Your message dated Sun, 25 Jan 2026 21:22:52 +0000
with message-id <[email protected]>
and subject line Bug#1123603: fixed in authselect 1.7.1-1
has caused the Debian Bug report #1123603,
regarding authselect: please make the build reproducible
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1123603: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1123603
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: authselect
Version: 1.6.2-1
Severity: wishlist
Tags: patch
User: [email protected]
Usertags: filesystem
X-Debbugs-Cc: [email protected]
Hi,
Whilst working on the Reproducible Builds effort [0], we noticed that
authselect could not be built reproducibly.
This is because the build process generated a nondetermistic "checksum"
file that was then shipped with the binary package. This file varied
on the filesystem order, as well as the absolute build path.
Patch attached that fixes both of these problems, but it may be simpler
to simply not ship this file if it is not needed at runtime — in
Debian, there are other ways of reasoning about the integrity and
provenance of the source files.
[0] https://reproducible-builds.org/
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` [email protected] / chris-lamb.co.uk
`-
--- a/debian/patches/0001_reproducible-build.patch 1969-12-31
16:00:00.000000000 -0800
--- b/debian/patches/0001_reproducible-build.patch 2025-12-18
10:42:34.835490267 -0800
@@ -0,0 +1,15 @@
+Description: Make the build reproducible
+Author: Chris Lamb <[email protected]>
+Last-Update: 2025-12-18
+
+--- authselect-1.6.2.orig/profiles/Makefile.am
++++ authselect-1.6.2/profiles/Makefile.am
+@@ -66,6 +66,6 @@ dist_profile_DATA = $(top_srcdir)/profil
+ $(NULL)
+
+ install-data-hook:
+- $(FIND) "$(DESTDIR)$(authselect_profile_dir)" -mindepth 2 -type f \
+- -printf "%P\n" -exec $(SHA256SUM) {} + | $(SHA256SUM) \
++ cd "$(DESTDIR)$(authselect_profile_dir)"; $(FIND) -mindepth 2 -type f \
++ -exec $(SHA256SUM) {} + | LC_ALL=C sort | $(SHA256SUM) \
+ > "$(DESTDIR)$(authselect_profile_dir)/checksum"
--- a/debian/patches/series 1969-12-31 16:00:00.000000000 -0800
--- b/debian/patches/series 2025-12-18 10:33:38.175867795 -0800
@@ -0,0 +1 @@
+0001_reproducible-build.patch
--- End Message ---
--- Begin Message ---
Source: authselect
Source-Version: 1.7.1-1
Done: Sudip Mukherjee <[email protected]>
We believe that the bug you reported is fixed in the latest version of
authselect, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Sudip Mukherjee <[email protected]> (supplier of updated authselect
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 25 Jan 2026 20:10:16 +0000
Source: authselect
Architecture: source
Version: 1.7.1-1
Distribution: unstable
Urgency: medium
Maintainer: Sudip Mukherjee <[email protected]>
Changed-By: Sudip Mukherjee <[email protected]>
Closes: 1123603
Changes:
authselect (1.7.1-1) unstable; urgency=medium
.
* New upstream version 1.7.1
- Update symbols.
* Make builds reproducible. (Closes: #1123603)
- Thanks Chris Lamb.
* Update Standards-Version to 4.7.3
* Remove Rules-Requires-Root: no
Checksums-Sha1:
9b687a4745200755d515fbbfd14db811f5109a3b 2040 authselect_1.7.1-1.dsc
86e9d654b9c97f578cab4e43c502fdfd91507d63 666579 authselect_1.7.1.orig.tar.gz
03ea88ed43cfe5a975fcfe27eb73b6d564c2bb9b 3416 authselect_1.7.1-1.debian.tar.xz
d768cc9c6a1a6e17e74f408bff23fb92ad2ee865 7269
authselect_1.7.1-1_amd64.buildinfo
Checksums-Sha256:
f0734ce9734220d2787df390ea5fa4c20aafd6358c9935cab8ac6c8973db3e7b 2040
authselect_1.7.1-1.dsc
3f49c53a8dfd231cd40232dae9518e1c74e60707c80d86f6feacd6123c758f76 666579
authselect_1.7.1.orig.tar.gz
77ef58c95967ea82d5f2a93c4887a87c24e135de39d00eb111ba284b8f38c45f 3416
authselect_1.7.1-1.debian.tar.xz
96dddd8898e98ffef8ba0b7e5f0856b488833b00b9519c8b3eb1f707afabd6bc 7269
authselect_1.7.1-1_amd64.buildinfo
Files:
a1a54dcd2b66c63b5f8797099a7c716f 2040 admin optional authselect_1.7.1-1.dsc
e35bf194bbab8508b873e05ad5cf8ccc 666579 admin optional
authselect_1.7.1.orig.tar.gz
f266f12d17273ec0760db08ce614f47e 3416 admin optional
authselect_1.7.1-1.debian.tar.xz
092527f0a2706f689f804fd3ce881569 7269 admin optional
authselect_1.7.1-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEuDQJkCg9jZvBlJrHR5mjUUbRKzUFAml2em4ACgkQR5mjUUbR
KzUqjw/9GsIgw195kLf/1kYiOO3MsOjxi/9zE0N2k/rpewylWe1jRdZ3DGe16guM
QVnknOHVWQvBKlpl/YRb470ScfTI59XNR1PEBKgP4s7RXwMuyZYZiTI89QEzosuD
mGW8pZC733xH9qBpO6OGWLezvjy/h78g7PcnFv3J/moANAjmJxhB/cg3Ncluy1U4
Humdt9M84PPvW+/hEQoi8dfKRd7Pm5DJl8YpQl21Ffe56P8S6gPDQuNX7qc7/18B
lW37ZSO0Pezxh3ZH/kXeC2bdp05mdNgfAjbAV6lp40vuJvLGeB4Pd92fOjka1Fur
RXQ+el7D6sMalU05opSLbxBRcodxtTeLzRkLN9HhtNmRzUHqYL3Lc7M+tNWqQCPe
pzMuBW9tMdWhfKMIar/GQ5dBbVL00fNaI7HFSyHkYGUhV5Np7UDcIV1/DMxrM8Ij
fzlHjwqEaIQQUG9WYJX27l+kKMqsVsOAHCVFqc/g2nmdfbpPF+O+h/QxE48dhq9h
86j6dlEmTlrqMbQfEqghHHTMEXk6YNFXaVMDlhRiauOZPQwPTdCU9zDQiHvth17i
j2uvi98s119aBXYmlNX1rqvm7z9tyjomMjatlaygQOUVo7TSsjfsEPrGj4wFGohX
3vZe/xWC+uVohKwyQVVZwBM4Z5iO1PbJtqDECTvv71euBtmxrIM=
=xeRg
-----END PGP SIGNATURE-----
pgpa0jxbePu3A.pgp
Description: PGP signature
--- End Message ---
