Hi Jose. Le 17/04/2016 18:45, Jose M Calhariz a écrit : > The patch is broken in file themes/Makefile.in, so I used a workaround > for making it work.
Sorry for this mess: I did not realize there is a problem when modifying an already existing patch and using debdiff on the source packages. Please find an updated diff file with an extra patch. > But I don't believe it makes a reproducible build. The arguments $$d/* are expanded in an unreproducible order before being passed to tar, that's why I used the ls command to sort them. However, the order has to be locale-independent (uppercase/lowercase letters, underscores, etc. are not sorted the same way depending on the locale), so I added LC_ALL=C to 'ls'. However, you're right: when themes have subdirectories, the -d switch must be used for ls, and tar also has to list them in a reproducible order, so that the --sort=name option has to be added. This is done in the updated patch. I used the experimental toolchain [1] to check for reproducibility. It is not the exact same process as the one used on jenkins to build the reports, but my patch seemed to solve the issues detected in [2]. Regards, Alexis Bienvenüe. [1] https://wiki.debian.org/ReproducibleBuilds/ExperimentalToolchain [2] https://reproducible.debian.net/rb-pkg/testing/amd64/sawfish.html
diff -Nru sawfish-1.11/debian/changelog sawfish-1.11/debian/changelog --- sawfish-1.11/debian/changelog 2016-03-19 18:05:17.000000000 +0100 +++ sawfish-1.11/debian/changelog 2016-04-25 09:56:33.000000000 +0200 @@ -1,3 +1,10 @@ +sawfish (1:1.11-2.0~reproducible1) unstable; urgency=medium + + * Removes timestamps, and fix files order, to make the build + reproducible. + + -- Alexis Bienvenüe <p...@passoire.fr> Mon, 25 Apr 2016 11:02:24 +0200 + sawfish (1:1.11-2) unstable; urgency=low * Upload to unstable. diff -Nru sawfish-1.11/debian/patches/honours_SOURCE_DATE_EPOCH_for_build_h sawfish-1.11/debian/patches/honours_SOURCE_DATE_EPOCH_for_build_h --- sawfish-1.11/debian/patches/honours_SOURCE_DATE_EPOCH_for_build_h 1970-01-01 01:00:00.000000000 +0100 +++ sawfish-1.11/debian/patches/honours_SOURCE_DATE_EPOCH_for_build_h 2016-04-25 10:30:46.000000000 +0200 @@ -0,0 +1,34 @@ +Description: Honours SOURCE_DATE_EPOCH for build.h + Honours SOURCE_DATE_EPOCH when building build.h, to get reproducible build. + See https://reproducible-builds.org/specs/source-date-epoch/ +Author: Alexis Bienvenüe <p...@passoire.fr> + +Index: sawfish-1.11/build-info +=================================================================== +--- sawfish-1.11.orig/build-info ++++ sawfish-1.11/build-info +@@ -20,8 +20,11 @@ localedir="$5" + sys_name="$HOSTNAME.$LOCALDOMAIN" + user_name="$LOGNAME" + +-build_date="`date +'%a %b %e %Y'`" +-build_time="`date +'%T %Z'`" ++SOURCE_DATE_EPOCH="${SOURCE_DATE_EPOCH:-$(date +%s)}" ++DATE_FMT="%Y-%m-%d" ++build_date=$(date -u -d "@$SOURCE_DATE_EPOCH" "+$DATE_FMT" 2>/dev/null || date -u -r "$SOURCE_DATE_EPOCH" "+$DATE_FMT" 2>/dev/null || date -u "+$DATE_FMT") ++DATE_FMT="%T %Z" ++build_time=$(date -u -d "@$SOURCE_DATE_EPOCH" "+$DATE_FMT" 2>/dev/null || date -u -r "$SOURCE_DATE_EPOCH" "+$DATE_FMT" 2>/dev/null || date -u "+$DATE_FMT") + + cat >src/build.h <<EOF + /* build.h -- Definitions relating to the current build +@@ -36,8 +39,8 @@ cat >src/build.h <<EOF + #define SAWFISH_EXECDIR "$sawfishexecdir" + #define SAWFISH_LOCALEDIR "$localedir" + +-#define BUILD_HOST "$sys_name" +-#define BUILD_USER "$user_name" ++#define BUILD_HOST "unknown" ++#define BUILD_USER "unknown" + + #define BUILD_DATE "$build_date" + #define BUILD_TIME "$build_time" diff -Nru sawfish-1.11/debian/patches/series sawfish-1.11/debian/patches/series --- sawfish-1.11/debian/patches/series 2016-03-05 01:46:54.000000000 +0100 +++ sawfish-1.11/debian/patches/series 2016-04-25 10:56:26.000000000 +0200 @@ -4,3 +4,5 @@ limit-max-dimensions.patch make-build-reproducible fix-desktop-entry-lacks-keywords-entry +honours_SOURCE_DATE_EPOCH_for_build_h +sort-files-in-themes-tarballs diff -Nru sawfish-1.11/debian/patches/sort-files-in-themes-tarballs sawfish-1.11/debian/patches/sort-files-in-themes-tarballs --- sawfish-1.11/debian/patches/sort-files-in-themes-tarballs 1970-01-01 01:00:00.000000000 +0100 +++ sawfish-1.11/debian/patches/sort-files-in-themes-tarballs 2016-04-25 10:57:27.000000000 +0200 @@ -0,0 +1,15 @@ +Description: Sort files in themes tarballs + Sort files included in the themes tarballs to get reproducible build. +Author: Alexis Bienvenüe <p...@passoire.fr> + +--- sawfish-1.11.orig/themes/Makefile.in ++++ sawfish-1.11/themes/Makefile.in +@@ -48,7 +48,7 @@ install : all installdirs + rm -rf $(DESTDIR)$(themedir)/$$d; \ + for f in $(srcdir)/$$d/*; do \ + if [ $$f != $(srcdir)/$$d/CVS ]; then \ +- ( cd $(srcdir) && GZIP=-9n tar czf $$d.tar.gz $$d/* ) ; \ ++ ( cd $(srcdir) && GZIP=-9n tar --sort=name -czf $$d.tar.gz `LC_ALL=C ls -d $$d/*` ) ; \ + $(INSTALL_DATA) $$d.tar.gz $(DESTDIR)$(themedir)/$$d.tar.gz; \ + fi \ + done \
