Package: varnish Version: 6.1.1-1 Tags: patch User: [email protected] Usertags: rebootstrap
varnish embeds the detected compiler and build flags into the varnishd binary for the variable cc_command. Given that the default build flags include -fdebug-prefix-map, this embeds the varnish's build path and makes varnish unreproducible. Also using "gcc" is not what varnish wants: When installed for a foreign architecture, the created objects will fail to load. varnish must use a triplet-prefixed compiler here. The latter happens to break cross compilation. Please consider applying the attached patch to get a correct and reproducible default for cc_command. Helmut
diff --minimal -Nru varnish-6.1.1/debian/changelog varnish-6.1.1/debian/changelog --- varnish-6.1.1/debian/changelog 2018-12-01 13:44:50.000000000 +0100 +++ varnish-6.1.1/debian/changelog 2018-12-09 21:02:45.000000000 +0100 @@ -1,3 +1,10 @@ +varnish (6.1.1-1.1) UNRELEASED; urgency=medium + + * Non-maintainer upload. + * Make cc_command reproducible. (Closes: #-1) + + -- Helmut Grohne <[email protected]> Sun, 09 Dec 2018 21:02:45 +0100 + varnish (6.1.1-1) unstable; urgency=medium * Imported new upstream version 6.1.1 diff --minimal -Nru varnish-6.1.1/debian/rules varnish-6.1.1/debian/rules --- varnish-6.1.1/debian/rules 2018-12-01 13:44:50.000000000 +0100 +++ varnish-6.1.1/debian/rules 2018-12-09 21:02:45.000000000 +0100 @@ -4,16 +4,12 @@ export DEB_BUILD_MAINT_OPTIONS = hardening=+all DPKG_EXPORT_BUILDFLAGS = 1 +include /usr/share/dpkg/architecture.mk include /usr/share/dpkg/buildflags.mk # List of architectures where jemalloc is not available DISABLE_JEMALLOC_ARCH_LIST := hppa m68k -# Explicitly initialize a variable to select architecture, unless it has been -# defined before. This is compared against the DISABLE_*_LIST variables later -# in this makefile -DEB_HOST_ARCH ?= $(shell dpkg-architecture -qDEB_HOST_ARCH) - # Set local state dir for FHS LOCAL_CONFIGURE_FLAGS = --localstatedir=/var/lib @@ -39,6 +35,13 @@ # https://github.com/varnishcache/varnish-cache/issues/1875 CFLAGS += -fexcess-precision=standard +# Disable reproducible cflags as embedding them in to the binary makes the +# build unreproducible. +export VCC_CC=exec \ + $(DEB_HOST_GNU_TYPE)-gcc \ + $(shell DEB_BUILD_MAINT_OPTIONS="$(DEB_BUILD_MAINT_OPTIONS) reproducible=-all" dpkg-buildflags --get CFLAGS) \ + -Werror -Wno-error=unused-result -pthread -fpic -shared -Wl,-x -o %o %s + # Main build rule, leave everything to debhelper %: dh $@
