[Reproducible-builds] Create tar archive with deterministic file order
Steven Chamberlain
steven at pyro.eu.org
Sun Feb 15 00:02:58 UTC 2015
Jérémy Bobbio wrote:
> Suggested solution:
>
> find foo -print0 | LC_ALL=C sort -z |
> tar --null -T - --no-recursion -Jcvf foo.tar.xz
Seems ideal to me.
> > (I thought this problem would be quite common, so I could add it to the
> > Wiki FAQ).
>
> It's there already:
> https://wiki.debian.org/ReproducibleBuilds/FileOrderInTarballs
Oh, brilliant, thanks! It was a few days ago that I looked through the
Wiki pages for this but I see it there now.
This isn't really limited to data.tar but potentially any tarball.
Linux packaging ships an equivalent linux-source-3.16.tar.xz built
from debian/rules.real in a probably non-reproducible way:
cd '$(BUILD_DIR)'; tar -caf 'linux-source-$(UPSTREAMVERSION).tar.xz' 'linux-source-$(UPSTREAMVERSION)'
so I could file a bug requesting to patch that too.
Plenty more packages ship tarballs though:
https://packages.debian.org/search?searchon=contents&keywords=.tgz
https://packages.debian.org/search?searchon=contents&keywords=.tar.gz
https://packages.debian.org/search?searchon=contents&keywords=.tar.bz2
https://packages.debian.org/search?searchon=contents&keywords=.tar.xz
so I wonder if GNU tar itself could make this any easier.
Regards,
--
Steven Chamberlain
steven at pyro.eu.org
More information about the Reproducible-builds
mailing list