Hello lists,here is the 19th update of the status for reproducible live-build ISO images [1].
Single line summary: Live images are looking good Reproducible status:* All major desktops build reproducibly with bullseye, bookworm, trixie and sid
** When built for a second time within the same DAK run * Rebuilding bookworm images, see [2] ** When rebuilding at any later timestamp Functionality status: * The trixie and sid images are affected by #1031183 My activities in July, August: * The .disk/info file is now more similar to the 11.x series [5] * The amount of firmware files is reduced [7] * Rebuilding the bookworm standard image [2] ** The following changes were made in live-build: *** The sorting order for the checksum files is consistent *** The file .disk/archive_trace is removed *** The timestamp of boot/grub/live-theme/theme.txt is consistent*** The timestamps in the source tar are the 'now' of the generation of the image ** For the Debian 12.2 point release, full long-term reproducibility should be possible
* Rebuilding the bookworm gnome image [2] ** More investigation is required * While rebuilding the bookworm images, the following was seen:** In the ISO-image hard-linked files (same i-node) may swap their order (seen in diffoscope file list)
** /lib32 and /libx32 symlinks have disappeared** It appears that updated tools from the host influence the content of the images
** More investigation is required * Bug triaging, resulting in many closed bug reports against live-build [3] * Updated the TODO page [6] * Updated the live-build instructions [1] Work to be done:* More investigation is required to provide long-term reproducibility, because the live image will be generated without using a snapshot server * Test the official images and regular snapshot images in openQA as well as the images generated by Jenkins (possibly replacing the images generated by Jenkins)
* Review the results of the generated ISO images in my local openQA instance * Adjust the content of the live-build image ** Make the boot menu more similar to the live-wrapper menu ** Add a 'persistent' option (as seen in Kali) ** Keep the accessibility improvements made in the live-wrapper boot menu ** Verify the package lists *** e.g. the Debian Reference is installed for es and it, but not en** All locales are present in the live image, but they are not activated, which results in a silly GNOME welcome screen [4] * Bug triaging for issues reported against live-build [3] and debian-live [8]
* Many other things. See the TODO page [6] With kind regards, Roland Clobus [1] https://wiki.debian.org/ReproducibleInstalls/LiveImages [2] https://lists.debian.org/debian-live/2023/08/msg00008.html[3] https://bugs.debian.org/cgi-bin/pkgreport.cgi?archive=0;dist=unstable;ordering=normal;repeatmerged=0;src=live-build
[4] https://lists.debian.org/debian-live/2023/06/msg00017.html [5] https://lists.debian.org/debian-live/2023/06/msg00023.html [6] https://wiki.debian.org/DebianLive/TODO[7] https://salsa.debian.org/live-team/live-build/-/commit/8eaf20daf1cf79669975b1acfe4d6fa453eb6307
[8] https://bugs.debian.org/cgi-bin/pkgreport.cgi?package=debian-live
Attachment:
OpenPGP_signature.asc
Description: OpenPGP digital signature