Your message dated Mon, 25 Oct 2021 17:49:16 +0000
with message-id <[email protected]>
and subject line Bug#992722: fixed in nbdkit 1.26.6-1
has caused the Debian Bug report #992722,
regarding nbdkit: non-reproducible build: CFLAGS are recorded in built binary
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
992722: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992722
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: nbdkit
Version: 1.26.5-1
Severity: normal
Tags: patch
X-Debbugs-Cc: [email protected]
User: [email protected]
Usertags: buildpath
The C compiler plugin nbdkit-cc-plugin.so in the nbdkit package records
the CFLAGS that it was built with, presumably so that it can pass them on
to objects that it is used to compile.
Unfortunately, the default CFLAGS from dpkg-buildflags include the build
path, which means this prevents the build from being reproducible (a
Policy §4.15 "should"). From a diffoscope comparison between two
consecutive builds using sbuild, for example:
│ │ │ ├── ./usr/lib/x86_64-linux-gnu/nbdkit/plugins/nbdkit-cc-plugin.so
...
│ │ │ │ ├── strings --all --bytes=8 {}
...
│ │ │ │ │ --g -O2 -ffile-prefix-map=/build/nbdkit-arafYk/nbdkit-1.26.5=.
-fstack-protector-strong -Wformat -Werror=format-security -fPIC -shared
│ │ │ │ │ +-g -O2 -ffile-prefix-map=/build/nbdkit-icZkey/nbdkit-1.26.5=.
-fstack-protector-strong -Wformat -Werror=format-security -fPIC -shared
After fixing #992702, this seems like it might be the only source of
non-reproducibility in the package, so if you're willing to apply a
(probably Debian-specific) patch to avoid it, the package is likely to
become fully reproducible. Please see attached for a possible implementation.
Alternatively, if the CFLAGS from building nbdkit itself are not actually
needed when building third-party code using the cc plugin, then it might
be OK to just pass -DCFLAGS="\"-fPIC -shared\"" and omit $(CFLAGS) altogether?
But I don't know this package (I don't use it myself) so there might be
a reason I'm unaware of why that would be undesirable.
See also #985553, which would avoid the need to apply this patch if
implemented.
Thanks,
smcv
--- End Message ---
--- Begin Message ---
Source: nbdkit
Source-Version: 1.26.6-1
Done: Hilko Bengen <[email protected]>
We believe that the bug you reported is fixed in the latest version of
nbdkit, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Hilko Bengen <[email protected]> (supplier of updated nbdkit package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 27 Sep 2021 13:40:05 +0200
Source: nbdkit
Architecture: source
Version: 1.26.6-1
Distribution: unstable
Urgency: medium
Maintainer: Hilko Bengen <[email protected]>
Changed-By: Hilko Bengen <[email protected]>
Closes: 992702 992722
Changes:
nbdkit (1.26.6-1) unstable; urgency=medium
.
[ Simon McVittie ]
* d/rules: Specify canonical path to mke2fs (Closes: #992702)
.
[ Hilko Bengen ]
* Add patch to filter out build path from cc plugin (Closes: #992722)
* New upstream version 1.26.6
Checksums-Sha1:
8f258202207a3bcf628837f39ee8c7b1b514b6cf 3215 nbdkit_1.26.6-1.dsc
ac2b7773a21edf3a8f139f018be8c8f6c3fd2434 2172775 nbdkit_1.26.6.orig.tar.gz
2ba594153c0849515309b600d5716c85d5d633a5 11188 nbdkit_1.26.6-1.debian.tar.xz
93cf6457a2f63fedaa08537731e6063d914b47ee 15965 nbdkit_1.26.6-1_source.buildinfo
Checksums-Sha256:
e17b190b13631c2745e341f62e7367c6b0d1b8693e48cc96c6bce842490683ec 3215
nbdkit_1.26.6-1.dsc
1b2a9d30bbc2186a6a296cc91dea0d6d4c8fc30c498a2676a52213eb3fadb18f 2172775
nbdkit_1.26.6.orig.tar.gz
9980c35cae5f5f8574b6454e54ff1c8a2959ea2d7797fc69180de1f72598a978 11188
nbdkit_1.26.6-1.debian.tar.xz
be37380ad1a9af1f1b4c0c2268988b1b1812d85ce596bc16fe83ce36c21639f6 15965
nbdkit_1.26.6-1_source.buildinfo
Files:
18423e975e60e0b6b1575fb5fe4e7589 3215 admin optional nbdkit_1.26.6-1.dsc
c96d0231172564104fca565d93e742e8 2172775 admin optional
nbdkit_1.26.6.orig.tar.gz
7a3824fdaf1fc5df1b7d9e3c44237844 11188 admin optional
nbdkit_1.26.6-1.debian.tar.xz
8678f20ea17870e2a7504eaf1925adba 15965 admin optional
nbdkit_1.26.6-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEErnMQVUQqHZbPTUx4dbcQY1whOn4FAmFRrk4ACgkQdbcQY1wh
On5qkBAAja85HYbgriw3e5TEueN/ZRK1THkKAA3rPZAKycrTgPRMxxD78vGUFL8e
dyyw8ZhxggTxVAFmWLEc0EwqtnRsGms02IwQTc76Zhy6cc64zQH0NcoDMX8E9wB/
t+nR77yL5D+cU+P/rty7/iKhd5qd/CLgrOAuqBuX/FP6au2qtoE67ISV+fBhuwhY
Gcoz8KErgriL8Dx7N5iPy+moEecLROP8/UrFQnLP2FMTCOoGN+HovzEI3tugelpP
lYKDEJwAaehZ4h3+NIbBfklc8AIRs0thkqkg0u4lMTyMsb5kORwHJawabvKVLX46
USGANuFYbNQli+TfpYtkkZN72SkYDveh7LUhEoHmkqFdAsT48BXAsVgOJS983AGp
hsqMIlTtykq5sitSStlWhdHiHb/wIXGJOaVHedw8k9v5HU3uGPKhI9OiNrMJ8W8w
DgE65f79tUBGBy/sKiFH2Vqex+8CMb68x9lcNKhbS2mSBxxC3Jf+krlV27Vwadh9
whAsUaslZrh4IpaLbnbBTJAS7Bd9jebN36wm9mAgYNkAmnqscjWQuO8lUPzHSZGT
vQS3y/MGVX4/d+4Mdmm4eXoeaPpYkzK0KtUYworG54rdjmTiKfyKwm9AlxJ7vq1U
lpQh+a/tuwz9wKJlPWzD6Uoses8Wn5pFVGX18k3XAMfgHCsGG/0=
=dyyG
-----END PGP SIGNATURE-----
--- End Message ---
