[Reproducible-builds] package uploaded to our repo
strip-nondeterminism_0.015-1.0~reproducible1.dsc has just been uploaded to https://wiki.debian.org/ReproducibleBuilds/ExperimentalToolchain ___ Reproducible-builds mailing list Reproducible-builds@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/reproducible-builds
Re: [Reproducible-builds] [Reproducible-commits] [misc] 01/01: Move timezone setting from rebuild.sh to pbuilderrc.build
On Sat, Feb 20, 2016 at 11:06 AM, Jérémy Bobbio wrote: > Hi! > >> commit 420424b096c254aa5610b479fb1746e1a7bd13cb >> Author: Esa Peuha >> Date: Sat Feb 20 09:50:46 2016 +0200 >> >> Move timezone setting from rebuild.sh to pbuilderrc.build >> --- >> prebuilder/pbuilderrc.build | 1 + >> prebuilder/rebuild.sh | 1 - >> 2 files changed, 1 insertion(+), 1 deletion(-) > > Why is this needed? Clarity and consistency. When I was trying to understand how rebuild.sh worked, I found it confusing that the timezone for the first build was specified directly on the command line, while the timezone for the second build was in pbuilderrc.rebuild with the locale settings. Since the first build is using pbuilderrc.build now because of CCACHEDIR, I think it is the right place to set TZ as well. ___ Reproducible-builds mailing list Reproducible-builds@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/reproducible-builds
[Reproducible-builds] Bug#815251: jacal: FTBFS with bash as /bin/sh
Source: jacal Version: 1b9-6 Severity: important Tags: patch User: reproducible-builds@lists.alioth.debian.org Usertags: ftbfs X-Debbugs-Cc: reproducible-builds@lists.alioth.debian.org Hi! jacal fails to build when /bin/bash is used for /bin/sh: > # this deletes jacal.info, preserve original for later vapour-avoidance. > [ -e ORIG-jacal.info ] || mv jacal.info ORIG-jacal.info; fi > /bin/sh: -c: line 0: syntax error near unexpected token `fi' > /bin/sh: -c: line 0: `[ -e ORIG-jacal.info ] || mv jacal.info > ORIG-jacal.info; fi' > debian/rules:56: recipe for target 'clean' failed The attached patch fixes this. Regards, Reiner [1]: https://wiki.debian.org/ReproducibleBuilds diff --git a/debian/rules b/debian/rules index 0b9f386..b06c56e 100755 --- a/debian/rules +++ b/debian/rules @@ -45,7 +45,7 @@ build-stamp: configure-stamp # Add here commands to compile the package. # we rebuild jacal.info, but preserve original for later vapour-avoidance. - [ -e ORIG-jacal.info ] || mv jacal.info ORIG-jacal.info; fi + [ -e ORIG-jacal.info ] || mv jacal.info ORIG-jacal.info $(MAKE) jacal.info $(MAKEVARS) $(MAKE) jacal_toc.html $(MAKEVARS) #docbook-to-man debian/jacal.sgml > jacal.1 @@ -58,7 +58,7 @@ clean: rm -f build-stamp configure-stamp # this deletes jacal.info, preserve original for later vapour-avoidance. - [ -e ORIG-jacal.info ] || mv jacal.info ORIG-jacal.info; fi + [ -e ORIG-jacal.info ] || mv jacal.info ORIG-jacal.info # Add here commands to clean up after the build process. [ ! -f Makefile ] || $(MAKE) realclean signature.asc Description: PGP signature ___ Reproducible-builds mailing list Reproducible-builds@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/reproducible-builds
[Reproducible-builds] Bug#815252: colord: please make the build reproducible (timestamps)
Source: colord Version: 1.2.12-1 Severity: wishlist Tags: patch User: reproducible-builds@lists.alioth.debian.org Usertags: timestamps Control: block -1 by 814883 Hi! While working on the “reproducible builds” effort [1], we have noticed that colord could not be built reproducibly. The attached patches remove extra timestamps when generating CMF and spectra and implement support for SOURCE_DATE_EPOCH. Together with a patched lcms2, they make colord reproducible in our current experimental framework. [1]: https://wiki.debian.org/ReproducibleBuilds -- Lunar.''`. lu...@debian.org: :Ⓐ : # apt-get install anarchism `. `'` `- From 97d54abbf3240a14b271ac7f8f79331adbf1a219 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=A9r=C3=A9my=20Bobbio?= Date: Sat, 20 Feb 2016 12:48:47 +0100 Subject: [PATCH 1/2] Stop writing a CREATED header in CMF and spectra For the same input `cd-it8 create-cmf` and `cd-it8 create-sp` will create the exact same output except for the creation time. As the header is optional and prevents CMF and spectra to be built reproducibly, we use cd_it8_set_enable_created() to remove it from the output. --- client/cd-it8.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/client/cd-it8.c b/client/cd-it8.c index 987776a..26bc26d 100644 --- a/client/cd-it8.c +++ b/client/cd-it8.c @@ -303,6 +303,7 @@ cd_util_create_cmf (CdUtilPrivate *priv, if (dot != NULL) *dot = '\0'; cd_it8_set_title (cmf, title); + cd_it8_set_enable_created (cmf, FALSE); /* save */ file = g_file_new_for_path (values[0]); @@ -464,6 +465,7 @@ cd_util_create_sp (CdUtilPrivate *priv, if (dot != NULL) *dot = '\0'; cd_it8_set_title (cmf, title); + cd_it8_set_enable_created (cmf, FALSE); /* save */ file = g_file_new_for_path (values[0]); -- 2.7.0 From fc72fa8fe89e1eae4cbda2f4eed806756e1fb88a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=A9r=C3=A9my=20Bobbio?= Date: Sat, 20 Feb 2016 12:55:57 +0100 Subject: [PATCH 2/2] cd-create-profile: Add support for SOURCE_DATE_EPOCH When creating profiles, the current time used to be written in the generated header as the creation date/time. This prevents cd-create-profile from generating the same bytes, despite getting the same input. Also, as cd-create-profile transforms an XML description into a binary ICC profile, the current time does not reflect will when the profile was actually created. So we now use the modification time of the source file as the creation date/time. However, if the SOURCE_DATE_EPOCH environment variable is specified, its value will be used instead to ease reproducible builds. For more details about SOURCE_DATE_EPOCH, see https://reproducible-builds.org/specs/source-date-epoch/ This uses cmsSetHeaderCreationDateTime() and thus requires a version of lcms2 with this feature. --- client/cd-create-profile.c | 57 ++ 1 file changed, 57 insertions(+) diff --git a/client/cd-create-profile.c b/client/cd-create-profile.c index d9159a3..f0edee9 100644 --- a/client/cd-create-profile.c +++ b/client/cd-create-profile.c @@ -22,10 +22,14 @@ #include "config.h" #include +#include #include #include #include #include +#include +#include +#include #include #include @@ -686,6 +690,55 @@ cd_util_icc_set_metadata_coverage (CdIcc *icc, GError **error) } /** + * cd_util_adjust_creation_time: + **/ +static gboolean +cd_util_adjust_creation_time (CdUtilPrivate *priv, const char *source_filename, GError **error) +{ + GStatBuf st; + struct tm *creation_time; + time_t build_date = 0; + char *source_date_epoch_string; + unsigned long long source_date_epoch; + char *endptr; + + /* adjust creation time to match the XML one or SOURCE_DATE_EPOCH if specified and older */ + source_date_epoch_string = getenv ("SOURCE_DATE_EPOCH"); + if (source_date_epoch_string) { + errno = 0; + source_date_epoch = strtoull (source_date_epoch_string, &endptr, 10); + if ((source_date_epoch == ERANGE && (source_date_epoch == ULLONG_MAX || source_date_epoch == 0)) + || (errno != 0 && source_date_epoch == 0)) { + g_set_error (error, 1, 0, "Environment variable $SOURCE_DATE_EPOCH: strtoull: %s\n", g_strerror (errno)); + return FALSE; + } + if (endptr == source_date_epoch_string) { + g_set_error (error, 1, 0, "Environment variable $SOURCE_DATE_EPOCH: No digits were found: %s\n", endptr); + return FALSE; + } + if (*endptr != '\0') { + g_set_error (error, 1, 0, "Environment variable $SOURCE_DATE_EPOCH: Trailing garbage: %s\n", endptr); + return FALSE; + } + if (source_date_epoch > ULONG_MAX) { + g_set_error (error, 1, 0, "Environment variable $SOURCE_DATE_EPOCH: value must be smaller than or equal to: %lu but was found to be: %llu \n", ULONG_MAX, source_date_epoch); + return FALSE; + } + build_date = source_date_epoch; + } + + if (g_stat (source_filename, &st) >= 0)
[Reproducible-builds] Bug#815250: jacal: please make the build reproducible
Source: jacal Version: 1b9-6 Severity: wishlist Tags: patch User: reproducible-builds@lists.alioth.debian.org Usertags: locale X-Debbugs-Cc: reproducible-builds@lists.alioth.debian.org Hi! While working on the "reproducible builds" effort [1], we have noticed that jacal could not be built reproducibly. The release date varies depending on the locale. The attached patch fixes this by using the C locale for getting the date. Regards, Reiner [1]: https://wiki.debian.org/ReproducibleBuilds diff --git a/debian/patches/0005-reproducible-build.patch b/debian/patches/0005-reproducible-build.patch index dc2893e..4fac466 100644 --- a/debian/patches/0005-reproducible-build.patch +++ b/debian/patches/0005-reproducible-build.patch @@ -22,7 +22,7 @@ index 0c2db13..e947491 100644 ver = $(VERSION) +fmt = '%B %Y' +ifdef SOURCE_DATE_EPOCH -+jacaldate = $(shell date -u -d "@$(SOURCE_DATE_EPOCH)" "+$(fmt)" 2>/dev/null || date -u -r "$(SOURCE_DATE_EPOCH)" "+$(fmt)" 2>/dev/null || date -u "+$(fmt)") ++jacaldate = $(shell LC_ALL=C date -u -d "@$(SOURCE_DATE_EPOCH)" "+$(fmt)" 2>/dev/null || LC_ALL=C date -u -r "$(SOURCE_DATE_EPOCH)" "+$(fmt)" 2>/dev/null || LC_ALL=C date -u "+$(fmt)") +else +jacaldate = $(shell date "+$(fmt)") +endif signature.asc Description: PGP signature ___ Reproducible-builds mailing list Reproducible-builds@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/reproducible-builds
[Reproducible-builds] Bug#815248: liblcms2: Writes uninitialized strings when writing named colors
Package: liblcms2 Version: 2.6-3 Severity: normal Tags: patch User: reproducible-builds@lists.alioth.debian.org Usertags: toolchain randomness Hi! When writing named colors, liblcms2 currently writes uninitialized memory when the prefix, suffix, or root color name strings are not 32-characters long (including the NULL terminator). This prevents colord from building reproducibly. The attached patch will zero the memory before copying the profile strings to ensure a consistent output. -- Lunar.''`. lu...@debian.org: :Ⓐ : # apt-get install anarchism `. `'` `- diff -Nru lcms2-2.6/debian/patches/dont-write-uninitialized-memory-for-color-strings.patch lcms2-2.6/debian/patches/dont-write-uninitialized-memory-for-color-strings.patch --- lcms2-2.6/debian/patches/dont-write-uninitialized-memory-for-color-strings.patch 1970-01-01 01:00:00.0 +0100 +++ lcms2-2.6/debian/patches/dont-write-uninitialized-memory-for-color-strings.patch 2016-02-20 12:43:36.0 +0100 @@ -0,0 +1,59 @@ +Description: Zero named color strings before writing them + For each named colors (namedColor2Type) a prefix, a suffix and the + color root name get written. These three strings are 32-characters long. + In order to avoid capturing unitialized memory—which is not good for + privacy and prevent getting the same bytes for the same profile—the + placeholder allocated on the stack are zero'ed before a copy of the + actual string is made. + . + For consistency, we also remove unneeded extra allocated bytes in + Type_ColorantTable_Write() and Type_NamedColor_Write(). +Author: Jérémy Bobbio + +diff --git a/src/cmstypes.c b/src/cmstypes.c +index 60c09ef..0afec90 100644 +--- a/src/cmstypes.c b/src/cmstypes.c +@@ -3013,9 +3013,10 @@ cmsBool Type_ColorantTable_Write(struct _cms_typehandler_struct* self, cmsIOHAN + + for (i=0; i < nColors; i++) { + +-char root[33]; ++char root[32]; + cmsUInt16Number PCS[3]; + ++memset(root, 0, 32); /* Ensure we don't write uninitialized memory. */ + if (!cmsNamedColorInfo(NamedColorList, i, root, NULL, NULL, PCS, NULL)) return 0; + root[32] = 0; + +@@ -3138,11 +3139,13 @@ cmsBool Type_NamedColor_Write(struct _cms_typehandler_struct* self, cmsIOHANDLER + if (!_cmsWriteUInt32Number(io, 0)) return FALSE; + if (!_cmsWriteUInt32Number(io, nColors)) return FALSE; + if (!