From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 7342481464494129152 X-Forwarded-Encrypted: i=3; AJvYcCWugW4XzsambvecLs8JVTScsXxV0XlmrSIsddn4kMYehL3azZkOmlzaGYtY6k7LaLt53N8wZbFdVj8QenrXzL3+Mo3yRwWzhQLObXA= X-Received: by 2002:a05:6a00:27a0:b0:6e4:69b0:c37c with SMTP id bd32-20020a056a0027a000b006e469b0c37cmr9769702pfb.9.1709562617842; Mon, 04 Mar 2024 06:30:17 -0800 (PST) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a05:6a00:1885:b0:6e5:912f:64a9 with SMTP id x5-20020a056a00188500b006e5912f64a9ls2160400pfh.0.-pod-prod-01-us; Mon, 04 Mar 2024 06:30:16 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCXnVp3GRd9yZ6dfq4GT2skNgJbMwAhd2mOKKTm+ZDtvIiczMRbk4uCKUyBQKMJdpzzCLGoZGXn3tBB2GirDHUt9INtTgGpx2RkZoBU= X-Google-Smtp-Source: AGHT+IHHbhBMMoDeBI83HZ5YjC4nYxXiXU20PBjF5UJwpxIGWaP7xvMcUik6vVumj5MPq4PrAkGm X-Received: by 2002:a17:902:db08:b0:1dd:a34:7321 with SMTP id m8-20020a170902db0800b001dd0a347321mr4044387plx.25.1709562616493; Mon, 04 Mar 2024 06:30:16 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1709562616; cv=pass; d=google.com; s=arc-20160816; b=t4UkoLWmi9x1Z11lLUcHZL6unrkovFKcvvxYpV/pfxt2Ut2dPyCpIO3f7jqVu+unZF VqYnpidRGPUCS8PJ5qFzxwCk2Iq1Ckv31elf2OK9To4DzkVoCFjbyxw5V67jJeaof3gS BjeIorFHg7sDOIc4twA4loTYGdVWZAqM+WT7wkx5hJalwBYAuDAr76aunf9K3Erqa40g rF77TgARpetdd7vkTIzB0OzTCohj/Ne2n1IPbp7RdXmh8Fd6NKZ2LmEbeX6LL1V3Kg26 4grbAncj/S3287Y9kQE0XVFjwRIstT30AOaiaeeAGN2jKvlXQ3SIwby1mr93j/50uf08 B3qA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=mime-version:content-transfer-encoding:in-reply-to:from:references :cc:to:content-language:subject:user-agent:date:message-id :dkim-signature; bh=lsWJUKbPqaZ5QbGj9/jZhOHbHo5rP4mykzNQngwocZg=; fh=mwygKMS9yPM5s7bvh9zZmmqvDoVV93juq33R+Oig2T4=; b=PVyCMXnkykw8WtssUUnqolZyuLW8WN3JfFmVdo2wh/wvI1Qj49sHB4KdZ7IipjMJY5 zaNSrYWqyqDIbRwKm9OZDg2P2nQ7Zs1WKNLUq59q9jNg4WE3CSpIrrQpF2pZvZ9NVjPT AOnF/S2jKNg4X/l8ZF/Tq7nD4OVvcj0o6Y71ARNl+4LCU6YokIhFUSI1YgQtC8h6EdUk UV1hp627oFSaNf4/5Yr7XrCH36BqFX+2cJbHbdFwNDPnAfteczA87h9s+cfDZMNBST/s TRWNZGyR/52qwORfLruIlaQl4deXrjMHtV67DVHovp9hxDMW1TDDbuWkc25/NNxZfIOm ux+g==; dara=google.com ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=LNirAt2G; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of jan.kiszka@siemens.com designates 2a01:111:f400:fe1e::621 as permitted sender) smtp.mailfrom=jan.kiszka@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com Return-Path: Received: from EUR01-HE1-obe.outbound.protection.outlook.com (mail-he1eur01on0621.outbound.protection.outlook.com. [2a01:111:f400:fe1e::621]) by gmr-mx.google.com with ESMTPS id o19-20020a170903211300b001d8e76e7179si704048ple.3.2024.03.04.06.30.16 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 04 Mar 2024 06:30:16 -0800 (PST) Received-SPF: pass (google.com: domain of