[reprotest] 01/01: doc: updates about our assumptions and rearrange sudo into its own section
Ximin Luo
infinity0 at debian.org
Fri Oct 27 12:48:50 UTC 2017
This is an automated email from the git hooks/post-receive script.
infinity0 pushed a commit to branch master
in repository reprotest.
commit 47f69eb31c6892a68e553c34271531bc74d7451a
Author: Ximin Luo <infinity0 at debian.org>
Date: Fri Oct 27 14:48:27 2017 +0200
doc: updates about our assumptions and rearrange sudo into its own section
---
README.rst | 75 ++++++++++++++++++++++++++++++++++-----------------
reprotest/__init__.py | 4 +--
2 files changed, 53 insertions(+), 26 deletions(-)
diff --git a/README.rst b/README.rst
index 2b9e6fa..687f476 100644
--- a/README.rst
+++ b/README.rst
@@ -271,8 +271,21 @@ means to vary home, time (the last given value for --variations), timezone, and
-time (the given multiple values for --vary), i.e. home and timezone.
-Varying the domain or host
-==========================
+Notes on variations
+===================
+
+reprotest tries hard to perform variations without assuming it has full root
+access to the system. It also assumes other software may be running on the same
+system, so it does not perform system-level modifications that would affect
+other processes. Due to these assumptions, some variations are implemented
+using hacks at various levels of dirtiness, which are documented below.
+
+We will hopefully lift these assumptions for certain virtual_server contexts,
+in future. That would likely allow for smoother operation in those contexts.
+The assumptions will remain for the "null" (default) virtual_server however.
+
+Domain or host
+--------------
Doing this without sudo *may* result in your build failing.
@@ -286,20 +299,41 @@ this in reprotest without heavy effort.
Therefore, it is recommended to run this variation with use_sudo=1. To avoid
password prompts, see the section "Avoid sudo(1) password prompts" below.
-
-Varying the user or group
-=========================
+User or group
+-------------
If you also vary fileordering at the same time (this is the case by default),
each user you use needs to be in the "fuse" group. Do that by running `usermod
-aG fuse $OTHERUSER` as root.
+To avoid sudo(1) password prompts, see the section "Avoid sudo(1) password
+prompts" below.
+
+Time
+----
+
+The "time" variation uses ``faketime(1)`` which *sometimes* causes weird and
+hard-to-diagnose problems. In the past, this has included:
+
+- builds taking an infinite amount of time; though this should be fixed in
+ recent versions of reprotest.
+
+- builds with implausibly huge differences caused by ./configure scripts
+ producing different results with and without faketime. This still affects
+ bash and probably certain other packages using autotools.
+
+If you see a difference that you really think should not be there, try passing
+``--variations=-time`` to reprotest, and/or check our results on
+https://tests.reproducible-builds.org/ which use a different (more reliable)
+mechanism to vary the system time.
+
+
Avoid sudo(1) password prompts
-------------------------------
+==============================
-There is currently no good way to do this. The following is a very brittle and
-unclean solution. You will have to decide for yourself if it's worth it for
-your use-case::
+There is currently no good way to do this. The following is an EXPERIMENTAL
+solution and is brittle and unclean. You will have to decide for yourself if
+it's worth it for your use-case::
$ reprotest --print-sudoers \
--variations=user_group.available+=guest-builder,domain_host.use_sudo=1 \
@@ -312,23 +346,16 @@ pick privileged users for this purpose, such as root.
chown anything on your system, because wildcards here match whitespace. I don't
know what the sudo authors were thinking.)
-No, this is really not nice at all - suggestions and patches welcome.
+No, this is not nice at all - suggestions and patches welcome.
+If you want to use this in a virtual server such as a chroot, you'll need to
+copy (or mount or otherwise map) the resulting sudoers file into your chroot.
-Varying the time
-================
+For example, for an schroot, you should (1) login to the source schroot and
+create an empty file `/etc/sudoers.d/local-reprotest` (this is important) and
+then (2) add the line:
-The "time" variation uses ``faketime(1)`` which *sometimes* causes weird and
-hard-to-diagnose problems. In the past, this has included:
+ /etc/sudoers.d/local-reprotest /etc/sudoers.d/local-reprotest none bind 0 0
-- builds taking an infinite amount of time; though this should be fixed in
- recent versions of reprotest.
+to your schroot's fstab.
-- builds with implausibly huge differences caused by ./configure scripts
- producing different results with and without faketime. This still affects
- bash and probably certain other packages using autotools.
-
-If you see a difference that you really think should not be there, try passing
-``--variations=-time`` to reprotest, and/or check our results on
-https://tests.reproducible-builds.org/ which use a different (more reliable)
-mechanism to vary the system time.
diff --git a/reprotest/__init__.py b/reprotest/__init__.py
index f9ff72a..24808cb 100644
--- a/reprotest/__init__.py
+++ b/reprotest/__init__.py
@@ -561,8 +561,8 @@ def cli_parser():
VariationSpec.default_long_string())
group1.add_argument('--vary', metavar='VARIATIONS', default=[], action='append',
help='Like --variations, but appends to previous --vary values '
- 'instead of overwriting them. Furthermore, the last value set for '
- '--variations is treated implicitly as the zeroth --vary value.')
+ 'instead of overwriting them. The last value set for --variations is '
+ 'treated implicitly as the zeroth --vary value.')
group1_0 = group1.add_mutually_exclusive_group()
group1_0.add_argument('--extra-build', metavar='VARIATIONS', default=[], action='append',
help='Perform another build with the given VARIATIONS (which may be '
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/reproducible/reprotest.git
More information about the Reproducible-commits
mailing list