Source: trafficserver Version: 6.1.1-1 Severity: wishlist Tags: patch upstream User: reproducible-bui...@lists.alioth.debian.org Usertags: umask username hostname X-Debbugs-Cc: reproducible-bui...@lists.alioth.debian.org
Hi! While working on the "reproducible builds" effort [1], we have noticed that trafficserver could not be built reproducibly. It embeds the build username/groupname/hostname into the binary and has files in /etc varying with different umasks. The attached patch uses deterministic values for user/group/hostname and let's dh_fixperms normalize the permissions in /etc/trafficserver. I didn't find a reason why it was excluded from dh_fixperms, but please check if removing it from the exclude list is really okay. Regards, Reiner [1]: https://wiki.debian.org/ReproducibleBuilds
diff --git a/debian/patches/0002-reproducible-build.patch b/debian/patches/0002-reproducible-build.patch new file mode 100644 index 0000000..c297b16 --- /dev/null +++ b/debian/patches/0002-reproducible-build.patch @@ -0,0 +1,18 @@ +Author: Reiner Herrmann <rei...@reiner-h.de> +Description: Use deterministic values for user/group/host + +--- a/configure.ac ++++ b/configure.ac +@@ -139,9 +139,9 @@ + # + # Build environment + # +-build_person="`id -nu | sed -e 's/\\\\/\\\\\\\\/g'`" +-build_group="`id -ng | sed -e 's/\\\\/\\\\\\\\/g'`" +-build_machine="`uname -n | sed -e 's/\\\\/\\\\\\\\/g'`" ++build_person="root" ++build_group="root" ++build_machine="localhost" + AC_SUBST([build_machine]) + AC_SUBST([build_person]) + AC_SUBST([build_group]) diff --git a/debian/patches/series b/debian/patches/series index 1e778d9..80d4ebb 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1 +1,2 @@ 0001-Use-mcx16-on-x86-platforms-only.patch +0002-reproducible-build.patch diff --git a/debian/rules b/debian/rules index 3fbc0fb..3163a95 100755 --- a/debian/rules +++ b/debian/rules @@ -56,7 +56,7 @@ endif ./debian/change_config.pl debian/trafficserver/etc/trafficserver/records.config override_dh_fixperms: - dh_fixperms -X etc/trafficserver -X var/lib/trafficserver \ + dh_fixperms -X var/lib/trafficserver \ -X var/log/trafficserver -X /var/cache/trafficserver \ -X var/run/trafficserver
signature.asc
Description: PGP signature
