[Git][reproducible-builds/reproducible-website][master] hamburg2023: Add notes about the images and filesystems session

[Evangelos Ribeiro Tzaras (@devrtz)]

Evangelos Ribeiro Tzaras pushed to branch master at Reproducible Builds / reproducible-website


Commits:
0bdabb87 by Evangelos Ribeiro Tzaras at 2023-11-02T14:17:58+01:00
hamburg2023: Add notes about the images and filesystems session

The session took place on 2023-11-02 in the morning.

- - - - -


1 changed file:

- + _events/hamburg2023/images-filesystems.md


Changes:

=====================================
_events/hamburg2023/images-filesystems.md
=====================================
@@ -0,0 +1,61 @@
+
+# Filesystem/Container images meeting
+
+https://reproducible-builds.org/docs/system-images/
+
+## Filesystems
+
+- ext4 reproducibility
+  mkfs.ext4 is not reproducible
+  (because allocation of the inodes is undefined)
+  make_ext4fs works, but is unmaintained
+- ext4 creation time ends up in headers
+- UUIDs need to be seeded
+- there is patches on rb ML + setting the env up
+  allows making ext4 reproducible (with mkfs.ext4?)
+- read-only filesystems (squashfs, erofs)
+- btrfs?
+
+## How to reproduce a full image
+
+- need a snapshot service (containing package versions)
+- need to record sufficient information
+  every single package (in the correct version)
+  config, version for tools used,
+  generate manifest or read from original images
+- order of packages in dpkg database
+  apparently there is a flag to tell apt to (re)order
+- same kernel
+  
+
+## Random problems/ideas
+- Upgrading a single package on a given image
+  (using a ro FS)
+  can scramble the image quiet a bit
+  (probably time stamp issues?)
+- initrd (timestamps or ordering issues)
+  dracut: more likely to work with SDE
+  mkinitcpio/mkinitramfs: ?
+- website: mention "magic" variables
+- package installation needs to be reproducible
+  - exim4 postinst puts hostnames into some config
+- Packages.xz get cached (and rebuilt on Debian)
+- /etc/apt/sources.list would be different when using a snapshot service)
+- /etc/passwd /etc/shadow order
+- dependency on host kernel through 
+  /proc, /dev, FS code, (fs related) kernel config options
+  may need to built images in a VM with a fixed kernel ?!
+- mkfs.* can introduce dependency on the host system
+- pycache differences (*.pyc files)
+  Debian does not ship bytecode,
+  other distros do
+  and stripping them down would slow things down
+- Priority: important/optional ?!
+  this actually comes from the source package
+  (so no idea how/why this could change)
+- diffoscope can be told to exclude timestamps
+
+
+## Container
+container images are just tarballs (something something OSI image)
+(note: we didn't talk about container images too much)



View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-website/-/commit/0bdabb87e541cd0373cc9dc0b8e0706a299f26d4

-- 
View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-website/-/commit/0bdabb87e541cd0373cc9dc0b8e0706a299f26d4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.reproducible-builds.org/pipermail/rb-commits/attachments/20231102/07ded128/attachment.htm>