bit by bit identical chroot creation (was Re: Debian and our frenemies of containers and userland repos)
Holger Levsen
holger at layer-acht.org
Tue Oct 8 14:22:06 BST 2019
Hi josch,
On Tue, Oct 08, 2019 at 11:34:23AM +0200, Johannes Schauer wrote:
> the sha256sums are the sums computed from the output of mmdebstrap on stdout
> (notice the pipe character in front of the sha256sum command).
ah, thanks. Seems i got tricked into the thinking mmdebstrap would
output it results on stdout...
> Debootstrap is
> unable to produce a tarball by itself (which is sad because its easier to check
> whether two tarballs are the same than checking whether two directories are the
> same) so instead I put the debootstrap results into two directories and then
> diff them recursively.
right.
> > b.) you boostrapped --variant=minbase here, while your original mail was
> > about --variant=essential. I take it that --variant=essential is
> > also unreproducible for buster?
>
> No, --variant=essential is also *reproducible* on buster.
oh, very nice!
> But I didn't use it
> this time because we are comparing with debootstrap and debootstrap doesn't
> know how to create a chroot with only Essential:yes packages in it, so the
> comparison would be unfair. With --variant=minbase give to both commands, we
> install the same package set and thus make the results a more fair comparison.
ah, thanks.
> > c.) now I wonder if mmdebstrap from *stable* can also bootstrap a
> > reproducible unstable ?
> Yes it can. You already wondered that in your earlier email so I included the
> test in my commands above.
ah, thanks. & very cool!
> > & sorry for asking these questions instead of trying it myself...
> No problem. :)
:)
I've now updated the draft for the 201910 report to read:
Johannes 'josch' Schauer explained that
[mmdebstrap](https://tracker.debian.org/mmdebstrap) can [create bit by
bid identical Debian chroots of unstable and
buster](https://lists.debian.org/debian-devel/2019/10/msg00101.html),
for both the --variant=essential and --variant=min
base variants.
--
cheers,
Holger
-------------------------------------------------------------------------------
holger@(debian|reproducible-builds|layer-acht).org
PGP fingerprint: B8BF 5413 7B09 D35C F026 FE9D 091A B856 069A AA1C
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/reproducible-builds/attachments/20191008/10e985f5/attachment.sig>
More information about the Reproducible-builds
mailing list