reproducible builds: keyutils: avoid embedding timestamp

  • Done
  • quality assurance status badge
Details
2 participants
  • Ludovic Courtès
  • Vagrant Cascadian
Owner
unassigned
Submitted by
Vagrant Cascadian
Severity
normal
V
V
Vagrant Cascadian wrote on 2 Jun 2022 00:36
(address . guix-patches@gnu.org)
877d60au45.fsf@contorta
This completely removes a timestamp from the build of keyutils,
following the recommendation of:


"Timestamps are best avoided"

Alternately, one could hard-code a specific timestamp (e.g. 2012-04-18),
or patch it to use the SOURCE_DATE_EPOCH environment variable (which
might at least be acceptible to submit upstream), although since
SOURCE_DATE_EPOCH is always 0 in guix, this seems a bit silly to me. :)


live well,
vagrant
From 36888e9dc33188115142ecde9d31eb3884004940 Mon Sep 17 00:00:00 2001
From: Vagrant Cascadian <vagrant@reproducible-builds.org>
Date: Wed, 1 Jun 2022 09:24:00 -0700
Subject: [PATCH 3/4] gnu: keyutils: Avoid embedding build timestamp.

* gnu/packages/crypto.scm (keyutils)[arguments]: Add
'avoid-embedding-timestamp phase.
---
gnu/packages/crypto.scm | 5 +++++
1 file changed, 5 insertions(+)

Toggle diff (18 lines)
diff --git a/gnu/packages/crypto.scm b/gnu/packages/crypto.scm
index e98d9634dc..6e4b1331e7 100644
--- a/gnu/packages/crypto.scm
+++ b/gnu/packages/crypto.scm
@@ -398,6 +398,11 @@ (define-public keyutils
#:phases
#~(modify-phases %standard-phases
(delete 'configure) ; no configure script
+ (add-after 'unpack 'avoid-embedding-timestamp
+ ;; Do not embed build timestamp
+ (lambda _
+ (substitute* "Makefile"
+ (("shell date") "shell true"))))
(add-after 'install 'install:static
(lambda _
(with-directory-excursion #$output
--
2.35.1
-----BEGIN PGP SIGNATURE-----

iHUEARYKAB0WIQRlgHNhO/zFx+LkXUXcUY/If5cWqgUCYpfqCwAKCRDcUY/If5cW
qko4AP9A6S6tyEpFwv19HR1KNbDvQ3PJHxmQ7NEdCj8uqu7UQQEApdZnn0Yku6dE
vqJX43CfX6Nhq1YDm6uFRcTseq4wLA0=
=MJyN
-----END PGP SIGNATURE-----

L
L
Ludovic Courtès wrote on 4 Jun 2022 10:39
(name . Vagrant Cascadian)(address . vagrant@reproducible-builds.org)(address . 55758@debbugs.gnu.org)
87sfokg6ur.fsf@gnu.org
Hi,

Vagrant Cascadian <vagrant@reproducible-builds.org> skribis:

Toggle quote (5 lines)
> Alternately, one could hard-code a specific timestamp (e.g. 2012-04-18),
> or patch it to use the SOURCE_DATE_EPOCH environment variable (which
> might at least be acceptible to submit upstream), although since
> SOURCE_DATE_EPOCH is always 0 in guix, this seems a bit silly to me. :)

Yup. :-)

Toggle quote (8 lines)
> From 36888e9dc33188115142ecde9d31eb3884004940 Mon Sep 17 00:00:00 2001
> From: Vagrant Cascadian <vagrant@reproducible-builds.org>
> Date: Wed, 1 Jun 2022 09:24:00 -0700
> Subject: [PATCH 3/4] gnu: keyutils: Avoid embedding build timestamp.
>
> * gnu/packages/crypto.scm (keyutils)[arguments]: Add
> 'avoid-embedding-timestamp phase.

LGTM, thanks!

Ludo’.
V
V
Vagrant Cascadian wrote on 6 Jun 2022 07:26
(name . Ludovic Courtès)(address . ludo@gnu.org)(address . 55758-done@debbugs.gnu.org)
87fski4b2r.fsf@contorta
On 2022-06-04, Ludovic Courtès wrote:
Toggle quote (11 lines)
> Vagrant Cascadian <vagrant@reproducible-builds.org> skribis:
>> From 36888e9dc33188115142ecde9d31eb3884004940 Mon Sep 17 00:00:00 2001
>> From: Vagrant Cascadian <vagrant@reproducible-builds.org>
>> Date: Wed, 1 Jun 2022 09:24:00 -0700
>> Subject: [PATCH 3/4] gnu: keyutils: Avoid embedding build timestamp.
>>
>> * gnu/packages/crypto.scm (keyutils)[arguments]: Add
>> 'avoid-embedding-timestamp phase.
>
> LGTM, thanks!

Pushed as 32322d0926313d28276928d81188ee909e464eb0!

live well,
vagrant
-----BEGIN PGP SIGNATURE-----

iHUEARYKAB0WIQRlgHNhO/zFx+LkXUXcUY/If5cWqgUCYp2P7QAKCRDcUY/If5cW
qrSSAP9gNoEDoP3LgI/1nr5Xq8lnAOgBugBJH4pQekvmZCi9AQD+IjwkCe2XH1Jj
+IRem5DMuxcCHh6YIRcvY4t8+oi/Aww=
=LTLL
-----END PGP SIGNATURE-----

Closed
?
Your comment

This issue is archived.

To comment on this conversation send an email to 55758@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 55758
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch