Control: tags -1 + patch I've attached the full Debian patch to make bash 4.3-14 reproducible, that includes Reiner's from above.
It also includes *fixing a bug in upstream bash*, which currently does-not-appear-in-the-wild *only because* distros already happen to be working around it. But upstream really should fix it - i.e. to fix the PGRP_PIPE check in configure/configure.ac to account for Linux 4+. I decided to just set PGRP_PIPE unconditionally in configure.ac and configure, because I figure nobody will ever again use linux 0, 1 or 2 so it's not worth the extra complexity (which only gives a minor performance gain anyway, as opposed to having *incorrect behaviour*). Upstream is free to choose whichever behaviour he wants - either this simpler version, or the more complex version from my previous email quoted below. Both are correct, if I understand right, and when either is applied to upstream, all distros (including Debian) can drop our specific patches for PGRP_PIPE. To re-iterate again, this does not solve the longer-term issue of "installing config.h is bad". Ximin Ximin Luo: > (Chet, your specific attention is required for this email, please) > > Ximin Luo: >> On Sat, 28 May 2016 13:38:35 +0200 Reiner Herrmann <rei...@reiner-h.de> >> wrote: >>> After that, the only remaining issue is that the included header file >>> /usr/include/bash/config.h varies depending on the kernel version used >>> during build [1] (with kernel <4, PGRP_PIPE is defined). >> >> For this particular example, we can just patch this out, i.e. remove it from >> the installed config.h. Debian already forces PGRP_PIPE 1 in config-bot.h, >> which config.h includes at the end. >> > > I dug into this a bit more and it looks like the cause of the difference is > this snippet from configure.ac: > > linux*) LOCAL_LDFLAGS=-rdynamic # allow dynamic loading > case "`uname -r`" in > 2.[[456789]]*|3*) AC_DEFINE(PGRP_PIPE) ;; > esac ;; > > > This was added between bash-3.0.16 and bash-3.1, way before Linux 4 came out. > So I wonder if this snippet should instead be: > > linux*) LOCAL_LDFLAGS=-rdynamic # allow dynamic loading > case "`uname -r`" in > 1.*|2.[[0123]]*) true ;; > *) AC_DEFINE(PGRP_PIPE) ;; > esac ;; > > to set this for all future kernels? Then Debian (and probably other distros) > could get rid of our patch, too. > > However, the question still remains why config.h is installed into the > end-user system, and if bash-built-with-linux-5 required PGRP_PIPE to be > *undefined*, we would still have a reproducibility problem. > > Ximin > -- GPG: ed25519/56034877E1F87C35 GPG: rsa4096/1318EFAC5FBBDBCE git://github.com/infinity0/pubkeys.git
diff -Nru bash-4.3/debian/changelog bash-4.3/debian/changelog --- bash-4.3/debian/changelog 2015-09-01 01:04:48.000000000 +0200 +++ bash-4.3/debian/changelog 2016-06-07 11:56:09.000000000 +0200 @@ -1,3 +1,15 @@ +bash (4.3-14.0~reproducible1) UNRELEASED; urgency=medium + + [ Ximin Luo ] + * Non-maintainer upload. + * Set PGRP_PIPE unconditionally on Linux, reproducibly. + + [ Reiner Herrmann ] + * Use the system man2html instead of the embedded one, for better build + reproducibility. + + -- Ximin Luo <infini...