_cmsWriteUInt32Number(io, NamedColorList ->ColorantCount)) return FALSE; ++/* Ensure we don't write unitialized memory. */ ++memset(prefix, 0, 32); ++memset(suffix, 0, 32); + +-strncpy(prefix, (const char*) NamedColorList->Prefix, 32); +-strncpy(suffix, (const char*) NamedColorList->Suffix, 32); +- +-suffix[31] = prefix[31] = 0; ++/* Only copy 31 characters to ensure strings will be NULL-terminated */ ++strncpy(prefix, (const char*) NamedColorList->Prefix, 31); ++strncpy(suffix, (const char*) NamedColorList->Suffix, 31); + + if (!io ->Write(io, 32, prefix)) return FALSE; + if (!io ->Write(io, 32, suffix)) return FALSE; +@@ -3151,9 +3154,11 @@ cmsBool Type_NamedColor_Write(struct _cms_typehandler_struct* self, cmsIOHANDLER + +cmsUInt16Number PCS[3]; +cmsUInt16Number Colorant[cmsMAXCHANNELS]; +- char Root[33]; ++ char Root[32]; + ++ /* Ensure we don't write unitialized memory. */ ++ memset(Root, 0, 32); + if (!cmsNamedColorInfo(NamedColorList, i, Root, NULL, NULL, PCS, Colorant)) return 0; + if (!io ->Write(io, 32 , Root)) return FALSE; + if (!_cmsWriteUInt16Array(io, 3, PCS)) return FALSE; + if (!_cmsWriteUInt16Array(io, NamedColorList ->ColorantCount, Colorant)) return FALSE; diff -Nru lcms2-2.6/debian/patches/series lcms2-2.6/debian/patches/series --- lcms2-2.6/debian/patches/series 2014-06-16 17:15:31.0 +0200 +++ lcms2-2.6/debian/patches/series 2016-02-20 12:42:05.0 +0100 @@ -4,3 +4,4 @@ sanity-check-profiles-CVE-2014-0459.patch fix-unaligned-access.patch endianness-verification-fix-powerpc.patch +dont-write-uninitialized-memory-for-color-strings.patch signature.asc Description: Digital signature ___ Reproducible-builds mailing list Reproducible-builds@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/reproducible-builds
Re: [Reproducible-builds] [Reproducible-commits] [misc] 01/01: Move timezone setting from rebuild.sh to pbuilderrc.build
Hi! > commit 420424b096c254aa5610b479fb1746e1a7bd13cb > Author: Esa Peuha > Date: Sat Feb 20 09:50:46 2016 +0200 > > Move timezone setting from rebuild.sh to pbuilderrc.build > --- > prebuilder/pbuilderrc.build | 1 + > prebuilder/rebuild.sh | 1 - > 2 files changed, 1 insertion(+), 1 deletion(-) Why is this needed? In the future please make sure that the commit message explains why a change is required. See “Documenting your changes” in https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/Documentation/SubmittingPatches and “Answer the following questions” in https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/Documentation/SubmittingPatches?id=HEAD#l521 -- Lunar.''`. lu...@debian.org: :Ⓐ : # apt-get install anarchism `. `'` `- signature.asc Description: Digital signature ___ Reproducible-builds mailing list Reproducible-builds@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/reproducible-builds
[Reproducible-builds] Bug#815218: ros-image-common: FTBFS: dh_install: libcamera-calibration-parsers0d missing files: usr/lib/*/camera_calibration_parsers
Source: ros-image-common Version: 1.11.10-1 Severity: serious Justification: fails to build from source User: reproducible-builds@lists.alioth.debian.org Usertags: ftbfs X-Debbugs-Cc: reproducible-builds@lists.alioth.debian.org Dear Maintainer, ros-image-common fails to build from source in unstable/amd64: [..] -- Installing: /home/lamby/temp/cdt.20160220082234.5FYPMuebWg/ros-image-common-1.11.10/debian/tmp/usr/lib/x86_64-linux-gnu/libpolled_camera.so.0d -- Installing: /home/lamby/temp/cdt.20160220082234.5FYPMuebWg/ros-image-common-1.11.10/debian/tmp/usr/lib/x86_64-linux-gnu/libpolled_camera.so -- Removed runtime path from "/home/lamby/temp/cdt.20160220082234.5FYPMuebWg/ros-image-common-1.11.10/debian/tmp/usr/lib/x86_64-linux-gnu/libpolled_camera.so.1.11.10" -- Up-to-date: /home/lamby/temp/cdt.20160220082234.5FYPMuebWg/ros-image-common-1.11.10/debian/tmp/usr/include/polled_camera -- Installing: /home/lamby/temp/cdt.20160220082234.5FYPMuebWg/ros-image-common-1.11.10/debian/tmp/usr/include/polled_camera/publication_server.h -- Installing: /home/lamby/temp/cdt.20160220082234.5FYPMuebWg/ros-image-common-1.11.10/debian/tmp/usr/lib/polled_camera/poller -- Removed runtime path from "/home/lamby/temp/cdt.20160220082234.5FYPMuebWg/ros-image-common-1.11.10/debian/tmp/usr/lib/polled_camera/poller" make[1]: Leaving directory '/home/lamby/temp/cdt.20160220082234.5FYPMuebWg/ros-image-common-1.11.10/obj-x86_64-linux-gnu' dh_install -O--parallel -O--buildsystem=cmake dh_install: libcamera-calibration-parsers0d missing files: usr/lib/*/camera_calibration_parsers dh_install: image-transport-tools missing files: usr/lib/*/image_transport dh_install: libpolled-camera0d missing files: usr/lib/*/polled_camera dh_install: missing files, aborting debian/rules:6: recipe for target 'binary' failed make: *** [binary] Error 2 [..] The full build log is attached. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- ros-image-common.1.11.10-1.unstable.amd64.log.txt.gz Description: Binary data ___ Reproducible-builds mailing list Reproducible-builds@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/reproducible-builds
[Reproducible-builds] Bug#815217: python-aioeventlet: FTBFS: RuntimeError: Event loop is closed
Source: python-aioeventlet Version: 0.4-1 Severity: serious Justification: fails to build from source User: reproducible-builds@lists.alioth.debian.org Usertags: ftbfs X-Debbugs-Cc: reproducible-builds@lists.alioth.debian.org Dear Maintainer, python-aioeventlet fails to build from source in unstable/amd64: [..] debian/rules override_dh_auto_test make[1]: Entering directory '/home/lamby/temp/cdt.20160220082201.aufZPd69zA/python-aioeventlet-0.4' pyversions: missing X(S)-Python-Version in control file, fall back to debian/pyversions pyversions: missing debian/pyversions file, fall back to supported versions py3versions: no X-Python3-Version in control file, using supported versions dh /usr/share/openstack-pkg-tools/pkgos.make --buildsystem=python_distutils --with python2,python3,sphinxdoc dh: Unknown sequence /usr/share/openstack-pkg-tools/pkgos.make (choose from: binary binary-arch binary-indep build build-arch build-indep clean install install-arch install-indep) set -e ; for pyvers in 2.7 ; do \ python$pyvers runtests.py -r ; \ done Run tests in release mode EE.. == ERROR: test_close_soon (tests.test_callback.CallbackTests) -- Traceback (most recent call last): File "tests/test_callback.py", line 43, in test_close_soon self.loop.call_soon(func) File "/home/lamby/temp/cdt.20160220082201.aufZPd69zA/python-aioeventlet-0.4/aioeventlet.py", line 204, in call_soon handle = super(EventLoop, self).call_soon(callback, *args) File "/usr/lib/python2.7/dist-packages/trollius/base_events.py", line 461, in call_soon handle = self._call_soon(callback, args) File "/usr/lib/python2.7/dist-packages/trollius/base_events.py", line 470, in _call_soon self._check_closed() File "/usr/lib/python2.7/dist-packages/trollius/base_events.py", line 297, in _check_closed raise RuntimeError('Event loop is closed') RuntimeError: Event loop is closed == ERROR: test_policy (tests.test_thread.ThreadTests) -- Traceback (most recent call last): File "tests/test_thread.py", line 55, in test_policy self.loop.run_until_complete(fut) File "/usr/lib/python2.7/dist-packages/trollius/base_events.py", line 350, in run_until_complete return future.result() File "/usr/lib/python2.7/dist-packages/trollius/futures.py", line 287, in result raise self._exception RuntimeError: There is no current event loop in thread 'Thread-3'. -- Ran 40 tests in 0.372s FAILED (errors=2) Using random seed 1588244 debian/rules:25: recipe for target 'override_dh_auto_test' failed make[1]: *** [override_dh_auto_test] Error 1 make[1]: Leaving directory '/home/lamby/temp/cdt.20160220082201.aufZPd69zA/python-aioeventlet-0.4' debian/rules:10: recipe for target 'build' failed make: *** [build] Error 2 [..] The full build log is attached. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- python-aioeventlet.0.4-1.unstable.amd64.log.txt.gz Description: Binary data ___ Reproducible-builds mailing list Reproducible-builds@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/reproducible-builds