cryptsetup-1.2.0 always builds a dynamically-linked version of /sbin/cryptsetup. This is a problem for anyone using genkernel (at least as of genkernel 3.4.10.908) to build a kernel/initrd with LUKS support, because the genkernel build procedure demands a statically-linked cryptsetup. Reproducible: Always Steps to Reproduce: 1. Update to sys-fs/cryptsetup-1.2.0. 2. genkernel --luks all Actual Results: Observe how the message "LUKS support requires static cryptsetup at /bin/cryptsetup or /sbin/cryptsetup\nNot including LUKS support" flashes by, but a LUKS-less initrd is installed to /boot anyway. Expected Results: cryptsetup should be built statically by default, or at the very least pay attention to whether the "static" USE flag is set or not. This could be a serious problem for people who, like me, are booting an encrypted root partition; see for example <http://en.gentoo-wiki.com/wiki/Booting_encrypted_system_from_USB_stick> If you don't notice that the new initrd -- which has just overwritten the previous initrd on the USB stick -- doesn't have LUKS support, you could easily end up with an unbootable system.
Created attachment 258427 [details, diff] Fix ebuild for USE="-dynamic" Trivial fix for the currently in-tree ebuild. There have been changes in the naming of ./configure options between 1.1.3 and 1.2.0. Anyway, the handling of dynamic building USE flag may be a little misleading. How about ditching that dynamic USE flag for a new static USE flag, handled sys-fs/lvm2 does ?
However the previous fix won't help you, because looking at /usr/share/genkernel/gen_initramfs.sh, genkernel tests /bin/cryptsetup and /sbin/cryptsetup for a static candidate, though sys-fs/cryptsetup-1.2.0 installs its static binary as /sbin/cryptsetup.static Added genkernel team in the CC list
cryptsetup has no USE=static flag, so its status is meaningless
although now that we have newer EAPI's, the need to invert USE flag logic is no longer necessary. cryptsetup-1.2.0-r1 has IUSE=+static now.
So, why does this ebuild have the "static" USE-flag set by default? S.o. not using cryptsetup in an initrd rather wants a dynamically linked version. I don't know exactly against which libs cryptsetup links but am I right that if it uses ncurses and I update ncurses, the statically linked version still uses the old version of ncurses? So I would have to re-emerge cryptsetup every time I update a library it links against to have it use the latest versions?
cryptsetup has always built statically by default. it uses a lot of libs from /usr which may be on a sep partition. if you dont want it statically linked, then add USE=-static to your config.
anyone experienced that emerging sys-fs/cryptsetup-1.2.0-r1 ended up in an error 14 in your running system and that it couldn't boot with the version included in genkernel ? e.g.: cryptsetup[1226]: segfault at ffffffffffffffff ip ffffffffffffffff sp 00007fffa8e03368 error 14 at bootup for me it said that there wasn't any luks header on my partition - strange - probably because it had crashed before being able to detect one I know I should open up a new bug - but this is somehow related to this one and might interest the ones subscribed to this bug
you're right ... you should be opening a new bug
