Re: [DSE-Dev] reproducable builds

2017-01-03 Thread Laurent Bigonville 

Le 01/01/17 à 21:47, cgzones a écrit :

I rioted in the debian/rules file and got the build reproducible for me:
https://github.com/cgzones/debian-package-refpolicy/commit/8de642c8d1ddd10c09a1d1521eeb4e0a1da6bfff

I think the only reproducible error was the missing --sort=name option
to the tar command.
I used the approach over here:
https://wiki.debian.org/ReproducibleBuilds/ExperimentalToolchain#Usage_example


Thanks for the patch, I indeed think that calling tar with "--sort=name" 
is the solution. It requires tar >= 1.28 but fortunately that version is 
also in "jessie-backports".


https://wiki.debian.org/ReproducibleBuilds/FileOrderInTarballs

For the rest of the patch (the cleanup) I'll try to review that later 
(could you split the changes in multiple patches like one to cleanup the 
white space and other(s) for the rest of the change, that would made the 
things easier I guess).
___
SELinux-devel mailing list
SELinux-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/selinux-devel

Re: [DSE-Dev] reproducable builds

2017-01-01 Thread cgzones 
I rioted in the debian/rules file and got the build reproducible for me:
https://github.com/cgzones/debian-package-refpolicy/commit/8de642c8d1ddd10c09a1d1521eeb4e0a1da6bfff

I think the only reproducible error was the missing --sort=name option
to the tar command.
I used the approach over here:
https://wiki.debian.org/ReproducibleBuilds/ExperimentalToolchain#Usage_example

2017-01-01 15:57 GMT+01:00 Russell Coker :
> Apparently libsemanage, libselinux, and a few other SE Linux packages have
> reproducable builds.  I guess that didn't all happen by accident, so Laurent I
> presume you are an expert on this now.  ;)
>
> If you or anyone else has any suggestions for how to make refpolicy
> reproducable then that would be appreciated.  I'm preoccupied with the sddm/
> gdm3 issues.
>
> Also I'm planning to avoid uploading refpolicy for 10 days, I'd like to get -6
> in testing before I upload something new.  Once we get -6 in testing the
> changes should be small enough to not be a major problem if we need to apply
> for some sort of exemption to the freeze later on.
>
> --
> My Main Blog http://etbe.coker.com.au/
> My Documents Bloghttp://doc.coker.com.au/
>
>
> ___
> SELinux-devel mailing list
> SELinux-devel@lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/selinux-devel

___
SELinux-devel mailing list
SELinux-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/selinux-devel

[DSE-Dev] reproducable builds

2017-01-01 Thread Russell Coker 
Apparently libsemanage, libselinux, and a few other SE Linux packages have 
reproducable builds.  I guess that didn't all happen by accident, so Laurent I 
presume you are an expert on this now.  ;)

If you or anyone else has any suggestions for how to make refpolicy 
reproducable then that would be appreciated.  I'm preoccupied with the sddm/
gdm3 issues.

Also I'm planning to avoid uploading refpolicy for 10 days, I'd like to get -6 
in testing before I upload something new.  Once we get -6 in testing the 
changes should be small enough to not be a major problem if we need to apply 
for some sort of exemption to the freeze later on.

-- 
My Main Blog http://etbe.coker.com.au/
My Documents Bloghttp://doc.coker.com.au/


___
SELinux-devel mailing list
SELinux-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/selinux-devel