Debian Bug report logs - #828867
zephyr: please make the build reproducible

Reply or subscribe to this bug.

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Reiner Herrmann <reiner@reiner-h.de>

To: submit@bugs.debian.org

Subject: zephyr: please make the build reproducible

Date: Tue, 28 Jun 2016 18:58:46 +0200

[Message part 1 (text/plain, inline)]

Source: zephyr
Version: 3.1.2-1
Severity: wishlist
Tags: patch
User: reproducible-builds@lists.alioth.debian.org
Usertags: timestamps username hostname
X-Debbugs-Cc: reproducible-builds@lists.alioth.debian.org

Hi!

While working on the "reproducible builds" effort [1], we have noticed
that zephyr could not be built reproducibly.
It embeds the current time, username and hostname into the binary.

The attached patch strips this information from the version string.

Regards,
 Reiner

[1]: https://wiki.debian.org/ReproducibleBuilds

[zephyr.patch (text/x-diff, attachment)]

[signature.asc (application/pgp-signature, inline)]

Message #12 received at 828867@bugs.debian.org (full text, mbox, reply):

From: Vagrant Cascadian <vagrant@reproducible-builds.org>

To: kcr@debian.org, hartmans@debian.org

Cc: 1021374@bugs.debian.org, 828867@bugs.debian.org

Subject: Re: zephyr: reproducible-builds patches

Date: Thu, 20 Oct 2022 09:52:42 -0700

[Message part 1 (text/plain, inline)]

There are patches fixing embedded build paths, usernames, and
timestamps, one of which submitted in 2016, and one just a couple weeks
ago... both patches I'd certainly put into the mostly harmless category,
but would make zephyr build reproducibly :)

Would you be amenable to an NMU to unstable applying the following
patches and fixing these issues? If yes, should I build upon the package
in experimental? Plans for using salsa.debian.org? dgit?

Thanks for consideration!

live well,
  vagrant

From c1dd58714b0bf41effbc7ce4162ac2e0d347fc61 Mon Sep 17 00:00:00 2001
From: Vagrant Cascadian <vagrant@reproducible-builds.org>
Date: Fri, 7 Oct 2022 00:06:50 +0000
Subject: [PATCH 2/2] debian/rules: Pass -ffile-prefix-map via CFLAGS to avoid
 embedding the build path.

https://reproducible-builds.org/docs/build-path/
---
 debian/rules | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/debian/rules b/debian/rules
index f81ecc9..1e8f9ed 100755
--- a/debian/rules
+++ b/debian/rules
@@ -9,7 +9,7 @@
 # Uncomment this to turn on verbose mode. 
 #export DH_VERBOSE=1
 VARIETALS=krb5
-CFLAGS=-g -O
+CFLAGS=-g -O -ffile-prefix-map=$(CURDIR)=.
 
 PACKAGES:=-plibzephyr4 -pzephyr-clients -pzephyr-server -plibzephyr-dev $(foreach i,$(VARIETALS),-plibzephyr4-$(i) -pzephyr-server-$(i))
 

diff --git a/debian/patches/reproducible-build.patch b/debian/patches/reproducible-build.patch
new file mode 100644
index 0000000..34f3982
--- /dev/null
+++ b/debian/patches/reproducible-build.patch
@@ -0,0 +1,17 @@
+Author: Reiner Herrmann <reiner@reiner-h.de>
+Description: Strip non-deterministic information from the version string
+
+--- a/new_vers.sh
++++ b/new_vers.sh
+@@ -2,10 +2,7 @@
+ #
+ top_srcdir=${1:-`pwd`}
+ 
+-u=${USER-the_zephyr_builder}
+-h=`hostname`
+-t=`date`
+ v=`sh ${top_srcdir}/get_vers.sh ${top_srcdir}`
+ 
+ umask 002
+-/bin/echo "#define ZEPHYR_VERSION_STRING \"${v} (${t}) ${u}@${h}\"" > h/zephyr_version.h
++/bin/echo "#define ZEPHYR_VERSION_STRING \"${v}\"" > h/zephyr_version.h
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 0000000..55077d0
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1 @@
+reproducible-build.patch

[signature.asc (application/pgp-signature, inline)]

Message #17 received at 828867@bugs.debian.org (full text, mbox, reply):

