Debian Bug report logs - #950415
autoconf: reproducible builds: embeds value of SHELL in scripts

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Vagrant Cascadian <vagrant@reproducible-builds.org>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: autoconf: reproducible builds: embeds value of SHELL in scripts

Date: Sat, 01 Feb 2020 02:08:00 -0800

[Message part 1 (text/plain, inline)]

Package: autoconf
Severity: normal
Tags: patch
User: reproducible-builds@lists.alioth.debian.org
Usertags: environment
X-Debbugs-Cc: reproducible-bugs@lists.alioth.debian.org

Many of the scripts shipped in autoconf embed the value of the SHELL
environment variable, which results in reproducibility issues when SHELL
is set differently on two systems.

Affected scripts are: autoheader, autom4te, autoreconf, autoscan,
autoupdate, ifnames.

The attached patch to debian/rules passes SHELL=/bin/sh to configure,
making this aspect of the build reproducible.

Thanks for maintaining autoconf!

live well,
  vagrant

[0001-debian-rules-Pass-SHELL-bin-sh-to-configure-to-avoid.patch (text/x-diff, inline)]

From fc99034f7472a58bdf45d302507210c2baa54017 Mon Sep 17 00:00:00 2001
From: Vagrant Cascadian <vagrant@reproducible-builds.org>
Date: Sat, 1 Feb 2020 01:35:29 -0800
Subject: [PATCH 1/3] debian/rules: Pass SHELL=/bin/sh to configure to avoid
 reproducibility issues introduced by the environment.

---
 debian/rules | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/debian/rules b/debian/rules
index 8561560..cd36fab 100755
--- a/debian/rules
+++ b/debian/rules
@@ -12,7 +12,7 @@ override_dh_auto_clean:
 override_dh_auto_configure:
 	# Ensure nothing tries to re-bootstrap Autoconf with itself.
 	touch configure `find . -name Makefile.in`
-	dh_auto_configure -- EMACS=no --with-lispdir=
+	dh_auto_configure -- EMACS=no --with-lispdir= SHELL=/bin/sh
 	# Force manpages to get rebuilt with correct version number.
 	touch man/*.x
 
-- 
2.20.1

[signature.asc (application/pgp-signature, inline)]

Message #10 received at 950415-close@bugs.debian.org (full text, mbox, reply):

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>

To: 950415-close@bugs.debian.org

Subject: Bug#950415: fixed in autoconf 2.69-13

Date: Sun, 20 Dec 2020 10:33:23 +0000

Source: autoconf
Source-Version: 2.69-13
Done: Vagrant Cascadian <vagrant@reproducible-builds.org>

We believe that the bug you reported is fixed in the latest version of
autoconf, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 950415@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Vagrant Cascadian <vagrant@reproducible-builds.org> (supplier of updated autoconf package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 20 Dec 2020 02:16:50 -0800
Source: autoconf
Architecture: source
Version: 2.69-13
Distribution: unstable
Urgency: medium
Maintainer: Debian QA Group <packages@qa.debian.org>
Changed-By: Vagrant Cascadian <vagrant@reproducible-builds.org>
Closes: 950415 950416 950417
Changes:
 autoconf (2.69-13) unstable; urgency=medium
 .
   * QA upload.
   * Pass SHELL=/bin/sh to configure. Closes: #950415
   * export FORCE_SOURCE_DATE=1 to get texlive to respect
     SOURCE_DATE_EPOCH. Closes: #950416
   * Use dpkg-parsechangelog to set the date in Autom4te/C4che.pm.
     Closes: #950417
   * debian/rules: Set Rules-Requires-Root to no.
   * Update to debhelper-compat 13.
   * debian/rules: Add dh_missing override to list missing files.
   * debian/changelog, debian/control, debian/rules: Remove trailing
     whitespace.
   * debian/copyright: Use https URLs.
   * debian/control: Use more common case for "Multi-Arch".
   * autoconf-doc: Adjust doc-base to point new file location in
     /usr/share/doc/autoconf.
Checksums-Sha1:
 fdb6964c11ac01467c8e7a97bff2793e96d93c98 1521 autoconf_2.69-13.dsc
 d2483bab964fd89803e8e7ce091ae660674f4bdc 24064 autoconf_2.69-13.debian.tar.xz
Checksums-Sha256:
 9dd9d83c506e650606f8b90ba18ec512ed8df9b05d7044adc6c14aee0bab624f 1521 autoconf_2.69-13.dsc
 259cbb6a097a0f407c4f660ea418b832f180e94adb7c152eb75a0fcde3844854 24064 autoconf_2.69-13.debian.tar.xz
Files:
 05b562af13c24b3fdb259d1322164d70 1521 devel optional autoconf_2.69-13.dsc
 a3a562a820dfd1dff3c63124b796c519 24064 devel optional autoconf_2.69-13.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iJYEARYKAD4WIQRlgHNhO/zFx+LkXUXcUY/If5cWqgUCX98mISAcdmFncmFudEBy
ZXByb2R1Y2libGUtYnVpbGRzLm9yZwAKCRDcUY/If5cWqkPqAP4vY7SjNatc3ouo
SzN1pUdJKtW+lHHHxNa107hV/0GiaQEAh+MM4qyIM/xObd64KzPSJGY0kLrdsVJq
XHsHC5rY1gM=
=0bFB
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.