[Reproducible-builds] faketime by default?

Jérémy Bobbio lunar at debian.org
Tue Sep 23 07:28:30 UTC 2014


Hans-Christoph Steiner:
> Thanks for the explanation, that's a bummer that it was so problematic, but I
> suppose not surprising.  Would it make sense to have something like a "dh
> --use-faketime" flag so that maintainers could opt-in to use it where it might
> be helpful like when upstream refuses to remove build stamps, etc?  The idea
> there would be that dh would handle setting up faketime before the upstream
> build system was called.  In that case, a flag to dh would be a lot less work
> to maintain then a set of patches.

I am not aware of anyone experimenting the introduction of libfaketime
as part of debian/rules. I would assume they would be tricky
repercussions (debian/rules targets can be called independently), but
that's just a hunch.

I don't believe we should forbid using libfaketime in debian/rules if
that works out for the maintainers of a given package. I don't think it
should be a general solution. It's really not that of a big deal to
carry small patches removing or nullifying a couple of timestamps: Git
does wonders.

I'm basing my thoughts on what I have experimented so far.  With the
current toolchain modifications [1], out of the 70 core packages that
are already using dh, 74% have reproducible builds. For the 18 remaining
packages, several could be fixed at once by fixing the documentation
generators. For one of the patch I've sent, the issue was pure
randomness (so no timestamps), and for the other the build system also
captured hostname, username, and uname.

This really makes me feel like timestamps are not the hardest issue
I'm totally fine to be proven wrong. Everybody, please make more
experiments.

 [1]: dh_strip_nondeterminism, dh_fixmtimes, patches against dpkg for
      stable file ordering and timestamp based on changelog

-- 
Lunar                                .''`. 
lunar at debian.org                    : :Ⓐ  :  # apt-get install anarchism
                                    `. `'` 
                                      `-   
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/reproducible-builds/attachments/20140923/8090d4c1/attachment.sig>


More information about the Reproducible-builds mailing list