[Reproducible-builds] Bug#769844: linux: please make linux build reproducibly
Bastian Blank
waldi at debian.org
Tue Jan 6 20:20:07 UTC 2015
On Mon, Jan 05, 2015 at 06:56:10PM +0100, Jérémy Bobbio wrote:
> We are currently experimenting with fixing mtimes in `dh_builddeb`
> instead of requiring a new helper. I have also done my latest
> experiments without `dh_strip_nondeterminism`. The attached patch adds
> the `-n` flag to gzip to compensate.
Okay.
> That's how the experimental toolchain now works: the .buildinfo is
> generated by dpkg-genbuildinfo, called by dpkg-buildpackage.
Thanks
> > > > * linux-source: mtimes of many files differ. Would it be ok to just
> > > > create the tarball with a single timestamp (`tar --mtime=`)?
> I've used find+touch instead. See attached patch.
Why?
> I also stumbled on a variation of the Installed-Size field in one of the
> .deb. But this is a different topic.
Is this value computed in a stable way?
> +@@ -301,7 +301,9 @@ if [ ! -z ${output_file} ]; then
> + if [ -z ${cpio_file} ]; then
> + timestamp=
> + if test -n "$KBUILD_BUILD_TIMESTAMP"; then
> +- timestamp="$(date -d"$KBUILD_BUILD_TIMESTAMP" +%s || :)"
> ++ source_date=$(echo "$KBUILD_BUILD_TIMESTAMP" |
> ++ sed -e 's/.*(\([0-9-]\+\)).*/\1/')
> ++ timestamp="$(date -d"$source_date" +%s || :)"
This solution may not work. The patched source can be built with a
normal timestamp override, via linux-source.
> @@ -87,6 +87,8 @@
> rm -rf '$@' '$(DIR)'
> $(call copy_source,$(DIR))
> chmod -R u+rw,go=rX '$(DIR)'
> + find '$(DIR)' -depth -newermt '$(SOURCE_DATE)' -print0 | \
> + xargs -0r touch --no-dereference --date='$(SOURCE_DATE)'
-newermt? This does not look really stable.
Bastian
--
Every living thing wants to survive.
-- Spock, "The Ultimate Computer", stardate 4731.3
More information about the Reproducible-builds
mailing list