jan.kiszka@siemens.com designates 2a01:111:f400:fe1e::621 as permitted sender) client-ip=2a01:111:f400:fe1e::621; Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@siemens.com header.s=selector2 header.b=LNirAt2G; arc=pass (i=1 spf=pass spfdomain=siemens.com dkim=pass dkdomain=siemens.com dmarc=pass fromdomain=siemens.com); spf=pass (google.com: domain of jan.kiszka@siemens.com designates 2a01:111:f400:fe1e::621 as permitted sender) smtp.mailfrom=jan.kiszka@siemens.com; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=siemens.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=MumIDPuJbhAQSs0QiDivVJE8K7JcNMRi+OtDinrHDkSx0JuR1qONyI2nWx/SpT6NbaaqIll9AneQBLgy90P1MjF7M1iQCrzIt/AVge4/HNWMdWwd050oKvjoZJXrepvjTZOYzOWPI4vfWqtKE0ytUOlJHLVFLTQpTSVxmbldVTxKvYId/2JGkUjhc+N0HMt5TOoUy073GUEm1Dqx3JinbA7dHc21+TXxwdCIvE+9zG2S6/+J2RFL5VQbsvygD9EiEvDeidr/jo18jE8BEXb+ZZv1VSH4sfFjpNyfoh/O/kTfh+OVHeJWSwpVvdXglfV9QLOQkmPqXdzigsKdd7TjZA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=lsWJUKbPqaZ5QbGj9/jZhOHbHo5rP4mykzNQngwocZg=; b=oKOnP4qClFfkbnwW0oiocc3MjB0yf1I1l7pJPuNwNlyfcfAdF3aFMV2ziC5P3Go/KJaMgVfV30AK4tcvzHfXhCsyr8PBvYlRCdR2ta/j5iwl9lpJSXJKuCfwJdrhKl5YMvTFlBCaZ/J8x20RgI6jlhjR63x+VPbzsqd2GMq/TC76zkTXCb+HG9DLtgarnJQNneXwkcFXAINe0/rwkKFw8bVjD4eZzB6bjRbplpt2I9YviTEg1OUILdI6G5NhMwhRToIdA7mKxHjjdrWdOHRu4BchAol9Zkr3So8oXS9SfPRD7+dW0VxRt20Cp6IRzJ9kpO1qX2EQQ1uoIqQzyXD85A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=siemens.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=lsWJUKbPqaZ5QbGj9/jZhOHbHo5rP4mykzNQngwocZg=; b=LNirAt2GLyQ7bpNyUwTp69Jxsbn8O4BXfAkAIrNzuRxp7TWBOtSctpmXArGvfyWBZEDgQZNBY+2gPiar1OyR5ttPg7/5rWA59hacRoxrxHCS92SQTg0jsVeo/VubizpMhWj6X2XgzqL+MNGjzViUHfiCXWewo/AZe1Xh/vntXO8ghAm8uHvqrVvtQ67wjP1uIK3A7CjQTjs6gaEZpeeaDHT4y1mI+a/0Ixjl+nUfw/PsoZZV5TXdZ4IXoQi7RwPhYpEXU9dCVXr9VFV50SUw5UaGWJFeObeWstPxmDAqjbGCcZfFjSGmrIkEwcK61d6LOVeaZ9qhD6kDfG1wp5OPgw== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=siemens.com; Received: from AS4PR10MB6181.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:20b:588::19) by PAVPR10MB7515.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:102:2f6::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7339.34; Mon, 4 Mar 2024 14:30:13 +0000 Received: from AS4PR10MB6181.EURPRD10.PROD.OUTLOOK.COM ([fe80::8d16:7fbb:4964:94fe]) by AS4PR10MB6181.EURPRD10.PROD.OUTLOOK.COM ([fe80::8d16:7fbb:4964:94fe%3]) with mapi id 15.20.7339.035; Mon, 4 Mar 2024 14:30:13 +0000 Message-ID: <49459d60-af0c-4c2c-bd65-d3cb2771c0c8@siemens.com> Date: Mon, 4 Mar 2024 15:30:11 +0100 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH 0/2] Fix reproducibility of /etc/shadow file when image built on different days Content-Language: en-US To: Adithya Balakumar , isar-users@googlegroups.com, amikan@ilbers.de Cc: kazuhiro3.hayashi@toshiba.co.jp, dinesh.kumar@toshiba-tsip.com, shivanand.kunijadar@toshiba-tsip.com, sai.sathujoda@toshiba-tsip.com References: <20240304103716.1100116-1-Adithya.Balakumar@toshiba-tsip.com> From: Jan Kiszka In-Reply-To: <20240304103716.1100116-1-Adithya.Balakumar@toshiba-tsip.