Source: uclibc Severity: normal Tags: patch User: reproducible-bui...@lists.alioth.debian.org Usertags: umask username X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org
The source tarball /usr/src/uClibc-ng-1.0.35.tar.xz embeds the username, userid, groupname, groupid and umask of the build user: https://tests.reproducible-builds.org/debian/rb-pkg/bookworm/amd64/diffoscope-results/uclibc.html drwxr-xr-x···0·pbuilder1··(1111)·pbuilder1··(1111)········0·2020-08-29·02:35:19.000000·uClibc-ng-1.0.35/ vs. drwxrwxr-x···0·pbuilder2··(2222)·pbuilder2··(2222)········0·2020-08-29·02:35:19.000000·uClibc-ng-1.0.35/ The attached patch fixes this by passing arguments to tar in debian/rules to ensure consistent user, group, uid, gid and file permissions in the generated tarball. I have not verified that these changes work correctly in the resulting packages, only that it builds reproducibly; please be sure to verify before uploading. I have not fully tested this patch as my local build environment does not successfully test umask differences, though I am fairly confident with this patch applied, uclibc should become reproducible on tests.reproducible-builds.org! Thanks for maintaining uclibc! live well, vagrant
From 7463e372afbc7f9d3e7c78788741ded0890c4102 Mon Sep 17 00:00:00 2001 From: Vagrant Cascadian <vagr...@reproducible-builds.org> Date: Tue, 27 Sep 2022 19:09:06 +0000 Subject: [PATCH] debian/rules: Set sort order, user id, group id, and file mask when generating tarball. https://reproducible-builds.org/docs/archives/ --- debian/rules | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/debian/rules b/debian/rules index c850f66..7a41ebc 100755 --- a/debian/rules +++ b/debian/rules @@ -129,7 +129,7 @@ build/uClibc-ng-$(version).tar.xz: build/uClibc-ng-$(version).tar build/uClibc-ng-$(version).tar: dh_testdir mkdir -p build - tar -cf $@ --mtime="$(BUILD_DATE)" --exclude=./build --transform s@^\.@uClibc-ng-$(version)@ . + tar -cf $@ --mtime="$(BUILD_DATE)" --sort=name --owner=0 --group=0 --numeric-owner --mode=go=rX,u+rw,a-s --exclude=./build --transform s@^\.@uClibc-ng-$(version)@ . binary-%: build-% dh_testdir -- 2.37.2
signature.asc
Description: PGP signature