В письме от Вторник 25 июня 2013 10:57:06 пользователь Vladimír Čunát написал: > On 06/25/2013 10:45 AM, [email protected] wrote: > > This is what I have achieved so far: > Sounds nice. > > Wouldn't it be more certain/universal to LD_PRELOAD or something to > achieve that the system time always looks the same to any build-time > tool? (e.g. UNIX time =0)
This is a bit platform-specific and there may be other gotchas like getting the mtime using stat instead of querying system time. Other impurities in static libs are uid/gid of the file. But sanitizing build inputs in general is a very interesting topic which has practical applications and deserves a separate discussion. > > Unstripped binaries: may be contaminated by "build-id". Can be avoided > > either by passing ld --build-id=none param or careful stripping. Needs > > testing. Luckily this is a very small subset of packages. > > I looked at "man ld" and I think we rather want --build-id=sha1 as it's > explicitly stated that the ID is uniquely determined by the output. I haven't checked for sure but vandenoever's tests seem to indicate that the default build id is in fact sha1 and it depends on the build dir :( _______________________________________________ nix-dev mailing list [email protected] http://lists.science.uu.nl/mailman/listinfo/nix-dev
