Bug#969084: buildd.d.o: please don't use a tainted buildenv
Holger Levsen
holger at layer-acht.org
Mon Aug 31 15:44:12 BST 2020
On Thu, Aug 27, 2020 at 04:25:56PM +0200, Guillem Jover wrote:
> > thanks for that info! maybe dpkg could treat /usr/local not as tainted if the
> > only file in /usr/local is /usr/local/sbin/policy-rc.d ?
> While we could perhaps add an exception in the Debian vendor profile.
> It does look like this is working as intended? :)
yes, I believe the buildd admins thinks this works as intended.
> This is a local file
> that might affect the build, which is otherwise not trackable, say
> what "version" (with which changes) was being used, etc.
this kind of policy-rc.d file only contains one relevant line, "exit 0".
> I think ideally
> this would be using a system pathname and be part of a package that gets
> then listed in the .buildinfo files.
I cannot comment on this except to say that I'd wish for some more pragmatism :(
--
cheers,
Holger
-------------------------------------------------------------------------------
holger@(debian|reproducible-builds|layer-acht).org
PGP fingerprint: B8BF 5413 7B09 D35C F026 FE9D 091A B856 069A AA1C
"... the premise [is] that privacy is about hiding a wrong. It's not.
Privacy is an inherent human right, and a requirement for maintaining
the human condition with dignity and respect." (Bruce Schneier)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/reproducible-builds/attachments/20200831/168eb50d/attachment.sig>
More information about the Reproducible-builds
mailing list