From mboxrd@z Thu Jan  1 00:00:00 1970
X-GM-THRID: 7187242631035879424
X-Received: by 2002:a05:6512:acd:b0:4cc:548b:35f9 with SMTP id n13-20020a0565120acd00b004cc548b35f9mr2311856lfu.192.1673516159440;
        Thu, 12 Jan 2023 01:35:59 -0800 (PST)
X-BeenThere: isar-users@googlegroups.com
Received: by 2002:a05:651c:239f:b0:281:15f8:128c with SMTP id
 bk31-20020a05651c239f00b0028115f8128cls251219ljb.8.-pod-prod-gmail; Thu, 12
 Jan 2023 01:35:58 -0800 (PST)
X-Google-Smtp-Source: AMrXdXuCDYrSq9oSs0y/vcWxFG6fI8BM2jMWvHiJSmsLlquc7/HkboJbjvOXo/aJaEyrPpWrkUn0
X-Received: by 2002:a2e:99d3:0:b0:27a:43d0:1d4c with SMTP id l19-20020a2e99d3000000b0027a43d01d4cmr19414231ljj.35.1673516158041;
        Thu, 12 Jan 2023 01:35:58 -0800 (PST)
ARC-Seal: i=2; a=rsa-sha256; t=1673516158; cv=pass;
        d=google.com; s=arc-20160816;
        b=StPddLVuro3HK9yknvUxNotagLWjd3BaqLTN4tdZRKP0ka3a2hffm+l8OSu0eU7fF0
         12f9AQjRRW2EVktw2BOaNw/wMFSKVTlOKNzfScXaAugYZc/+NCUIWQwB+r+XJ4NZjboV
         VJgvq+EGDe0oazAZPyPJKUilzpVjdnuj54kVEJU9hEqsq4UkXz36YkgywnWK028Jpxj9
         tZsQ7V4z59MdiXnAN+9gpB+p6LDoYHn6C0sRQ74cJtxASg0hiR1V+ynEmjIuMghITb85
         vYqmTldSR/pMqOPcUxmN/VXl244nPlBzncB+QdKiPiKbPT1NRe20+rYRx0psyPrUvq+0
         Knig==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=mime-version:content-transfer-encoding:references:in-reply-to
         :message-id:subject:cc:to:from:date:dkim-signature;
        bh=Nd+U/lz87jbS2w1LFbxVaZVjiqndBggFgYSjaBTZWd0=;
        b=QI3uQBWdOQOAEysLUnCdnPoWOJXuZJlbsfpxXXz+EJ88DOkfwT9QEoSJu2ois//7i4
         ldhGJ1c0EwlblDzOZh6sO1dPwRryuQi3+oEOpaN30KaPrg5eKvul5rMhv0jBWgHP40TD
         enS2gpenHebXdTOHXENfR1hc1vIBrHOw1LMvHnbff/AwNS1ciw5GFtFSVwQYbhvhANW3
         Hx0EkeLoBMntuLQy6uTNj9mMqfOKezvK/xaVdmD0yJxeLxMctypXgjN/wKhr3EDhVdh6
         kRJwN87lhJgZg2kTiwMiSISje3H5iINE0lYCRqzahb8AWuhd00zCQdzX23lbHW56XAkt
         pW7w==
ARC-Authentication-Results: i=2; gmr-mx.google.com;
       dkim=pass header.i=@siemens.com header.s=selector2 header.b=nfRFLs+L;
       arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com);
       spf=pass (google.com: domain of henning.schild@siemens.com designates 40.107.21.57 as permitted sender) smtp.mailfrom=henning.schild@siemens.com;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com
Return-Path: <henning.schild@siemens.com>
Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05on2057.outbound.protection.outlook.com. [40.107.21.57])
        by gmr-mx.google.com with ESMTPS id k9-20020a2ea269000000b0028002e5a082si752810ljm.4.2023.01.12.01.35.57
