Re: [Rpm-maint] [rpm-software-management/rpm] Add support for setting the build time and clamping to the build time (PR #2944)
Oh wait, I can do this myself. -- Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/2944#issuecomment-2042071468 You are receiving this because you are subscribed to this thread. Message ID: ___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Add support for setting the build time and clamping to the build time (PR #2944)
In the light of the xz attack, could you please remove me from the list of people that have direct push rights to the rpm code? I don't see why I would need it because everything is done with pull requests, and it's just increasing the attack surface. -- Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/2944#issuecomment-2042064834 You are receiving this because you are subscribed to this thread. Message ID: ___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Add support for setting the build time and clamping to the build time (PR #2944)
Based on a quick look, the changes did what I asked for so it's all good. If you want to add extra tests later, that's of course okay. -- Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/2944#issuecomment-2039346604 You are receiving this because you are subscribed to this thread. Message ID: ___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Add support for setting the build time and clamping to the build time (PR #2944)
Ack, s*** happens. No worries. -- Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/2944#issuecomment-2039332804 You are receiving this because you are subscribed to this thread. Message ID: ___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Add support for setting the build time and clamping to the build time (PR #2944)
I accidentally merged this by pushing to the wrong remote. I'm really sorry about this. -- Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/2944#issuecomment-2039325097 You are receiving this because you are subscribed to this thread. Message ID: ___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Add support for setting the build time and clamping to the build time (PR #2944)
@mlschroe pushed 0 commits. -- View it on GitHub: https://github.com/rpm-software-management/rpm/pull/2944/files/36e2f4259ccfdf3ccf6ae271edb5fc052b0b..aa7c57c0b820a407ffd9b2ad00f990f698505df6 You are receiving this because you are subscribed to this thread. Message ID: ___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Add support for setting the build time and clamping to the build time (PR #2944)
Closed #2944. -- Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/2944#event-12370608022 You are receiving this because you are subscribed to this thread. Message ID: ___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Add support for setting the build time and clamping to the build time (PR #2944)
Oh and update (some of) the tests to use the new macros, optimally add a new one for the clamp_to_buildtime behavior. The above nits aside, I'm not going to say no to a reproducible builds patch that appears to have consensus from everybody :sweat_smile: -- Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/2944#issuecomment-2033754048 You are receiving this because you are subscribed to this thread. Message ID: ___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Add support for setting the build time and clamping to the build time (PR #2944)
@pmatilai commented on this pull request.
> @@ -240,10 +240,12 @@ Supplements: (%{name} = %{version}-%{release} and
> langpacks-%{1})\
# Is ignored when SOURCE_DATE_EPOCH is not set.
%use_source_date_epoch_as_buildtime 0
-# If true, make sure that timestamps in built rpms
-# are not later than the value of SOURCE_DATE_EPOCH.
-# Is ignored when SOURCE_DATE_EPOCH is not set.
-%clamp_mtime_to_source_date_epoch 0
+# Defines file timestamp handling in built rpms. Possible values
+# are "clamp_to_buildtime" and "clamp_to_source_date_epoch",
+# which makes sure the the file timestamps are not later than
+# the build time of the package or the value of
+# SOURCE_DATE_EPOCH, respectively.
+#%build_mtime_policy
This new stuff should also be documented in docs/manual/buildprocess.md
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/2944#pullrequestreview-1975739792
You are receiving this because you are subscribed to this thread.
Message ID: ___
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Add support for setting the build time and clamping to the build time (PR #2944)
@pmatilai commented on this pull request.
>
-/* Limit the maximum date to SOURCE_DATE_EPOCH if defined
- * similar to the tar --clamp-mtime option
- * https://reproducible-builds.org/specs/source-date-epoch/
- */
-if (srcdate && rpmExpandNumeric("%{?clamp_mtime_to_source_date_epoch}")) {
- char *endptr;
- errno = 0;
- source_date_epoch = strtol(srcdate, , 10);
- if (srcdate == endptr || *endptr || errno != 0) {
- rpmlog(RPMLOG_ERR, _("unable to parse %s=%s\n"),
"SOURCE_DATE_EPOCH", srcdate);
- fl->processingFailed = 1;
+/* backward compatibility */
+if (!*mtime_policy_str) {
+if (srcdate &&
rpmExpandNumeric("%{?clamp_mtime_to_source_date_epoch}")) {
Maybe this should issue a deprecation warning?
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/2944#pullrequestreview-1975738512
You are receiving this because you are subscribed to this thread.
Message ID: ___
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Add support for setting the build time and clamping to the build time (PR #2944)
@keszybz commented on this pull request.
Looks nice.
> @@ -240,10 +240,12 @@ Supplements: (%{name} = %{version}-%{release} and
> langpacks-%{1})\
# Is ignored when SOURCE_DATE_EPOCH is not set.
%use_source_date_epoch_as_buildtime 0
-# If true, make sure that timestamps in built rpms
-# are not later than the value of SOURCE_DATE_EPOCH.
-# Is ignored when SOURCE_DATE_EPOCH is not set.
