[PATCH core-updates 0/7] Cryptsetup woes

  • Open
  • quality assurance status badge
Details
2 participants
  • Josselin Poiret
  • Maxim Cournoyer
Owner
unassigned
Submitted by
Josselin Poiret
Severity
normal
J
J
Josselin Poiret wrote on 22 Jan 14:33 +0100
(address . guix-patches@gnu.org)(name . Josselin Poiret)(address . dev@jpoiret.xyz)
cover.1705762361.git.dev@jpoiret.xyz
Hi everyone,

I'm working on core-updates, trying to build gnome and the desktop
configuration example. I've already pushed some fixes, but cryptsetup and
lvm2 are proving to be quite annoying: for the same reason as the recent mpv
patches [1], the Require.private fields of pkg-config files are actually used
even when dynamic linking [2]. This means we need to propagate some
transitive dependencies for users of the library, but here the packages also
contain binaries for end-users and we don't want to propagate to them.

So in the meantime, I just added some new functions
libdevmapper-propagated-inputs and libcryptsetup-propagated-inputs that I then
manually included in the dependents's inputs. I am not satisfied by this, but
this is better than manually adding each needed transitive input, or
propagating to end-users.

Any ideas?

[1] mid:521d0ba6e3d10b3b8aa98b35862d819c82223412.1704430613.git.hako@ultrarare.space

Best,

Josselin Poiret (7):
gnu: cryptsetup: Update to 2.6.1.
gnu: Add libdevmapper-propagated-inputs.
gnu: Add libcryptsetup-propagated-inputs.
gnu: volume-key: Add required transitive dependencies.
gnu: libblockdev: Add libcryptsetup propagated inputs.
gnu: lvm2-static: Properly handle eudev dependency in pkg-config.
gnu: cryptsetup-static: Fix static build.

gnu/packages/cryptsetup.scm | 104 +++++++++++++++++++++---------------
gnu/packages/disk.scm | 46 ++++++++--------
gnu/packages/linux.scm | 42 +++++++++------
3 files changed, 111 insertions(+), 81 deletions(-)


base-commit: a5735488d3917ccb95fa975385ff294c4e3b9521
--
2.41.0
J
J
Josselin Poiret wrote on 22 Jan 14:36 +0100
[PATCH core-updates 1/7] gnu: cryptsetup: Update to 2.6.1.
(address . 68656@debbugs.gnu.org)(name . Josselin Poiret)(address . dev@jpoiret.xyz)
9939efb9bb6e769d0a0298183128e4b6c34771d2.1705762361.git.dev@jpoiret.xyz
From: Josselin Poiret <dev@jpoiret.xyz>

* gnu/packages/cryptsetup.scm (cryptsetup): Update to 2.6.1. Disable external
tokens for now.

Change-Id: I5610cabfbd46d010a8241430d8d90f5920847c04
---
gnu/packages/cryptsetup.scm | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)

Toggle diff (48 lines)
diff --git a/gnu/packages/cryptsetup.scm b/gnu/packages/cryptsetup.scm
index 3bdc68ae5a..3cb669206a 100644
--- a/gnu/packages/cryptsetup.scm
+++ b/gnu/packages/cryptsetup.scm
@@ -30,12 +30,13 @@ (define-module (gnu packages cryptsetup)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages popt)
#:use-module (gnu packages linux)
+ #:use-module (gnu packages ruby)
#:use-module (gnu packages web))
(define-public cryptsetup
(package
(name "cryptsetup")
- (version "2.3.7")
+ (version "2.6.1")
(source (origin
(method url-fetch)
(uri (string-append "mirror://kernel.org/linux/utils/cryptsetup/v"
@@ -43,7 +44,7 @@ (define-public cryptsetup
"/cryptsetup-" version ".tar.xz"))
(sha256
(base32
- "1a97rvi6arsj8dikh1qsvixx9rizm89k155q2ypifqlqllr530v1"))))
+ "14s6vbb9llpgnhmv0badxxzhi73jp4vyvp8swk4bjah7l5jys3a1"))))
(build-system gnu-build-system)
(arguments
`(#:configure-flags
@@ -54,12 +55,16 @@ (define-public cryptsetup
"--with-crypto_backend=gcrypt"
;; GRUB 2.06 supports LUKS2, but does it reliably support all set-ups…?
"--with-default-luks-format=LUKS1"
+ ;; External tokens would need an env variable to work on Guix, and we
+ ;; don't have users for it yet.
+ "--disable-external-tokens"
+ "--disable-ssh-token"
;; libgcrypt is not found otherwise when cross-compiling.
;; <https://issues.guix.gnu.org/63864>
(string-append "--with-libgcrypt-prefix="
(assoc-ref %build-inputs "libgcrypt")))))
(native-inputs
- (list pkg-config))
+ (list pkg-config ruby-asciidoctor))
(inputs
(list argon2
json-c
--
2.41.0
J
J
Josselin Poiret wrote on 22 Jan 14:36 +0100
[PATCH core-updates 2/7] gnu: Add libdevmapper-propagated-inputs.
(address . 68656@debbugs.gnu.org)(name . Josselin Poiret)(address . dev@jpoiret.xyz)
04d8f33027a67a32de0460a490bd2be727650070.1705762361.git.dev@jpoiret.xyz
From: Josselin Poiret <dev@jpoiret.xyz>

