From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp12.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id EKmJK1pMAGM8XwEAbAwnHQ (envelope-from ) for ; Sat, 20 Aug 2022 04:52:10 +0200 Received: from aspmx1.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp12.migadu.com with LMTPS id 4DteK1pMAGPNLgEAauVa8A (envelope-from ) for ; Sat, 20 Aug 2022 04:52:10 +0200 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 50F5233BE5 for ; Sat, 20 Aug 2022 04:52:09 +0200 (CEST) Received: from localhost ([::1]:42106 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1oPEam-0003VR-Dc for larch@yhetil.org; Fri, 19 Aug 2022 22:52:08 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:41556) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oPEai-0003VF-4D for guix-patches@gnu.org; Fri, 19 Aug 2022 22:52:04 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:41457) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1oPEah-0001Gc-0z for guix-patches@gnu.org; Fri, 19 Aug 2022 22:52:03 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1oPEag-0006CZ-EO for guix-patches@gnu.org; Fri, 19 Aug 2022 22:52:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#57304] Fix mm-common reproduciblility issues Resent-From: Vagrant Cascadian Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Sat, 20 Aug 2022 02:52:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 57304 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: To: 57304@debbugs.gnu.org X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.166096391823828 (code B ref -1); Sat, 20 Aug 2022 02:52:02 +0000 Received: (at submit) by debbugs.gnu.org; 20 Aug 2022 02:51:58 +0000 Received: from localhost ([127.0.0.1]:59439 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1oPEac-0006CF-07 for submit@debbugs.gnu.org; Fri, 19 Aug 2022 22:51:58 -0400 Received: from lists.gnu.org ([209.51.188.17]:52908) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1oPEaX-0006C5-TJ for submit@debbugs.gnu.org; Fri, 19 Aug 2022 22:51:56 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:44482) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oPEaX-0003V1-Ng for guix-patches@gnu.org; Fri, 19 Aug 2022 22:51:53 -0400 Received: from cascadia.aikidev.net ([173.255.214.101]:49778) by eggs.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1oPEaV-0001F1-7M for guix-patches@gnu.org; Fri, 19 Aug 2022 22:51:53 -0400 Received: from localhost (unknown [IPv6:2600:3c01:e000:21:7:77:0:20]) (Authenticated sender: vagrant@aikidev.net) by cascadia.aikidev.net (Postfix) with ESMTPSA id 4DF6C1ABC5 for ; Fri, 19 Aug 2022 19:51:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=reproducible-builds.org; s=1.vagrant; t=1660963902; bh=jIMsGWW6GdO4Oy1tdGoC+vROwZ97kiXdy8Zz/qb+vpQ=; h=From:To:Subject:Date:From; b=hFpHx77e6Swbf5nvkJyov88IC9/SHOF5PTXJEXlDBwdRTXWM1utBD0ODqEGpnd0ya o21yfrHv9v10flrr6pSsaWSKFt+SKUpT2YB9HkLRuV1cUBpFewPM0ZEBwnD9KTQzcn 0UwNTLKbmYb7TlLMlzOC7ppgIMVx4t9fet0RMtYyDn5nvF4y9SNfFVjjkLZQ2kilsw L/EfGBzUc0lO0mpbScge/HHDLa8n09Pd7BOqwfFvnFmfo+gIQ0ekhgY1vYiKl+EZWP pmDWX247qCxi5gis/ZxS4L/H+IHhd9SuUtavJyqAKCVR4eJljKWGUSW4u3UGwQCHAI ZQRVmcYyqcKfQ== From: Vagrant Cascadian Date: Fri, 19 Aug 2022 19:51:37 -0700 Message-ID: <874jy7k4p2.fsf@contorta> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="==-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" Received-SPF: pass client-ip=173.255.214.101; envelope-from=vagrant@reproducible-builds.org; helo=cascadia.aikidev.net X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: "Guix-patches" X-Migadu-Flow: FLOW_IN X-Migadu-To: larch@yhetil.org X-Migadu-Country: US ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1660963930; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:resent-cc:resent-from:resent-sender: resent-message-id:list-id:list-help:list-unsubscribe:list-subscribe: list-post:dkim-signature; bh=nUT58otDUAIPOWhukz3cq8VABF+Y7DNzvK8cp8bmeJ8=; b=mj3hLxCSq7hyZZSJjW8MziMGHzbvXbGL4S8P16/Vx9HzHE9czgX01wwwwmCMY44rCMBk7D EhQ+SEybjInFqvpyyXFEtoV5ObrgOgWtEl1V0RZlk/8LdjU1dMCBndf72EgYLnmJvZefPc B2v54cIJl59Ge5ht0Y25oLPLPGMOISeSBnKrqb1tNKW3tP+PxYTg0Xdg8mQhH0LwLv79JQ jpjWCgzhurSAKdtaU3qr7oKFfxGcFhtOsBW1JCjNI+vTelLwThxdt07aGXuzrfhr6ApY0H cZKEmQKFL4c0QBAIvZaJ2qXpDgF6/QS9YP8XZAdvuml0yMiq7ku0ASs2ZN8Wcg== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1660963930; a=rsa-sha256; cv=none; b=MLWAcz54aMz8PzYxFcl8cZwkNRNyZcDaAKRRdgM2HSi5eZlAIYiFb1xOt59wqTRmMXW5qc QJ2WLV49TeboewvGXZeOdNH7pmXEEXlQ1HH9fYiS4coLq/SKkbid1QnYtpwlKD/1CDnANO TZ41QLvuNPbrasuT7JCCfPs63s0HmV3VEMALgF6D3Y9g8YWysvU9frwoW4z9mntv/gqx0Z xyQA1uGXdFR6U3D8qbNZLfWayluoUcZG2cbeyLy4JQO7cEj3lxgAqH8bkggt9QhinqxV6u swAHWNz25soihDlARoqTga1lGFB39Lo/pRkXEAN31GVSAtHo/kE0HdfgaA/gpQ== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=reproducible-builds.org header.s=1.vagrant header.b=hFpHx77e; dmarc=none; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" X-Migadu-Spam-Score: -0.65 Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=reproducible-builds.org header.s=1.vagrant header.b=hFpHx77e; dmarc=none; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" X-Migadu-Queue-Id: 50F5233BE5 X-Spam-Score: -0.65 X-Migadu-Scanner: scn1.migadu.com X-TUID: svi4nzNjlun6 --==-=-= Content-Type: multipart/mixed; boundary="=-=-=" --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable The userid used during the build is embedded in a shipped tarball in the mm-common package. Some abbreviated diffoscope output from guix challenge against builds from ci.guix.gnu.org and bordeax.guix.gnu.org: =E2=94=82 =E2=94=82 =E2=94=82 =E2=94=82 --- /tmp/guix-directory.rKX8CR/sh= are/doc/mm-common/skeletonmm.tar.xz =E2=94=82 =E2=94=82 =E2=94=82 =E2=94=9C=E2=94=80=E2=94=80 +++ /tmp/guix-dir= ectory.rlW2tI/share/doc/mm-common/skeletonmm.tar.xz =E2=94=82 =E2=94=82 =E2=94=82 =E2=94=82 =E2=94=9C=E2=94=80=E2=94=80 skeleto= nmm.tar =E2=94=82 =E2=94=82 =E2=94=82 =E2=94=82 =E2=94=82 =E2=94=9C=E2=94=80=E2=94= =80 file list =E2=94=82 =E2=94=82 =E2=94=82 =E2=94=82 =E2=94=82 =E2=94=82 @@ -1,36 +1,36 = @@ =E2=94=82 =E2=94=82 =E2=94=82 =E2=94=82 =E2=94=82 =E2=94=82 +-rw-r--r-- 0= nixbld (996) nixbld (30000) 60 2021-05-20 08:57:07.009229 skel= etonmm/.gitignore =E2=94=82 =E2=94=82 =E2=94=82 =E2=94=82 =E2=94=82 =E2=94=82 +-rw-r--r-- 0= nixbld (996) nixbld (30000) 59 2021-05-20 08:57:07.009229 skel= etonmm/AUTHORS =E2=94=82 =E2=94=82 =E2=94=82 =E2=94=82 =E2=94=82 =E2=94=82 +-rw-r--r-- 0= nixbld (996) nixbld (30000) 26527 2021-05-20 08:57:07.009229 skel= etonmm/COPYING ... =E2=94=82 =E2=94=82 =E2=94=82 =E2=94=82 =E2=94=82 =E2=94=82 --rw-r--r-- 0= nixbld (995) nixbld (30000) 60 2021-05-20 08:57:07.009229 skel= etonmm/.gitignore =E2=94=82 =E2=94=82 =E2=94=82 =E2=94=82 =E2=94=82 =E2=94=82 --rw-r--r-- 0= nixbld (995) nixbld (30000) 59 2021-05-20 08:57:07.009229 skel= etonmm/AUTHORS =E2=94=82 =E2=94=82 =E2=94=82 =E2=94=82 =E2=94=82 =E2=94=82 --rw-r--r-- 0= nixbld (995) nixbld (30000) 26527 2021-05-20 08:57:07.009229 skel= etonmm/COPYING The attached patch fixes this by setting the user, group, uid and gid consistently. $ guix refresh --list-dependent mm-common Building the following 1138 packages would ensure 2236 dependent packages are rebuilt: ... Looks like it will have to wait for core-updates at least... live well, vagrant --=-=-= Content-Type: text/x-diff Content-Disposition: inline; filename=0001-gnu-mm-common-Build-reproducibly.patch Content-Transfer-Encoding: quoted-printable From=204b359c9bbc918e6dcf1cab1141a9651d6d7bf271 Mon Sep 17 00:00:00 2001 From: Vagrant Cascadian Date: Fri, 19 Aug 2022 19:32:08 -0700 Subject: [PATCH] gnu: mm-common: Build reproducibly. * gnu/packages/patches/mm-common-consistent-user-and-group-in-tarball.patch: New file. * gnu/local.mk (dist_patch_DATA): Add patch. * gnu/packages/gnome.scm (mm-common)[source]: Add patch. =2D-- gnu/local.mk | 1 + gnu/packages/gnome.scm | 5 ++- ...consistent-user-and-group-in-tarball.patch | 40 +++++++++++++++++++ 3 files changed, 45 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/mm-common-consistent-user-and-grou= p-in-tarball.patch diff --git a/gnu/local.mk b/gnu/local.mk index 4e4ad908ce..20d322e27f 100644 =2D-- a/gnu/local.mk +++ b/gnu/local.mk @@ -1516,6 +1516,7 @@ dist_patch_DATA =3D \ %D%/packages/patches/mit-krb5-hurd.patch \ %D%/packages/patches/mixxx-link-qtscriptbytearray-qtscript.patch \ %D%/packages/patches/mixxx-system-googletest-benchmark.patch \ + %D%/packages/patches/mm-common-consistent-user-and-group-in-tarball.patc= h \ %D%/packages/patches/mpc123-initialize-ao.patch \ %D%/packages/patches/mpg321-CVE-2019-14247.patch \ %D%/packages/patches/mpg321-gcc-10.patch \ diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm index ae46e55c51..790881b9d8 100644 =2D-- a/gnu/packages/gnome.scm +++ b/gnu/packages/gnome.scm @@ -1143,7 +1143,10 @@ (define-public mm-common "mm-common-" version ".tar.xz")) (sha256 (base32 =2D "1x8yvjy0yg17qyhmqws8xh2k8dvzrhpwqz7j1cfwzalrb1i9c5g8"))= )) + "1x8yvjy0yg17qyhmqws8xh2k8dvzrhpwqz7j1cfwzalrb1i9c5g8")) + (patches + (search-patches + "mm-common-consistent-user-and-group-in-tarball.patch")))) (build-system meson-build-system) (arguments `(#:phases diff --git a/gnu/packages/patches/mm-common-consistent-user-and-group-in-ta= rball.patch b/gnu/packages/patches/mm-common-consistent-user-and-group-in-t= arball.patch new file mode 100644 index 0000000000..f0890aaf57 =2D-- /dev/null +++ b/gnu/packages/patches/mm-common-consistent-user-and-group-in-tarball.p= atch @@ -0,0 +1,40 @@ +From 024c121c844a4ec920133eb3f7e6b6ee8044c0b6 Mon Sep 17 00:00:00 2001 +From: Vagrant Cascadian +Date: Sat, 12 Dec 2020 04:05:56 +0000 +Original-Patch: https://bugs.debian.org/977177 +Subject: [PATCH] Set uid, username, gid, and group name on files in + generated tarball. + +The user and group may otherwise vary between builds on different systems. + +--- + util/meson_aux/skeletonmm-tarball.py | 16 +++++++++++++++- + 1 file changed, 15 insertions(+), 1 deletion(-) + +diff --git a/util/meson_aux/skeletonmm-tarball.py b/util/meson_aux/skeleto= nmm-tarball.py +index db9e650..89049b6 100755 +--- a/util/meson_aux/skeletonmm-tarball.py ++++ b/util/meson_aux/skeletonmm-tarball.py +@@ -39,10 +39,18 @@ elif output_file.endswith('.gz'): + else: + mode =3D 'w' +=20 ++def reproducible(tarinfo): ++ # Set consistent user and group on files in the tar archive ++ tarinfo.uid =3D 0 ++ tarinfo.uname =3D 'root' ++ tarinfo.gid =3D 0 ++ tarinfo.gname =3D 'root' ++ return tarinfo ++ + with tarfile.open(output_file, mode=3Dmode) as tar_file: + os.chdir(source_dir) # Input filenames are relative to source_dir. + for file in sys.argv[3:]: +- tar_file.add(file) ++ tar_file.add(file, filter=3Dreproducible) + # Errors raise exceptions. If an exception is raised, Meson+ninja will no= tice + # that the command failed, despite exit(0). + sys.exit(0) +--=20 +2.29.2 + =2D-=20 2.35.1 --=-=-=-- --==-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iHQEARYKAB0WIQRlgHNhO/zFx+LkXUXcUY/If5cWqgUCYwBMOgAKCRDcUY/If5cW qj+SAP9EL+FWqTYx+VH5wPj6XJLXeTGbfqU0is59CvDhnrEvHwD2P+oD/A4zPKW4 nFQLtY5HXmgtsOtGnjehjVmxvqwVCQ== =kiIJ -----END PGP SIGNATURE----- --==-=-=--