Bug#1138608: grub2: reproducible builds: non-deterministic ordering in lintian overrides

[Vagrant Cascadian]

On 2026-05-31, Vagrant Cascadian wrote:
> Both grub-xen-dbg and grub-xen-bin generate their lintian overrides from
> debian/rules using find, which may return results in a non-deterministic order:
>
>   https://reproduce.debian.net/amd64/api/v1/builds/153376/artifacts/383903/diffoscope
>   https://reproduce.debian.net/amd64/api/v1/builds/153376/artifacts/383902/diffoscope
>
> The attached patch sorts each of the find calls used to generate the
> lintian overrides, which should result in a deterministic ordering... at
> least if the locale is consistent 

Missed one that did not appear to be an issue, but that might just be
due to luck (or there are not multiple?):

--- a/debian/rules
+++ b/debian/rules
@@ -452,7 +452,7 @@ install/grub-pc install/grub-efi-ia32 install/grub-efi-amd64 install/grub-efi-ar
           [ "$@" = "install/grub-xen" ]; then \
                echo "$(package_bin): binary-from-other-architecture [*.mod]" \
                        >> debian/$(package_bin)/usr/share/lintian/overrides/$(package_bin) ; \
-               cd debian/tmp-$(package) && find usr/lib/grub -name kernel.img \
+               cd debian/tmp-$(package) && find usr/lib/grub -name kernel.img | sort \
                        | sed -e "s%.*%$(package_bin): binary-from-other-architecture [&]%g" \
                >> $(CURDIR)/debian/$(package_bin)/usr/share/lintian/overrides/$(package_bin) ; \
        fi

live well,
  vagrant
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-grub-devel/attachments/20260601/adef5170/attachment.sig>