-%clamp_mtime_to_source_date_epoch 0
+# Defines file timestamp handling in built rpms. Possible values
+# are "clamp_to_buildtime" and "clamp_to_source_date_epoch",
+# which makes sure the the file timestamps are not later than
+# the build time of the package or the value of
I'd spell "the build time" as "BUILDTIME" to avoid ambiguity.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/2944#pullrequestreview-1965645048
You are receiving this because you are subscribed to this thread.
Message ID: ___
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Add support for setting the build time and clamping to the build time (PR #2944)
@mlschroe pushed 1 commit. c9579db452e4d4c6996d30419889f831c15c68b3 Support clamping the file mtime to the build time -- View it on GitHub: https://github.com/rpm-software-management/rpm/pull/2944/files/be088c0aa13707a14962d649823b696b3d5a2c7e..c9579db452e4d4c6996d30419889f831c15c68b3 You are receiving this because you are subscribed to this thread. Message ID: ___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Add support for setting the build time and clamping to the build time (PR #2944)
@pmatilai commented on this pull request.
> @@ -240,10 +240,12 @@ Supplements: (%{name} = %{version}-%{release} and
> langpacks-%{1})\
# Is ignored when SOURCE_DATE_EPOCH is not set.
%use_source_date_epoch_as_buildtime 0
-# If true, make sure that timestamps in built rpms
-# are not later than the value of SOURCE_DATE_EPOCH.
-# Is ignored when SOURCE_DATE_EPOCH is not set.
-%clamp_mtime_to_source_date_epoch 0
+# Defines file timestamp handling in built rpms. Possible values
+# are "clamp_to_buildtime" and "clamp_to_source_date_epoch",
+# which makes sure the the file timestamps are not later than
+# the build time of the package or the value of
+# SOURCE_DATE_EPOCH, respectively.
+#%mtime_policy
Sorry I forgot to comment on this: please make that something like
"%build_mtime_policy" so its clear this is a *build* feature.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/2944#pullrequestreview-1963683544
You are receiving this because you are subscribed to this thread.
Message ID: ___
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Add support for setting the build time and clamping to the build time (PR #2944)
I've updated the pull request. -- Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/2944#issuecomment-2023034485 You are receiving this because you are subscribed to this thread. Message ID: ___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Add support for setting the build time and clamping to the build time (PR #2944)
@mlschroe pushed 1 commit. be088c0aa13707a14962d649823b696b3d5a2c7e Support clamping the file mtime to the build time -- View it on GitHub: https://github.com/rpm-software-management/rpm/pull/2944/files/ee365274c42530286a09dad1fc83144ef478b25a..be088c0aa13707a14962d649823b696b3d5a2c7e You are receiving this because you are subscribed to this thread. Message ID: ___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Add support for setting the build time and clamping to the build time (PR #2944)
Proposal 2 looks good to me. -- Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/2944#issuecomment-2015549221 You are receiving this because you are subscribed to this thread. Message ID: ___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Add support for setting the build time and clamping to the build time (PR #2944)
I think proposal 2 is more extensible. With proposal 1 we assume that no policy except clamping would be wanted, but people are clearly interested in other approaches. So I'd go with 2., even if initially there are no plans to provide non-clamping choices. -- Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/2944#issuecomment-2015543625 You are receiving this because you are subscribed to this thread. Message ID: ___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Add support for setting the build time and clamping to the build time (PR #2944)
Ok, let's move on with this. Time for some bike shedding. Proposal 1: add `%clamp_mtime}` with supported values `buildtime`, `source_date_epoch` Proposal 2: add `%mtime_policy` with supported values `clamp_to_buildtime`, `clamp_to_source_data_epoch` I added proposal 2 because the original pull request from Jan supported setting all the files to the build time. So we could add a `set_to_buildtime` feature in the future if we want this. Opinions? -- Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/2944#issuecomment-2015488831 You are receiving this because you are subscribed to this thread. Message ID: ___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Add support for setting the build time and clamping to the build time (PR #2944)
@Conan-Kudo commented on this pull request.
> @@ -245,6 +245,10 @@ Supplements: (%{name} = %{version}-%{release} and
> langpacks-%{1})\
# Is ignored when SOURCE_DATE_EPOCH is not set.
%clamp_mtime_to_source_date_epoch 0
+# If true, make sure that timestamps in built rpms
+# are not later than the build time of the package.
+%clamp_mtime_to_buildtime 0
I will preface this that I think adding this knob is a seriously bad idea. But,
I think @pmatilai is right that _if_ we're going to do this, we should change
to a mode-setting macro like `%clamp_mtime` and have mode options.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/2944#discussion_r1528334316
You are receiving this because you are subscribed to this thread.
Message ID: ___
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Add support for setting the build time and clamping to the build time (PR #2944)
@keszybz commented on this pull request.
> @@ -245,6 +245,10 @@ Supplements: (%{name} = %{version}-%{release} and
> langpacks-%{1})\
# Is ignored when SOURCE_DATE_EPOCH is not set.
%clamp_mtime_to_source_date_epoch 0
+# If true, make sure that timestamps in built rpms
+# are not later than the build time of the package.