        for <isar-users@googlegroups.com>
        (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
        Thu, 12 Jan 2023 01:35:57 -0800 (PST)
Received-SPF: pass (google.com: domain of henning.schild@siemens.com designates 40.107.21.57 as permitted sender) client-ip=40.107.21.57;
Authentication-Results: gmr-mx.google.com;
       dkim=pass header.i=@siemens.com header.s=selector2 header.b=nfRFLs+L;
       arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com);
       spf=pass (google.com: domain of henning.schild@siemens.com designates 40.107.21.57 as permitted sender) smtp.mailfrom=henning.schild@siemens.com;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=siemens.com
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=UyqwvCVFf6k5Ytpk6XyJwoUHsp8bFABBrOcx1rBA32FgwHh6vrc0ROm6F7uOyZO2zCaSfwBBXhQJf2CUikdKIJK5RJ/iXuu2jDeAsO/rIOuuckJATu63c5gcyZcsvL87na2MEzi/U8MAQy9QEa0ao6PxV3dqAOxAX1eoFHuvqt78XD9W54QA7ruwsOXp9/mxZQ/qFNLOEqYl4FuFw0ikQUJ84CJCc5q6vF5UwJOc+tsYMepmCLYW7Ic+xrAGPcutK9gmtJcftsMbzU9JfTIpuZgsy/4QtJhA3Wy6NqcbDP6NQoUqWqgbgOQbQjef2k4Bq4rB36G3HIeVlXmyQJ0JVw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=Nd+U/lz87jbS2w1LFbxVaZVjiqndBggFgYSjaBTZWd0=;
 b=e5nmz2/7peF73TZff4rF/SykZsf6A4HfPpsjsrGI9wnjgChypBRqPj+JXXAUbLj8BhmEqS1G2JovtNXe8HPAU+IpUAh0+PkbYJoVIoRp/9XAMChj/ulXh6pUN1/eWejRy8l5L/HYaZVBaptBPaqmSGOlaDp8cIQBKPZdAjDJ8kvjY7B46QWOXdaMDt5ymq1PK3N0zcXzQLS7+UPhRpTTzoMPD127L3o0JCjGzytPLCQHBXiSAQSJGrLzORQGT74wXD3qOIfZ84OgRFozDMPXwgMz6jMVTb1A6C3F50jUfNU2mdVtEVFdLFKcArTUbTjDg6MeTGN/yxD4W7KHeDa15A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com;
 dkim=pass header.d=siemens.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=siemens.com;
 s=selector2;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=Nd+U/lz87jbS2w1LFbxVaZVjiqndBggFgYSjaBTZWd0=;
 b=nfRFLs+LLjBQC7EgdlcyX0AaJFoT5/y1teQMHFZmgaxjyh7dOZerICkNCJROVhGeB0LiFvRGBRYauAQz89OltO/wYWJkAlMQI9piQwxKWsGX/qaD2p7Cs0JSGBoPlHjEttmitCAEoCYtJPrtHJs+0bIBl80MpO6y0ac6yCz85KF7TEZNc5K3tnQfOOXcb92fuMCOxzhArXE4tCFZ2FX1Iij1MnxtN9lgeHJQZesERcUk0CBINvB06JIY+4hgz1UwpeyoeQFPaoUhwcOYyVoUaKBOgUTeHFF1z9QnxNXBn0NRReb3qcdePTHhOspS2DEvbNzIaI5WUqV/Wc/gLpg8UA==
Authentication-Results: dkim=none (message not signed)
 header.d=none;dmarc=none action=none header.from=siemens.com;
Received: from PA4PR10MB5780.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:102:269::8)
 by PAVPR10MB6909.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:102:328::12) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5986.18; Thu, 12 Jan
 2023 09:35:56 +0000
