Source: dash
Version: 0.5.8-2
Severity: wishlist
Tags: patch
User: reproducible-builds@lists.alioth.debian.org
Usertags: timestamps fileordering

Hi!

While working on the “reproducible builds” effort [1], we have noticed
that dash could not be built reproducibly.

The attached patches fix this. I hope their descriptions are explanatory
enough.

 [1]: https://wiki.debian.org/ReproducibleBuilds

-- 
Lunar                                .''`. 
lu...@debian.org                    : :Ⓐ  :  # apt-get install anarchism
                                    `. `'` 
                                      `-   
From 386c9fffab10be7a38b491c77222191ed5005122 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=A9r=C3=A9my=20Bobbio?= <lu...@debian.org>
Date: Fri, 2 Jan 2015 15:48:14 +0100
Subject: [PATCH 1/3] Fix mtimes before building binary packages

To enable dash to build reproducibly, mtimes of any files
created after the date of the latest debian/changelog entry
will be changed to that date.
---
 debian/rules | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/debian/rules b/debian/rules
index 814a766..563edd2 100755
--- a/debian/rules
+++ b/debian/rules
@@ -11,6 +11,8 @@ LDFLAGS =$(shell DEB_BUILD_MAINT_OPTIONS=$(DEB_BUILD_MAINT_OPTIONS) \
 CPPFLAGS =$(shell DEB_BUILD_MAINT_OPTIONS=$(DEB_BUILD_MAINT_OPTIONS) \
   dpkg-buildflags --get CPPFLAGS)
 
+BUILD_DATE := $(shell dpkg-parsechangelog | sed -n -e 's/^Date: //p')
+
 DEB_HOST_GNU_TYPE =$(shell dpkg-architecture -qDEB_HOST_GNU_TYPE)
 DEB_BUILD_GNU_TYPE =$(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE)
 ifneq ($(DEB_HOST_GNU_TYPE),$(DEB_BUILD_GNU_TYPE))
@@ -95,12 +97,16 @@ install-arch: deb-checkdir deb-checkuid build-stamp
 binary: binary-indep binary-arch
 binary-indep: install-indep ash.deb
 	dpkg-gencontrol -isp -pash -P'$(DIRA)'
+	find '$(DIRA)' -depth -newermt '$(BUILD_DATE)' -print0 | \
+		xargs -0r touch --no-dereference --date='$(BUILD_DATE)'
 	dpkg -b '$(DIRA)' ..
 binary-arch: install-arch po-templates dash.deb
 	# dash
 	rm -f debian/substvars
 	test '$(CC)' != 'gcc' || dpkg-shlibdeps '$(DIR)'/bin/dash
 	dpkg-gencontrol -isp -pdash -P'$(DIR)'
+	find '$(DIR)' -depth -newermt '$(BUILD_DATE)' -print0 | \
+		xargs -0r touch --no-dereference --date='$(BUILD_DATE)'
 	dpkg -b '$(DIR)' ..
 
 .PHONY: configure build po-templates clean patch install install-indep \
-- 
2.1.4

From 3430d7f9e1be16c37d2b42bbdf002dc1530bb2f9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=A9r=C3=A9my=20Bobbio?= <lu...@debian.org>
Date: Fri, 2 Jan 2015 15:58:35 +0100
Subject: [PATCH 2/3] Stop recording timestamps when gzip'ing files

To enable dash to build reproducibly, we stop recording the current
time when creating gzip files.
---
 debian/implicit | 4 ++--
 debian/rules    | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/debian/implicit b/debian/implicit
index fbfce40..5eeef87 100644
--- a/debian/implicit
+++ b/debian/implicit
@@ -35,7 +35,7 @@ deb-checkuid:
 	    debian/$*/usr/share/doc/$*/changelog'
 	@test -s debian/$*/usr/share/doc/$*/changelog || \
 	  sh -cx 'rm -f debian/$*/usr/share/doc/$*/changelog'
-	@gzip -9 debian/$*/usr/share/doc/$*/changelog*
+	@gzip -9n debian/$*/usr/share/doc/$*/changelog*
 %.deb-docs-docs: %.deb-docs-base
 	@for i in `cat debian/$*.docs 2>/dev/null || :`; do \
 	  if test -d $$i; then \
@@ -57,7 +57,7 @@ deb-checkuid:
 	@if test -r debian/$*.NEWS.Debian; then \
 	  sh -cx 'install -m0644 debian/$*.NEWS.Debian \
 	    debian/$*/usr/share/doc/$*/NEWS.Debian && \
-	      gzip -9 debian/$*/usr/share/doc/$*/NEWS.Debian'; \
+	      gzip -9n debian/$*/usr/share/doc/$*/NEWS.Debian'; \
 	fi
 %.deb-docs-examples: %.deb-docs-docs
 	@rm -rf debian/$*/usr/share/doc/$*/examples
diff --git a/debian/rules b/debian/rules
index 563edd2..fad6656 100755
--- a/debian/rules
+++ b/debian/rules
@@ -87,7 +87,7 @@ install-arch: deb-checkdir deb-checkuid build-stamp
 	ln -s dash '$(DIR)'/bin/sh
 	install -d -m0755 '$(DIR)'/usr/share/man/man1/
 	install -m0644 src/dash.1 '$(DIR)'/usr/share/man/man1/dash.1
-	gzip -9 '$(DIR)'/usr/share/man/man1/dash.1
+	gzip -9n '$(DIR)'/usr/share/man/man1/dash.1
 	ln -s dash.1.gz '$(DIR)'/usr/share/man/man1/sh.1.gz
 	install -d -m0755 '$(DIR)'/usr/share/menu
 	install -m0644 debian/dash.menu '$(DIR)'/usr/share/menu/dash
-- 
2.1.4

From a406430b0e93fac889ae783a58276417d71050f0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=A9r=C3=A9my=20Bobbio?= <lu...@debian.org>
Date: Fri, 2 Jan 2015 16:01:57 +0100
Subject: [PATCH 3/3] Write md5sums in a stable order

To allow dash to build reproducibly, we sort the list of files in md5sums.
This will get us a stable order at every build.
---
 debian/implicit | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/debian/implicit b/debian/implicit
index 5eeef87..abadd53 100644
--- a/debian/implicit
+++ b/debian/implicit
@@ -90,7 +90,8 @@ deb-checkuid:
 	: debian/$*/DEBIAN/md5sums
 	@rm -f debian/$*/DEBIAN/md5sums
 	@cd debian/$* && find * -path 'DEBIAN' -prune -o \
-	  -type f -exec md5sum {} >>DEBIAN/md5sums \;
+	  -type f -print0 | LC_ALL=C sort -z | \
+	    xargs -0r md5sum >>DEBIAN/md5sums
 %.deb-DEBIAN: %.deb-checkdir %.deb-DEBIAN-base %.deb-DEBIAN-scripts \
 	  %.deb-DEBIAN-md5sums
 	: debian/$*/DEBIAN/ ok
-- 
2.1.4

Attachment: signature.asc
Description: Digital signature

_______________________________________________
Reproducible-builds mailing list
Reproducible-builds@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/reproducible-builds

Reply via email to