[fis-gtm] "action needed" items
Hello,
FIS released GT.M V6.3-000 yesterday and I am in the process of updating the Debian package. Since I have the spare cycles, I
want to address a few of the "action needed" items listed on https://tracker.debian.org/pkg/fis-gtm. I made some changes to
address the uscan error and lintian warnings, but I have some questions about two other items.
-- non-reproducible builds --
The link for this, https://tests.reproducible-builds.org/rb-pkg/testing/amd64/fis-gtm.html, is marked with a FTBFS for the
second build. The problem with the second build seems to be a configuration problem on the build server. Notice the complaints
(below) from PERL about LC_ALL. The recurring setlocale warnings seem to have caused problems for CMake resulting in a build
failure.
I: using fakeroot in build.
I: pbuilder: network access will be disabled during build
I: Current time: Mon May 1 02:34:11 GMT-14 2017
I: pbuilder-time-stamp: 1493555651
I: Building the build Environment
I: extracting base tarball [/var/cache/pbuilder/testing-reproducible-base.tgz]
I: copying local configuration
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = (unset),
LC_ALL = "fr_CH.UTF-8",
LANG = "fr_CH.UTF-8"
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
See https://tests.reproducible-builds.org/logs/unstable/amd64/fis-gtm_6.2-002A-3.build2.log.gz for the full build log
Do I need to take any action to address the above?
Previously, when I looked at the non-reproducible build warnings, I saw a warning complaining about the following list of files:
dsehelp.dat
gdehelp.dat
gtmhelp.dat
lkehelp.dat
mupiphelp.dat
The above files are FIS GT.M database files generated during the build. These databases hold the online help for FIS GT.M
executables. Database files won't be the same due to time related information in the block headers. So I need to exclude these
files from being checked.
I read https://wiki.debian.org/ReproducibleBuilds and https://reproducible-builds.org/docs to learn how to exclude these files
from being checked, but could not find any mechanism. Most of the docs merely glorified the greatness* reproducible builds. Does
anyone know a way to exclude these files? * I agree with it the principle, but I have an exception that I cannot work around.
-- build log check warning --
The fis-gtm build was tagged with "W-compiler-flags-hidden". If I understood
https://wiki.debian.org/Hardening#Notes_for_packages_using_CMake correctly, I should get dpkg-buildflags for free. Am I correct?
The hardening options are in force.
shaha:~/debmed/fis-gtm> hardening-check /usr/lib/x86_64-linux-gnu/fis-gtm/V6.3-000_x86_64/mumps
/usr/lib/x86_64-linux-gnu/fis-gtm/V6.3-000_x86_64/libgtmshr.so
/usr/lib/x86_64-linux-gnu/fis-gtm/V6.3-000_x86_64/mumps:
Position Independent Executable: no, normal executable!
Stack protected: yes
Fortify Source functions: yes
Read-only relocations: yes
Immediate binding: no, not found!
/usr/lib/x86_64-linux-gnu/fis-gtm/V6.3-000_x86_64/libgtmshr.so:
Position Independent Executable: no, regular shared library (ignored)
Stack protected: yes
Fortify Source functions: yes (some protected functions found)
Read-only relocations: yes
Immediate binding: no, not found!
On a second read of https://qa.debian.org/bls/bytag/W-compiler-flags-hidden.html, I think I understand the complaint better.
buildd log scanner tag W-compiler-flags-hidden
description
The package contains build commands which hide the real compiler flags (non-verbose builds). This prevents automatic checks
for missing (hardening) flags.
False positives are possible, especially when building in parallel. In this case this warning can be ignored.
The complaint is that the build flags are not present in the build log file. Would the fix be to build with VERBOSE=1?
Thanks in advance,
Amul
_____________
The information contained in this message is proprietary and/or confidential. If you are not the intended recipient, please: (i) delete the message and all copies; (ii) do not disclose, distribute or use the message in any manner; and (iii) notify the sender immediately. In addition, please be aware that any message addressed to our domain is subject to archiving and review by persons other than the intended recipient. Thank you.
Reply to: