[Reproducible-builds] reproducible builds of FreeBSD in a chroot on Linux
holger at layer-acht.org
Tue Jun 16 21:50:09 UTC 2015
sorry for replying so late... on the plus side, I've got a much clearer
picture now and I've implemented something similar, eg see
On the original subject of my mail: I have given up on this and will build
FreeBSD on a FreeBSD system, not in a chroot on Linux. I expected this would
work, learned that it doesn't and on the way also learned that one can build
NetBSD on Linux or probably anything ;-)
So in a while, I expect to have set up
https://reproducible.debian.net/freebsd/ as well as
https://reproducible.debian.net/netbsd/ - but no promises (yet), but these are
my plans ;-)
And to reply to some of you...
On Donnerstag, 7. Mai 2015, Michael Fuckner wrote:
> > I'm one of the people involved in
> > https://wiki.debian.org/ReproducibleBuilds and have set up
> > https://reproducible.debian.net which continously tests all packages in
> > the Debian archive for build reproducibility (so far on amd64 only).
> what is this good for? Testing the Compiler, track changes or check
> hardware (errors on memory or disk)
"Reproducible builds enable anyone to reproduce bit by bit identical binary
packages from a given source, so that anyone can verify that a given binary
derived from the source it was said to be derived. " - right now you have to
*believe* someone that the binary really comes from said source. And you need
to *believe* the system building it wasn't compromised...
This is explained in more detail in our wiki or in the talks given, which are
linked in the wiki as well.
On Freitag, 8. Mai 2015, Julian Elischer wrote:
> also: By "FreeBSD" do you mean the kernel? or the whole system?
> Unlike Linux, FreeBSD includes most of what the Linux world would
> consider to be the domain of the base distro.. e.g. cat, ls, cc, etc.
I mean the whole system (what you get when you run "make world") as well as
https://wiki.freebsd.org/ReproducibleBuilds claims there are 3 known issues
(for "make world" AIUI) for HEAD, I would like to build twice and verify
https://wiki.freebsd.org/PortsReproducibleBuilds says "Of the 23599 packages
which were built in both runs, 15164 have the same checksum when using the
previously mentioned patch, giving 64.25% reproducible packages." - I'm also
curious to re-confirm this - and set up a test bed, which can be triggered
regularily and easily. Our jenkins set up allows this and I'm interested to do
(And I wouldn't be surprised nor disappointed if it took me til August or
September until I actually get around to tests the ports. The base system I
definitly want to have results on in July.)
> There may also be a better mailing list for this...
On Montag, 11. Mai 2015, Ed Maste wrote:
> A lot of this depends on the motivation for pursuing reproducible
> FreeBSD builds. If it's to help FreeBSD overall with reproducible
> builds, then using the FreeBSD build infrastructure on a FreeBSD
> kernel (e.g., a FreeBSD jail on Debian kFreeBSD) is an important part
> of the story. If it's specifically for reproducible kernel builds for
> kFreeBSD then the FreeBSD build infrastructure isn't relevant.
My interest is to help FreeBSD with reproducible builds as I want to see
reproducible builds become the norm in the free software world and as I
believe FreeBSD is an important part of this world. And also because I'm
As such, I'll set up a FreeBSD host "on" jenkins.debian.net (in that virtual
datacenter providing that host), running FreeBSD kernel and userland - to test
FreeBSD on Debian ressources :-) Because we care and we can.
Debian's kfreebsd-amd64 to me here is "just" another Debian architecture
(sorry Steven!), which will (hopefully) benefit from the Debian reproducible
builds like all the other Debian architectures.
(And I wrote "hopefully" because kfreebsd-amd64 was a bit special for jessie
and hopefully will be a proper architecture for stretch, the release coming in
I'll come back once these FreeBSD tests are set up.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 828 bytes
Desc: This is a digitally signed message part.
More information about the Reproducible-builds