@debian.org> Tue, 07 Jun 2016 11:56:07 +0200 + bash (4.3-14) unstable; urgency=medium * Apply upstream patches 040 - 042. diff -Nru bash-4.3/debian/control bash-4.3/debian/control --- bash-4.3/debian/control 2015-01-28 17:13:32.000000000 +0100 +++ bash-4.3/debian/control 2016-06-06 03:00:38.000000000 +0200 @@ -5,7 +5,7 @@ Standards-Version: 3.9.6 Build-Depends: autoconf, autotools-dev, bison, libncurses5-dev, texinfo, texi2html, debhelper (>= 5), locales, gettext, sharutils, time, - xz-utils, dpkg-dev (>= 1.16.1) + xz-utils, dpkg-dev (>= 1.16.1), man2html Build-Depends-Indep: texlive-latex-base, ghostscript, texlive-fonts-recommended Homepage: http://tiswww.case.edu/php/chet/bash/bashtop.html Vcs-Browser: https://code.launchpad.net/~doko/+junk/pkg-bash-debian diff -Nru bash-4.3/debian/patches/pgrp-pipe.diff bash-4.3/debian/patches/pgrp-pipe.diff --- bash-4.3/debian/patches/pgrp-pipe.diff 2013-10-23 14:41:22.000000000 +0200 +++ bash-4.3/debian/patches/pgrp-pipe.diff 2016-06-07 12:17:05.000000000 +0200 @@ -1,11 +1,43 @@ -# DP: Define PGRP_PIPE to avoid race condition. - ---- a/config-bot.h -+++ b/config-bot.h -@@ -197,3 +197,6 @@ - - /* If you don't want bash to provide a default mail file to check. */ - #undef DEFAULT_MAIL_DIRECTORY -+ -+/* Bug #224543 */ -+#define PGRP_PIPE 1 +Description: Set PGRP_PIPE unconditionally on Linux, reproducibly + The original fix to #224543 involved defining this unconditionally in + config-bot.h. Unfortunately, upstream has a check in configure.ac that defines + this conditionally in config.h, which makes the bash-builtins package + unreproducible between different kernels. Here, we adopt a different approach, + which is to turn upstream's define into an uncondtional define. Then we can + also avoid touching config-bot.h. + . + More generally, installing config.h is bad practise because it fixes + build-time variables into everyone's installations, but that is a problem for + another day. +Author: Ximin Luo <infini...@debian.org> +Bug: https://lists.gnu.org/archive/html/bug-bash/2016-06/msg00053.html +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806945 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +--- a/configure.ac ++++ b/configure.ac +@@ -1084,9 +1084,7 @@ + solaris2*) LOCAL_CFLAGS=-DSOLARIS ;; + lynxos*) LOCAL_CFLAGS=-DRECYCLES_PIDS ;; + linux*) LOCAL_LDFLAGS=-rdynamic # allow dynamic loading +- case "`uname -r`" in +- 2.[[456789]]*|3*) AC_DEFINE(PGRP_PIPE) ;; +- esac ;; ++ AC_DEFINE(PGRP_PIPE) ;; + *qnx6*) LOCAL_CFLAGS="-Dqnx -Dqnx6" LOCAL_LIBS="-lncurses" ;; + *qnx*) LOCAL_CFLAGS="-Dqnx -F -3s" LOCAL_LDFLAGS="-3s" LOCAL_LIBS="-lunix -lncurses" ;; + powerux*) LOCAL_LIBS="-lgen" ;; +--- a/configure ++++ b/configure +@@ -15922,10 +15922,8 @@ + solaris2*) LOCAL_CFLAGS=-DSOLARIS ;; + lynxos*) LOCAL_CFLAGS=-DRECYCLES_PIDS ;; + linux*) LOCAL_LDFLAGS=-rdynamic # allow dynamic loading +- case "`uname -r`" in +- 2.[456789]*|3*) $as_echo "#define PGRP_PIPE 1" >>confdefs.h ++ $as_echo "#define PGRP_PIPE 1" >>confdefs.h + ;; +- esac ;; + *qnx6*) LOCAL_CFLAGS="-Dqnx -Dqnx6" LOCAL_LIBS="-lncurses" ;; + *qnx*) LOCAL_CFLAGS="-Dqnx -F -3s" LOCAL_LDFLAGS="-3s" LOCAL_LIBS="-lunix -lncurses" ;; + powerux*) LOCAL_LIBS="-lgen" ;; diff -Nru bash-4.3/debian/rules bash-4.3/debian/rules --- bash-4.3/debian/rules 2015-01-28 17:55:12.000000000 +0100 +++ bash-4.3/debian/rules 2016-06-06 03:00:38.000000000 +0200 @@ -136,7 +136,7 @@ bash-doc-build: stamps/stamp-build-bash-doc stamps/stamp-build-bash-doc: rm -f bash/doc/bashref.info - $(MAKE) -C build-bash/doc info html + $(MAKE) -C build-bash/doc info html MAN2HTML=/usr/bin/man2html $(MAKE) -C build-bash/doc bash.pdf bashref.pdf touch stamps/stamp-build-bash-doc