From: "Chris Lamb" <lamby@debian.org>

To: 828867@bugs.debian.org, 828867-submitter@bugs.debian.org, 1021374@bugs.debian.org, 1021374-submitter@bugs.debian.org

Subject: Re: zephyr: please make the build reproducible

Date: Thu, 17 Nov 2022 17:34:17 +0000

[Message part 1 (text/plain, inline)]

tags 828867 + pending patch
tags 1021374 + pending patch
thanks

I've just uploaded zephyr 3.1.2-1.1 to DELAYED/10:
  
  zephyr (3.1.2-1.1) unstable; urgency=medium
  .
    * Non-maintainer upload.
    * Apply patches by Vagrant Cascadian and Reiner Herrmann to make the build
      reproducible. (Closes: #828867, #1021374)

The full debdiff is attached.


Regards,

-- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

[zephyr_3.1.2-1.1_amd64.debdiff.txt (text/plain, attachment)]

Message #27 received at 828867@bugs.debian.org (full text, mbox, reply):

From: Sam Hartman <hartmans@debian.org>

To: Vagrant Cascadian <vagrant@reproducible-builds.org>, 1021374@bugs.debian.org, kcr@debian.org

Cc: 1021374@bugs.debian.org, 828867@bugs.debian.org

Subject: Re: Bug#1021374: zephyr: reproducible-builds patches

Date: Thu, 17 Nov 2022 13:41:31 -0700

[Message part 1 (text/plain, inline)]

>>>>> "Vagrant" == Vagrant Cascadian <vagrant@reproducible-builds.org> writes:

    Vagrant> Would you be amenable to an NMU to unstable applying the
    Vagrant> following patches and fixing these issues? If yes, should I
    Vagrant> build upon the package in experimental? Plans for using
    Vagrant> salsa.debian.org? dgit?

I'd definitely be open to an nmu.
I'd recommend building on unstable and just uploading a source package.
Zephyr used to be maintained in subversion.  The maintainer died, and
discussions about how to convert to git kind of stalled out, which is
why the package is such a mess.

[signature.asc (application/pgp-signature, inline)]

Message #32 received at 828867-close@bugs.debian.org (full text, mbox, reply):

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>

To: 828867-close@bugs.debian.org

Subject: Bug#828867: fixed in zephyr 3.1.2-1.1

Date: Sun, 27 Nov 2022 18:41:21 +0000

Source: zephyr
Source-Version: 3.1.2-1.1
Done: Chris Lamb <lamby@debian.org>

We believe that the bug you reported is fixed in the latest version of
zephyr, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 828867@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Chris Lamb <lamby@debian.org> (supplier of updated zephyr package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 17 Nov 2022 17:29:45 +0000
Source: zephyr
Binary: libzephyr-dev libzephyr4 libzephyr4-dbgsym libzephyr4-krb5 libzephyr4-krb5-dbgsym zephyr-clients zephyr-clients-dbgsym zephyr-server zephyr-server-dbgsym zephyr-server-krb5 zephyr-server-krb5-dbgsym
Architecture: source amd64
Version: 3.1.2-1.1
Distribution: unstable
Urgency: medium
Maintainer: Karl Ramm <kcr@debian.org>
Changed-By: Chris Lamb <lamby@debian.org>
Description:
 libzephyr-dev - Project Athena's notification service - development files
 libzephyr4 - Project Athena's notification service - non-Kerberos libraries
 libzephyr4-krb5 - The original "Instant Message" system libraries with Kerberos V
 zephyr-clients - Project Athena's notification service - client programs
 zephyr-server - Project Athena's notification service - non-Kerberos server
 zephyr-server-krb5 - The original "Instant Message" system-server with Kerberos 5
Closes: 828867 1021374
Changes:
 zephyr (3.1.2-1.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Apply patches by Vagrant Cascadian and Reiner Herrmann to make the build
     reproducible. (Closes: #828867, #1021374)
Checksums-Sha1:
 5d0df9b0517d0a54bda0e75d1e472b2f4261250e 2327 zephyr_3.1.2-1.1.dsc
 ce9c0622e18cf4f3e52c8154156be39d99d1d3e4 740226 zephyr_3.1.2.orig.tar.gz
 5bc39d489c994a0973451d5f5bffef8a9566d102 23904 zephyr_3.1.2-1.1.debian.tar.xz
 79b209208d34d80bafb2ba5eefee66b2f66b8ab9 31216 libzephyr-dev_3.1.2-1.1_amd64.deb
 94ebee420a38c7a4b941e221c7c5789598fce6ce 81312 libzephyr4-dbgsym_3.1.2-1.1_amd64.deb
 16ed682a673522121822eb529477ca8e8f234499 99392 libzephyr4-krb5-dbgsym_3.1.2-1.1_amd64.deb
 9e81cc3d82835e274e093d6950be14402124fdaa 29816 libzephyr4-krb5_3.1.2-1.1_amd64.deb
 2570399c0e33956379019588e800e1d66ca595c2 24896 libzephyr4_3.1.2-1.1_amd64.deb
 b520023e496f6e347decc075c37d3c885aec4710 242280 zephyr-clients-dbgsym_3.1.2-1.1_amd64.deb
 016cbc95269b2b07311be5c04feed5a951cee775 111044 zephyr-clients_3.1.2-1.1_amd64.deb
 c53d2df9c6db09680237a4eb640e4d87bbf0c10b 130108 zephyr-server-dbgsym_3.1.2-1.1_amd64.deb
 e40b5dddefd1c3fd187a8053708d3c0025c1f3a5 152500 zephyr-server-krb5-dbgsym_3.1.2-1.1_amd64.deb
 188a3449ae17f02768368837e5b53425831ceb48 102896 zephyr-server-krb5_3.1.2-1.1_amd64.deb
 0df05cf6081193c22c14f2d0d3e33fa9f2ef6904 95016 zephyr-server_3.1.2-1.1_amd64.deb
 e83d98b247f4aa3f8d6958be44192c993cfac454 9883 zephyr_3.1.2-1.1_amd64.buildinfo
Checksums-Sha256:
 24db035a6e483743d9483dd93de73fb738f9e3a27e2e3a2dc9dd1ecfcfb49b1f 2327 zephyr_3.1.2-1.1.dsc
 d59204d3ce155b6b7afa840e53dd5a3c276257da35d907f28ae09483d1dc56d7 740226 zephyr_3.1.2.orig.tar.gz
 5192ed4870a5eb12e5513dc143b893912e23f0ebede938f315d30e7160247dba 23904 zephyr_3.1.2-1.1.debian.tar.xz
 21ca9a657e7b41a6e0f748a4ebe714f5224db94cf8428f55506a85675dbfee04 31216 libzephyr-dev_3.1.2-1.1_amd64.deb
 6c6f7297a5d8ebcb2f35b48d96b587e6104e5a932944ec3e8273e0dc9b2713b3 81312 libzephyr4-dbgsym_3.1.2-1.1_amd64.deb
 74128994b93426292d13aedaec65ec73bfc443b5f6ee078a338f8d8a6014e443 99392 libzephyr4-krb5-dbgsym_3.1.2-1.1_amd64.deb
 979a89c0f4b26c2b4aa0c5e1cbaecdc71a3490e724b52dc69256aaa0cc594f78 29816 libzephyr4-krb5_3.1.2-1.1_amd64.deb
 c5d36a51e153e3bfb0dd05f50d46ac7d45a1cdf26bd534e981a3d247b89fffc0 24896 libzephyr4_3.1.2-1.1_amd64.deb
 55d7608cd593de2b21570a530565de9157f1a8cf32011cf55bfd4c4f49655c44 242280 zephyr-clients-dbgsym_3.1.2-1.1_amd64.deb
 bc0a816cd86d85174fd7011c21bbfc41c4b196fafdfc34cb7aaafc3728df222c 111044 zephyr-clients_3.1.2-1.1_amd64.deb
 01089b3c53ea9d9ff62c06ad5c84295a417489fcfd9ec1777fd65d95b89b3a43 130108 zephyr-server-dbgsym_3.1.2-1.1_amd64.deb
 6bfdf435abb19127ed72072a0f0c3deafc1b87beec1e7965f11a015e2c009b22 152500 zephyr-server-krb5-dbgsym_3.1.2-1.1_amd64.deb
 5d69215e7d6559290fb4c14713a368ff9cb3e148484828b8eb4624e7f4d51914 102896 zephyr-server-krb5_3.1.2-1.1_amd64.deb
 d5b6d6210568b645019fc648a02e0749b3932963d143768a1f3d5b6b161cae84 95016 zephyr-server_3.1.2-1.1_amd64.deb
 f0c85c523bb2bf19d9cef51126b9d94de981538742c6f1821818405e3896b7dd 9883 zephyr_3.1.2-1.1_amd64.buildinfo
Files:
 d0a81f22bf950ddb8ff6e5d09e058b4b 2327 net optional zephyr_3.1.2-1.1.dsc
 d299350784b423f72cdd4c87b97071ce 740226 net optional zephyr_3.1.2.orig.tar.gz
 e590e6f10e5bd4f2ce0fb76b8a08265a 23904 net optional zephyr_3.1.2-1.1.debian.tar.xz
 1302be148745ee23fccbf553da1e8f08 31216 libdevel optional libzephyr-dev_3.1.2-1.1_amd64.deb
 ca99c9bbdc8a7736441badbc078ecbff 81312 debug optional libzephyr4-dbgsym_3.1.2-1.1_amd64.deb
 5983d3848ad61e81e85473b6e7134394 99392 debug optional libzephyr4-krb5-dbgsym_3.1.2-1.1_amd64.deb
 a96bc0a425a10daf43fce05a155e58dc 29816 libs optional libzephyr4-krb5_3.1.2-1.1_amd64.deb
 bef2afa3eedbe979c12c9a2ca1d53862 24896 libs optional libzephyr4_3.1.2-1.1_amd64.deb
 5a4028c6b79e69893a4c0f2862289860 242280 debug optional zephyr-clients-dbgsym_3.1.2-1.1_amd64.deb
 a3fddbb9d8d4484f5d7ead95a33175b7 111044 net optional zephyr-clients_3.1.2-1.1_amd64.deb
 e32cc2c6afa7c60f9496e4a45ddca0b2 130108 debug optional zephyr-server-dbgsym_3.1.2-1.1_amd64.deb
 58d6c467c3914fd4dcfb00406af5a582 152500 debug optional zephyr-server-krb5-dbgsym_3.1.2-1.1_amd64.deb
 fe8cb25e5f4498795247c07c8ac38d2e 102896 net optional zephyr-server-krb5_3.1.2-1.1_amd64.deb
 2bec85fb7250b3fb5e1e7fb800474dd7 95016 net optional zephyr-server_3.1.2-1.1_amd64.deb
 a238d76c9684016fcb255284c2235e3a 9883 net optional zephyr_3.1.2-1.1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmN2cD4ACgkQHpU+J9Qx
HlgmDA/7BVL7lo6IYeAiwlAfRk+WeFFmTRK/fzhoQcFtLNR6wJzasaHAGzjtGXvK
DutDoa09BpTpnZ/2Cy77HoLsiOKflp/8rAsdoO9D+SoJuapes9h4Ch7IM3ATOYXS
3g8Cyo+9vlQ5fEBq+WAN4Rpt3gFrOf+BV4QpG9T2MG4bi4ocDZHBPUFhCqUq75a1
jZAhji4ePcP1ZzPrlmQk5bOEBcuKTkM2dRevCwWJPNLMwr2mHutkrQvaN1+9Pp7y
89/nBnMZAktzbfkfTc1MBvDq4EYsOY61V6NeCBMOHbFVMXmJP3Sgm8uvZciZeqSg
T8cf917crQrCYiX1nEtCtNqAeHci+1x4U0o79YPPR2BoeU/uKirwTYv8VqfzhHrS
cOBIE3/qxcdp1Qkrh47jzfzLhts21k5tXXYtF9lsjRmtSFmg42T6mnDiAQQZL6DF
Q4Pu3my6j4alD5ZEL+kJVg/2fTCONrBWJSgPY3K9KyzZoMHqcv9b2QRTVDBY/XhP
5gcvZ6YHidZNGyoy49FnQ1GrwO8XCRJQ8YbRxq+GGL2Q6D/RicfFgGDCxro+pbRE
QmrJo0/RYsKRf4cRy+PbtaEIVL9F4Y6FPfX7ni5nQnmEIVXKMrcRk1M0odnCWKMm
sSgwZCgtEx0KnVVjTtdUdKFbVDqu0wWjVygIsHKYrwgCmm/CEJo=
=hmnv
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.