Old build daemons lead to non-reproducible builds

DoneSubmitted by Ludovic Courtès.
Details
4 participants
  • Andreas Enge
  • Leo Famulari
  • Ludovic Courtès
  • Ricardo Wurmus
Owner
unassigned
Severity
important
L
L
Ludovic Courtès wrote on 24 Nov 2016 14:09
(address . guix-sysadmin@gnu.org)(address . bug-guix@gnu.org)
87d1hl6n35.fsf@gnu.org
Hi!
Old versions of guix-daemon would use /tmp/nix-build-… as the builddirectory name instead of /tmp/guix-build-… (commit7a57c96a1024e6b74359ba561110f19f92b89b06), and versions prior to 0.11.0could use a different directory prefix (.drv-0, .drv-1, etc.) whereascurrent versions systematically use .drv-0 (commitcb9601029ea164b86bdf997f7160d494c15d344b).
However, some of our build machines run old daemons, which leads todiscrepancies such has:
Toggle snippet (15 lines)$ wget -O - https://mirror.hydra.gnu.org/nar/3kxg1wvc1dnw9bdnp61pfc6vy14v4ikl-bash-4.4.0-include |bunzip2 |guix archive -x /tmp/foo[…]$ diff -ruBb /gnu/store/3kxg1wvc1dnw9bdnp61pfc6vy14v4ikl-bash-4.4.0-include /tmp/foodiff -ruBb /gnu/store/3kxg1wvc1dnw9bdnp61pfc6vy14v4ikl-bash-4.4.0-include/lib/bash/Makefile.inc /tmp/foo/lib/bash/Makefile.inc--- /gnu/store/3kxg1wvc1dnw9bdnp61pfc6vy14v4ikl-bash-4.4.0-include/lib/bash/Makefile.inc 1970-01-01 01:00:01.000000000 +0100+++ /tmp/foo/lib/bash/Makefile.inc 2016-11-24 14:00:26.449665970 +0100@@ -38,7 +38,7 @@ headersdir = $(includedir)/$(PACKAGE_NAME) topdir = ../..-BUILD_DIR = /tmp/guix-build-bash-4.4.0.drv-0/bash-4.4+BUILD_DIR = /tmp/nix-build-bash-4.4.0.drv-0/bash-4.4 srcdir = .
This can lead to hash mismatches between what the narinfo claims andwhat the nar actually contains (due to caching), which annoys users.
We should update all our build machines to a newer daemon.
Ludo’.
L
L
Ludovic Courtès wrote on 3 Dec 2016 00:07
(address . guix-sysadmin@gnu.org)(address . 25016@debbugs.gnu.org)
87mvgedj5f.fsf@gnu.org
ludo@gnu.org (Ludovic Courtès) skribis:
Toggle quote (2 lines)> We should update all our build machines to a newer daemon.
Today I updated the daemon on hydra.gnunet.org from 0.9 to 0.11ish.
Ludo’.
A
A
Andreas Enge wrote on 4 Jan 2017 12:15
Re: Staging freeze
(name . Ludovic Courtès)(address . ludo@gnu.org)
20170104111500.GA20021@jurong
Hello,
On Wed, Jan 04, 2017 at 12:05:10PM +0100, Ludovic Courtï¿œs wrote:
Toggle quote (7 lines)> Leo Famulari <leo@famulari.name> skribis:> > On Thu, Dec 29, 2016 at 05:59:52PM +0100, Ludovic Courtï¿œs wrote:> >> Mark, Andreas: could you update guix-daemon on the ARM/MIPS machines you> >> have root access to and notify 25016@debbugs.gnu.org?> > In case they were updated without notification,> We never know! :-)
I did update the daemon on redhill, but gave up on making it run with systemd,I had no patience to investigate why it would not start - the symbolic linkinstead of a copied file? So now it is just running in a screen. Please letme know when there is a problem.
Andreas
L
L
Ludovic Courtès wrote on 4 Jan 2017 16:49
(name . Andreas Enge)(address . andreas@enge.fr)
877f6akepc.fsf@gnu.org
Hi!
Andreas Enge <andreas@enge.fr> skribis:
Toggle quote (13 lines)> On Wed, Jan 04, 2017 at 12:05:10PM +0100, Ludovic Courtès wrote:>> Leo Famulari <leo@famulari.name> skribis:>> > On Thu, Dec 29, 2016 at 05:59:52PM +0100, Ludovic Courtès wrote:>> >> Mark, Andreas: could you update guix-daemon on the ARM/MIPS machines you>> >> have root access to and notify 25016@debbugs.gnu.org?>> > In case they were updated without notification,>> We never know! :-)>> I did update the daemon on redhill, but gave up on making it run with systemd,> I had no patience to investigate why it would not start - the symbolic link> instead of a copied file? So now it is just running in a screen. Please let> me know when there is a problem.
Awesome, thanks!
Ludo’.
L
L
Leo Famulari wrote on 4 Jan 2017 20:44
(name . Andreas Enge)(address . andreas@enge.fr)
20170104194457.GB7042@jasmine
On Wed, Jan 04, 2017 at 12:15:00PM +0100, Andreas Enge wrote:
Toggle quote (15 lines)> Hello,> > On Wed, Jan 04, 2017 at 12:05:10PM +0100, Ludovic Courtès wrote:> > Leo Famulari <leo@famulari.name> skribis:> > > On Thu, Dec 29, 2016 at 05:59:52PM +0100, Ludovic Courtès wrote:> > >> Mark, Andreas: could you update guix-daemon on the ARM/MIPS machines you> > >> have root access to and notify 25016@debbugs.gnu.org?> > > In case they were updated without notification,> > We never know! :-)> > I did update the daemon on redhill, but gave up on making it run with systemd,> I had no patience to investigate why it would not start - the symbolic link> instead of a copied file? So now it is just running in a screen. Please let> me know when there is a problem.
Okay, thank you!
If you are around after FOSDEM, I'm happy to take a look at thesesystems with you to make them use systemd. I think it's more reliable...if it works :)
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAlhtULgACgkQJkb6MLrKfwhInRAAjjjAlFvJtCaJntTqsINSWQ3t5kkXg0wKTz5vTZiW6X3ojdhbHtxMkNo0NVGe5I9FL7jiOeHnVNnBKziV1bV4HMz8/uNo4WpVTI0gIdP8lHX2iZGRh8E3YIntxYVRdn+orA5rkwe5HzcoW6PiYYKcqqm3w+CE9ck60EB4KxVwfCxPmOtjyCSfk0o28+vQcQVvQbYbX9uFZREGUgKMTx6IplnNOjg5pp+susicGx79eCmmkiuTCj5cVg6kDpcfemvILmu2s+TkKZpJCxzIfNeZBfB8kFywJPPoRJxmW50+ZABM1u5bxAXqshDlO1/AqflA7kqjccCvhyatBppmNjo5BS/1DOIIgbCZZoP+u2qNKR4yWUXsYtX8SrHQ5fIfKvbZ+UkG7cVg04vjx0mSKlB7TsAuPvUbTodYPZRwprPCWKg8MCtet3JDwQj0EWdR/exGsmWwt1tFeMk8Wr7eFvw3EhHuLhsmRZonHTc5tHtn96O+lcao6xfgATqxAK/chV0LElZODGEJzJv9mVVOJUsUhFXfg68gKXd9WhGiMmKzrcFNgmU4I1MjPARKS/e3JX7+vUpApGjkFynSGcUSrXVJWnY8tlfgMVRsw2OR1c/CtqFa7Z8lal/4tGdmPpgoGucw1EXaNeiM7aeQ9wfDQQvCzlpXQw22alPyPMXO7+Jstys==VXmv-----END PGP SIGNATURE-----

L
L
Ludovic Courtès wrote on 4 May 2017 23:22
control message for bug #25016
(address . control@debbugs.gnu.org)
87shkk8ggy.fsf@gnu.org
severity 25016 important
L
L
Ludovic Courtès wrote on 4 May 2017 23:51
Re: bug#25016: Old build daemons lead to non-reproducible builds
(address . guix-sysadmin@gnu.org)(address . 25016@debbugs.gnu.org)
87inlg8f4s.fsf@gnu.org
ludo@gnu.org (Ludovic Courtès) skribis:
Toggle quote (2 lines)> We should update all our build machines to a newer daemon.
I’ve updated guix.sjd.se from 0.8.3 (!) to 0.12.0-9.25a4, which shouldfix the “/tmp/nix-build” issue that was showing up for packages such ascunit at https://gnu.org/s/guix/packages/reproducibility.html.
Ludo’.
R
R
Ricardo Wurmus wrote on 5 May 2017 08:53
(name . Ludovic Courtès)(address . ludo@gnu.org)
87y3ub4wwk.fsf@elephly.net
Ludovic Courtès <ludo@gnu.org> writes:
Toggle quote (8 lines)> ludo@gnu.org (Ludovic Courtès) skribis:>>> We should update all our build machines to a newer daemon.>> I’ve updated guix.sjd.se from 0.8.3 (!) to 0.12.0-9.25a4, which should> fix the “/tmp/nix-build” issue that was showing up for packages such as> cunit at <https://gnu.org/s/guix/packages/reproducibility.html>.
Wow, that’s quite a jump!
-- Ricardo
GPG: BCA6 89B6 3655 3801 C3C6 2150 197A 5888 235F ACAChttps://elephly.net
L
L
Ludovic Courtès wrote on 16 Jun 2017 10:52
control message for bug #25016
(address . control@debbugs.gnu.org)
87r2ykgvre.fsf@gnu.org
tags 25016 fixedclose 25016
?
Your comment

This issue is archived.

To comment on this conversation send email to 25016@debbugs.gnu.org