Date: Tue, 16 Jun 2015 23:50:09 +0200 From: Holger Levsen <holger@layer-acht.org> To: freebsd-hackers@freebsd.org Cc: reproducible-builds@lists.alioth.debian.org Subject: Re: reproducible builds of FreeBSD in a chroot on Linux Message-ID: <201506162350.11646.holger@layer-acht.org> In-Reply-To: <554B509B.8020608@fuckner.net> References: <201505071122.36037.holger@layer-acht.org> <554B509B.8020608@fuckner.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--nextPart3591167.s3AzNQLD7r Content-Type: Text/Plain; charset="windows-1252" Content-Transfer-Encoding: quoted-printable Hi, sorry for replying so late... on the plus side, I've got a much clearer=20 picture now and I've implemented something similar, eg see https://reproducible.debian.net/openwrt/ and/or https://reproducible.debian.net/coreboot/ On the original subject of my mail: I have given up on this and will build= =20 =46reeBSD on a FreeBSD system, not in a chroot on Linux. I expected this wo= uld=20 work, learned that it doesn't and on the way also learned that one can buil= d=20 NetBSD on Linux or probably anything ;-) So in a while, I expect to have set up=20 https://reproducible.debian.net/freebsd/ as well as=20 https://reproducible.debian.net/netbsd/ - but no promises (yet), but these = are=20 my plans ;-) And to reply to some of you... On Donnerstag, 7. Mai 2015, Michael Fuckner wrote: > > I'm one of the people involved in > > https://wiki.debian.org/ReproducibleBuilds and have set up > > https://reproducible.debian.net which continously tests all packages in > > the Debian archive for build reproducibility (so far on amd64 only). > what is this good for? Testing the Compiler, track changes or check > hardware (errors on memory or disk) "Reproducible builds enable anyone to reproduce bit by bit identical binary= =20 packages from a given source, so that anyone can verify that a given binary= =20 derived from the source it was said to be derived. " - right now you have t= o=20 *believe* someone that the binary really comes from said source. And you ne= ed=20 to *believe* the system building it wasn't compromised... This is explained in more detail in our wiki or in the talks given, which a= re=20 linked in the wiki as well. On Freitag, 8. Mai 2015, Julian Elischer wrote: > also: By "FreeBSD" do you mean the kernel? or the whole system? > Unlike Linux, FreeBSD includes most of what the Linux world would > consider to be the domain of the base distro.. e.g. cat, ls, cc, etc. I mean the whole system (what you get when you run "make world") as well as= =20 the ports. https://wiki.freebsd.org/ReproducibleBuilds claims there are 3 known issues= =20 (for "make world" AIUI) for HEAD, I would like to build twice and verify=20 myself. https://wiki.freebsd.org/PortsReproducibleBuilds says "Of the 23599 package= s=20 which were built in both runs, 15164 have the same checksum when using the= =20 previously mentioned patch, giving 64.25% reproducible packages." - I'm als= o=20 curious to re-confirm this - and set up a test bed, which can be triggered= =20 regularily and easily. Our jenkins set up allows this and I'm interested to= do=20 this. (And I wouldn't be surprised nor disappointed if it took me til August or=20 September until I actually get around to tests the ports. The base system I= =20 definitly want to have results on in July.) =20 > There may also be a better mailing list for this... which? On Montag, 11. Mai 2015, Ed Maste wrote: > A lot of this depends on the motivation for pursuing reproducible > FreeBSD builds. If it's to help FreeBSD overall with reproducible > builds, then using the FreeBSD build infrastructure on a FreeBSD > kernel (e.g., a FreeBSD jail on Debian kFreeBSD) is an important part > of the story. If it's specifically for reproducible kernel builds for > kFreeBSD then the FreeBSD build infrastructure isn't relevant. My interest is to help FreeBSD with reproducible builds as I want to see=20 reproducible builds become the norm in the free software world and as I=20 believe FreeBSD is an important part of this world. And also because I'm=20 curious. :) As such, I'll set up a FreeBSD host "on" jenkins.debian.net (in that virtua= l=20 datacenter providing that host), running FreeBSD kernel and userland - to t= est=20 =46reeBSD on Debian ressources :-) Because we care and we can. Debian's kfreebsd-amd64 to me here is "just" another Debian architecture=20 (sorry Steven!), which will (hopefully) benefit from the Debian reproducibl= e=20 builds like all the other Debian architectures.=20 (And I wrote "hopefully" because kfreebsd-amd64 was a bit special for jessi= e=20 and hopefully will be a proper architecture for stretch, the release coming= in=20 two years.) I'll come back once these FreeBSD tests are set up. cheers, Holger --nextPart3591167.s3AzNQLD7r Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIVAwUAVYCaEwkauFYGmqocAQrJtw//TVsRIghgP3DJPifNyKcKP9SLJz3rqEyF edR2GPr0bt542cRiRENHR8xiZCr1HV2892zwv9quYwZ/4yecGSspYECN2Cl9MFuC +JR3SxCao855h1N3gLsj7dAHEefQHGrrOuaN4VNXt2DYjxqZYGtPj6hHU+w5qvdW KDTsJuF813RZ69Ij0Gd9/KfGa90WN13xPpRxU+1gJD68jDcJcSqXQ3VIyDXww17r jg1qynTxOJtM3ipYqKIRPccl7bNWXWui7wIKvJD8Ea/eMttVimG/aEs1dmLAqkNj ZWoplLEj/YnC/dmSsHW+FVbWTSTcga/Wp4hXj7KNYc3I1uWZd5J7//cNw4qlDdLq XtRjIYl7vME7tnDfY+4duEgZ0IEYgVKqS8gJBhyvD9NHe3f6LQaM2C5NuiW7OK+U oysgaAZb6oiwx2dDRilrasZt09CLkYLBu8qR4K6r2vluawW3V2PWN+kRBXjfqEQY KeRdWwToKV0RH6J53CfyPPSdf8mdFd/CT/mg1IsXJkFqlyPDwd9h4D3hfjdhH3uH m5EJGweWgMC/zsI1sNOCgXDwWvX1llsGLkcACHeSdCHjHmhGn4Lju+cPU0BL8D8Z LWTyy6WacYCd4JL/lWQaXqeLj11v0VWf46GJBlUNP4IG8puwIsDf9ZYDlaEueCFN +cj6hX11ZRo= =jYWP -----END PGP SIGNATURE----- --nextPart3591167.s3AzNQLD7r--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201506162350.11646.holger>