[rb-general] Different checksum for libgcrypt20
lamby at debian.org
Fri Jul 12 20:35:30 UTC 2019
Hi Matt et al,,
Morten is entirely correct when he says:
> None of these (pbuild and sbuild) recreate the environment with a BUILDINFO file
> necessary to recreate the hash.
Indeed — at the very least one needs the .buildinfo to ensure you are
exporting the same value for SOURCE_DATE_EPOCH  but also to ensure the
same versions of the build-dependencies and other such things. Here is an
random Debian .buildinfo file so you get the rough idea .
> All of my builds have been on VM's – maybe this package requires a
> "bare metal" build host?
(Just a brief/further clarification in that this should not be a factor.)
If you have no luck with making an identical package after using
the .buildinfo, my next step would be then to dig out diffoscope to
determine what the *actual* difference is between the specimen package
and your locally-built one.
Hope that helps...
: :' : Chris Lamb
`. `'` lamby at debian.org 🍥 chris-lamb.co.uk
More information about the rb-general