[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1032235: Bug#1014110: libargon2 0~20190702-0.1 no longer links against libpthread which breaks cryptsetup-initramfs

Hi all,

On 15-03-2023 23:28, Guilhem Moulin wrote:

On Wed, 15 Mar 2023 at 22:43:31 +0100, Bastian Germann wrote:

Am 15.03.23 um 22:39 schrieb Paul Gevers:

Do I understand correctly that:
1) argon2 in testing isn't affected
2) this bug isn't solved yet, despite the closure?
3) the issue for cryptsetup is worked around in cryptsetup

libargon2-1 is linked by more packages. Are they all OK without this
unintentional change unfixed? Why is the unintentional change not
reverted or fixed?


There is no unintentional change.


Yes there is, namely the fact that libargon2-1 no longer links against
libpthread, which in turn caused a major regression in
cryptsetup-initramfs (mitigated in src:cryptsetup 2:2.6.1-2).  Unlike
what I initially claimed in #1014110's msg#20 that change can't be
reverted or fixed in src:argon2 since it's caused by building with a
newer libc; a binNMU would therefore have caused the same regression,
I'm not 100% sure I parse that sentence as you intended, so let me ask explicitly: if we binNMU (now or in the future) src:argon2 version 0~20171227-0.3 in bookworm, would it also loose its linking to libpthread? That would be a time bomb (not only in the archive, but also for downstreams and other users that do rebuilds). I *think* you're saying that despite libc's version, that is *not* the case. 


If packages are waiting for argon2 then I would prefer an unblock of
both argon2 and cryptsetup at the same time.
That wouldn't solve the ordering (but I spotted a new upload of src:argon2 fixing that). 


More importantly, argon2 >>0~20190702-0.1 should not be allowed in
bookworm before cryptsetup >=2:2.6.1-2, as doing so would make systems
using cryptsetup-initramfs (such an those using “encrypted LVM” layout
from d-i) unbootable.

cryptsetup can transition before argon2 though, and I do intend to file
an unblock request for it given -3 mitigates #1028250.  Bastien, since
argon2 and cryptsetup likely won't enter testing at the same time (which
is was I hoped to do with that bug clone dance, but that failed for the
reasons you described) you might want to upload a new version with
‘Breaks: cryptsetup-initramfs (<<2:2.6.1-2)’.  If you want something
newer than 0~20171227-0.3 in bookworm, that is.  (As far as cryptsetup
is concerned it's fine to ship bookworm with argon2=0~20171227-0.3 and
cryptsetup=2:2.6.1-3.)
For the record, with my current understanding I prefer the scenario of keeping the versions of argon2 and cryptsetup in bookworm as they are. Feel free to convince the Release Team of the opposite in an unblock request. 

Paul

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

Reply to: