reproducible builds: keyutils: avoid embedding timestamp

DoneSubmitted by Vagrant Cascadian.
Details
2 participants
  • Ludovic Courtès
  • Vagrant Cascadian
Owner
unassigned
Severity
normal
V
V
Vagrant Cascadian wrote on 2 Jun 00:36 +0200
Download
(address . guix-patches@gnu.org)
877d60au45.fsf@contorta
Download
This completely removes a timestamp from the build of keyutils,
following the recommendation of:

https://reproducible-builds.org/docs/timestamps/

"Timestamps are best avoided"

Alternately, one could hard-code a specific timestamp (e.g. 2012-04-18),
or patch it to use the SOURCE_DATE_EPOCH environment variable (which
might at least be acceptible to submit upstream), although since
SOURCE_DATE_EPOCH is always 0 in guix, this seems a bit silly to me. :)


live well,
vagrant
Download
From 36888e9dc33188115142ecde9d31eb3884004940 Mon Sep 17 00:00:00 2001
From: Vagrant Cascadian <vagrant@reproducible-builds.org>
Date: Wed, 1 Jun 2022 09:24:00 -0700
Subject: [PATCH 3/4] gnu: keyutils: Avoid embedding build timestamp.

* gnu/packages/crypto.scm (keyutils)[arguments]: Add
'avoid-embedding-timestamp phase.
---
gnu/packages/crypto.scm | 5 +++++
1 file changed, 5 insertions(+)

Toggle diff (18 lines)
diff --git a/gnu/packages/crypto.scm b/gnu/packages/crypto.scm
index e98d9634dc..6e4b1331e7 100644
--- a/gnu/packages/crypto.scm
+++ b/gnu/packages/crypto.scm
@@ -398,6 +398,11 @@ (define-public keyutils
            #:phases
            #~(modify-phases %standard-phases
                (delete 'configure)      ; no configure script
+               (add-after 'unpack 'avoid-embedding-timestamp
+                 ;; Do not embed build timestamp
+                 (lambda _
+                   (substitute* "Makefile"
+                     (("shell date") "shell true"))))
                (add-after 'install 'install:static
                  (lambda _
                    (with-directory-excursion #$output
-- 
2.35.1
Download
-----BEGIN PGP SIGNATURE-----

iHUEARYKAB0WIQRlgHNhO/zFx+LkXUXcUY/If5cWqgUCYpfqCwAKCRDcUY/If5cW
qko4AP9A6S6tyEpFwv19HR1KNbDvQ3PJHxmQ7NEdCj8uqu7UQQEApdZnn0Yku6dE
vqJX43CfX6Nhq1YDm6uFRcTseq4wLA0=
=MJyN
-----END PGP SIGNATURE-----

L
L
Ludovic Courtès wrote on 4 Jun 10:39 +0200
Download
(name . Vagrant Cascadian)(address . vagrant@reproducible-builds.org)(address . 55758@debbugs.gnu.org)
87sfokg6ur.fsf@gnu.org
Download
Hi,

Vagrant Cascadian <vagrant@reproducible-builds.org> skribis:

Toggle quote (5 lines)
> Alternately, one could hard-code a specific timestamp (e.g. 2012-04-18),
> or patch it to use the SOURCE_DATE_EPOCH environment variable (which
> might at least be acceptible to submit upstream), although since
> SOURCE_DATE_EPOCH is always 0 in guix, this seems a bit silly to me. :)

Yup. :-)

Toggle quote (8 lines)
> From 36888e9dc33188115142ecde9d31eb3884004940 Mon Sep 17 00:00:00 2001
> From: Vagrant Cascadian <vagrant@reproducible-builds.org>
> Date: Wed, 1 Jun 2022 09:24:00 -0700
> Subject: [PATCH 3/4] gnu: keyutils: Avoid embedding build timestamp.
>
> * gnu/packages/crypto.scm (keyutils)[arguments]: Add
> 'avoid-embedding-timestamp phase.

LGTM, thanks!

Ludo’.
V
V
Vagrant Cascadian wrote on 6 Jun 07:26 +0200
Download
(name . Ludovic Courtès)(address . ludo@gnu.org)(address . 55758-done@debbugs.gnu.org)
87fski4b2r.fsf@contorta
Download
On 2022-06-04, Ludovic Courtès wrote:
Toggle quote (11 lines)
> Vagrant Cascadian <vagrant@reproducible-builds.org> skribis:
>> From 36888e9dc33188115142ecde9d31eb3884004940 Mon Sep 17 00:00:00 2001
>> From: Vagrant Cascadian <vagrant@reproducible-builds.org>
>> Date: Wed, 1 Jun 2022 09:24:00 -0700
>> Subject: [PATCH 3/4] gnu: keyutils: Avoid embedding build timestamp.
>>
>> * gnu/packages/crypto.scm (keyutils)[arguments]: Add
>> 'avoid-embedding-timestamp phase.
>
> LGTM, thanks!

Pushed as 32322d0926313d28276928d81188ee909e464eb0!

live well,
vagrant
Download
-----BEGIN PGP SIGNATURE-----

iHUEARYKAB0WIQRlgHNhO/zFx+LkXUXcUY/If5cWqgUCYp2P7QAKCRDcUY/If5cW
qrSSAP9gNoEDoP3LgI/1nr5Xq8lnAOgBugBJH4pQekvmZCi9AQD+IjwkCe2XH1Jj
+IRem5DMuxcCHh6YIRcvY4t8+oi/Aww=
=LTLL
-----END PGP SIGNATURE-----

Closed
?
Your comment

This issue is archived.

To comment on this conversation send email to 55758@debbugs.gnu.org