[rb-general] Reproducible system images
liw at liw.fi
Sun Dec 15 08:12:49 UTC 2019
One of my hobby projects is vmdb2 (https://vmdb2.liw.fi/), which
creates disk images with Debian installed. I was wondering whether it
would be possible to generate system images reproducibly.
A quick experiment with debootstrap, which creates the initial
directory tree from with my software produces the disk image, isn't
reproducible. The main difference is the etc/machine-id file is
generates, which contains randomly generated content. The other
differences are log files, cache files, and file mtime timestamps. All
of those would be possible to work on to make them reproducible.
vmdb2 could make machine-id be all zeroes, which would mean a new id
gets generated upon first boot, and written to the file. I'm not
entirely sure of the security and other implications this has.
What do others on the list think? Is reproducible system images a goal
I want to build worthwhile things that might last. --joeyh
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: not available
More information about the rb-general