Bug ID 1217973
Summary warewulf: non-deterministic cpio files
Classification openSUSE
Product openSUSE Tumbleweed
Version Current
Hardware Other
OS Other
Status NEW
Severity Normal
Priority P5 - None
Component Other
Assignee eich@suse.com
Reporter bwiedemann@suse.com
QA Contact qa-bugs@suse.de
CC cgoll@suse.com
Blocks 1134568
Target Milestone ---
Found By ---
Blocker --- 

While working on reproducible builds for openSUSE, I found that
our warewulf package varies in every build.

8 cpio files in /var/lib/warewulf/initramfs/x86_64/ vary every time:
base
capabilities/provision-adhoc
capabilities/provision-files
capabilities/provision-selinux
capabilities/provision-vnfs
capabilities/setup-filesystems
capabilities/setup-ipmi
capabilities/transport-http

Here is a partial PoC patch that helped to produce bit-reproducible results:

--- a/provision/initramfs/capabilities/transport-http/Makefile.am
+++ b/provision/initramfs/capabilities/transport-http/Makefile.am
@@ -16,7 +16,7 @@ rootfs:
        done

 capability.cpio: rootfs
-       cd rootfs/; find . | cpio -o -H newc -F ../capability.cpio
+       cd rootfs/; find . | xargs touch -d @1690848000 ; find . | sort | cpio
-o -H newc --reproducible -F ../capability.cpio

 install-data-local: capability.cpio
        install -d -m 755
$(DESTDIR)/$(WAREWULF_STATEDIR)/warewulf/initramfs/$(MACHINE)/capabilities



I'm not sure if the mtimes of files in the cpio files matter.
The source tar is from 2018, so not sure if upstream would be interested in
this.

You are receiving this mail because: