Date: Wed, 27 Feb 2019 15:48:01 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 236081] [release][reproducibility] ISO images and memstick images are not build reproducible Message-ID: <bug-236081-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D236081 Bug ID: 236081 Summary: [release][reproducibility] ISO images and memstick images are not build reproducible Product: Base System Version: CURRENT Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: misc Assignee: bugs@FreeBSD.org Reporter: gjb@FreeBSD.org CC: re@FreeBSD.org Recently, it had been discovered that FreeBSD installation medium, ISOs and memory stick images, are not fully reproducible in head, stable/12, and stable/11, and presumably earlier releases. During investigation, one commit in particular had been identified as part = of the reproducibility issue, however it had been determined that the issue st= ems far beyond one change to ISO and memstick image creation tooling. At present, it had been observed that r342283, produces a non-reproducible "hybrid.img" file which contains the PMBR, GPT, and boot code, which is wri= tten to the System Area of an ISO. However, it also had been observed that this is one of many reproducibility issues. Steps to recreate a test case are: # make -C /usr/src buildworld buildkernel # make -C /usr/src/release bootonly.iso # mv /usr/obj/usr/src/amd64.amd64/release/bootonly.iso \ /usr/ojb/usr/src/amd64.amd64/release/bootonly.1.iso # make -C /usr/src/release bootonly.iso # mv /usr/obj/usr/src/amd64.amd64/release/bootonly.iso \ /usr/obj/usr/src/amd64.amd64/release/bootonly.2.iso Verifying the SHA512 checksums on bootonly.1.iso and bootonly.2.iso show: # sha512 /usr/ojb/usr/src/amd64.amd64/release/bootonly.?.iso SHA512 (bootonly.1.iso) =3D 6e585f46d36672a7d77d78b57cef8bb6f41d932a24b9d860274da228bdc55358be11f589664= 4eb9ca141cbb2192e25ffa10e0cb416c19ba06d94b8d16386c1e2 SHA512 (bootonly.2.iso) =3D 16bdafff5a6ec60448c77ba4ede5fae17e9288791a03fcc69acae4b572a88bab26c4f41b60a= 318cc71a09b1ab8b9b4ddee5cc09821e0475d0322bca861534899 Using the diffoscope utility provided by sysutils/py-diffoscope and isoinfo included by sysutils/cdrtools, differences in file/directory access (atime), modification (mtime), and creation (ctime) times are observed. Example ISOs are available at: https://people.freebsd.org/~gjb/repro/bootonly.1.iso https://people.freebsd.org/~gjb/repro/bootonly.2.iso An example report produced with the diffoscope utility can be found at: https://people.freebsd.org/~gjb/repro/diffoscope.html --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-236081-227>