On 2020-12-31, Vagrant Cascadian wrote: > On 2020-12-31, Vagrant Cascadian wrote: >> Various cpio archives shipped in gfxboot contain the user id and group >> id of the build user: >> >> >> https://tests.reproducible-builds.org/debian/rb-pkg/bullseye/amd64/diffoscope-results/gfxboot.html >> >> etc/bootsplash/example_01/cdrom/bootlogo >> >> -rw-r--r--···1·····1111·····1111····42639·2020-12-24·13:17:48.000000·init >> vs. >> -rw-r--r--···1·····2222·····2222····42639·2022-01-26·19:45:05.000000·init >> >> >> The attached patch fixes this by passing the owner argument to the cpio >> calls when creating the archives. > > This is fixed upstream: > > https://github.com/openSUSE/gfxboot/pull/35 > >> Unfortunately, the cpio archives also embed the timestamps of the files >> included, which will likely vary between builds, so this does not >> resolve all reproducibility issues with these archives. > > Timestamp issues also fixed upstream in the same pull request.
The first two patches are the above mentioned patches from upstream, and fix the themes shipped in gfxboot-themes package. > I think applying similar patches to themes/examples* may still be > needed. The remaining patches apply similar fixes to the gfxboot script and to the themes/examples* which are included in the gfxboot-dev package. One of the patches removes directories from the cpio archive, as the example themes only included a "." directory with timestamps. This patch needs further testing to ensure it behaves properly. With these patches and the locale patch from #979125, gfxboot should be reproducible. live well, vagrant
From 2dfa8c4db749531e819fd5901593bec14546e388 Mon Sep 17 00:00:00 2001 From: Steffen Winterfeldt <wfe...@opensuse.org> Date: Tue, 5 Feb 2019 11:37:39 +0100 Subject: [PATCH 1/6] ensure theme builds are reproducible (bsc #1124165) Themes contains two cpio archives. Ensure they are identical in each build. --- themes/openSUSE/Makefile | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/themes/openSUSE/Makefile b/themes/openSUSE/Makefile index 3a71f9b..3f13519 100644 --- a/themes/openSUSE/Makefile +++ b/themes/openSUSE/Makefile @@ -55,8 +55,8 @@ bootlogo: src/main.bin src/gfxboot.cfg help-install/.ready po/.ready fonts/.read ifdef DEFAULT_LANG @echo $(DEFAULT_LANG) >bootlogo.dir/lang endif - @sh -c 'cd bootlogo.dir; chmod +t * ; chmod -t init languages' - @sh -c 'cd bootlogo.dir; echo * | sed -e "s/ /\n/g" | cpio --quiet -o >../bootlogo' + @sh -c 'cd bootlogo.dir; chmod +t * ; chmod -t init languages ; touch -r ../src/main.bc *' + @sh -c 'cd bootlogo.dir; echo * | sed -e "s/ /\n/g" | cpio --quiet --reproducible --owner=+0:+0 -o >../bootlogo' message: src/main.bin src/gfxboot.cfg help-boot/.ready po/.ready fonts/.ready @rm -rf message.dir @@ -71,7 +71,8 @@ ifdef DEFAULT_LANG @echo $(DEFAULT_LANG) >message.dir/lang @echo $(DEFAULT_LANG) >>message.dir/languages endif - @sh -c 'cd message.dir; echo * | sed -e "s/ /\n/g" | cpio --quiet -o >../message' + @sh -c 'cd message.dir; touch -r ../src/main.bc *' + @sh -c 'cd message.dir; echo * | sed -e "s/ /\n/g" | cpio --quiet --reproducible --owner=+0:+0 -o >../message' clean: @for i in $(SUBDIRS) ; do [ ! -f $$i/Makefile ] || make -C $$i clean || break ; done -- 2.30.0
