Bug#806331: xz-utils: make the selected POSIX shell stable accross build environments

Ximin Luo Tue, 07 Jun 2016 04:36:42 -0700

Control: tags -1 + patch upstream

I've attached a patch that makes m4/posix-shell.m4 try constant paths first. 
This should fix the issue.


Upstream should also apply it - see more-stable-shell.patch.

This *should* be enough to make xz-utils completely reproduce (#806328 is now 
fixed in another way), but I haven't yet tested this.

X

On Thu, 26 Nov 2015 17:35:26 +0100 =?iso-8859-1?B?Suly6W15?= Bobbio 
<lu...@debian.org> wrote:
> Source: xz-utils
> Version: 5.1.1alpha+20120614-2.1
> Severity: normal
> User: reproducible-bui...@lists.alioth.debian.org
> Usertags: environment
> X-Debbugs-Cc: reproducible-bui...@lists.alioth.debian.org, sanv...@debian.org
> 
> Hi!
> 
> While working on the âreproducible buildsâ effort [1], we have noticed
> that xz-utils could not be built reproducibly.
> 
> When dash is the default shell, the configure script
> m4/posix-shell.m4 will select /bin/bash as the âconforming POSIX
> shellâ. When bash is the default shell, /bin/sh will be selected.
> 
> The binary package currently in sid on amd64 uses /bin/bash. As bash
> is currently Essential:yes (#103284), this is probably not a problem.
> But I wonder if they would not be troubles if the package was built on
> an environment were bash is the default shell, but later installed on a
> system where /bin/dash is /bin/sh.
> 
> So for reproducibility and safety reason, it would be best if the
> selected path to the shell would not depend on the build environment.
> 
> Thanks!
> 
>  [1]: https://wiki.debian.org/ReproducibleBuilds
> 
> -- 
> Lunar                                .''`. 
> lu...@debian.org                    : :â¶  :  # apt-get install anarchism
>                                     `. `'` 
>                                       `-   

-- 
GPG: ed25519/56034877E1F87C35
GPG: rsa4096/1318EFAC5FBBDBCE
git://github.com/infinity0/pubkeys.git

Description: More stable shell in build output
 When detecting a POSIX shell, try constant systems paths first because that is
 more likely to give a reproducible build output.
Author: Ximin Luo <infini...@debian.org>
Bug: https://www.mail-archive.com/xz-devel@tukaani.org/
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806331
---
This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
--- a/m4/posix-shell.m4
+++ b/m4/posix-shell.m4
@@ -43,7 +43,7 @@
        subshell_umask_sanity
      '
      for gl_cv_posix_shell in \
-        "$CONFIG_SHELL" "$SHELL" /bin/sh /bin/bash /bin/ksh /bin/sh5 no; do
+        /bin/sh /bin/bash /bin/ksh /bin/sh5 "$CONFIG_SHELL" "$SHELL" no; do
        case $gl_cv_posix_shell in
          /*)
           "$gl_cv_posix_shell" -c "$gl_test_posix_shell_script" 2>/dev/null \

diff -Nru xz-utils-5.1.1alpha+20120614/debian/changelog 
xz-utils-5.1.1alpha+20120614/debian/changelog
--- xz-utils-5.1.1alpha+20120614/debian/changelog       2015-06-18 
20:27:36.000000000 +0200
+++ xz-utils-5.1.1alpha+20120614/debian/changelog       2016-06-07 
13:23:15.000000000 +0200
@@ -1,3 +1,11 @@
+xz-utils (5.1.1alpha+20120614-2.2~reproducible1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * More stable shell in build output, for better build reproducibility.
+    (Closes: #806331)
+
+ -- Ximin Luo <infini...@debian.org>  Tue, 07 Jun 2016 12:59:36 +0200
+
 xz-utils (5.1.1alpha+20120614-2.1) unstable; urgency=medium
 
   [ Helmut Grohne ]
diff -Nru xz-utils-5.1.1alpha+20120614/debian/patches/more-stable-shell 
xz-utils-5.1.1alpha+20120614/debian/patches/more-stable-shell
--- xz-utils-5.1.1alpha+20120614/debian/patches/more-stable-shell       
1970-01-01 01:00:00.000000000 +0100
+++ xz-utils-5.1.1alpha+20120614/debian/patches/more-stable-shell       
2016-06-07 13:22:28.000000000 +0200
@@ -0,0 +1,19 @@
+Description: More stable shell in build output
+ When detecting a POSIX shell, try constant systems paths first because that is
+ more likely to give a reproducible build output.
+Author: Ximin Luo <infini...@debian.org>
+Bug: https://www.mail-archive.com/xz-devel@tukaani.org/
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806331
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+--- a/m4/posix-shell.m4
++++ b/m4/posix-shell.m4
+@@ -43,7 +43,7 @@
+        subshell_umask_sanity
+      '
+      for gl_cv_posix_shell in \
+-       "$CONFIG_SHELL" "$SHELL" /bin/sh /bin/bash /bin/ksh /bin/sh5 no; do
++       /bin/sh /bin/bash /bin/ksh /bin/sh5 "$CONFIG_SHELL" "$SHELL" no; do
+        case $gl_cv_posix_shell in
+          /*)
+          "$gl_cv_posix_shell" -c "$gl_test_posix_shell_script" 2>/dev/null \
diff -Nru xz-utils-5.1.1alpha+20120614/debian/patches/series 
xz-utils-5.1.1alpha+20120614/debian/patches/series
--- xz-utils-5.1.1alpha+20120614/debian/patches/series  2012-10-12 
00:38:38.000000000 +0200
+++ xz-utils-5.1.1alpha+20120614/debian/patches/series  2016-06-07 
13:10:15.000000000 +0200
@@ -6,3 +6,4 @@
 man-xz-lvv-minver
 xz-lvv-empty-block-minver
 decoder-check-first-0x00
+more-stable-shell

Bug#806331: xz-utils: make the selected POSIX shell stable accross build environments

Reply via email to