[Build-common-hackers] Bug#764478: please support reproducible builds

Holger Levsen holger at layer-acht.org
Wed Oct 8 13:51:59 UTC 2014

package: cdbs
severity: wishlist
User: reproducible-builds at lists.alioth.debian.org
Usertags: toolchain
X-Debbugs-CC: reproducible-builds at lists.alioth.debian.org


it would be great if cdbs could support reproducible builds soon, see 
https://wiki.debian.org/ReproducibleBuilds for the long version and 
https://wiki.debian.org/ReproducibleBuilds#Custom_build_environment for 
specific instructions how to setup such an environment as long as not all 
parts are in side.

So to support reproducible builds right now, you need to use debhelper from 
the reproducible apt repository (as explained in the above URLs) or build it 
from ssh://git.debian.org/git/reproducible/debhelper.git

This will get you two new dh_ commands: dh_fixmtimes and dh_genbuildinfo.

The dh-strip-nondeterminism binary package is in available in Debian main 
already and can be installed from there.

Now to the needed modification for the dh_ sequence, which cdbs shall do when 
building packages:

1. run dh_strip_nondeterminism before dh_compress.
2. run dh_fixmtimes after dh_md5sums, right before dh_builddeb.
3. run dh_genbuildinfo at the end of the dh_ sequence, so after dh_builddeb.

That's it.

AIUI this could even be added right now and only be used if available. Thus, 
_some_ packages will become *magically* reproducible one day "for free"! :-)

Sadly I don't know the cdbs codebase at all, else I might have looked into it 
to provide a patch. I'd be glad to *try* patches though! :-)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 828 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.alioth.debian.org/pipermail/build-common-hackers/attachments/20141008/1c7981ec/attachment.sig>

More information about the Build-common-hackers mailing list