From ed66277ddff593ec565a245c74944f1a2c7344bd Mon Sep 17 00:00:00 2001 From: Steffen Winterfeldt <wfe...@opensuse.org> Date: Tue, 5 Feb 2019 13:19:01 +0100 Subject: [PATCH 2/6] adjust unpack_bootlogo script --- bin/unpack_bootlogo | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/bin/unpack_bootlogo b/bin/unpack_bootlogo index ec83d0b..851a601 100755 --- a/bin/unpack_bootlogo +++ b/bin/unpack_bootlogo @@ -21,7 +21,7 @@ sub unpack_bootlogo @files = `cpio --quiet -t <$dir/bootlogo`; - system "cd $tmp; cpio --quiet -i <../bootlogo"; + system "cd $tmp; cpio --quiet --preserve-modification-time -i <../bootlogo"; for (@files) { chomp; @@ -48,7 +48,7 @@ sub unpack_bootlogo } } - open P, "| cd $tmp; cpio --quiet -o >../bootlogo"; + open P, "| cd $tmp; cpio --quiet --reproducible --owner=+0:+0 -o >../bootlogo"; print P "$_\n" for grep $_, @files; if($xdir) { print P "$_\n" for @ext } close P; -- 2.30.0
From 82bbe3441842dea44396dc5905923d4145be3c72 Mon Sep 17 00:00:00 2001 From: Vagrant Cascadian <vagr...@reproducible-builds.org> Date: Fri, 1 Jan 2021 03:38:21 +0000 Subject: [PATCH 4/6] gfxboot: pass --reproducible and --owner to cpio. --- gfxboot | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gfxboot b/gfxboot index f7cda36..48e5707 100755 --- a/gfxboot +++ b/gfxboot @@ -2597,7 +2597,7 @@ sub pack_archive } if(@pack_list) { - open $f, "| ( cd $dir ; cpio --quiet -o ) >$file/$archive"; + open $f, "| ( cd $dir ; cpio --quiet --reproducible --owner=+0:+0 -o ) >$file/$archive"; print $f join("\n", @pack_list); close $f; } @@ -2606,7 +2606,7 @@ sub pack_archive else { $file = $gfxboot_tmp->file; - $i = system "cd $dir ; find . | cpio --quiet -o >$file 2>/dev/null"; + $i = system "cd $dir ; find . | cpio --quiet --reproducible --owner=+0:+0 -o >$file 2>/dev/null"; die "$file: failed to create archive\n" if $i; } -- 2.30.0
From a94c1e737b8575e44a04d6030801d28763bda983 Mon Sep 17 00:00:00 2001 From: Vagrant Cascadian <vagr...@reproducible-builds.org> Date: Sun, 3 Jan 2021 03:21:23 +0000 Subject: [PATCH 5/6] gfxboot: do not include directory in cpio archive. --- gfxboot | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gfxboot b/gfxboot index 48e5707..bb5767f 100755 --- a/gfxboot +++ b/gfxboot @@ -2606,7 +2606,7 @@ sub pack_archive else { $file = $gfxboot_tmp->file; - $i = system "cd $dir ; find . | cpio --quiet --reproducible --owner=+0:+0 -o >$file 2>/dev/null"; + $i = system "cd $dir ; find . -type f | cpio --quiet --reproducible --owner=+0:+0 -o >$file 2>/dev/null"; die "$file: failed to create archive\n" if $i; } -- 2.30.0
From 7c83e791ec4b2f3220516de1ce619123174832e2 Mon Sep 17 00:00:00 2001 From: Vagrant Cascadian <vagr...@reproducible-builds.org> Date: Fri, 1 Jan 2021 04:09:40 +0000 Subject: [PATCH 6/6] themes/example*/Makefile: Set time on files in example themes using Makefile as a reference time. --- themes/example_01/Makefile | 1 + themes/example_02/Makefile | 1 + themes/example_03/Makefile | 1 + themes/example_04/Makefile | 1 + themes/example_05/Makefile | 1 + themes/example_06/Makefile | 1 + themes/example_07/Makefile | 1 + 7 files changed, 7 insertions(+) diff --git a/themes/example_01/Makefile b/themes/example_01/Makefile index a3d1be4..c54659d 100644 --- a/themes/example_01/Makefile +++ b/themes/example_01/Makefile @@ -12,6 +12,7 @@ bootlogo: example_*.bc @rm -rf $@.dir @mkdir $@.dir $(GFXBOOT_COMPILE) $(BFLAGS) -l $@.log -c $< $@.dir/init + touch --reference Makefile $@.dir/* $(GFXBOOT) --archive $@.dir --pack-archive $@ clean: diff --git a/themes/example_02/Makefile b/themes/example_02/Makefile index c0d551d..5eb150c 100644 --- a/themes/example_02/Makefile +++ b/themes/example_02/Makefile @@ -13,6 +13,7 @@ bootlogo: example_*.bc font @mkdir $@.dir $(GFXBOOT_COMPILE) $(BFLAGS) -l $@.log -c $< $@.dir/init @cp font.fnt $@.dir + touch --reference Makefile $@.dir/* $(GFXBOOT) --archive $@.dir --pack-archive $@ font: diff --git a/themes/example_03/Makefile b/themes/example_03/Makefile index 4e18e35..2c7de7c 100644 --- a/themes/example_03/Makefile +++ b/themes/example_03/Makefile @@ -13,6 +13,7 @@ bootlogo: example_*.bc font @mkdir $@.dir $(GFXBOOT_COMPILE) $(BFLAGS) -l $@.log -c $< $@.dir/init @cp clouds.jpg font.fnt $@.dir + touch --reference Makefile $@.dir/* $(GFXBOOT) --archive $@.dir --pack-archive $@ font: diff --git a/themes/example_04/Makefile b/themes/example_04/Makefile index e54c817..b3bcd70 100644 --- a/themes/example_04/Makefile +++ b/themes/example_04/Makefile @@ -13,6 +13,7 @@ bootlogo: example_*.bc font @mkdir $@.dir $(GFXBOOT_COMPILE) $(BFLAGS) -l $@.log -c $< $@.dir/init @cp clouds.jpg font.fnt $@.dir + touch --reference Makefile $@.dir/* $(GFXBOOT) --archive $@.dir --pack-archive $@ font: diff --git a/themes/example_05/Makefile b/themes/example_05/Makefile index e54c817..b3bcd70 100644 --- a/themes/example_05/Makefile +++ b/themes/example_05/Makefile @@ -13,6 +13,7 @@ bootlogo: example_*.bc font @mkdir $@.dir $(GFXBOOT_COMPILE) $(BFLAGS) -l $@.log -c $< $@.dir/init @cp clouds.jpg font.fnt $@.dir + touch --reference Makefile $@.dir/* $(GFXBOOT) --archive $@.dir --pack-archive $@ font: diff --git a/themes/example_06/Makefile b/themes/example_06/Makefile index 0a3c7cd..88c0b08 100644 --- a/themes/example_06/Makefile +++ b/themes/example_06/Makefile @@ -16,6 +16,7 @@ bootlogo: example_*.bc font @mkdir $@.dir $(GFXBOOT_COMPILE) $(BFLAGS) -l $@.log -c $< $@.dir/init @cp $(FILES) $@.dir + touch --reference Makefile $@.dir/* $(GFXBOOT) --archive $@.dir --pack-archive $@ @ln -snf bootlogo message diff --git a/themes/example_07/Makefile b/themes/example_07/Makefile index 0a3c7cd..88c0b08 100644 --- a/themes/example_07/Makefile +++ b/themes/example_07/Makefile @@ -16,6 +16,7 @@ bootlogo: example_*.bc font @mkdir $@.dir $(GFXBOOT_COMPILE) $(BFLAGS) -l $@.log -c $< $@.dir/init @cp $(FILES) $@.dir + touch --reference Makefile $@.dir/* $(GFXBOOT) --archive $@.dir --pack-archive $@ @ln -snf bootlogo message -- 2.30.0
signature.asc
Description: PGP signature