Steven Chamberlain: > On linux, a symlink can only have permissions 0777 (lrwxrwxrwx) > > But on at least kfreebsd (maybe hurd?) there is no such limitation, and > permissions are set like any regular file. That also means the umask is > applied... and tar and dpkg-deb preserve this. > > This proves to be an issue for: > * reproducible builds on kfreebsd, affected by user's umask > * reproducing arch:all packages between linux<->kfreebsd > * reproducing linux packages by cross-building from kfreebsd > > I think we should normalise symlinks' permissions to 0777, except GNU > chmod can't do that! (chmod follows the symlink, and has no -h flag). > > Adding a -h (no dereference) option to chmod would allow dh_fixperms to > use that. But (as pointed out in #759886) adding things there does not > help packages not using debhelper, or other uses of tar. > > Would this be best added as a feature to tar, that dpkg-deb can use? > Probably a new flag, that would apply --mode a=rwx only to symlinks. > > Or are there other ideas how to fix this?
One idea floating is to get dpkg-deb working with an explicit manifest to create the package content. I believe that would solve the issue. But that's at least mid-term because dpkg needs to get its own Tar implementation (or maybe depend on libarchive) and, likely harder, a format needs to be defined for the manifest. In the meantime, shouldn't GNU chmod get a `-h` option in any cases if it's going to be used on kFreeBSD? Then it's pretty easy to start with `dh_fixperms` and see how much it helps. Guillem said he was ok with dpkg depending on recent versions of Tar , but changes would need to be accepted by Tar upstream. What's the situation regarding symlinks on HURD? : https://bugs.debian.org/759886#73 -- Lunar .''`. lu...@debian.org : :Ⓐ : # apt-get install anarchism `. `'` `-
Description: Digital signature
_______________________________________________ Reproducible-builds mailing list Reproduciblefirstname.lastname@example.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/reproducible-builds