(address . guix-patches@gnu.org)
Hi,
I had a look at the old discussion and made a second attempt at fixing
the timestamps in the zip files. I wrote a version in C that does the
this back then but was unsuitable for usage in Guix.
Ludo created a draft for directly reading the zip files and zeroing the
time stamps in Scheme as a response.
But he also mentioned that Debians strip-nondeterminism probobaly
already does what we want.
So I took the this route for solving our problems.
strip-nondeterminism is written in Perl. I don't have any experience
with Perl, so probably my package definitions need some cleanup.
In addition, the tests for strip-nondeterminism fail. Yet using it makes
the build of pwsafe deterministic.
The strip-nondeterminism executable will also fail to run without
changes to the environment when run from a profile.
I am also not sure whether debian.scm is the right file for it.
So the patches below are probably more of a draft and it would be really
nice if someone with Perl experience could tweak them.
As there is a very similar problem with jar files in ant-build-system it
might be benefitial to port this approach to it, but I am not sure about
that.
Tim.
From a2b4a41aef84e168366952b5f3b99d4f4ff463d6 Mon Sep 17 00:00:00 2001
From: Tim Gesthuizen <tim.gesthuizen@yahoo.de>
Date: Wed, 4 Nov 2020 16:09:00 +0100
Subject: [PATCH 1/3] gnu: Add perl-sub-override
* gnu/packages/perl.scm (perl-sub-override): New variable.
---
gnu/packages/perl.scm | 21 +++++++++++++++++++++
1 file changed, 21 insertions(+)
Toggle diff (41 lines)
diff --git a/gnu/packages/perl.scm b/gnu/packages/perl.scm
index ad84d63785..936a605d43 100644
--- a/gnu/packages/perl.scm
+++ b/gnu/packages/perl.scm
@@ -28,6 +28,7 @@
;;; Copyright © 2020 Paul Garlick <pgarlick@tourbillion-technology.com>
;;; Copyright © 2020 Nicolas Goaziou <mail@nicolasgoaziou.fr>
;;; Copyright © 2020 Malte Frank Gerdes <malte.f.gerdes@gmail.com>
+;;; Copyright © 2020 Tim Gesthuizen <tim.gesthuizen@yahoo.de>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -9209,6 +9210,26 @@ specification is omitted in the name, then the current package is used. The
return value is the sub.")
(license (package-license perl))))
+(define-public perl-sub-override
+ (package
+ (name "perl-sub-override")
+ (version "0.09")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://cpan.metacpan.org/authors/id/O/OV/OVID/Sub-Override-"
+ version ".tar.gz"))
+ (sha256
+ (base32
+ "1d955qn44brkcfif3gi0q2vvvqahny6rax0vr068x5i9yz0ng6lk"))))
+ (native-inputs `(("perl-test-fatal" ,perl-test-fatal)))
+ (build-system perl-build-system)
+ (home-page "https://metacpan.org/release/Sub-Override")
+ (synopsis "Override a sub")
+ (description "Sub::Override aids in overriding subroutines.")
+ (license (package-license perl))))
+
(define-public perl-sub-quote
(package
(name "perl-sub-quote")
--
2.29.1
From 3c22713d1234e6014d5959e31b621151defab5de Mon Sep 17 00:00:00 2001
From: Tim Gesthuizen <tim.gesthuizen@yahoo.de>
Date: Wed, 4 Nov 2020 16:09:42 +0100
Subject: [PATCH 2/3] gnu: Add strip-nondeterminism
* gnu/packages/debian.scm (strip-nondeterminism): New variable.
---
gnu/packages/debian.scm | 33 ++++++++++++++++++++++++++++++++-
1 file changed, 32 insertions(+), 1 deletion(-)
Toggle diff (56 lines)
diff --git a/gnu/packages/debian.scm b/gnu/packages/debian.scm
index 52e7ec223a..e710de066f 100644
--- a/gnu/packages/debian.scm
+++ b/gnu/packages/debian.scm
@@ -25,13 +25,15 @@
#:use-module (guix packages)
#:use-module (guix build-system gnu)
#:use-module (guix build-system trivial)
+ #:use-module (guix build-system perl)
#:use-module (gnu packages autotools)
#:use-module (gnu packages base)
#:use-module (gnu packages compression)
#:use-module (gnu packages gettext)
#:use-module (gnu packages gnupg)
#:use-module (gnu packages wget)
- #:use-module (gnu packages perl))
+ #:use-module (gnu packages perl)
+ #:use-module (gnu packages perl-compression))
(define-public debian-archive-keyring
(package
@@ -275,3 +277,32 @@ debian/copyright for more information.")))))
selectively mirror Debian and Ubuntu GNU/Linux distributions or any
other apt sources typically provided by open source developers.")