Received: from PA4PR10MB5780.EURPRD10.PROD.OUTLOOK.COM
 ([fe80::bdf0:fdeb:f955:bc79]) by PA4PR10MB5780.EURPRD10.PROD.OUTLOOK.COM
 ([fe80::bdf0:fdeb:f955:bc79%4]) with mapi id 15.20.6002.012; Thu, 12 Jan 2023
 09:35:56 +0000
Date: Thu, 12 Jan 2023 10:35:48 +0100
From: Henning Schild <henning.schild@siemens.com>
To: Felix Moessbauer <felix.moessbauer@siemens.com>
Cc: isar-users@googlegroups.com, jan.kiszka@siemens.com,
 daniel.bovensiepen@siemens.com, venkata.pyla@toshiba-tsip.com
Subject: Re: [PATCH v2 00/10] Make rootfs build reproducible
Message-ID: <20230112103548.47f921d5@md1za8fc.ad001.siemens.net>
In-Reply-To: <20230112055619.843445-1-felix.moessbauer@siemens.com>
References: <20230112055619.843445-1-felix.moessbauer@siemens.com>
X-Mailer: Claws Mail 4.1.0 (GTK 3.24.35; x86_64-pc-linux-gnu)
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-ClientProxiedBy: CH2PR14CA0056.namprd14.prod.outlook.com
 (2603:10b6:610:56::36) To PA4PR10MB5780.EURPRD10.PROD.OUTLOOK.COM
 (2603:10a6:102:269::8)
Return-Path: henning.schild@siemens.com
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: PA4PR10MB5780:EE_|PAVPR10MB6909:EE_
X-MS-Office365-Filtering-Correlation-Id: 3ff1b615-709a-4e2a-3767-08daf48067fa
X-LD-Processed: 38ae3bcd-9579-4fd4-adda-b42e1495d55a,ExtAddr
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info:
	B0+IKrif+DdRILRAeRFgBENJAeGndvsQBRHGiLGCLhdwTYWRh0Brq9ejarV6E80YXYVo2/CYuexOQAl3H7b+EW6wwret26CcnpdFaD2xwNVbly/BnFwNyffNn+axlHw9B67KOVtpG5ng5ZxBIGuQPueW3bSCoAeJ+NASRNSgd0rOpUNfJPrF0u1yJslfg6k09jzAMp1KmOUPxBlbPqDmIjVIKudhfgg3OmWdefzUMVAKu5oGVSe7+9NPwGC8QtZbMzVq/ptCCsPXO9TvdLOLHtatMqtf93XMjDgWfbN1a5e1d93yp47JW3owsY8V7iIjJvk+GoS/IJi0DbEGXB5bWu/J0bB6HF6f5pyj939mtaPapiYuPFqZXfrq6QOHE25lsdRb6bdSyibvMy1OQRxsXOaWu35FYWgSdgKhBNOq4fHfFsNDmAC+dEAz17PkgUsQ8uLB9IymfHpgxI0ViG0F+oBNFdIQDf5gcwjyf/uu0JJNEYFCVZrwsWZg5QoHNi9/9ZNfhZ0ilSRZn+XzR0l38H8qjmZRhmVxD9YOSZdITboTwgcfa6+37O+51TMGRL+mv2AbxaO1PNpf4htZxKZiFJwKxxLHJCzIJeGjQ2RzYIWPQhRzl0vnqmz/EGbRT3i3eaYhiJWtyVzM8qMiKkKDYg==
X-Forefront-Antispam-Report:
	CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PA4PR10MB5780.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230022)(4636009)(39860400002)(366004)(396003)(136003)(376002)(346002)(451199015)(83380400001)(66556008)(8676002)(6862004)(41300700001)(5660300002)(8936002)(4326008)(66476007)(186003)(478600001)(6512007)(26005)(9686003)(6506007)(6636002)(6666004)(82960400001)(38100700002)(66946007)(1076003)(6486002)(316002)(86362001)(44832011)(2906002);DIR:OUT;SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0:
