From mboxrd@z Thu Jan 1 00:00:00 1970 From: Mark H Weaver Subject: Re: Reproducible build: linux-libre kernel Date: Wed, 30 Mar 2016 12:42:14 -0400 Message-ID: <871t6r3ok9.fsf@netris.org> References: <0d3d04dd006e640ed0fd201e6ec73fb1@openmailbox.org> Mime-Version: 1.0 Content-Type: text/plain Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:35275) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1alJCO-0004IE-DM for guix-devel@gnu.org; Wed, 30 Mar 2016 12:42:29 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1alJCK-0003WU-0E for guix-devel@gnu.org; Wed, 30 Mar 2016 12:42:28 -0400 Received: from world.peace.net ([50.252.239.5]:40877) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1alJCJ-0003WE-SU for guix-devel@gnu.org; Wed, 30 Mar 2016 12:42:23 -0400 In-Reply-To: <0d3d04dd006e640ed0fd201e6ec73fb1@openmailbox.org> (rain1@openmailbox.org's message of "Wed, 30 Mar 2016 13:16:13 +0100") List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org To: rain1@openmailbox.org Cc: guix-devel@gnu.org rain1@openmailbox.org writes: > I noticed that the linux-libre package we have is not a reproducible > build using the command: guix build linux-libre --check > --no-substitutes > > I did a bit of research into this these posts and blogs were helpful, > as well as the mempo project: > * > * > * > > > So I've added these tweaks, performed the build twice and it seems to > be reproducible now! That's great news, thank you! Please see below for comments. > From 713017b65c9d5a03dcf709bb231113d2152558e1 Mon Sep 17 00:00:00 2001 > From: rain1 > Date: Wed, 30 Mar 2016 13:05:19 +0100 > Subject: [PATCH] * gnu/packages/linux.scm: Added setenv calls to tune the > build towards reproducibility. Your commit message is missing the initial summary line, and needs some other changes as well to conform with our conventions. Also, it turns out that our build container already ensures that the build user and host are deterministic, so the timestamps were the only issue. So, how about something like this for the commit message: --8<---------------cut here---------------start------------->8--- gnu: linux-libre: Avoid introducing timestamps into the build. * gnu/packages/linux.scm (linux-libre)[build-phase]: Set the KCONFIG_NOTIMESTAMP and KBUILD_BUILD_TIMESTAMP environment variables to avoid introducing timestamps into the build outputs. --8<---------------cut here---------------end--------------->8--- > diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm > index fb2b671..34403ae 100644 > --- a/gnu/packages/linux.scm > +++ b/gnu/packages/linux.scm > @@ -9,6 +9,7 @@ > ;;; Copyright ?? 2016 Christopher Allan Webber > ;;; Copyright ?? 2016 Tobias Geerinckx-Rice > ;;; Copyright ?? 2016 Alex Kost > +;;; Copyright ?? 2016 Raymond Nicholson Your mail client doesn't seem to realize that this patch uses the UTF-8 encoding, so it's not including a header saying so, and the non-ASCII copyright symbols are getting munged into two separate bytes. When trying to reply, my mail client is complaining about them. > @@ -223,6 +224,12 @@ for SYSTEM and optionally VARIANT, or #f if there is no such configuration." > (let* ((version "4.5") > (build-phase > '(lambda* (#:key system inputs #:allow-other-keys #:rest args) > + ;; Tuning for a reproducible build How about changing the comment to: ;; Avoid introducing timestamps > + (setenv "KCONFIG_NOTIMESTAMP" "1") > + (setenv "KBUILD_BUILD_TIMESTAMP" "0") Also, Leo's suggestion to use SOURCE_DATE_EPOCH is a good one. The following two settings can be dropped. > + (setenv "KBUILD_BUILD_USER" "guix") > + (setenv "KBUILD_BUILD_HOST" "guix") What do you think? Can you send an updated patch? Thank you! Mark