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-ClientProxiedBy: FRYP281CA0009.DEUP281.PROD.OUTLOOK.COM (2603:10a6:d10::19) To AS4PR10MB6181.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:20b:588::19) Return-Path: jan.kiszka@siemens.com MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: AS4PR10MB6181:EE_|PAVPR10MB7515:EE_ X-MS-Office365-Filtering-Correlation-Id: 6572252d-90a5-40bf-a4f7-08dc3c579a71 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: tGLB/VoV7OOArcm6zR6zCSavrgsohtRGFrLhqoqxAjGIYCfkkQvNCvqqJkWvzJPRQTR2C02GouZgHqdvwlJTsYqC6ZW5pcs6cGoE6JPf9IUIvRp1tUAFWGmVM78SEEagRaCJn8DxkdjJzZ425QVPn+DTRpjOgSUl0qc2RXjlTXZVN6NNpOGfU/7wAZEWVdX78yURcmDu662wV8WsldNdTy7lDBOPmPsnZ/CVieKS+iDbAnU8U5BM/d+8NKTnAJUhVzfQFJdNyPr47jZw/KWPKl9Ezws5jrFQohyhcoVgUtOzquClPAtxQBjZT1lrM0f+yar1kFbd9hD6Zn251OUyp9wIJFnA+fjM9w+yc6pJhWljOodipK8REasA/7W441MH6nNEznCg/xtxbRzJ2V9VnA8TNJd4zWPlws6DEB/1Fa/zd+hSHQg09OW/WjoIhBp18ENpKsCSJBPKh5A5PdWXb1+wgBaDeXWbw7qg7q9VPyEKir86Yvx246XO7DnZ/ipbnjrf4ocSs34PwUg2L7cUXMrn9wm9ttfnu1L46e4vXQ+bbdpvQYDkWY8ovp4cVWyctTbhgkmchjv8+ikPF6qqB04IlD43I+x7tLE8GxSoOPY7Mb5MYeHyb0y7LS7EU1Ps7AZjHJspUqq8t+CzLlBt6UVrumpcaf5NnaQLYB8QZVg= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:AS4PR10MB6181.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(13230031)(376005);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?Sy8xbHp1aWZkWnhONncvZTJXdndET0VWVHUwMG5Yby9uNjVQSS9aYkdJdWxs?= =?utf-8?B?ai9PRkt5UnZnK2R1Rk9zNkZuL3c5dWM4aklBV0ZXd3RNRnlxUHJsQ0s0TnMx?= =?utf-8?B?SHRSSUowbkl3ekxudUNZaFJVcCtzUHFpVE9xN3RYRzlLRHNzKy9RQTladXd6?= =?utf-8?B?cWdLYkk0WlVpU0o5OUs0ZzQ1RGhQVjJmY3owb0dvZm55V2RsV3RvLzZ1TGky?= =?utf-8?B?RzU2MlV2eEY5S2lmOUljd0UxWS9YaTYxMUZuVmpxUFNyUENMMUtCa1A5VENr?= =?utf-8?B?L2FjNUpFVlk0c0o4Yi9oQjk0SXNLeTl0RjZWelhENmJMRVppRkpTd2YzMC9x?= =?utf-8?B?dWhCUVM1azFaVUZjZTVhekU2eno0VTlhTzc0RmwySHdsejA4SFQ4RUxmNGJ3?= =?utf-8?B?QUxldi9iSVVNbC8xcG9iZjJKcWYwQll2dGowL1p6Q1M4RmhlbHNtVDZIcVJT?= =?utf-8?B?YW1YR3ArUytJRmI0dXNGWXNVQ2NHU0NyRlJCTGFaditzTlRCa2hGRU8rRlVU?= =?utf-8?B?VVR4aVNqNHFHR0tRaE03RTk1OG5adGt3T3lQczN1cVJuWHdQT0xCcDBKYWpY?= =?utf-8?B?eWZnSnFtNW9peFV4RURybTNpTGlLR2tDbDNVdlBhN1Z3ck5PMjdHSWVjVFdR?= =?utf-8?B?ZFhVdjhyb09KMmdRNnEzSDNBdmV4QXp1M2Q1Qmp6aXZ1TUZJVzFZR2NxaUg3?= =?utf-8?B?SGVxcU1KVStSeERheGRkVWNnVW9GZnhTdGRFRDBnNHVmZjlzeW83dmJFbWhl?= =?utf-8?B?MWJHNXNNTTJUSmRscGFOeEhsL2h6ejhOUEFMc09RcG9WdytaK1k3ZGxQZjRC?= =?utf-8?B?VlQwcVZSZXpPQ2JFWVJ5Tm41bi8zczEzeXhBRU5KN1dzai9qSE80RVZuZlV6?= =?utf-8?B?VTRRK092aTlSaDVFNkV1ZE8yOXU2TFFQU1d6ZXBBMXlabGVtVFhJZ1VEcXNl?