* gnu/packages/linux.scm (libdevmapper-propagated-inputs): Record needed
inputs for libdevmapper.

Change-Id: I6db51ea2ce640f77198fd67f0e2480052907f28e
---
gnu/packages/linux.scm | 3 +++
1 file changed, 3 insertions(+)

Toggle diff (16 lines)
diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index 5cfd2025f6..2977b8f88e 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -4588,6 +4588,9 @@ (define-public lvm2
;; Command-line tools are GPLv2.
(license (list license:gpl2 license:lgpl2.1))))
+(define-public (libdevmapper-propagated-inputs)
+ (list eudev))
+
(define-public lvm2-static
(package
(inherit lvm2)
--
2.41.0
J
J
Josselin Poiret wrote on 22 Jan 14:36 +0100
[PATCH core-updates 3/7] gnu: Add libcryptsetup-propagated-inputs.
(address . 68656@debbugs.gnu.org)(name . Josselin Poiret)(address . dev@jpoiret.xyz)
cbe5ba7a852f836ddead50d728a4139d1a74e799.1705762361.git.dev@jpoiret.xyz
From: Josselin Poiret <dev@jpoiret.xyz>

* gnu/packages/cryptsetup.scm (libcryptsetup-propagated-inputs): Record needed
inputs for libcryptsetup.

Change-Id: Ia630f2d5f180536d997af93e57aa547379b2c010
---
gnu/packages/cryptsetup.scm | 7 +++++++
1 file changed, 7 insertions(+)

Toggle diff (20 lines)
diff --git a/gnu/packages/cryptsetup.scm b/gnu/packages/cryptsetup.scm
index 3cb669206a..8e2bdb6d9e 100644
--- a/gnu/packages/cryptsetup.scm
+++ b/gnu/packages/cryptsetup.scm
@@ -91,6 +91,13 @@ (define-public cryptsetup
(license license:gpl2)
(home-page "https://gitlab.com/cryptsetup/cryptsetup")))
+(define-public (libcryptsetup-propagated-inputs)
+ (list argon2
+ json-c
+ libgcrypt
+ lvm2
+ `(,util-linux "lib")))
+
(define (static-library library)
"Return a variant of package LIBRARY that provides static libraries ('.a'
files). This assumes LIBRARY uses Libtool."
--
2.41.0
J
J
Josselin Poiret wrote on 22 Jan 14:36 +0100
[PATCH core-updates 4/7] gnu: volume-key: Add required transitive dependencies.
(address . 68656@debbugs.gnu.org)(name . Josselin Poiret)(address . dev@jpoiret.xyz)
feea14dac4f0ade45673c0971da4a3d2badb2d43.1705762361.git.dev@jpoiret.xyz
From: Josselin Poiret <dev@jpoiret.xyz>

* gnu/packages/disk.scm (volume-key): Add transitive dependencies for
libdevmapper and libcryptsetup.

