/sbin/cryptsetup is a dynamic executable, and two of its libraries (libcryptsetup and libjson) reside in /usr/lib{,64}/.

Encrypted volumes are supposed to be opened before non-root volumes get mounted. If /usr is in a separate volume, /sbin/cryptsetup can't run from /etc/rc.d/rc.S during boot.

(Although I vaguely remember a thread where Pat stated, or at least suggested, that separate /usr partitions are deprecated in Slackware... but my memory might be failing me here.)

This separate /usr partitioning issue was discussed in this forum for multiple times.

Long story short, Mr. Volkerding does NOT support anymore a logical division between "root" and "usr", where all binaries from /bin and /sbin to be self-contained into / (root partition) and many of those binaries uses libraries from /usr, not only cryptsetup but even udevd and many others.

However, there's a well known way to use a physical division of /usr in a separate partition: to mount the "/usr" and whatever other partition - for example "/var", from the initrd.

The bad news is that by default the Slackware initrd design does not have support for those "/usr" or "/var" mounting, and it even does not have a modular design, where the user to "inject" particular script snippets, like other distributions do. So you have to modify this script itself yourself as you like.

The even more bad news is that that initrd design does not have a way to "clean rebuild" the initrd, preserving your script changes.

So, if you use a separate block device for your "/usr", in my own case I do not use a separate partition but a compressed file to reduce the system size, you can very easily override your changes using the "-c" switch and if you do not notice that before reboot, the end result is probably an unbootable system - unless you have another valid boot entry or a live system for recovery.

Myself, I tried to discuss in the near past about the limitations from the current initrd design, but looks like The Powers That Be are not interested about this subject.

1 members found this post helpful.

Well, you have to go in and patch mkinitrd as well. OTOH, I didn't find the effort to be worth it; I just encrypt my LVM PV(s) instead.