From: Carl Dong <contact@carldong.me>
To: "help-guix@gnu.org" <help-guix@gnu.org>
Subject: Bootstrappable bitcoin release builds with Guix
Date: Tue, 09 Apr 2019 15:03:38 +0000 [thread overview]
Message-ID: <XPyvidOFdcS4et-G9uyZ-WL0YP8kVW-aHd--4HmMTy-Z4pMw3qFJAf6sbqWtj4zijE-mgSxCLUkLnWyjwTYG0BSakHTCMk3Lqswd06vh7TM=@carldong.me> (raw)
Hi all,
I've been on a quest to use Guix for Bitcoin Core's reproducible builds as I
believe that Guix's focus on bootstrappability, and Guile's simplicity and
flexibility are very desirable qualities in building an auditable, secure, and
reliable build process. My pull request (very short thanks to Guix's
infrastructure) can be found here:
https://github.com/bitcoin/bitcoin/pull/15277/files
I've submitted patches for the Guix bitcoin-core package to make it
reproducible, which seems to work fine. However, for easier acceptance into the
bitcoin core process, I need to produce tarballs like the ones we have on our
servers today: https://bitcoincore.org/bin/bitcoin-core-0.17.1/
For some context, we have a "mini-guix" of sorts seen in our "depends tree"
here: https://github.com/bitcoin/bitcoin/tree/master/depends. This builds all
the dependencies for bitcoin just the way we want them, in preparation for
getting linked into bitcoin itself.
My current approach for the build process is to produce a Guix container in
which I execute a build of our "depends tree" followed by a build of bitcoin
itself. See the Guix manifest and scripts here:
https://github.com/bitcoin/bitcoin/pull/15277/files
However, there were three hiccups that I had to hack my way around:
1. libstdc++ would not link statically even with "-static-libstdc++". The hack
was to remove the .la file under $LIBRARY_PATH.
2. Upon inspection of the binaries produced at the end of this process, they all
had rpaths. The hack was to use patchelf --remove-rpath on them.
3. Upon inspection of the binaries produced at the end of this process, their
interpreters all had a `/gnu/store/blahblah-glibc-2.28' prefix. The hack was
to use patchelf --set-interpreter on them.
My questions are:
1. Is there a way to avoid the hacks that I listed above? I understand that it
might mean writing custom gcc packages and I'm 100% okay with that.
2. Is there an easier way of achieving the same thing?
Thank you all in advance for helping with this, and I hope that we'll see
boostrappable Guix release builds of bitcoin very soon!
Cheers,
Carl Dong
contact@carldong.me
"I fight for the users"
next reply other threads:[~2019-04-09 15:03 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-04-09 15:03 Carl Dong [this message]
2019-04-17 20:58 ` Bootstrappable bitcoin release builds with Guix Ludovic Courtès
2019-04-23 20:56 ` Carl Dong
2019-05-03 9:31 ` Ludovic Courtès
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='XPyvidOFdcS4et-G9uyZ-WL0YP8kVW-aHd--4HmMTy-Z4pMw3qFJAf6sbqWtj4zijE-mgSxCLUkLnWyjwTYG0BSakHTCMk3Lqswd06vh7TM=@carldong.me' \
--to=contact@carldong.me \
--cc=help-guix@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).