On 2 November 2015 at 14:47, William Harrington <[email protected]> wrote: > On Mon, November 2, 2015 13:17, Richard Melville wrote: >> Under "Command Explanations" it reads "--with-capabilities: This >> option enables libcap2 support". >> >> May we have a health warning here because if this option is enabled, >> and the user goes on to build and install cryptsetup, they will find >> that their cryptsetup build is completely broken. >> >> Result:- >> >> device-mapper: version ioctl on failed: Permission denied >> Incompatible libdevmapper (unknown version) and kernel driver (unknown >> version). >> >> I know that cryptsetup is not in the book, but I'm sure that I'm not >> the only one that sees it as an essential tool for encrypting block >> devices. Building libgcrypt with the "capabilities" option gave me >> two days of building, rebuilding and testing other packages until I >> discovered the cause of the problem. >> >> Richard > > Just to give a bit of history, this issue has been around since about > 2010. I'm also posting urls with some more info about the issue: > > https://bugs.gnupg.org/gnupg/issue1181 > http://code.google.com/p/cryptsetup/issues/detail?id=47 > > The project has moved to gitlab and am not able to view the issue linked > in the above bug or can determine if it would be valid:
The bug is easy enough to replicate: remove libgcrypt and re-build it with "capabilities"; test cryptsetup and you'll see it's broken. Remove libgcrypt and re-build *without* "capabilities"; test cryptsetup again and it works as expected. I suppose another answer is to use a different crypto library with crypsetup, but as cryptsetup is not in the BLFS book then it's irrelevant here. > > https://gitlab.com/cryptsetup/cryptsetup/issues/detail?id=47 > > I usually build cryptsetup with systemd for encrypted filesystem support > and I do remember long ago I had the same issue with Richard. I ended up > not using --with-capabilities after I encountered the same problem. Richard -- http://lists.linuxfromscratch.org/listinfo/blfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
