Re: Reproducible build: linux-libre kernel

[Leo Famulari]

On Wed, Mar 30, 2016 at 01:16:13PM +0100, address@hidden wrote:
> Hello!
> 
> I noticed that the linux-libre package we have is not a reproducible build
> using the command: guix build linux-libre --check --no-substitutes
> 
> I did a bit of research into this these posts and blogs were helpful, as
> well as the mempo project:
> * <https://lwn.net/Articles/437864/>
> * <https://abraithwaite.net/2014/08/11/deterministic-kernel-builds/>
> * 
> <https://github.com/rfree/mempo-kernel/blob/master/kernel-build/linux-mempo/build.sh#L95>
> 
> So I've added these tweaks, performed the build twice and it seems to be
> reproducible now! Would anyone like to test it and see if they do get the
> same build? (On x86_64)

Wow, thanks for taking this on! I'm testing it now... it might take a
little while.

>    (let* ((version "4.5")
>           (build-phase
>            '(lambda* (#:key system inputs #:allow-other-keys #:rest args)
> +             ;; Tuning for a reproducible build
> +             (setenv "KCONFIG_NOTIMESTAMP" "1")
> +             (setenv "KBUILD_BUILD_TIMESTAMP" "0")

For these timestamps, can you set them to value of the environment
variable SOURCE_DATE_EPOCH? [0] If you search the package tree you will
find a few examples. This variable is set automatically in the build
environment.

> +             (setenv "KBUILD_BUILD_USER" "guix")
> +             (setenv "KBUILD_BUILD_HOST" "guix")

Can you say if there is a canonical user name for this sort of thing, as
with SOURCE_DATE_EPOCH for dates? The site in [0] could be a good
resource. There is also the 'notes' git repo used to catalogue
reproducibility problems and solutions [1].


[0]
https://reproducible-builds.org/specs/source-date-epoch/

[1]
https://anonscm.debian.org/cgit/reproducible/notes.git