Change-Id: Iaced5bedd2f6ec8e67118b2ee4d01f14704a3694
---
gnu/packages/disk.scm | 13 +++++++------
1 file changed, 7 insertions(+), 6 deletions(-)

Toggle diff (26 lines)
diff --git a/gnu/packages/disk.scm b/gnu/packages/disk.scm
index 4582ad3555..6cc191ff25 100644
--- a/gnu/packages/disk.scm
+++ b/gnu/packages/disk.scm
@@ -1036,12 +1036,13 @@ (define-public volume-key
(native-inputs
(list pkg-config swig python-3)) ; used to generate the Python bindings
(inputs
- `(("cryptsetup" ,cryptsetup)
- ("nss" ,nss)
- ("libblkid" ,util-linux "lib")
- ("lvm2" ,lvm2) ; for "-ldevmapper"
- ("glib" ,glib)
- ("gpgme" ,gpgme)))
+ (append
+ (cons cryptsetup (libcryptsetup-propagated-inputs))
+ (cons lvm2 (libdevmapper-propagated-inputs))
+ (list nss
+ (list util-linux "lib")
+ glib
+ gpgme)))
(arguments
`(#:tests? #f ; not sure how tests are supposed to pass, even when run manually
#:phases
--
2.41.0
J
J
Josselin Poiret wrote on 22 Jan 14:36 +0100
[PATCH core-updates 5/7] gnu: libblockdev: Add libcryptsetup propagated inputs.
(address . 68656@debbugs.gnu.org)(name . Josselin Poiret)(address . dev@jpoiret.xyz)
e900748bbe06a2f3f594986fdc73e5848935a9ac.1705762361.git.dev@jpoiret.xyz
From: Josselin Poiret <dev@jpoiret.xyz>

* gnu/packages/disk.scm (libblockdev): Add propagated inputs from libcryptsetup.

Change-Id: I4e1a6330f093d7829b1cd97921d078c524f5f9fc
---
gnu/packages/disk.scm | 33 +++++++++++++++++----------------
1 file changed, 17 insertions(+), 16 deletions(-)

Toggle diff (46 lines)
diff --git a/gnu/packages/disk.scm b/gnu/packages/disk.scm
index 6cc191ff25..20956c1bda 100644
--- a/gnu/packages/disk.scm
+++ b/gnu/packages/disk.scm
@@ -1198,22 +1198,23 @@ (define-public libblockdev
python-wrapper
util-linux))
(inputs
- (list btrfs-progs
- cryptsetup
- dosfstools
- dmraid
- eudev
- glib
- kmod
- libbytesize
- libyaml
- lvm2
- mdadm
- ndctl
- nss
- parted
- volume-key
- xfsprogs))
+ (append
+ (cons cryptsetup (libcryptsetup-propagated-inputs))
+ (list btrfs-progs
+ dosfstools
+ dmraid
+ eudev
+ glib
+ kmod
+ libbytesize
+ libyaml
+ lvm2
+ mdadm
+ ndctl
+ nss
+ parted
+ volume-key
+ xfsprogs)))
(home-page "https://github.com/storaged-project/libblockdev")
(synopsis "Library for manipulating block devices")
(description
--
2.41.0
J
J
Josselin Poiret wrote on 22 Jan 14:36 +0100
[PATCH core-updates 6/7] gnu: lvm2-static: Properly handle eudev dependency in pkg-config.
(address . 68656@debbugs.gnu.org)(name . Josselin Poiret)(address . dev@jpoiret.xyz)
d478510e9c40735ea53cebead0651e4a6baa4ed4.1705762361.git.dev@jpoiret.xyz
From: Josselin Poiret <dev@jpoiret.xyz>

* gnu/packages/linux.scm (lvm2-static): Add linking flags for the static eudev
output.

Change-Id: Ic43be600f0569a8ffa69544cbf661f05d82e2084
---
gnu/packages/linux.scm | 39 ++++++++++++++++++++++++---------------
1 file changed, 24 insertions(+), 15 deletions(-)

Toggle diff (59 lines)
diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index 2977b8f88e..38a7caf71b 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -4596,8 +4596,8 @@ (define-public lvm2-static
(inherit lvm2)
(name "lvm2-static")
- ;; Propagate udev because libdevmapper.a depends on libudev.
- (propagated-inputs `(("udev:static" ,eudev "static")))
+ (inputs `(,@(package-inputs lvm2)
+ ("udev:static" ,eudev "static")))
(arguments
(substitute-keyword-arguments (package-arguments lvm2)
@@ -4611,19 +4611,28 @@ (define-public lvm2-static
;; it until the situation improves.
(delete "--enable-dmeventd" ,flags)))
((#:phases phases)
- `(modify-phases ,phases
- (add-before 'configure 'adjust-Makefile
- (lambda _
- ;; These fixes are related to the upstream libdm->device_mapper
- ;; migration and will hopefully be fixed upstream in due time.
- (substitute* "tools/Makefile.in"
- ;; This variable is empty in a static configuration and causes
- ;; an erroneous GCC command line.
- (("-L\\$\\(interfacebuilddir\\)") "")
- ;; Remove obsolete reference to libdevmapper.a.
- (("-ldevmapper") ""))
- #t))))))
- (synopsis "Logical volume management for Linux (statically linked)")))
+ #~(modify-phases #$phases
+ (add-before 'configure 'adjust-Makefile
+ (lambda _
+ ;; These fixes are related to the upstream libdm->device_mapper
+ ;; migration and will hopefully be fixed upstream in due time.
+ (substitute* "tools/Makefile.in"
+ ;; This variable is empty in a static configuration and causes
+ ;; an erroneous GCC command line.
+ (("-L\\$\\(interfacebuilddir\\)") "")
+ ;; Remove obsolete reference to libdevmapper.a.
+ (("-ldevmapper") ""))
+ #t))
+ (add-after 'install 'adjust-pkgconfig
+ ;; The static eudev is missing its pkg config file, and I am not
+ ;; rebuilding it at this point.
+ (lambda* (#:key inputs #:allow-other-keys)
+ (substitute* (string-append #$output "/lib/pkgconfig/devmapper.pc")
+ (("Requires.private: .*") "")
+ (("Libs.private:")
+ (format #f "Libs.private: -L~a -ludev"
+ (dirname (search-input-file inputs "lib/libudev.a")))))))))))
+ (synopsis "Logical volume management for Linux (statically linked)")))
(define-public thin-provisioning-tools
(package
--
2.41.0
J
J
Josselin Poiret wrote on 22 Jan 14:36 +0100
[PATCH core-updates 7/7] gnu: cryptsetup-static: Fix static build.
(address . 68656@debbugs.gnu.org)(name . Josselin Poiret)(address . dev@jpoiret.xyz)
3b0266f455e3789bc3eb9eaa5f9e26551312852c.1705762361.git.dev@jpoiret.xyz
From: Josselin Poiret <dev@jpoiret.xyz>

* gnu/packages/cryptsetup.scm (cryptsetup-static): Pass static variants of
dependencies. Also work around wrong pkg-config paths of util-linux for the
static output.

Change-Id: I025f241b02ee0ea80227ef7d31789571e635ef2c
---
gnu/packages/cryptsetup.scm | 86 +++++++++++++++++++------------------
1 file changed, 45 insertions(+), 41 deletions(-)

Toggle diff (115 lines)
diff --git a/gnu/packages/cryptsetup.scm b/gnu/packages/cryptsetup.scm
index 8e2bdb6d9e..8ff649bccc 100644
--- a/gnu/packages/cryptsetup.scm
+++ b/gnu/packages/cryptsetup.scm
@@ -23,6 +23,7 @@ (define-module (gnu packages cryptsetup)
#:use-module (guix packages)
#:use-module (guix download)
#:use-module (guix build-system gnu)
+ #:use-module (guix gexp)
#:use-module (guix utils)
#:use-module (gnu packages)
#:use-module (gnu packages gnupg)
@@ -116,56 +117,59 @@ (define-public cryptsetup-static
(inherit cryptsetup)
(name "cryptsetup-static")
(arguments
- '(#:configure-flags '("--disable-shared"
- "--enable-static-cryptsetup"
-
- "--disable-veritysetup"
- "--disable-cryptsetup-reencrypt"
- "--disable-integritysetup"
-
- ;; The default is OpenSSL which provides better PBKDF performance.
- "--with-crypto_backend=gcrypt"
-
- "--disable-blkid"
- ;; 'libdevmapper.a' pulls in libpthread, libudev and libm.
- "LIBS=-ludev -pthread -lm")
-
- #:allowed-references () ;this should be self-contained
-
- #:modules ((ice-9 ftw)
- (ice-9 match)
- (guix build utils)
- (guix build gnu-build-system))
+ (substitute-keyword-arguments (package-arguments cryptsetup)
+ ((#:configure-flags flags ''())
+ `(cons* "--disable-shared"
+ "--enable-static-cryptsetup"
- #:phases (modify-phases %standard-phases
- (add-after 'install 'remove-cruft
- (lambda* (#:key outputs #:allow-other-keys)
- ;; Remove everything except the 'cryptsetup' command.
- (let ((out (assoc-ref outputs "out")))
- (with-directory-excursion out
- (let ((dirs (scandir "."
- (match-lambda
- ((or "." "..") #f)
- (_ #t)))))
- (for-each delete-file-recursively
- (delete "sbin" dirs))
- (for-each (lambda (file)
- (rename-file (string-append file
- ".static")
- file)
- (remove-store-references file))
- '("sbin/cryptsetup"))
- #t))))))))
+ "--disable-veritysetup"
+ "--disable-integritysetup"
+ ;; Bypass broken pkg-config paths for the static output of
+ ;; util-linux. Only blkid is located through pkg-config, not
+ ;; uuid.
+ (format #f "BLKID_CFLAGS=-I~a"
+ (search-input-directory %build-inputs "include/blkid"))
+ (format #f "BLKID_LIBS=-L~a -lblkid"
+ (dirname (search-input-file %build-inputs "lib/libblkid.a")))
+ ,flags))
+ ((#:allowed-references refs '())
+ '())
+ ((#:modules modules '())
+ '((ice-9 ftw)
+ (ice-9 match)
+ (guix build utils)
+ (guix build gnu-build-system)))
+ ((#:phases phases #~%standard-phases)
+ #~(modify-phases #$phases
+ (add-after 'install 'remove-cruft
+ (lambda* (#:key outputs #:allow-other-keys)
+ ;; Remove everything except the 'cryptsetup' command.
+ (let ((out (assoc-ref outputs "out")))
+ (with-directory-excursion out
+ (let ((dirs (scandir "."
+ (match-lambda
+ ((or "." "..") #f)
+ (_ #t)))))
+ (for-each delete-file-recursively
+ (delete "sbin" dirs))
+ (for-each (lambda (file)
+ (rename-file (string-append file
+ ".static")
+ file)
+ (remove-store-references file))
+ '("sbin/cryptsetup"))
+ #t)))))))))
(inputs
(let ((libgcrypt-static
(package
(inherit (static-library libgcrypt))
(propagated-inputs
`(("libgpg-error-host" ,(static-library libgpg-error)))))))
- `(("json-c" ,json-c-0.13)
+ `(("argon2" ,(static-library argon2))
+ ("json-c" ,(static-library json-c-0.13))
("libgcrypt" ,libgcrypt-static)
("lvm2" ,lvm2-static)
("util-linux" ,util-linux "static")
("util-linux" ,util-linux "lib")
- ("popt" ,popt))))
+ ("popt" ,(static-library popt)))))
(synopsis "Hard disk encryption tool (statically linked)")))
--
2.41.0
M
M
Maxim Cournoyer wrote on 24 Jan 17:42 +0100
Re: [bug#68656] [PATCH core-updates 0/7] Cryptsetup woes
(name . Josselin Poiret)(address . dev@jpoiret.xyz)(address . 68656@debbugs.gnu.org)
87wmrywun5.fsf@gmail.com
Hi Josselin,

Josselin Poiret <dev@jpoiret.xyz> writes:

Toggle quote (8 lines)
> Hi everyone,
>
> I'm working on core-updates, trying to build gnome and the desktop
> configuration example. I've already pushed some fixes, but cryptsetup and
> lvm2 are proving to be quite annoying: for the same reason as the recent mpv
> patches [1], the Require.private fields of pkg-config files are actually used
> even when dynamic linking [2].

Ooof. I've read this whole thread, and if I got something right, our
best options would be:

1. try using pkgconf instead of pkg-config, which supports
Requires.internal as a correct way to define Requires.private for truly
private libraries, and may have a different handling (more correct?) of
the Requires.private field.

2. Specify the -Ddefault_library=shared in the default configure-flags
of Meson; when done that way, Meson doesn't add the libs to
Requires.private in its generated .pc files. That obviously means
building static libraries is not supported, but that's not a concern too
great for Guix, I would think.

Thoughts?

--
Thanks,
Maxim
?
Your comment

Commenting via the web interface is currently disabled.

To comment on this conversation send an email to 68656@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 68656
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch