Your message dated Fri, 25 Dec 2020 05:18:46 +0000 with message-id <E1ksfV0-0006Fv-D8@fasolo.debian.org> and subject line Bug#978044: fixed in wily 0.13.41-9 has caused the Debian Bug report #978044, regarding wily: reproducible builds: Embeds user, group and umask in tarballs to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 978044: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978044 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: submit@bugs.debian.org
- Subject: wily: reproducible builds: Embeds user, group and umask in tarballs
- From: Vagrant Cascadian <vagrant@reproducible-builds.org>
- Date: Thu, 24 Dec 2020 17:49:47 -0800
- Message-id: <[🔎] 87k0t6ods4.fsf@yucca>
Source: wily Severity: normal Tags: patch User: reproducible-builds@lists.alioth.debian.org Usertags: username umask X-Debbugs-Cc: reproducible-bugs@lists.alioth.debian.org The tarballs /usr/share/doc/wily/wily.tar.gz and /usr/share/doc/wily/tute.tar.gz contain the username, user id, group name, group id and umask of the build environment in which they were produced: https://tests.reproducible-builds.org/debian/rb-pkg/bullseye/amd64/diffoscope-results/wily.html drwxr-xr-x···0·pbuilder1··(1111)·pbuilder1··(1111)········0·2019-08-21·10:11:18.000000·tute/ vs. drwxrwxr-x···0·pbuilder2··(2222)·pbuilder2··(2222)········0·2019-08-21·10:11:18.000000·tute/ The attached patch fixes this by passing arguments to tar in debian/rules to avoid embedding this metadata. Thanks for maintaining wily! live well, vagrantFrom 8ee7445fb8376fec85b2f05b929a8881ce6b3d4b Mon Sep 17 00:00:00 2001 From: Vagrant Cascadian <vagrant@reproducible-builds.org> Date: Fri, 25 Dec 2020 00:01:32 +0000 Subject: [PATCH 1/8] debian/rules: Pass options to tar to generate reproducible tarballs. Pass additional options to tar to ensure sort order, user id, group id and pax headers are consistent between builds. See "Full example": https://reproducible-builds.org/docs/archives/ --- debian/rules | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/debian/rules b/debian/rules index 7d38575..f21f401 100755 --- a/debian/rules +++ b/debian/rules @@ -53,10 +53,16 @@ install-stamp: build-stamp install -m644 Doc/changes.txt debian/wily/usr/share/doc/wily/html install -m644 Doc/*.html debian/wily/usr/share/doc/wily/html install -m644 Doc/*.gif debian/wily/usr/share/doc/wily/html - cd Doc && GZIP="-9n" tar -czhf \ - ../debian/wily/usr/share/doc/wily/tute.tar.gz tute --mtime="@$(SOURCE_DATE_EPOCH)" - cd misc && GZIP="-9n" tar -czhf \ - ../debian/wily/usr/share/doc/wily/wily.tar.gz wily --mtime="@$(SOURCE_DATE_EPOCH)" + cd Doc && GZIP="-9n" tar --sort=name \ + --mtime="@${SOURCE_DATE_EPOCH}" \ + --owner=0 --group=0 --numeric-owner \ + --pax-option=exthdr.name=%d/PaxHeaders/%f,delete=atime,delete=ctime \ + -czhf ../debian/wily/usr/share/doc/wily/tute.tar.gz tute + cd misc && GZIP="-9n" tar --sort=name \ + --mtime="@${SOURCE_DATE_EPOCH}" \ + --owner=0 --group=0 --numeric-owner \ + --pax-option=exthdr.name=%d/PaxHeaders/%f,delete=atime,delete=ctime \ + -czhf ../debian/wily/usr/share/doc/wily/wily.tar.gz wily touch install-stamp binary-indep: build install -- 2.20.1Attachment: signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
- To: 978044-close@bugs.debian.org
- Subject: Bug#978044: fixed in wily 0.13.41-9
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Fri, 25 Dec 2020 05:18:46 +0000
- Message-id: <E1ksfV0-0006Fv-D8@fasolo.debian.org>
- Reply-to: Vagrant Cascadian <vagrant@reproducible-builds.org>
Source: wily Source-Version: 0.13.41-9 Done: Vagrant Cascadian <vagrant@reproducible-builds.org> We believe that the bug you reported is fixed in the latest version of wily, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 978044@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Vagrant Cascadian <vagrant@reproducible-builds.org> (supplier of updated wily package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmaster@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 24 Dec 2020 20:52:49 -0800 Source: wily Architecture: source Version: 0.13.41-9 Distribution: unstable Urgency: medium Maintainer: Debian QA Group <packages@qa.debian.org> Changed-By: Vagrant Cascadian <vagrant@reproducible-builds.org> Closes: 978044 Changes: wily (0.13.41-9) unstable; urgency=medium . * QA upload. * debian/rules: Pass options to tar to generate reproducible tarballs. (Closes: #978044) * Remove dead link to image in documentation. * Patch tools/win/Makefile.in to pass additional include directory. * debian/menu: Update to use the "Applications" section. * debian/rules: Switch to "dh". * Switch to debhelper compat 13. * Use debian/wily.install and debian/wily.manpages instead of installing manually from debian/rules. * debian/rules: Generated tarballs from dh_installdocs override. * debian/source/format: Set to "1.0". * debian/control: Update Standards-Version to 4.5.1. * debian/source/lintian-overrides: Override configure-generated-file-in-source, removed in clean target. * debian/control: Set Vcs headers. Checksums-Sha1: 889a5f34836ce4065309628af7daf10ab74a65e8 1322 wily_0.13.41-9.dsc 3c3f9c5d0d60c1d322721ad2bcd7bf91e8a9116d 26711 wily_0.13.41-9.diff.gz Checksums-Sha256: a4889f4c7e0f814bb4c1d9009197cc9167de3c981678f0df3f0d0ee54fb8aed5 1322 wily_0.13.41-9.dsc e0ad1e925c893596f5176e58a556d557b79816b03ca36d23514508133ecc449b 26711 wily_0.13.41-9.diff.gz Files: 1f4cf9d61ebe52ba73422c7fdfbf96e4 1322 editors optional wily_0.13.41-9.dsc ef394053fe3b8b1d59b02438e7311a14 26711 editors optional wily_0.13.41-9.diff.gz -----BEGIN PGP SIGNATURE----- iJYEARYKAD4WIQRlgHNhO/zFx+LkXUXcUY/If5cWqgUCX+VyOCAcdmFncmFudEBy ZXByb2R1Y2libGUtYnVpbGRzLm9yZwAKCRDcUY/If5cWqitwAP47VQGf22v8+5tD 6e+i/aPr/QhMQOWLhkcpKjHoPtjq7QD/ScobV38fQtRT60jbrCCHJj/BYNIMuG9D lmOCUTfNEQ8= =3Cyx -----END PGP SIGNATURE-----
--- End Message ---