Hello Daniel, On 28/12/2021 09:20, Daniel Lewart wrote:
I have several questions, comments, and minor code improvements
for your excellent Debian Wiki page:
https://wiki.debian.org/ReproducibleInstalls/LiveImages
1) Configuration
What are the requirements for RAM and /dev/shm?
My 8G RAM laptop defaults to 3.64G /dev/shm.
This is fine for a standard image, but in order to build
a gnome-core image, I needed to increase it to 6.5G.
I've got 32GB in total RAM, my /dev/shm is per default 16GB, which is enough for the larger images.
I've measured the GNOME image. After compression it is 2.9GB, before compression about 8.4GB. Additionally the live-build commands cache/download some files, so you'll need some space there as well.
In /dev/shm I needed about 15GB, which just fits in my configuration.With 'only' 4GB available, I would recommend to build on a fast drive instead of /dev/shm.
2) Updated preparation
Code improvements:
wget -qN http://snapshot.notset.fr/mr/timestamp/debian/latest
-q=--quiet -> makes sense -N=--timestamping -> why do you need this?
export SNAPSHOT_TIMESTAMP=$(grep result latest | cut -d\" -f4)
export SOURCE_DATE_EPOCH=$(date -d $(echo $SNAPSHOT_TIMESTAMP |
sed -E 's/^(....)(..)(..T..)(..)(..Z)/\1-\2-\3:\4:\5/') +%s)
I see. I'm a fan of awk for slightly more complicated manipulations. Your versions will work as well. All tools (grep, cut, sed, awk) will be available in a default installation of Debian, so the choice between the tools appears to me to be a matter of taste.
3) Hook scripts
You could change all instances of:
if [ ! -e FILE ];
then
exit 0
fi
to:
[ -e FILE ] || exit 0
It is more compact. However, I'd rather read if-statements, similar to C, so I don't have to remember how the '||' works. 'if not exists file then exit 0' reads for me clearer than 'if file exists returns with non-zero (i.e. does not exists) then exit 0;
4) Everything, or at least apt-cacher-ng and /dev/shm,
should be incorporated into the Debian Live Manual at some point.
Agreed. I plan to write those sections later.The configuration for apt-cacher-ng and other speed-ups will eventually get their own sub-section. The requirements for the mount point (dev,suid) need to be documented as well, see also https://lists.debian.org/debian-live/2021/12/msg00048.html
I would rather move the hooks and other steps to guarantee reproducibility to a script that is located somewhere in the live-build repository itself.
@Luca, @Raphael: Would you welcome such a script in live-build, instead of it being maintained on the Wiki page and duplicated in Jenkins?
With kind regards, Roland Clobus
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature