Episode Details

This week on BSDNow, Allan and I are in Tokyo for AsiaBSDCon, but not to worry, we have a full episode lined up and ready to go. Hackathon reports

This episode was brought to you by

href="http://www.digitalocean.com/" title="DigitalOcean"> href="http://www.tarsnap.com/bsdnow" title="Tarsnap">

Headlines

OpenBSD A2k17 hackathon reports

• a2k17 hackathon report: Patrick Wildt on the arm64 port
• a2k17 hackathon report: Antoine Jacoutot on syspatch, rc.d improvements and more
• a2k17 hackathon report: Martin Pieuchot on NET_LOCK and much more
• a2k17 hackathon report: Kenneth Westerback on the hidden wonders of the build system, the network stack and more
• a2k17 hackathon report: Bob Beck on LibreSSL progress and more ***

NetBSD is now reproducible

• Christos Zoulas posts to the NetBSD blog that he has completed his project to make fully reproducible NetBSD builds for amd64 and sparc64

I have been working on and off for almost a year trying to get reproducible builds (the same source tree always builds an identical cdrom) on NetBSD. I did not think at the time it would take as long or be so difficult, so I did not keep a log of all the changes I needed to make. I was also not the only one working on this. Other NetBSD developers have been making improvements for the past 6 years. I would like to acknowledge the NetBSD build system (aka build.sh) which is a fully portable cross-build system. This build system has given us a head-start in the reproducible builds work.

I would also like to acknowledge the work done by the Debian folks who have provided a platform to run, test and analyze reproducible builds. Special mention to the diffoscope tool that gives an excellent overview of what's different between binary files, by finding out what they are (and if they are containers what they contain) and then running the appropriate formatter and diff program to show what's different for each file.

Finally other developers who have started, motivated and did a lot of work getting us here like Joerg Sonnenberger and Thomas Klausner for their work on reproducible builds, and Todd Vierling and Luke Mewburn for their work on build.sh.

• Some of the stumbling blocks that were overcome:
  • Timestamps
  • Date/time/author embedded in source files
  • Timezone sensitive code
  • Directory order / build order
  • Non-sanitized data stored in files
  • Symbolic links / paths
  • General tool inconsistencies: including gcc profiling, the fact that GPT partition tables, are by definition, globally unique each time they are created, and the iso9660 standard calls for a timestamp with a timezone.
  • Toolchain
  • Build information / tunables / environment. NetBSD now has a knob ‘MKREPRO’, if set to YES it sets a long list of variables to a consistent set of a values.
• The post walks through how these problems where solves
• Future Work: