32,11 +43,7 @@ aggressive in protecting even orphaned files. Instead, use FEATURES="unmerge-orphans" which is almost identical in behaviour. -That is, please take the opportunity to fully upgrade your -systems now, before the migration occurs, to simplify matters. - -This change will occur on 2021-11-01 for stable users. -~arch users by default should already have switched. +## Delaying the migration If for whatever reason you do *not* wish to switch now - which is only delaying the inevitable - you @@ -46,6 +53,8 @@ need to take the following steps: * mask >=virtual/libcrypt-2 * unmask virtual/libcrypt:0/1 +## Migrating early + If you wish to manually migrate now, there are a series of steps described on the wiki (see below), but the outline is: * unforce the crypt USE flag of sys-libs/glibc and disable it @@ -53,12 +62,16 @@ of steps described on the wiki (see below), but the outline is: and enable it * unmask ~virtual/libcrypt-2 +## PAM warning + Please note that if you last changed your password before ~2008, it may be using md5crypt or similar other weak mechanisms in /etc/shadow; a bug in PAM [0][1] may mean that you were unable to login. We recommend using "passwd" to change/refresh your password so it is using modern methods. A new version of PAM has been added to the tree to resolve this issue. +## Build failures + In some cases, Portage may schedule a rebuild of certain packages in an incorrect order [2]. If building a package fails, please try upgrading Python itself to help avoid spurious build failures, and then @@ -69,7 +82,9 @@ libcrypt and libxcrypt first: And then continue the world upgrade with Portage's "--keep-going=y". -If you hit conflicts, please see the wiki page linked below, but +## Blockers/conflicts + +If you hit blockers/conflicts, please see the wiki page linked below, but common helpful tips are: * try more backtracking (e.g. --backtrack=1000) * try --ignore-built-slot-operator-deps=y temporarily on the world upgrade, @@ -77,6 +92,8 @@ then run a world upgrade again without it. Do NOT attempt to unmerge glibc at any point. +## More help + For more information or troubleshooting tips, please see: * https://wiki.gentoo.org/wiki/Project:Toolchain/libcrypt_implementation * https://bugs.gentoo.org/699422
[gentoo-commits] data/gentoo-news:master commit in: 2021-10-18-libxcrypt-migration-stable/
commit: 8f2ad6dd0515374e473b79d6f6cbc32ac8050680 Author: Sam James gentoo org> AuthorDate: Mon Nov 22 06:14:07 2021 + Commit: Sam James gentoo org> CommitDate: Mon Nov 22 06:14:07 2021 + URL:https://gitweb.gentoo.org/data/gentoo-news.git/commit/?id=8f2ad6dd 2021-10-18-libxcrypt-migration-stable: mention unmasking libcrypt:0/1 for delay If users want to delay the upgrade (please don't do this though), they will (shortly) need to unmask virtual/libcrypt:0/1 too. Bug: https://bugs.gentoo.org/699422 Bug: https://bugs.gentoo.org/809410 Signed-off-by: Sam James gentoo.org> .../2021-10-18-libxcrypt-migration-stable.en.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/2021-10-18-libxcrypt-migration-stable/2021-10-18-libxcrypt-migration-stable.en.txt b/2021-10-18-libxcrypt-migration-stable/2021-10-18-libxcrypt-migration-stable.en.txt index feddaf6..1b80f95 100644 --- a/2021-10-18-libxcrypt-migration-stable/2021-10-18-libxcrypt-migration-stable.en.txt +++ b/2021-10-18-libxcrypt-migration-stable/2021-10-18-libxcrypt-migration-stable.en.txt @@ -44,6 +44,7 @@ need to take the following steps: * unmask and enable the crypt USE flag of sys-libs/glibc * mask the system USE flag of sys-libs/libxcrypt * mask >=virtual/libcrypt-2 +* unmask virtual/libcrypt:0/1 If you wish to manually migrate now, there are a series of steps described on the wiki (see below), but the outline is:
[gentoo-commits] data/gentoo-news:master commit in: 2021-10-18-libxcrypt-migration-stable/
commit: 1c4eb83b3e4a1f453d16e8a2356ddf61651b5310 Author: Sam James gentoo org> AuthorDate: Fri Nov 12 04:58:26 2021 + Commit: Sam James gentoo org> CommitDate: Fri Nov 12 04:58:26 2021 + URL:https://gitweb.gentoo.org/data/gentoo-news.git/commit/?id=1c4eb83b 2021-10-18-libxcrypt-migration-stable: mention being in root shell if possible Bug: https://bugs.gentoo.org/699422 Bug: https://bugs.gentoo.org/809410 Signed-off-by: Sam James gentoo.org> .../2021-10-18-libxcrypt-migration-stable.en.txt | 5 + 1 file changed, 5 insertions(+) diff --git a/2021-10-18-libxcrypt-migration-stable/2021-10-18-libxcrypt-migration-stable.en.txt b/2021-10-18-libxcrypt-migration-stable/2021-10-18-libxcrypt-migration-stable.en.txt index 26aa53a..feddaf6 100644 --- a/2021-10-18-libxcrypt-migration-stable/2021-10-18-libxcrypt-migration-stable.en.txt +++ b/2021-10-18-libxcrypt-migration-stable/2021-10-18-libxcrypt-migration-stable.en.txt @@ -21,6 +21,11 @@ specific case, it is useful to have a simplified depgraph to ensure that Portage is able to smoothly calculate an upgrade path. +We also recommend being in a root shell (not via 'sudo' +or similar tools) so that if any issues occur during the upgrade, +you are not locked out of the console. It is not expected +that any such issues will occur but this is a precaution. + It is also recommended that users do _not_ have FEATURES="collision-protect" enabled because it is aggressive in protecting even orphaned files. Instead,
[gentoo-commits] data/gentoo-news:master commit in: 2021-10-18-libxcrypt-migration-stable/
commit: aa7384ca2c94772bd42cd03c421fdce3992d2931 Author: Sam James gentoo org> AuthorDate: Fri Nov 5 02:03:51 2021 + Commit: Sam James gentoo org> CommitDate: Fri Nov 5 02:03:51 2021 + URL:https://gitweb.gentoo.org/data/gentoo-news.git/commit/?id=aa7384ca 2021-10-18-libxcrypt-migration-stable: nudge to upgrade Python first in some cases Newer versions of each Python slot fix unnecessary -lcrypt link attempts (which were thrown away by -Wl,--as-needed anyway, but showed up in python-config --libs) and similarly a include which caused spurious build failures. These build failures shouldn't have occurred anyway (see the linked bug) but they were exacerbated and occurred *far* more often because of this Python issue. Bug: https://bugs.gentoo.org/802210 Signed-off-by: Sam James gentoo.org> .../2021-10-18-libxcrypt-migration-stable.en.txt| 2 ++ 1 file changed, 2 insertions(+) diff --git a/2021-10-18-libxcrypt-migration-stable/2021-10-18-libxcrypt-migration-stable.en.txt b/2021-10-18-libxcrypt-migration-stable/2021-10-18-libxcrypt-migration-stable.en.txt index 63eaaa8..26aa53a 100644 --- a/2021-10-18-libxcrypt-migration-stable/2021-10-18-libxcrypt-migration-stable.en.txt +++ b/2021-10-18-libxcrypt-migration-stable/2021-10-18-libxcrypt-migration-stable.en.txt @@ -55,8 +55,10 @@ methods. A new version of PAM has been added to the tree to resolve this issue. In some cases, Portage may schedule a rebuild of certain packages in an incorrect order [2]. If building a package fails, please try upgrading +Python itself to help avoid spurious build failures, and then libcrypt and libxcrypt first: +# emerge -v1 --ignore-built-slot-operator-deps=y dev-lang/python:3.8 dev-lang/python:3.9 # emerge -v1 virtual/libcrypt sys-libs/libxcrypt And then continue the world upgrade with Portage's "--keep-going=y".
[gentoo-commits] data/gentoo-news:master commit in: 2021-10-18-libxcrypt-migration-stable/
commit: c0fc80bac65a65d04ca4ce503c233d238d43d390 Author: Sam James gentoo org> AuthorDate: Sun Oct 31 21:22:33 2021 + Commit: Sam James gentoo org> CommitDate: Sun Oct 31 21:25:05 2021 + URL:https://gitweb.gentoo.org/data/gentoo-news.git/commit/?id=c0fc80ba 2021-10-18-libxcrypt-migration-stable: tweak guidance slightly Bug: https://bugs.gentoo.org/809410 Bug: https://bugs.gentoo.org/699422 Signed-off-by: Sam James gentoo.org> .../2021-10-18-libxcrypt-migration-stable.en.txt | 15 +++ 1 file changed, 15 insertions(+) diff --git a/2021-10-18-libxcrypt-migration-stable/2021-10-18-libxcrypt-migration-stable.en.txt b/2021-10-18-libxcrypt-migration-stable/2021-10-18-libxcrypt-migration-stable.en.txt index ccfcddd..63eaaa8 100644 --- a/2021-10-18-libxcrypt-migration-stable/2021-10-18-libxcrypt-migration-stable.en.txt +++ b/2021-10-18-libxcrypt-migration-stable/2021-10-18-libxcrypt-migration-stable.en.txt @@ -21,6 +21,12 @@ specific case, it is useful to have a simplified depgraph to ensure that Portage is able to smoothly calculate an upgrade path. +It is also recommended that users do _not_ have +FEATURES="collision-protect" enabled because it is +aggressive in protecting even orphaned files. Instead, +use FEATURES="unmerge-orphans" which is almost identical +in behaviour. + That is, please take the opportunity to fully upgrade your