Debian Bug report logs -
#846891
integrit: please make the build reproducible (fileordering)
Reported by: Valerie R Young <spectranaut@riseup.net>
Date: Sat, 3 Dec 2016 23:36:02 UTC
Severity: wishlist
Tags: patch
Fixed in version integrit/4.1-1.1
Done: Adrian Bunk <bunk@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, reproducible-bugs@lists.alioth.debian.org, Gerrit Pape <pape@smarden.org>:
Bug#846891; Package integrit.
(Sat, 03 Dec 2016 23:36:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Valerie R Young <spectranaut@riseup.net>:
New Bug report received and forwarded. Copy sent to reproducible-bugs@lists.alioth.debian.org, Gerrit Pape <pape@smarden.org>.
(Sat, 03 Dec 2016 23:36:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Package: integrit
Severity: wishlist
Tags: patch
User: reproducible-builds@lists.alioth.debian.org
Usertags: fileordering
X-Debbugs-Cc: reproducible-bugs@lists.alioth.debian.org
Dear Maintainer,
While working on the "reproducible builds" effort [1], we have noticed
that integrit could not be built reproducibly.
The attached patch sorts the md5sums files. Once applied,
along with the other reproducible patched pending on integrit ,
integrit can be built reproducibly in our current experimental framework.
Best,
Valerie
[1]: https://wiki.debian.org/ReproducibleBuilds
-- System Information:
Debian Release: stretch/sid
APT prefers testing
APT policy: (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.4.0-rc8-touchpad (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
[implicit.patch (text/x-patch, attachment)]
Information forwarded
to debian-bugs-dist@lists.debian.org, Gerrit Pape <pape@smarden.org>:
Bug#846891; Package integrit.
(Sun, 04 Dec 2016 04:21:02 GMT) (full text, mbox, link).
Acknowledgement sent
to Vagrant Cascadian <vagrant@debian.org>:
Extra info received and forwarded to list. Copy sent to Gerrit Pape <pape@smarden.org>.
(Sun, 04 Dec 2016 04:21:02 GMT) (full text, mbox, link).
Message #10 received at 846891@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
On 2016-12-04, Valerie R Young wrote:
> --- implicit 2016-12-03 17:05:39.000000000 -0500
> +++ implicit 2016-12-03 17:57:02.682034599 -0500
> @@ -87,7 +87,7 @@
> : debian/$*/DEBIAN/md5sums
> @rm -f debian/$*/DEBIAN/md5sums
> @cd debian/$* && find * -path 'DEBIAN' -prune -o \
> - -type f -exec md5sum {} >>DEBIAN/md5sums \;
> + -type f -exec md5sum {} \; | LC_ALL=C sort >>DEBIAN/md5sums
Not positive, but I'm guessing the "\;" should be at the end of the
line:
+ -type f -exec md5sum {} | LC_ALL=C sort >>DEBIAN/md5sums \;
Though I haven't tested or looked deeper into the code...
live well,
vagrant
[signature.asc (application/pgp-signature, inline)]
Information forwarded
to debian-bugs-dist@lists.debian.org, Gerrit Pape <pape@smarden.org>:
Bug#846891; Package integrit.
(Sun, 04 Dec 2016 22:09:05 GMT) (full text, mbox, link).
Acknowledgement sent
to Daniel Shahaf <danielsh@apache.org>:
Extra info received and forwarded to list. Copy sent to Gerrit Pape <pape@smarden.org>.
(Sun, 04 Dec 2016 22:09:05 GMT) (full text, mbox, link).
Message #15 received at 846891@bugs.debian.org (full text, mbox, reply):
Vagrant Cascadian wrote on Sun, Dec 04, 2016 at 06:18:04 +0200:
> On 2016-12-04, Valerie R Young wrote:
> > --- implicit 2016-12-03 17:05:39.000000000 -0500
> > +++ implicit 2016-12-03 17:57:02.682034599 -0500
> > @@ -87,7 +87,7 @@
> > : debian/$*/DEBIAN/md5sums
> > @rm -f debian/$*/DEBIAN/md5sums
> > @cd debian/$* && find * -path 'DEBIAN' -prune -o \
> > - -type f -exec md5sum {} >>DEBIAN/md5sums \;
> > + -type f -exec md5sum {} \; | LC_ALL=C sort >>DEBIAN/md5sums
>
> Not positive, but I'm guessing the "\;" should be at the end of the
> line:
No, it's correct where it is. It's part of the syntax to find(1)'s
-exec flag. Placing it at the end of the line would cause sort(1) to
operate on a file named ";".
It could be replaced with a «+» to invoke md5sum(1) fewer times:
«-type f -exec md5sum -- {} +»
Cheers,
Daniel
Reply sent
to Adrian Bunk <bunk@debian.org>:
You have taken responsibility.
(Wed, 18 Jan 2017 16:51:08 GMT) (full text, mbox, link).
Notification sent
to Valerie R Young <spectranaut@riseup.net>:
Bug acknowledged by developer.
(Wed, 18 Jan 2017 16:51:08 GMT) (full text, mbox, link).
Message #20 received at 846891-close@bugs.debian.org (full text, mbox, reply):
Source: integrit
Source-Version: 4.1-1.1
We believe that the bug you reported is fixed in the latest version of
integrit, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 846891@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Adrian Bunk <bunk@debian.org> (supplier of updated integrit package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 18 Jan 2017 16:50:19 +0200
Source: integrit
Binary: integrit
Architecture: source
Version: 4.1-1.1
Distribution: unstable
Urgency: medium
Maintainer: Gerrit Pape <pape@smarden.org>
Changed-By: Adrian Bunk <bunk@debian.org>
Description:
integrit - A file integrity verification program
Closes: 776973 846891 847577
Changes:
integrit (4.1-1.1) unstable; urgency=medium
.
* Non-maintainer upload.
* Apply change from Andreas Henriksson to add a Built-Using field.
(Closes: #847577)
* Apply changes from Chris Lamb and Valerie R Young to make the
build reproducible. (Closes: #776973, #846891)
Checksums-Sha1:
e938a2c7b915c5aa81e6e2dcb4057449776bcb61 1704 integrit_4.1-1.1.dsc
0e1c559e5447b26e3f33697794480007dd1095ee 9875 integrit_4.1-1.1.diff.gz
Checksums-Sha256:
e19dae338df5f9185e9e0d922a5ca2669f9e6fc44dfa213a12fd24400f7ee41d 1704 integrit_4.1-1.1.dsc
84751076a8c967367cc69212f458f867c4f84d6550356ea146334a6e5e2c54de 9875 integrit_4.1-1.1.diff.gz
Files:
e26441418b3bd66cec0acaf0bb78d209 1704 admin optional integrit_4.1-1.1.dsc
8e156807b45ba4feb15f877744566cb4 9875 admin optional integrit_4.1-1.1.diff.gz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAlh/mXsACgkQiNJCh6LY
mLHOJxAAoe7zFNuk9Qn4HzPTJm+yTN5bYVEntK0AJmR+iUw7NaVwT/6wFZOCdloy
AJw82oy4TvhAczrAS9maZwQX97vrJGt5aV0JzL3ICbIsx6wkxjh3VBMOHB75TTnZ
Iby9GJ6IUIdHYFo7sgCsA6118dLzgapHo1/KK7XiMW1eEExTWXgDp/TGkZFzjiPV
PFoabPnxYh7jgQ0ikWOCpFaQnedcwYYcTxYaL6P9RgtEfDHrX80OyEQL4eEuF1eQ
jaWLcQS1sSQalaIf/KlBik5H2LHu20wtar5H1rT/v4L9js+g0EUrJrjlGFQCh+UI
yCQr3zEbJqmPFEOlP2bpoNIdyeZck9SWZfeKZ3kdYvtvP9c5dxbRjSvYk0CrW5k2
D7b+qveLfO5gmD9lujKvbma8FbcyLdGrbOd6BrGgSuAcoUmfF2Vuq8K/xXf2JEfa
+1Gg4GF7CPf3e3kHBO2PY2NjR5gNvA/JdTKDOfKPltQNAyFE3Ne5jJmn7IGWBosU
iEgT4lXbLT7WqMf/eUfZwj6Oqc49em0irE+PUpP83FWGKvuoVHaodPF1z+I6JkRT
iAA0ERdyIEECJPv9N+QDi9aZHrkziTt3lBKEwmlyBg6ZmhabwyGUiIqXng5WfQmp
+dcE1se8XUJGc1wN6HUwW0ckpB4QL0O7TfVO5E49IYkW7DZ8SgU=
=JOaE
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Wed, 12 Jun 2019 07:27:21 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed May 17 13:50:50 2023;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.