	=?us-ascii?Q?gtKnnc8el9vtCqGXtIBIIY9U+btRUZr1sez940orVhRJHHnRXapEJuXs0r42?=
 =?us-ascii?Q?ZzzcRkPjPqmHoHp5ve/ay0Ap2gBE6+/yZNBYKmR33ha5KFd3z1rip4VJl4UK?=
 =?us-ascii?Q?w9vEXyFXqKVf8SDGevJY30YmxKPcw8RnUsUPB5VGlwgoKLFSP9S1PaXaEoFo?=
 =?us-ascii?Q?RhStBhIsaPV/RNxyxAoWu7ErxguNpxJyvYFl+wLeoqOqymStLL2zYchPkHvQ?=
 =?us-ascii?Q?gVoMx7unvy6zv5ztIuohqBoX8cOae7TuJS/R/JF7QyqhpLZmd0OyLvCcKm2m?=
 =?us-ascii?Q?IMAj7Q1Lz9RpkYDl1NjlNwfksXVAvxqa01Y89ZXWEGdkBxxUmk1os5e4edh2?=
 =?us-ascii?Q?1JG3WKCE3S1+gw1ds7rOQWAHZkgGHzjZXz/7elqg4IF10SHEMZ/aG6jqnkrL?=
 =?us-ascii?Q?sIbbdO5CTmNH7HFNWBZXqHXMj1h/stwtTqvLOa76jr8gkcoruzcH/p7k2/9k?=
 =?us-ascii?Q?KZD/VTe0m7UD1h5qexBKU+bmigrWkVLOc9lfdy4hdp9eDGZmbjOx3fiwjRzc?=
 =?us-ascii?Q?qsClNpWTK3wQmNUtUPnwJIyeQzIbhI4UwWSDHKv54aw73tOp02KYABNJEJAK?=
 =?us-ascii?Q?YnazA46P5EdZQgHDjcr2uW88czSbHKs5bmYFy82VXm8R7Xr2y54OyZe3oST8?=
 =?us-ascii?Q?odjDGOrCwTccFiRtsqglZAFniS6pIALSGpwmGOJHI91/HQWihNJ6oeqV5/k5?=
 =?us-ascii?Q?kJf+cthA+QcOPmjAVxGuMC6yG2XRnpL9Tt3kd05ZL79LWZRCFY6Y0dFduSLZ?=
 =?us-ascii?Q?POw0zVyrH8xkUzHlt6HVKsiVsdGGdiJ0EwgHQzy0OA/Si1VAZUHzoGb/jLXf?=
 =?us-ascii?Q?jvHmhjktzGi3DTu/k9DNNyoti08bZ0zEj0mIfMw7L+R426usWYNF01blb4tR?=
 =?us-ascii?Q?4wCopTPXyZJcVjjVS6hTykKGxGduXWF05hlgNZvdRdR1f2s9L0yGoUOQKwA3?=
 =?us-ascii?Q?UZE+ORbBssx7zv5fpdS15OM0mhr/IX2Go0NpWeBorGXXuIK1cNjCzVUbbI4n?=
 =?us-ascii?Q?RxfBcScOvBngHge0jicXfCrO3+mLrwUXCtqkn8zaNfZ1j5ipiM3o78auM3Jv?=
 =?us-ascii?Q?VFxEu0UTa+laZMY0DlW8eDn3CkT0Dly1Haji7vTl2wGQhPCFBxdy1q9hc381?=
 =?us-ascii?Q?mH9idH2ilhI1oXTNqwkkNHRNr/4baZHUZE4SwiokIQ7WvT0SnQa+w8tSmJeE?=
 =?us-ascii?Q?ZYEJh9QCV+b8hGXnaTdwY50BmaEwB7oX7WVpZKUTn2NRpicjbw5Slywm94Cs?=
 =?us-ascii?Q?ORIBzWAJUubTfwPYt1xslyzd7tLLrVe8JNQE7SF0+LKOq3zoWvCkVWFyLVKA?=
 =?us-ascii?Q?rshWvHofOt7I3G5/mubktBQaHpcx8ifB+AsNezhENvxYriJSUTgTRuwP+w4b?=
 =?us-ascii?Q?zX8x0zb3h4mzTJSilZjo4oSPN316l9UU3mkJAFdC22VIVnVo9JOPJ2yhyi8n?=
 =?us-ascii?Q?UU1i4z1XV/fxSORDBP7Lb0ISobQRifZsF2uFKMP4dOHz9RoLggBZIrvAKzf4?=
 =?us-ascii?Q?+7e++Nf0Co1yi6qyN6kN87s5y1tq2G0MPW1ZPSG9AaCjsAV+08HOt4PBstxZ?=
 =?us-ascii?Q?Hmey5yPb6duduWsFvasQ8Yxgg2P1eTdzgxhHwvLaMTVWQDR1spbwr5CUVVWT?=
 =?us-ascii?Q?Xg=3D=3D?=
X-OriginatorOrg: siemens.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 3ff1b615-709a-4e2a-3767-08daf48067fa
X-MS-Exchange-CrossTenant-AuthSource: PA4PR10MB5780.EURPRD10.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 12 Jan 2023 09:35:56.4726
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 1abe1VsGMz6K5c/OCX4749P8ya3t2B0dvWIOhxGaWXBVfndusySwGdK2W+SReJPZHqdUWkAk81AqFcyFDPXooLjAtZbOa8+t1Y59PHnN0BQ=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PAVPR10MB6909
