Re: Reproducible build (a.k.a deterministic build)

["Perry E. Metzger" <perry%piermont.com@localhost>]

Masao Uebayashi <uebayasi%gmail.com@localhost> writes:
> What I've changed:
>
> - Hack cpp(1) to strip __FILE__'s prefix.
>   - At the moment, hint prefix is given to cpp(1) via environment.

Probably a flag to cpp would be best in a final version, along with
appropriate use of the flag in build.sh.

> - Hack g++(1) to strip file prefix which is used in mangled absolute path.
>   - Using environment too.
>   - perry@ said this can be avoided by not passing ${TOP} as build seed.
>     I've not checked that.

Right now we include the full path via a rule in sys.mk -- we can fix
sys.mk to strip ${TOP} off if it is set.

> - Remove debug build (${CC} -g) which embeds source paths into objects.

Hrm. I think we really want to keep debugging libraries -- we can
perhaps replace the prefix with /usr/src somehow.

> - Hack ar(1) to generate constant timestamps.
>   - Blindly applied cgd@'s post to binutils@. :)

That is probably the right thing. Failing that, I have a short program
that removes the timestamps, uid/gid etc from ar archives. We should
check with cgd that he's okay with our applying his (draft) patches.

> The list of ${DESTDIR} files that are not identical:
>
> - ./METALOG*
> - ./etc/mtree/sets.*
> - ./etc/release
> - ./usr/include/krb5/*.h
> - ./usr/libdata/lint/llib-lpam.ln
> - ./usr/share/info/*.info
> - ./var/db/libc.tags

We can probably fix these, too, of course.

> Before proceeding further I'd like to ask if you see value for this, and if
> yes how to address above items.

This is very valuable work. I got stalled in doing the last bits of
it, which you have essentially completed. Thank you for working on
this.

Perry
-- 
Perry E. Metzger                perry%piermont.com@localhost