On Sat, Nov 10, 2018 at 08:38:07PM -0700, Sean Whitton wrote:
> diff --git a/policy/ch-source.rst b/policy/ch-source.rst
> index dc80243..3c6c9d5 100644
> --- a/policy/ch-source.rst
> +++ b/policy/ch-source.rst
> @@ -291,6 +291,20 @@ For packages in the main archive, no required targets may attempt
> network access, except, via the loopback interface, to services on the
> build host that have been started by the build.
>
> +Required targets must not attempt to write outside of the unpacked
> +source package tree. There are two exceptions. Firstly, the binary
> +targets may write the binary packages to the parent directory of the
> +unpacked source package tree. Secondly, required targets may write to
> +the directory specified by the ``TMPDIR`` environment variable (or
> +``/tmp`` if that is not set), provided that files created in that
> +directory are deleted before the target completes and are not reused
> +by subsequent executions of the target.
> +
> +This restriction is intended to prevent source package builds creating
> +and depending on state outside of themselves, thus affecting multiple
> +independent rebuilds. In particular, the required targets must not
> +attempt to write into ``HOME``.
> +
seconded, thanks.
--
cheers,
Holger
-------------------------------------------------------------------------------
holger@(debian|reproducible-builds|layer-acht).org
PGP fingerprint: B8BF 5413 7B09 D35C F026 FE9D 091A B856 069A AA1C
Attachment:
signature.asc
Description: PGP signature