(license license:gpl2))))
+
+(define-public strip-nondeterminism
+ (package
+ (name "strip-nondeterminism")
+ (version "1.9.0")
+ (source
+ (origin
+ (method git-fetch)
+ (uri
+ (git-reference
+ (url "https://salsa.debian.org/reproducible-builds/strip-nondeterminism")
+ (commit version)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32
+ "0hk8kdkdjpmsl93l09ihlcl8kxibk429a30w81ir085arwqpakzx"))))
+ (build-system perl-build-system)
+ (propagated-inputs
+ `(("perl-archive-zip" ,perl-archive-zip)
+ ("perl-sub-override" ,perl-sub-override)))
+ (arguments `(#:tests? #f))
+ (home-page "https://salsa.debian.org/reproducible-builds/strip-nondeterminism")
+ (synopsis "Strips non deterministic parts off of zip and jar archives")
+ (description "File::StripNondeterminism is a Perl module for stripping
+bits of nondeterministic information, such as timestamps and file system
+order, from files such as gzipped files, ZIP archives, and Jar files. It can
+be used as a post-processing step to make a build reproducible, when the build
+process itself cannot be made deterministic.")
+ (license license:gpl3+)))
--
2.29.1
From 95ce6fe3180f78c38b85853ad9689d191ed25e0c Mon Sep 17 00:00:00 2001
From: Tim Gesthuizen <tim.gesthuizen@yahoo.de>
Date: Wed, 4 Nov 2020 16:10:20 +0100
Subject: [PATCH 3/3] gnu: pwsafe: Reset timestamps in in zip archives
* gnu/packages/password-utils.scm (pwsafe):
[native-inputs] Add strip-nondeterminism.
[arguments]: Add a new phase resetting timestamps in zip archives and adapt
modules for it.
---
gnu/packages/password-utils.scm | 20 ++++++++++++++++++--
1 file changed, 18 insertions(+), 2 deletions(-)
Toggle diff (54 lines)
diff --git a/gnu/packages/password-utils.scm b/gnu/packages/password-utils.scm
index c1bd212f09..85c2248a20 100644
--- a/gnu/packages/password-utils.scm
+++ b/gnu/packages/password-utils.scm
@@ -64,6 +64,7 @@
#:use-module (gnu packages crypto)
#:use-module (gnu packages cryptsetup)
#:use-module (gnu packages curl)
+ #:use-module (gnu packages debian)
#:use-module (gnu packages docbook)
#:use-module (gnu packages file)
#:use-module (gnu packages freedesktop)
@@ -227,6 +228,7 @@ algorithms AES or Twofish.")
`(("gettext" ,gettext-minimal)
("gtest" ,googletest)
("perl" ,perl)
+ ("strip-nondeterminism" ,strip-nondeterminism)
("zip" ,zip)))
(inputs `(("curl" ,curl)
("file" ,file)
@@ -237,7 +239,10 @@ algorithms AES or Twofish.")
("qrencode" ,qrencode)
("wxwidgets" ,wxwidgets)
("xerces-c" ,xerces-c)))
- (arguments '(#:configure-flags (list "-DNO_GTEST=YES")
+ (arguments `(#:configure-flags (list "-DNO_GTEST=YES")
+ #:modules ((guix build cmake-build-system)
+ (guix build utils)
+ (ice-9 ftw))
#:phases (modify-phases %standard-phases
(add-after 'unpack 'add-gtest
(lambda* (#:key inputs #:allow-other-keys)
@@ -247,7 +252,18 @@ algorithms AES or Twofish.")
(display "find_package(GTest)
add_subdirectory(src/test)\n" cmake-port)
(close cmake-port)
- #t))))))
+ #t)))
+ (add-after 'build 'patch-zips
+ (lambda* (#:key inputs #:allow-other-keys)
+ (ftw (getcwd)
+ (lambda (filename statinfo flag)
+ (when (and (eq? flag 'regular)
+ (string-suffix? ".zip" filename))
+ (chmod filename #o644)
+ (invoke "strip-nondeterminism"
+ "-v" filename))
+ #t))
+ #t)))))
(synopsis "Password safe with automatic input and key generation")
(description "pwsafe is a password manager originally designed by Bruce
Schneier. It offers a simple UI to manage passwords for different services.
--
2.29.1