Date: Wed, 17 Jun 2015 11:38:39 +0200 From: Holger Levsen <holger@layer-acht.org> To: reproducible-builds@lists.alioth.debian.org, freebsd-hackers@freebsd.org Subject: Re: [Reproducible-builds] reproducible builds of FreeBSD in a chroot on Linux Message-ID: <201506171138.41932.holger@layer-acht.org> In-Reply-To: <387AA935-C074-4F95-A465-E525F7F0E188@cederstrand.dk> References: <201505071122.36037.holger@layer-acht.org> <201506162350.11646.holger@layer-acht.org> <387AA935-C074-4F95-A465-E525F7F0E188@cederstrand.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
--nextPart4835019.hJprKGSLqn Content-Type: Text/Plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Hi Erik, On Mittwoch, 17. Juni 2015, Erik Cederstrand wrote: > The build should be immune to the time of the build, of course. That's > fairly easy (e.g. use 'ar -D' consistently and leave DEBUG_FLAGS empty). yup, easy, but this can mean some work. (Which usually can be shared among = the=20 upstream software projects.) =20 > But what about the user who started the build? This leaks to at least > sendmail config files. yup, those are bugs which need to be fixed. (it's also a privacy issue.) > Being agnostic to the path to the src root (e.g. /usr/src or > /home/erik/freebsd/HEAD/src) requires rewriting the compiler __FILE__ > macro to insert a relative path, and make debuggers understand relative > paths. This is hard. while doing this for Debian we haven't found a way to prevent this (leaking= of=20 the build path into build products), so our "solution" now is to use a=20 definited path or record the path and build in the same path again. that is clearly not optimal but currently the only thing we require to be s= ome=20 specific way. > The FreeBSD subversion revision is also leaked several places. That should not matter, as it's part of the source, so it will be the same= =20 revision on rebuilds.=20 > I think reproduce builds are a noble goal and would enable all sorts of > smart analysis, e.g. which binaries are affected by a certain commit. Just > remember to define the requirements that need to be satisfied to get > reproduce builds. sure. *I* also don't plan to fix or even work on FreeBSD, I'm merely=20 investigating it and sharing the results. If the FreeBSD community wants=20 reproducible builds, you will need to work on them ;-) (I'll be happy to help but thats it.) cheers, Holger --nextPart4835019.hJprKGSLqn Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIVAwUAVYFAIQkauFYGmqocAQq1XA/8C3SGL2Ejdp7z3esY6KnAK/WVwN6kjHWI qkKQu+w+7ddJXCTIyEuFrZKJGR6QLefFv4Pu1HHKfMbmxDw67VTzv5S7psdxw1Lw erl4Ys3wuCY23uTTu0OKFi4Szu+s9lA+6YfwFFHIcIo+9mJBLzb4XAVhrBlOV6OS BsrnHAcF0pY1xkO4hg+1U076GMq9mvyLBIWNR4BfY+ymfcS17BPbwls+Lr6XejTm 2Sgz1rfQUlau53uu1gbT/283D4QUPNTKCKKxV3Hxil7WYGqK6nJWanFKD5H4q5b5 VjgYvtM9FlQQ/KnzR75JgnzgzzImKQtcSXWjveX2E1S8FyOuTekq8tWYofOrP5WJ 9dSDgKHCNZBRAJxU1DWQ6LAOx1B2mn8LI8Ln4U/oyW1SgMyjiDBkbg4rhlNT/GTu vMmH9bieqHQVXi2y6BZyADWCggM5n+RLrviBuG69ynjHlO+shQLwtmG8DrTN23Aw Gef+JrmX3DYpZWxAJypaHkEV0Ql9eCMRszdzIQAw+OsrGpOMc/Dc4jmrdUlSfDOP vpEbPsAglbmar0xUHMyrdZY6MS3xu7Uw3q2PM8FTr1Suwo0L+WkA0a5nNAtW4GIG V4T3vrQzkPIXzBgCvMrjvcG3/bwRTmbT/2FqyRkiavFWDmNyUU3AQUXbX18dPByw VC3tmcUMaQg= =lwdG -----END PGP SIGNATURE----- --nextPart4835019.hJprKGSLqn--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201506171138.41932.holger>