[Reproducible-builds] Bug#806331: [xz-devel] Re: xz-utils: make the selected POSIX shell stable accross build environments

Ximin Luo infinity0 at debian.org
Wed Jun 15 21:22:37 UTC 2016 

Paul Eggert:
> On 06/15/2016 01:44 PM, Ximin Luo wrote:
>> In such a case, it is a bug to be using $POSIX_SHELL - which only tests for conformance with POSIX and not these "other bugs that make it unusable".
> Gnulib can't test for all POSIX violations, only for the ones it knows about. CONFIG_SHELL lets the user override Gnulib's guess in environments where the guess is wrong. This sort of thing has been in Gnulib (and Autoconf) for ages, I expect many people have grown used to it, and I'm leery of changing this just for the purpose of reproducible builds. For reproducible builds, I suggest configuring with CONFIG_SHELL=/bin/sh as that should make the build reproducible without having to change Autoconf or Gnulib.
> 

OK, thanks for the explanation. I was under the impression that, since POSIX is a finite set of specified behaviours, posix-shell would be or could be a complete test. But I guess it's harder than I thought, to write that sort of test.

> More generally, 'configure' and reproducible builds are competing objectives. 'configure' aims to guess characteristics of the target environment by depending on details of the build environment; in contrast, reproducible builds want to suppress details of the build environment whenever possible. Probably the best way to marry these two is for the reproducible build to start with a reproducible environment, and setting CONFIG_SHELL to a known value is one step in that direction.

I wouldn't say they're necessarily competing, just that the build process (e.g. 'configure' in this case) needs to more clearly distinguish between the build and the host environment - like how compilers do. So for example, here the "most correct" solution would be to add a HOST_POSIX_SHELL and default this to POSIX_SHELL (or something). But this is also more complex, so I can understand if you don't want to do this.

Thanks for the tip, we'll try the other options.

X

-- 
GPG: ed25519/56034877E1F87C35
GPG: rsa4096/1318EFAC5FBBDBCE
git://github.com/infinity0/pubkeys.git

More information about the Reproducible-builds mailing list