|
| 1 | +--- |
| 2 | +title: glibc 2.38 Update Issues and Solutions |
| 3 | +layout: post |
| 4 | +--- |
| 5 | + |
| 6 | +With the update to glibc 2.38, `libcrypt.so.1` is [no longer provided by |
| 7 | +glibc](https://sourceware.org/glibc/wiki/Release/2.38#Building_libcrypt_is_disabled_by_default). |
| 8 | +Libcrypt is an important library for several core system packages that use |
| 9 | +cryptographic functions, including `pam`. The library has changed versions, and |
| 10 | +the legacy version is still available for precompiled or proprietary |
| 11 | +applications. The new version is available on Void as `libxcrypt` and the legacy |
| 12 | +version is `libxcrypt-compat`. |
| 13 | + |
| 14 | +With this change, some kinds of partial upgrades can leave PAM unable to |
| 15 | +function. This breaks tools like `sudo`, `doas`, and `su`, as well as breaking |
| 16 | +authentication to your system. Symptoms include messages like "PAM |
| 17 | +authentication error: Module is unknown". If this has happened to you, you can |
| 18 | +either: |
| 19 | + |
| 20 | +- add `init=/bin/sh` to your kernel command-line in the bootloader and |
| 21 | + [downgrade](https://docs.voidlinux.org/xbps/advanced-usage.html#downgrading) |
| 22 | + glibc, |
| 23 | +- or mount the system's root partition in a live environment, |
| 24 | + [chroot](https://docs.voidlinux.org/config/containers-and-vms/chroot.html#chroot-usage) |
| 25 | + into it, and install `libxcrypt-compat` |
| 26 | + |
| 27 | +Either of these steps should allow you to access your system as normal and run a |
| 28 | +full update. |
| 29 | + |
| 30 | +To ensure the disastrous partial upgrade (described above) cannot happen, |
| 31 | +`glibc-2.38_3` now depends on `libxcrypt-compat`. With this change, it is safe |
| 32 | +to perform partial upgrades that include glibc 2.38. |
0 commit comments