[Rpm-ecosystem] Proposal: Create deterministic archives
Nick Clifton
nickc at redhat.com
Fri Feb 26 16:19:42 UTC 2016
Hi Guys,
[I apologise if this is the wrong way to ask questions on this list - this
is my first posting].
I would like to suggest a change to the brp-strip-static-archive script so
that in addition to stripping the debug information it would also convert
the archive to the deterministic format[1]. This would have the effect that
different copies of the same library built at different times and/or by
different people would compare as being the same.
This change could also take place when the archive is created, by changing
the behaviour of the "ar" program so that deterministic libraries are the
default. This was tried however and it lead to lots of problems building
packages because most of them use the "ar cru" command to add files to a
library. This command does not work with deterministic archives because
the timestamp information is not stored in the archive.
The change to the brp-strip-static-archive script is quite straightforward:
--- brp-strip-static-archive.orig 2016-02-26 16:08:44.262149260 +0000
+++ brp-strip-static-archive 2016-02-26 16:09:16.173333309 +0000
@@ -16,5 +16,5 @@ for f in `find "$RPM_BUILD_ROOT" -type f
grep -v "^${RPM_BUILD_ROOT}/\?usr/lib/debug" | \
grep 'current ar archive' | \
sed -n -e 's/^\(.*\):[ ]*current ar archive/\1/p'`; do
- $STRIP -g "$f"
+ $STRIP -g --enable-deterministic-archives "$f"
done
Is this an acceptable change ?
Cheers
Nick
[1] In deterministic format the user id, group id and timestamp for every file
in the archive is set to zero.
More information about the Rpm-ecosystem
mailing list