+%clamp_mtime_to_buildtime 0
I think this pull request is very reasonable. Though, as @pmatilai said, a
"`%clamp_mtime` macro that accepts `none`/`buildtime`/`source_date_epoch`"
would be nicer. It's more forward-looking, because maybe there will be another
idea in the future and then we can just another value. And because there's just
one setting, there can be no question of precedence between the different
options.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/2944#discussion_r1513986380
You are receiving this because you are subscribed to this thread.
Message ID: ___
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Add support for setting the build time and clamping to the build time (PR #2944)
@JanZerebecki commented on this pull request.
> @@ -245,6 +245,10 @@ Supplements: (%{name} = %{version}-%{release} and
> langpacks-%{1})\
# Is ignored when SOURCE_DATE_EPOCH is not set.
%clamp_mtime_to_source_date_epoch 0
+# If true, make sure that timestamps in built rpms
+# are not later than the build time of the package.
+%clamp_mtime_to_buildtime 0
I have not verified if that works, but if one can use lua in the %{?_buildtime}
macro to read and set environment variables and execute the date binary then we
could do the logic in macros.
And thus also use %{?_mtime} as returning the epoch to set. If it is something
like a false value that is not literal 0, the we would read it from disk like
the current default. Not sure why someone would want to clamp it, instead of
setting it, but if we need to we could have %{?_mtime_treatment} with 'set' or
'clamp'. I guess a callback to a macro for each file might be too slow? What do
you think?
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/2944#discussion_r1513101906
You are receiving this because you are subscribed to this thread.
Message ID: ___
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Add support for setting the build time and clamping to the build time (PR #2944)
@mlschroe commented on this pull request.
> @@ -245,6 +245,10 @@ Supplements: (%{name} = %{version}-%{release} and
> langpacks-%{1})\
# Is ignored when SOURCE_DATE_EPOCH is not set.
%clamp_mtime_to_source_date_epoch 0
+# If true, make sure that timestamps in built rpms
+# are not later than the build time of the package.
+%clamp_mtime_to_buildtime 0
I was expecting that you write something like this ;-) But I kept it simple to
start the discussion.
There's also Jan Zerebecki who wants to have a way to tell rpm to set all file
mtimes to the build time. (I don't like that personally.) OTOH he could also to
that with a brp script, I guess.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/2944#discussion_r1512524554
You are receiving this because you are subscribed to this thread.
Message ID: ___
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Add support for setting the build time and clamping to the build time (PR #2944)
@pmatilai commented on this pull request.
> @@ -245,6 +245,10 @@ Supplements: (%{name} = %{version}-%{release} and
> langpacks-%{1})\
# Is ignored when SOURCE_DATE_EPOCH is not set.
%clamp_mtime_to_source_date_epoch 0
+# If true, make sure that timestamps in built rpms
+# are not later than the build time of the package.
+%clamp_mtime_to_buildtime 0
This means we now have two independent knobs for the same thing, and both
cannot be right.
I'd rather have something like `%clamp_mtime` macro that accepts
none/buildtime/source_date_epoch as possible values.
`%clamp_mtime_to_source_date_epoch` can then be deprecated and routed to the
new macro for now, for backwards compatibility.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/2944#pullrequestreview-1916204585
You are receiving this because you are subscribed to this thread.
Message ID: ___
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
http://lists.rpm.org/mailman/listinfo/rpm-maint
Re: [Rpm-maint] [rpm-software-management/rpm] Add support for setting the build time and clamping to the build time (PR #2944)
@mlschroe pushed 2 commits. 2880adc356b3808241ab348c372f190dd48cb624 Add support for a _buildtime macro for setting the build time manually ee365274c42530286a09dad1fc83144ef478b25a Support clamping the file mtime to the build time -- View it on GitHub: https://github.com/rpm-software-management/rpm/pull/2944/files/f53728f9f148c5f4ceeade6c2c93a14bc161ab24..ee365274c42530286a09dad1fc83144ef478b25a You are receiving this because you are subscribed to this thread. Message ID: ___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
[Rpm-maint] [rpm-software-management/rpm] Add support for setting the build time and clamping to the build time (PR #2944)
This makes it easier to reproduce a build that was done without SOURCE_DATE_EPOCH. The two new macros are opt in so that the current functionality is not touched. You can view, comment on, or merge this pull request online at: https://github.com/rpm-software-management/rpm/pull/2944 -- Commit Summary -- * Add support for a _buildtime macro for setting the build time manually * Support clamping the file mtime to the build time -- File Changes -- M build/build.c (15) M build/files.c (19) M macros.in (4) -- Patch Links -- https://github.com/rpm-software-management/rpm/pull/2944.patch https://github.com/rpm-software-management/rpm/pull/2944.diff -- Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/2944 You are receiving this because you are subscribed to this thread. Message ID: rpm-software-management/rpm/pull/2...@github.com ___ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