= =?utf-8?B?a3NNSXFPSWZoM3dPUXd3cFFBUEgydXVNb25DQWlYQUU2YWVWWkJvNldueE00?= =?utf-8?B?Q3lOT2dXWDAxcCs3bi9UV3FFVkk1R2tLQ05vRlU2K2NsVWZxK21VY3dWSkNQ?= =?utf-8?B?K0xaaXZLMXFaUG1xL0ZrcUpDalkxTUVhclRLVFV5WE1LVEZ5bm9RSEFRMFhw?= =?utf-8?B?ekJ6d0NtTUR3M1dNdTRma3IwcUJIZExGWk5aaUwvWEdocEVHNGtmaEd6SHQ0?= =?utf-8?B?R3N4TzQwL0w0cHB1ZEJoeUhlRTM3eXJrNVk5ZE5ieGQ3cFltQVVjKzRKWTU0?= =?utf-8?B?OWF2citBMFo3NVk2U2xyV0s1K2U0ekVRRkY2WlFkNmtTY1ZMd2pxS1JWUnJS?= =?utf-8?B?VlMxVG1vV3dwbVRlWWttL3Ezc1ZjY01yS0wvWGlXZlFCRmxWUTdwT3RXOFcv?= =?utf-8?B?NjFmRGlCZk5mWWVNdFRZYmFUVjVycDhjOE9QejRQRU54VzRJaGREcjF4Rmlw?= =?utf-8?B?b043MENMM1RZb09RNTNRWC9PTUVuaGU5SVlMc2FPSDBGS0tnZzlKQW9BV0hU?= =?utf-8?B?V2pUeVZ3eWF0STFCckNvZUIxYzhHNHFGdDNNV0QzQmRDd3FDSlBkN2dhSGJE?= =?utf-8?B?UmVTUUd3U3ZvSUFZR3hpYWJ0R1NhQVRJOXRMdHBWeUF4NENJZnMvVlZBMTN3?= =?utf-8?B?bFErWjlRZVFzSE5JQXAvY2UvRi9qNzJvMG8wb2k1aERReXFmKzdyZDBONFpq?= =?utf-8?B?S2lVeElaMG1Wb3BUZm5jWkZmcWRsVUlpNm5qWVdualpQTFdsb2tlYWYrUjl3?= =?utf-8?B?MUl6VFdFaytQMzI4YXVrMHlOUTR2OFpSUTczN1ZRV1NxNUZaUHF4T3R5Nkxm?= =?utf-8?B?Z2Roa2k4aUNuaExWeTYyY0tVZERzblNqUnAwd256YlZmOU1hZkVLS3NsaVFl?= =?utf-8?B?d0FUWW1kcXpEK2RjZytyN0VNYVo0eGl1OVdmNG5ZKzRqNE1RcFFPMS9NQ2Nl?= =?utf-8?B?SlRTUXlWWWlXb05zZFR5ZWVzbE0vOEYyZ2t2TmxORnlHNzlqV29STy9wVkxB?= =?utf-8?B?TTR4ZlJpQ2ttZ3dObjVXOUNRaklVbzNJMXRsM1MvZld1ZTBBT0ZSVmxwZjlE?= =?utf-8?B?RXE1SGN5WjlNU1dGTUlvbnpKai9XS3lwS25mSzF6cFBPWHlKRkRjdmg0MjdU?= =?utf-8?B?OWNkQ1FrUSt4Nk5mUnhsdnptNlpJR3JGaUR2RDNBNlB5NEUrcVdnRm9zNW9N?= =?utf-8?B?aXc9PQ==?= X-OriginatorOrg: siemens.com X-MS-Exchange-CrossTenant-Network-Message-Id: 6572252d-90a5-40bf-a4f7-08dc3c579a71 X-MS-Exchange-CrossTenant-AuthSource: AS4PR10MB6181.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 04 Mar 2024 14:30:13.1439 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 0UUQPQ5SOznm7ooWR9/FnaOeqf8khCYVNIOr/zQU2l6jDFOlS/i3Yq7TFxiVrNdtZH7CBbni3YRawR/yBpw8GQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PAVPR10MB7515 X-TUID: LSBH3aYf9wwO On 04.03.24 11:37, Adithya Balakumar wrote: > The third field in the /etc/shadow file (sp_lstchg) contains the date of > the last password change expressed as the number of days since Jan 1, 1970. > As this is a relative time, creating a user today will result in: > > username:17238:0:99999:7::: > whilst creating the same user tomorrow will result in: > > username:17239:0:99999:7::: > > This impacts reproducibility of images when built on different days. > > Since /etc/shadow honours SOURCE_DATE_EPOCH, this patchset makes the > SOURCE_DATE_EPOCH variable available when the /etc/shadow file is > created/modified. > Yeah, this is what I learned the hard way these days as well while trying to make the kas container images bit-identical reproducible. Jan -- Siemens AG, Technology Linux Expert Center