X-TUID: quKymBd3nret

Good effort, Thanks. I will not review again.

Henning

Am Thu, 12 Jan 2023 05:56:09 +0000
schrieb Felix Moessbauer <felix.moessbauer@siemens.com>:

> This series finally makes the rootfs generation bit-reproducible
> from debian bullseye on. Parts of it have already been sent
> as individual patches. However, image reproducibility can only
> be achived once all parts are reproducible itself. By that,
> these patches are included in this series as well.
> 
> With this series, the following parts are now fully reproducible.
> This has been tested on the isar-image-base target.
> 
> - custom initramfs (creation and updates)
> - debian initramfs (only updates are relevant)
> - custom kernel (debian kernel is reproducible itself)
> - rootfs itself
> - tar file generation (<image>.tar)
> - ext4 generation (only from bookworm on, more tests needed)
> 
> Other parts that are still not reproducible are:
> 
> - WIC (should be solved in OE already)
> - containers (untested yet)
> 
> Changes since v1:
> 
> - dropped patch "deb_add_changelog: use SOURCE_DATE_EPOCH"
> - fixed typo in "generate deterministic clear-text password hash"
> - added comment about why SOURCE_DATE_EPOCH must only be set for
>   image rootfs but not for other rootfs'.
> 
> Best regards,
> Felix Moessbauer
> Siemens AG
> 
> Felix Moessbauer (9):
>   fix rebuild of rootfs_finalize task
>   rootfs postprocess: clean python cache
>   remove non-portable ldconfig aux-cache
>   generate deterministic clear-text password hash
>   update debian initramfs in deterministic mode
>   create custom initramfs in deterministic mode
>   make deb_add_changelog idempotent
>   deb_add_changelog: set timestamp to valid epoch
>   make custom linux-image bit-by-bit reproducible
> 
> venkata pyla (1):
>   image.bbclass: fix non-reproducible file time-stamps inside rootfs
> 
>  meta-isar/conf/local.conf.sample              | 10 ++++++++
>  meta/classes/debianize.bbclass                | 20 +++++++++------
>  meta/classes/image-account-extension.bbclass  | 10 +++++++-
>  meta/classes/image.bbclass                    | 25
> +++++++++++++++++-- meta/classes/initramfs.bbclass                |
> 5 ++++ meta/classes/rootfs.bbclass                   | 13 ++++++++++
>  .../linux/files/debian/isar/build.tmpl        |  1 +
>  .../linux/files/debian/rules.tmpl             | 14 ++++++++++-
>  meta/recipes-kernel/linux/linux-custom.inc    |  2 ++
>  9 files changed, 89 insertions(+), 11 deletions(-)
>