[Reproducible-builds] Fwd: reproducible builds

Holger Levsen holger at layer-acht.org
Thu Feb 5 13:38:04 UTC 2015 

Hi Andreas,

I'm glad you like our efforts and looked at your packages!

Testing more repos is on our agenda, but... so are many things :)

I'm forwarding this mail as you suggested and hope someone else from the team 
will reply sooner than I'll be able to.


cheers,
	Holger


----------  Forwarded Message  ----------

Betreff: reproducible builds
Datum: Donnerstag, 5. Februar 2015
Von: Andreas Beckmann <anbe at debian.org>
An: Holger Levsen <holger at layer-acht.org>

Hi Holger,

nice to see reproducible builds moving forward :-)

Are there plans to check experimental, too?

Anyway, I had to try your toolchain on some of my packages (e.g.
non-free stuff not that easily coverable) - I don't like these red
things in my ddpo page

* after fixing the timestamps in a kernel module source tarball, the
file order has changed ... I didn't see a corresponding issue in the
Wiki to make that deterministic (underlying filesystem is a tmpfs)

Curious as I was, I wanted to do a bit more extreme testing, running the
first pbuilder build with --twice, but that resulted in differing
timestamps for the debian/ directory in the .debian.tar.xz tarball
(possible explanation: the initial timestamp of the directory was before
the changelog timestamp, so it didn't get updated during the first
dpkg-source -b, but after the first build the directory timestamp was
updated (since stuff has been created and deleted), so it got reset to
the changelog stamp in the second dpkg-source -b)
maybe setting the debian/ dir mtime to the changelog stamp always?
(should capture most of the reproducible --twice issues)

* in beignet I have an unreproducible .pch (precompiler header) file -
any hints on what could be going on here? (although I'm more interested
in testing the experimental respectively pending-in-git version)



some remarks regarding rebuild.sh (I don't use it since it does not fit
my pbuilder setup, just took some ideas from it)

* you could use --buildresult b1/b2 and avoid copying the buildresult
around manually

* is it intentional to have --debbuildoptions -b enabled?
the first "bug" I fixed was the doxygen timestamps in libvdpau-doc, i.e.
an arch:all package ...

* I had to add a --configfile $HOME/.pbuilderrc argument ... but I also
never used unshare before ...

* we should really patch pbuilder to add a --nocheck option :-)


Andreas

PS: feel free to forward to appropriate mailing lists


-------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 828 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.alioth.debian.org/pipermail/reproducible-builds/attachments/20150205/1c64d0d1/attachment.sig>

More information about the Reproducible-builds mailing list