systems now, before the migration occurs, to simplify matters. @@ -55,9 +61,18 @@ libcrypt and libxcrypt first: And then continue the world upgrade with Portage's "--keep-going=y". +If you hit conflicts, please see the wiki page linked below, but +common helpful tips are: +* try more backtracking (e.g. --backtrack=1000) +* try --ignore-built-slot-operator-deps=y temporarily on the world upgrade, +then run a world upgrade again without it. + +Do NOT attempt to unmerge glibc at any point. + For more information or troubleshooting tips, please see: * https://wiki.gentoo.org/wiki/Project:Toolchain/libcrypt_implementation * https://bugs.gentoo.org/699422 +* Reach out to our support channels (https://www.gentoo.org/support/) [0] https://bugs.gentoo.org/802267 [1] https://bugs.gentoo.org/802807
[gentoo-commits] data/gentoo-news:master commit in: 2021-10-18-libxcrypt-migration-stable/
commit: 232dd42f93031207d628903f6ad4d5c9a96267af Author: Andreas K. Hüttel gentoo org> AuthorDate: Mon Oct 18 20:45:09 2021 + Commit: Andreas K. Hüttel gentoo org> CommitDate: Mon Oct 18 20:45:09 2021 + URL:https://gitweb.gentoo.org/data/gentoo-news.git/commit/?id=232dd42f Add stable version of libxcrypt-migration news Signed-off-by: Andreas K. Hüttel gentoo.org> .../2021-10-18-libxcrypt-migration-stable.en.txt | 64 ++ 1 file changed, 64 insertions(+) diff --git a/2021-10-18-libxcrypt-migration-stable/2021-10-18-libxcrypt-migration-stable.en.txt b/2021-10-18-libxcrypt-migration-stable/2021-10-18-libxcrypt-migration-stable.en.txt new file mode 100644 index 000..ccfcddd --- /dev/null +++ b/2021-10-18-libxcrypt-migration-stable/2021-10-18-libxcrypt-migration-stable.en.txt @@ -0,0 +1,64 @@ +Title: migrating from glibc[crypt] to libxcrypt in stable +Author: Andreas K. Hüttel +Author: Sam James +Posted: 2021-10-18 +Revision: 1 +News-Item-Format: 2.0 + +The implementation of libcrypt.so within glibc has been deprecated +for a long time and will be removed in the near future. + +For this reason, we are following other distributions (where +this has been tested for years already) and switching to the +external libxcrypt implementation, now also in stable installations. + +This will be a regular update, and in nearly all cases you +will not have to take any action and not observe any problems. + +We do recommend, however, that your system is *fully* up +to date first. This is a standard recommendation but in this +specific case, it is useful to have a simplified depgraph +to ensure that Portage is able to smoothly calculate +an upgrade path. + +That is, please take the opportunity to fully upgrade your +systems now, before the migration occurs, to simplify matters. + +This change will occur on 2021-11-01 for stable users. +~arch users by default should already have switched. + +If for whatever reason you do *not* wish to switch now - +which is only delaying the inevitable - you +need to take the following steps: +* unmask and enable the crypt USE flag of sys-libs/glibc +* mask the system USE flag of sys-libs/libxcrypt +* mask >=virtual/libcrypt-2 + +If you wish to manually migrate now, there are a series +of steps described on the wiki (see below), but the outline is: +* unforce the crypt USE flag of sys-libs/glibc and disable it +* unmask the system and split-usr (if applicable) USE flag of sys-libs/libxcrypt +and enable it +* unmask ~virtual/libcrypt-2 + +Please note that if you last changed your password before ~2008, +it may be using md5crypt or similar other weak mechanisms in /etc/shadow; +a bug in PAM [0][1] may mean that you were unable to login. We recommend +using "passwd" to change/refresh your password so it is using modern +methods. A new version of PAM has been added to the tree to resolve this issue. + +In some cases, Portage may schedule a rebuild of certain packages in an +incorrect order [2]. If building a package fails, please try upgrading +libcrypt and libxcrypt first: + +# emerge -v1 virtual/libcrypt sys-libs/libxcrypt + +And then continue the world upgrade with Portage's "--keep-going=y". + +For more information or troubleshooting tips, please see: +* https://wiki.gentoo.org/wiki/Project:Toolchain/libcrypt_implementation +* https://bugs.gentoo.org/699422 + +[0] https://bugs.gentoo.org/802267 +[1] https://bugs.gentoo.org/802807 +[2] https://bugs.gentoo.org/802210