Your message dated Fri, 31 Jul 2015 10:19:11 +0000
with message-id <[email protected]>
and subject line Bug#792945: fixed in authbind 2.1.1+nmu1
has caused the Debian Bug report #792945,
regarding authbind: please make the mtimes reproducible
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
792945: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=792945
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: authbind
Version: 3.0.3.5
Severity: wishlist
Tags: patch
User: [email protected]
Usertags: timestamps
X-Debbugs-Cc: [email protected]
Hi!
While working on the “reproducible builds” effort [1], we have noticed
that authbind could not be built reproducibly.
The attached patch sets the mtimes of all files which are modified
during the built to the date of the last changelog entry in order to
produce files with reproducible metadata.
Cheers,
akira
[1]: https://wiki.debian.org/ReproducibleBuilds
diff -Nru authbind-2.1.1/debian/changelog authbind-2.1.1+nmu1/debian/changelog
--- authbind-2.1.1/debian/changelog 2012-06-11 00:17:19.000000000 +0200
+++ authbind-2.1.1+nmu1/debian/changelog 2015-07-15 23:42:10.000000000
+0200
@@ -1,3 +1,10 @@
+authbind (2.1.1+nmu1) UNRELEASED; urgency=medium
+
+ * Non-maintainer upload.
+ * Fix mtimes before building binary packages to produce reproducible output
+
+ -- akira <[email protected]> Wed, 15 Jul 2015 23:40:51 +0200
+
authbind (2.1.1) unstable; urgency=low
* Manpage has an example of which files will be checked and read
diff -Nru authbind-2.1.1/debian/rules authbind-2.1.1+nmu1/debian/rules
--- authbind-2.1.1/debian/rules 2012-06-03 02:45:04.000000000 +0200
+++ authbind-2.1.1+nmu1/debian/rules 2015-07-15 23:37:33.000000000 +0200
@@ -29,6 +29,8 @@
arch = $(shell dpkg --print-architecture)
+BUILD_DATE := $(shell dpkg-parsechangelog --show-field Date)
+
INSTALL = install
INSTALL_FILE = $(INSTALL) -p -o root -g root -m 644
INSTALL_PROGRAM = $(INSTALL) -p -o root -g root -m 755
@@ -90,6 +92,8 @@
dpkg-gencontrol -isp
chown -R root.root debian/tmp
chmod -R g-ws debian/tmp
+ find debian/tmp -newermt '$(BUILD_DATE)' -print0 | \
+ xargs -0r touch --no-dereference --date='$(BUILD_DATE)'
dpkg --build debian/tmp ..
binary: binary-indep binary-arch
--- End Message ---
--- Begin Message ---
Source: authbind
Source-Version: 2.1.1+nmu1
We believe that the bug you reported is fixed in the latest version of
authbind, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Johannes Schauer <[email protected]> (supplier of updated authbind package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sun, 26 Jul 2015 11:23:35 +0200
Source: authbind
Binary: authbind
Architecture: source amd64
Version: 2.1.1+nmu1
Distribution: unstable
Urgency: medium
Maintainer: Ian Jackson <[email protected]>
Changed-By: Johannes Schauer <[email protected]>
Description:
authbind - Allows non-root programs to bind() to low ports
Closes: 792945
Changes:
authbind (2.1.1+nmu1) unstable; urgency=medium
.
* Non-maintainer upload.
* Fix mtimes before building binary packages to produce reproducible output
Based on patch by akira (Closes: #792945)
Checksums-Sha1:
fce3e635ad458e379da94e8fd92f4eda38156e10 1370 authbind_2.1.1+nmu1.dsc
bd57a446896b1cb32b32c8c295319734f7b644f8 14831 authbind_2.1.1+nmu1.tar.gz
5ff096953274a9fadb298baaff5b4d99e2519511 17658 authbind_2.1.1+nmu1_amd64.deb
Checksums-Sha256:
ffe3c06b1dd9fef46393ae0714335d364917999acd873eaeda4f14296f4b53f7 1370
authbind_2.1.1+nmu1.dsc
98118a7f28220b25fb43728a3a58ddc8fa58a1dd566095019bf22e213e5f4abe 14831
authbind_2.1.1+nmu1.tar.gz
7b0e8169617d6373c914b8aaa7557c444c8cd12a552bcd1c220610c51fba620d 17658
authbind_2.1.1+nmu1_amd64.deb
Files:
f4c8bd39c001e15a32893689922cc082 1370 utils optional authbind_2.1.1+nmu1.dsc
e7675795d891cbf2ddc97eca3f74bd43 14831 utils optional
authbind_2.1.1+nmu1.tar.gz
9c78a0b90634a056b306e552b6a2b9eb 17658 utils optional
authbind_2.1.1+nmu1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJVtKgfAAoJEPLLpcePvYPhvNkP/1RX9QGz6SG6YcPpwerYBAif
jw1LkHtU8vW/nAa2YEEMOHIlMgTfp6XK/4ZiZBadxDYt6afGdk63uu5Lw07GjiiQ
7EJDyUsP6Hm/VmEcHET7x4rXFuNAAPbI/bn+lGnC+Bh6kecshX+cvm+xbYh/GJng
r/tNd3WdoWGXpYSbjoO0Wz2mCTUZh9/oDVdtlaobWB3uhJeMOhFXH8i097oipRCL
u1eLWV7l38vVg0sJgF+/gUcRCqMVEiM2LG6pTAcstKjDq4WpGMlXcLVckO6r6kE9
ZE5jmqgUrLkKQCvd9Q/43v33cfxwjoFZIUx5cIXI/Wzo5DOFveDXKyAv1uHaQ/Ae
xzWcGSG8LfUZ0KjOroFkfWdplxXZhJlIXC4H1N8WKRlAJCURPSOS0hJHF0yDHn4J
IClk24uKYzejUIEgH93cXYa+3LPReUcN3gHYx43vztd0oP3qJXCzz2nsxlJCQ9iu
5b+PPGeVuShmgDwZWcGVXdXaOgmFIdiQHc+UUji1aBl/D7SBMtvZnn8GOUEeB7EZ
E/CL+PhTttfgeCLuKk3IyntLK2P1PjRa+7OrZqmUaS8/worqpR2LJgWQYRsXkTXN
8NZdif3zFbofGSuiKeCEm2SB2yPylElO8oS4Q12+BUsehqWHpbkH5/qAZtPxGupX
jtIFtXfpQaEvoQITfwzm
=qP7S
-----END PGP SIGNATURE-----
--- End Message ---
