Hi, (Moving discussion to <https://issues.guix.info/issue/35283>, which is specifically about ISO image reproducibility issues.)
"Thomas Schmitt" <scdbac...@gmx.net> skribis: > Florian Pelz wrote: >> The content is different at the beginning of the ISO image >> (maybe padding or timestamps in the file system) > > That's to expect if not environment SOURCE_DATE_EPOCH is set and exported. > > SOURCE_DATE_EPOCH belongs to the specs of reproducible-builds.org. It > is supposed to be either undefined or to contain a decimal number which > tells the seconds since january 1st 1970. If it contains a number, then > it is used for all timestamps and as seed of pseudo-random numbers like > MBR id or GPT UUIDs. > > If all files and directories have the same names and the same content, > then xorriso runs with the same arguments and the same SOURCE_DATE_EPOCH > value are supposed to create byte-identical result ISOs. By mounting the ISO image, I found that some files didn’t have their timestamp reset: some files in /var/guix (easily fixed), but more importantly those added by GRUB in /boot and /System. Files added by ‘grub-mkrescue’ are “out of our control” so we would need to patch ‘grub-mkrescue’ to honor SOURCE_DATE_EPOCH, for example. However, after rereading the Xorriso manual, it seemed to me that if we set SOURCE_DATE_EPOCH and pass: -volume_date all_file_dates set_to_mtime then all the files would have the mtime specified by SOURCE_DATE_EPOCH, which would solve the problem. I tried it, but that’s not what happened. What am I missing, Thomas? Thanks, Ludo’.
