Bug#1003787: marked as done (pesign: reproducible-builds: build path embedded in include)

To: Steve McIntyre <93sam@debian.org>
Subject: Bug#1003787: marked as done (pesign: reproducible-builds: build path embedded in include)
From: "Debian Bug Tracking System" <owner@bugs.debian.org>
Date: Wed, 01 Nov 2023 23:09:09 +0000
Message-id: <[🔎] handler.1003787.D1003787.1698879878206538.ackdone@bugs.debian.org>
Reply-to: 1003787@bugs.debian.org
References: <E1qyKGJ-003kfL-Rh@fasolo.debian.org> <877db01zys.fsf@yucca>

Your message dated Wed, 01 Nov 2023 23:04:35 +0000
with message-id <E1qyKGJ-003kfL-Rh@fasolo.debian.org>
and subject line Bug#1003787: fixed in pesign 116-1
has caused the Debian Bug report #1003787,
regarding pesign: reproducible-builds: build path embedded in include
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1003787: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003787
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: submit@bugs.debian.org
Subject: pesign: reproducible-builds: build path embedded in include
From: Vagrant Cascadian <vagrant@reproducible-builds.org>
Date: Sat, 15 Jan 2022 12:55:07 -0800
Message-id: <877db01zys.fsf@yucca>

Source: pesign
Severity: normal
Tags: patch
User: reproducible-builds@lists.alioth.debian.org
Usertags: buildpath
X-Debbugs-Cc: reproducible-bugs@lists.alioth.debian.org

pesign does not appear to build reproducibly in unstable due to build
paths (which is not varied in testing/bookworm):

  https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/diffoscope-results/pesign.html

This appears due to an include directory that embeds the full path.


The attached patch fixes this by passing a relative path to the include
directory in Make.defaults.


With this patch applied, pesign should build reproducibly on
tests.reproducible-builds.org!


Thanks for maintaining pesign!

live well,
  vagrant

From f5cb0d11f73a3b3b6b6c58b8f96ebb3da58bf5d0 Mon Sep 17 00:00:00 2001
From: Vagrant Cascadian <vagrant@reproducible-builds.org>
Date: Sat, 15 Jan 2022 20:43:57 +0000
Subject: [PATCH] Make.defaults: Use relative path to include dir.

This allows for reproducible builds even when the build path differs
between two builds.

https://reproducible-builds.org/docs/build-path/
---
 Make.defaults | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Make.defaults b/Make.defaults
index c97b452..9986da9 100644
--- a/Make.defaults
+++ b/Make.defaults
@@ -40,7 +40,7 @@ cflags	= $(CFLAGS) $(ARCH3264) \
 	-Wno-unused-function\
 	-std=gnu11 -fshort-wchar -fPIC -flto -fno-strict-aliasing \
 	-fno-merge-constants -fkeep-inline-functions \
-	-D_GNU_SOURCE -DCONFIG_$(ARCH) -I${TOPDIR}/include \
+	-D_GNU_SOURCE -DCONFIG_$(ARCH) -I../include \
 	$(if $(filter $(CC),clang),$(clang_cflags), ) \
 	$(if $(filter $(CC),gcc),$(gcc_cflags), ) \
 	$(call pkg-config-cflags) -Werror
-- 
2.34.1

Attachment: signature.asc
Description: PGP signature

--- End Message ---

--- Begin Message ---

To: 1003787-close@bugs.debian.org
Subject: Bug#1003787: fixed in pesign 116-1
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Wed, 01 Nov 2023 23:04:35 +0000
Message-id: <E1qyKGJ-003kfL-Rh@fasolo.debian.org>
Reply-to: Steve McIntyre <93sam@debian.org>

Source: pesign
Source-Version: 116-1
Done: Steve McIntyre <93sam@debian.org>

We believe that the bug you reported is fixed in the latest version of
pesign, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1003787@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Steve McIntyre <93sam@debian.org> (supplier of updated pesign package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 01 Nov 2023 22:25:43 +0000
Source: pesign
Architecture: source
Version: 116-1
Distribution: unstable
Urgency: medium
Maintainer: Debian UEFI maintainers <debian-efi@lists.debian.org>
Changed-By: Steve McIntyre <93sam@debian.org>
Closes: 964157 1003787 1015578 1030168 1054449
Changes:
 pesign (116-1) unstable; urgency=medium
 .
   * New upstream version 116
     * Remove old patches, all upstream now
     * Add new patches:
       * Remove bashisms in Makefiles
       * Update a patch to make build reproducible. Closes: #1003787
     * Various programs are now gone, fix up packaging to match:
       * efisiglist; replaced by efisecdb in the efivar package
       * pesign-authorize-users / pesign-authorize-groups
         (Fixes CVE-2022-3560, Closes: #1030168)
     * No longer uses /var/run. Closes: 964157
   * Add build-dep on new libefisec-dev
   * Move user/group setup from preinst to postinst, and add a
     dependency on passwd. Closes: #1054449
   * Now seems to work OK using LTO in the build. Closes: #1015578.
Checksums-Sha1:
 8f6252459886688fdf3bffcffd30fa562a7e6585 2135 pesign_116-1.dsc
 f11d00d08b55d0e6ca209c81adabad799832cd00 120424 pesign_116.orig.tar.bz2
 61de6cfee58d2459c1d69d0ee313899212022716 11144 pesign_116-1.debian.tar.xz
 1755ba868d0187f553794233f69661d45b5c46fa 6935 pesign_116-1_source.buildinfo
Checksums-Sha256:
 4b4080812f19a1cf5128d62abfa41bab7e5560c0912102316220ff91af1df59a 2135 pesign_116-1.dsc
 35331f75689863e5be595f2bb04a8bc934ce734b8d76fa5d6aeb4d85424e8996 120424 pesign_116.orig.tar.bz2
 2346ee31809f426ff8d9d92cfe30297490801c4ce46f3db068d8fbb48ee26a30 11144 pesign_116-1.debian.tar.xz
 2dc35e10ec0d780743a826fbcc80cca5e94034aa8d0a4faf4d8e69a4261b20a2 6935 pesign_116-1_source.buildinfo
Files:
 f7668b6e49662745edbfbd058d6826c5 2135 devel optional pesign_116-1.dsc
 10cd95bf1bee5097321efc141e8ab292 120424 devel optional pesign_116.orig.tar.bz2
 75d01755f6de87155d7ad2bbdfc04001 11144 devel optional pesign_116-1.debian.tar.xz
 33bc1c96276e94941c443089a7f959a3 6935 devel optional pesign_116-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJFBAEBCAAvFiEEzrtSMB1hfpEDkP4WWHl5VzRCaE4FAmVC1dwRHDkzc2FtQGRl
Ymlhbi5vcmcACgkQWHl5VzRCaE6gbg/+OdW0MAWLVSnl319foC00aEV4DqxRPKQU
4E2dxIC/08Hv/Vw1wdsiDT6HNx+kf+vcbZ4B4+B2mWtGI7dAg9p4XBpdgS7LEk2B
A5wN7uEuU76GKADNM2/fpiU36ucJmzcBh2uCVqcSN5wD2qSRRyy4tmXE63RLzqLH
W90vDVFdndmh4WfPMddjyqItf9PIJJRA7FjcCeIKlP+qS14J25gsSCKWV26dkdXB
9w84NVMVvDk8yn3eH6ZvyLH5jzMswVudCDAGsn2K3LGikEYzScMA0PtULOt8XkvA
UMhtmU56DX5/Uhmq+KpIzsj4C3Vph9Hdlr0z7SD9nKUs2hgqDvBGlSJKEPdq6BVp
utX3ohXtpemIN1xA/80KWXZInbVgG2KK4IwmDKYWWqquM/f1aVlvVlS4idMo1XzM
8f5qMzy0crcWCL+BYzOjSPo701oAR0wcxbndC6ixAWuw1yPM2BJ8y/R+H4fj90c1
pTpqVLPOAqQvDdMI9KUCjrymxLLQNXfezuvY5AIaO1nBTKSOCle8ZlHxkaWDhWmf
pafxmeoOLUJqrl2q+E2Zv/FVceKd2MjfHcBh43kQkckI37wsRxD6olsRg29lcTUG
9rdkyMgrfBtd9Cu4k1/9MFOAADk+aRrE9Yc4c+nKXUbwbx4FPE6slossFGSN+jr3
OoCpbVVHrhI=
=GcHr
-----END PGP SIGNATURE-----

--- End Message ---

Reply to:

Prev by Date: fwupd_1.9.7-1_source.changes ACCEPTED into unstable
Next by Date: Bug#1015578: marked as done (pesign: ftbfs with LTO (link time optimization) enabled)
Previous by thread: fwupd_1.9.7-1_source.changes ACCEPTED into unstable
Next by thread: Bug#1015578: marked as done (pesign: ftbfs with LTO (link time optimization) enabled)
Index(es):
- Date
- Thread