Monthly status update about reproducible live-build ISO images

Roland Clobus rclobus at rclobus.nl
Sun Oct 30 09:51:05 UTC 2022


Hello lists,

here is the 14th update of the status for reproducible live-build ISO 
images [1].

Single line summary: The live images stayed reproducible.

Reproducible status:
* All major desktops build reproducibly with bullseye, bookworm and sid
* Number of patches performed by the live-build script that are not yet 
in sid: zero! (0)

My activities in October:
* Further testing of the live images in openQA, many tests are now green
* The live images are also tested for UEFI secure boot (in addition to 
BIOS and non-secure UEFI)
* The live images are also tests as USB-drive (in addition to CD-ROM boot)
* Some comments in tickets for the snapshot.notset.fr service [10][11]
* I've sent a private mail regarding the live image generation by 
official Debian hardware, more to follow next month

Work to be done:
* Review the results of the generated ISO images in my local openQA instance
* Add a test for the Calamares installer in openQA
* Use a no-network scenario in openQA to test for 100% offline installation
* Live images are not generated officially by Debian yet
** Needs some changes in 'live-setup'
** This will be the next main target
* Adjusting the content of the live-build image
** Make the boot menu more similar to the live-wrapper menu
** Add a 'persistent' option (as seen in Kali)
** Keep the accessibility improvements made in the live-wrapper boot menu
** Verify the package lists
*** e.g. the Debian Reference is installed for es and it, but not en

Unchanged, but low priority due to [7], patch available but not released 
yet:
* texlive-base: Reported differences in the generated ls-R [2]
* texlive-binaries: Randomness in .fmt files due to Lua hash seeds [3]
* texlive-binaries: updmap creates a logfile with the timestamps of 
files that it just has generated [4]

Future plans/ideas:
* Reprotest might be used instead of just 2 builds without a short time 
frame, to capture more variations
* Use disorderfs
* Transfer the special features of the (now disabled) live-wrapper live 
images to live-build
* Start building official live-images again [6][8]

With kind regards,
Roland Clobus

[1] https://wiki.debian.org/ReproducibleInstalls/LiveImages
[2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003449
[3] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009196
[4] 
https://salsa.debian.org/live-team/live-build/-/commit/f1a98e4da62c3551f523553c6e23774aaf5e41b4
[6] https://lists.debian.org/debian-live/2022/03/msg00012.html
[7] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006472
[8] infinote://gobby.debian.org/debconf22/bof/debian-installer
[9] https://lists.debian.org/debian-devel/2022/09/msg00199.html
[10] https://github.com/fepitre/debian-snapshot/issues/14
[11] https://github.com/fepitre/debian-snapshot/issues/15
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.reproducible-builds.org/pipermail/rb-general/attachments/20221030/55fe325a/attachment.sig>


More information about the rb-general mailing list