[buildd-tools-devel] Bug#778571: [Reproducible-builds] Bug#790868: sbuild: Please allow sbuild to use a deterministic build path to build packages
Johannes Schauer
josch at debian.org
Sat Jul 11 09:35:06 UTC 2015
Hi,
note that the patch that fixes bug #790868 provides part of the solution for
this bug.
It allows one to set a fixed build directory but it does not do any bind
mounting of paths into the build schroot. So right now with this patch,
packages can by default only be built in locations that the sbuild user has
access to. This is by default the /build directory, /tmp and potentially a
prior created path in the bind-mounted /home.
If the build schroot is modified beforehand, for example by adding an
additional bind-mount or by changing permissions in a certain directory, then
with the patch in that bug, these paths are also possible.
I guess then this bug boils down to making a default build path other than
/build, /tmp or /home work with sbuild. As far as I can see, this requires
modifications in the sbuild-createchroot script.
Also, when you talk about the build path being
/usr/src/debian/$package/$version, then do you mean that the source is unpacked
in that directory directly, so that you get:
/usr/src/debian/$package/$version/debian/rules
or in its own subdirectory as if one would call dpkg-source from within that
directory so that it would for example create:
/usr/src/debian/$package/$version/$package-$version/debian/rules
Also, why would bind mounting the build location from the host be a good
default solution? This just leads to conflicts if one wants to build the same
package with the same version at the same time. And especially to test
reproducibility one would want to be able to build the same package with the
same version at the same time. So I think the default should not be a bind
mounted (and thus shared) directory from the host.
Thanks!
cheers, josch
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: signature
URL: <http://lists.alioth.debian.org/pipermail/buildd-tools-devel/attachments/20150711/68ea5c1d/attachment.sig>
More information about the Buildd-tools-devel
mailing list