[Reproducible-builds] reproducible builds of FreeBSD in a chroot on Linux
Ed Maste
emaste at freebsd.org
Wed Jun 17 20:48:30 UTC 2015
On 16 June 2015 at 17:50, Holger Levsen <holger at layer-acht.org> wrote:
>
> So in a while, I expect to have set up
> https://reproducible.debian.net/freebsd/ as well as
> https://reproducible.debian.net/netbsd/ - but no promises (yet), but these are
> my plans ;-)
Great, looking forward to it!
> https://wiki.freebsd.org/ReproducibleBuilds claims there are 3 known issues
> (for "make world" AIUI) for HEAD, I would like to build twice and verify
> myself.
I'm interested in fixing the remaining kernel / world issues, with the
kernel being my higher priority.
For the kernel we have the username, hostname, and build timestamp.
The path is included too, but I don't anticipate trying to address it
at first; release builds are done in a consistent location anyhow
(/usr/src).
These are used only as user-facing strings for the kern.version sysctl
and reported by uname. An example kern.version string:
FreeBSD 10.1-STABLE #28 r280427+86df2de(stable-10): Thu Mar 26 16:07:47 EDT 2015
emaste at feynman:/tank/emaste/obj/tank/emaste/src/git-stable-10/sys/GENERIC
>From a technical perspective they're trivially eliminated. There may
be some 3rd party ports expect the precise format, but probably not
very many (and they should be fixed, anyhow). There's a much larger
social issue in convincing the FreeBSD developer community to accept
their removal, though :-)
> https://wiki.freebsd.org/PortsReproducibleBuilds says "Of the 23599 packages
> which were built in both runs, 15164 have the same checksum when using the
> previously mentioned patch, giving 64.25% reproducible packages." - I'm also
> curious to re-confirm this - and set up a test bed, which can be triggered
> regularily and easily. Our jenkins set up allows this and I'm interested to do
> this.
I'm pleasantly surprised by the ports results -- 64.25% seems quite
good for such a straightforward change. The test there is on the same
host though, and so avoids any non-reproducibility from host/user/path
leaks.
> My interest is to help FreeBSD with reproducible builds as I want to see
> reproducible builds become the norm in the free software world and as I
> believe FreeBSD is an important part of this world. And also because I'm
> curious. :)
Great! Hopefully we can help lend some weight in convincing upstream
projects to accept reproducibility patches (once we get further along
in our ports effort).
-Ed
More information about the Reproducible-builds
mailing list