Ninth status update about reproducible live-build ISO images in Jenkins

Roland Clobus rclobus at
Sun Apr 24 09:35:50 UTC 2022

Hello lists,

here is the ninth update of the status for reproducible live-build ISO 
images [1].

Reproducible status:
* Changed: All major desktops build reproducibly with bullseye, bookworm 
and sid ...
** ... including Cinnamon on bookworm and sid, but at a small 
functionality cost [9][PS1]
* Number of patches in the live-build script that are not yet in sid:
** smallest-build: 0 GNOME: 1 [6] KDE: 1 [6] Cinnamon: 4 [6][7][8][10]

New and changed:
* Finished: a stand-alone script to rebuild a live-build image [3]
** This includes a freshly built debian-installer
** Updated the Wiki page [1]
** Jenkins calls this script instead of having a long Jenkins script [2]
** Many jobs are red for the moment, due to a d-i issue [12]
** This solves the question of recording the configuration used by 
live-build, because the config is determined by a timestamp
* A meeting is scheduled to discuss further progress regarding openQA

* Under review: use openQA to walk through every single boot menu entry [4]
** This will test the functionality of the reproducible ISO images, and 
helps to find issues early
*** e.g. kernel module mismatch in the Debian Installer
*** Fixed an issue with UEFI and safe boot [5]

Patch available but not released yet:
* libxmlb2: Used a pointer address (%p) for a hash value [6]
* texlive-base: Reported differences in the generated ls-R [7]
* texlive-binaries: Randomness in .fmt files due to Lua hash seeds [8]
* texlive-binaries: updmap creates a logfile with the timestamps of 
files that it just has generated [10]

Future plans/ideas:
* Reprotest might be used instead of just 2 builds without a short time 
frame, to capture more variations
* Use disorderfs
* Long term: When live-build images are working fine, the work could be 
extended to other images, e.g. the netinst images or perhaps even Docker 
* Transfer the special features of the (now disabled) live-wrapper live 
images to live-build
* Start building official live-images again [11]

With kind regards,
Roland Clobus

[10] Unreported, patch is in [9]

[PS1] 14 words will be incorrectly abbreviated
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the rb-general mailing list