Source: debianutils Version: 4.4 Severity: wishlist Tags: patch User: reproducible-bui...@lists.alioth.debian.org Usertags: timestamps fileordering
Hi! While working on the “reproducible builds” effort [1], we have noticed that debianutils could not be built reproducibly. The attached patches make several small changes to debian/rules. Once applied, debianutils can be built reproducibly on our current experimental framework. [1]: https://wiki.debian.org/ReproducibleBuilds -- Lunar .''`. lu...@debian.org : :Ⓐ : # apt-get install anarchism `. `'` `-
From deb21fda25109c104b81cc0536061bb14f426395 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=A9r=C3=A9my=20Bobbio?= <lu...@debian.org> Date: Sat, 3 Jan 2015 16:16:35 +0100 Subject: [PATCH 1/3] Stop recording current time when using gzip To enable debianutils to build reproducibly, we stop recording the current time when using gzip. --- debian/rules | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/debian/rules b/debian/rules index 3f8c874..85b0a2a 100755 --- a/debian/rules +++ b/debian/rules @@ -93,7 +93,7 @@ endif debian/tmp/usr/share/man/ja/man[18] \ debian/tmp/usr/share/man/pl/man[18] \ debian/tmp/usr/share/man/sl/man[18] \ - debian/tmp/usr/share/doc/$(package) -type f | xargs gzip -9 + debian/tmp/usr/share/doc/$(package) -type f | xargs gzip -9n $(INSTALL_FILE) debian/copyright debian/tmp/usr/share/doc/$(package) $(INSTALL_SCRIPT) debian/postinst debian/tmp/DEBIAN/ $(INSTALL_SCRIPT) debian/postrm debian/tmp/DEBIAN/ -- 2.1.3
From 8a9a36d7b2a0c481a5b3c08305d192ac26933fc8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=A9r=C3=A9my=20Bobbio?= <lu...@debian.org> Date: Sat, 3 Jan 2015 16:16:47 +0100 Subject: [PATCH 2/3] Sort file list when generating md5sums In order to make debianutils builds reproducible, the list in md5sums must be in a stable order. Sorting is the easiest way to achieve this. --- debian/rules | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/debian/rules b/debian/rules index 85b0a2a..b09c52c 100755 --- a/debian/rules +++ b/debian/rules @@ -98,7 +98,7 @@ endif $(INSTALL_SCRIPT) debian/postinst debian/tmp/DEBIAN/ $(INSTALL_SCRIPT) debian/postrm debian/tmp/DEBIAN/ - cd debian/tmp && find * -type f ! -regex '^DEBIAN/.*' -print0 | xargs -r0 md5sum > DEBIAN/md5sums + cd debian/tmp && find * -type f ! -regex '^DEBIAN/.*' -print0 | LC_ALL=C sort -z | xargs -r0 md5sum > DEBIAN/md5sums dpkg-shlibdeps debian/tmp/bin/run-parts \ debian/tmp/bin/tempfile \ -- 2.1.3
From b0ece24738e8ffcbc5c18fecd680704d031695a3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=A9r=C3=A9my=20Bobbio?= <lu...@debian.org> Date: Sat, 3 Jan 2015 16:18:11 +0100 Subject: [PATCH 3/3] Fix mtimes before building binary packages To enable debianutil to build reproducibly, mtimes of any files created after the date of the latest debian/changelog entry will be changed to that date. --- debian/rules | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/debian/rules b/debian/rules index b09c52c..45992d3 100755 --- a/debian/rules +++ b/debian/rules @@ -24,6 +24,8 @@ CFLAGS := $(shell dpkg-buildflags --get CFLAGS) CPPFLAGS := $(shell dpkg-buildflags --get CPPFLAGS) LDFLAGS := $(shell dpkg-buildflags --get LDFLAGS) +BUILD_DATE := $(shell dpkg-parsechangelog | sed -n -e 's/^Date: //p') + build: build-indep build-arch build-indep: @@ -104,6 +106,8 @@ endif debian/tmp/bin/tempfile \ debian/tmp/usr/bin/ischroot dpkg-gencontrol -isp + find debian/tmp -depth -newermt '$(BUILD_DATE)' -print0 | \ + xargs -0r touch --no-dereference --date='$(BUILD_DATE)' dpkg --build debian/tmp .. define checkdir -- 2.1.3
signature.asc
Description: Digital signature