Re: [Reproducible-builds] Bug#774498: base-files: please make the build reproducible
On Fri, May 15, 2015 at 10:07:34PM +0200, Jérémy Bobbio wrote: Hi! Santiago Vila: I'm thinking about the minimal find command which does the trick. The proposed line says this: + find debian/tmp -depth -newermt '$(BUILD_DATE)' -print0 | \ + xargs -0r touch --no-dereference --date='$(BUILD_DATE)' Why -depth? If I were to remove files or directories, the timestamps of the parent directories would be affected. A simple touch, however, does only touch what I tell it to touch, so I don't see why the -depth switch is required here. Do other systems behave differently? kFreeBSD? Hurd? Indeed. I was convinced that touch would change the directory mtime, but that's actually not true. Thanks for noticing. We shall update doc and patches, now. :D Then we have the -print0 and xargs -0. This is of course needed in the general sense, but if this package had any files containing spaces in their filename I would consider it undesirable and would prefer to fix the package first (in this case I'm only talking about this package). Your call. debhelper uses \0 to stay compatible in most situation and I'm following the trend. Finally, what would happen if I remove -r from xargs? It would FTBFS if the list of files to be touched is empty, which means the package is being built in the past (before the date in the changelog). Would this be considered as a real FTBFS or as a false positive? I think this depend on your package. This also comes from debhelper as we don't want to introduce FTBFS because of changes to make builds reproducible. Hi. What I did at the end was just to remove -depth. I've also used -h instead of --no-dereference, but that's a matter of personal taste, as it's completely equivalent. Thanks. ___ Reproducible-builds mailing list Reproducible-builds@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/reproducible-builds
Re: [Reproducible-builds] Bug#774498: base-files: please make the build reproducible
Tags: patch Here it is. -- Lunar.''`. lu...@debian.org: :Ⓐ : # apt-get install anarchism `. `'` `- diff -Nru base-files-8/debian/changelog base-files-8.0~reproducible1/debian/changelog --- base-files-8/debian/changelog 2014-11-30 13:36:23.0 +0100 +++ base-files-8.0~reproducible1/debian/changelog 2015-01-03 14:36:15.0 +0100 @@ -1,3 +1,11 @@ +base-files (8.0~reproducible1) UNRELEASED; urgency=low + + * Make package build reproducibly: + - Stop recording current time in gzip headers. + - Fix mtimes before building the binary package. + + -- Jérémy Bobbio lu...@debian.org Sat, 03 Jan 2015 13:35:32 + + base-files (8) unstable; urgency=low * Release for jessie as stable: diff -Nru base-files-8/debian/rules base-files-8.0~reproducible1/debian/rules --- base-files-8/debian/rules 2014-07-20 12:11:12.0 +0200 +++ base-files-8.0~reproducible1/debian/rules 2015-01-03 14:35:30.0 +0100 @@ -11,6 +11,8 @@ OSNAME=GNU/Hurd endif +BUILD_DATE := $(shell dpkg-parsechangelog | sed -n -e 's/^Date: //p') + VENDORFILE = debian VERSION = $(shell cat etc/debian_version) @@ -64,7 +66,7 @@ debian/tmp/etc/os-release mv debian/tmp/etc/os-release debian/tmp/usr/lib ln -s ../usr/lib/os-release debian/tmp/etc/os-release - gzip -9 $(docdir)/changelog + gzip -9n $(docdir)/changelog cd debian/tmp \ md5sum `find usr -type f` DEBIAN/md5sums chown -R root:root debian/tmp @@ -74,6 +76,8 @@ cd debian/tmp chmod 2775 `cat ../2775-dirs` cd debian/tmp chmod 700 root dpkg-gencontrol -pbase-files + find debian/tmp -depth -newermt '$(BUILD_DATE)' -print0 | \ + xargs -0r touch --no-dereference --date='$(BUILD_DATE)' dpkg-deb --build -Zgzip debian/tmp .. binary-indep: build signature.asc Description: Digital signature ___ Reproducible-builds mailing list Reproducible-builds@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/reproducible-builds
[Reproducible-builds] Bug#774498: base-files: please make the build reproducible
Source: base-files Version: 8 Severity: wishlist Tags: patch User: reproducible-builds@lists.alioth.debian.org Usertags: timestamps Hi! While working on the “reproducible builds” effort [1], we have noticed that base-files could not be built reproducibly. The attached patch will stop recording the current time in gzip headers, and adjust the files mtimes before building the binary package. With these changes, base-files can be built reproducibly with our current experimental framework. [1]: https://wiki.debian.org/ReproducibleBuilds -- Lunar.''`. lu...@debian.org: :Ⓐ : # apt-get install anarchism `. `'` `- signature.asc Description: Digital signature ___ Reproducible-builds mailing list Reproducible-builds@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/reproducible-builds
