diff options
-rwxr-xr-x | bin/reproducible_build.sh | 2 | ||||
-rwxr-xr-x | etc/pbuilder/rebuild-hooks/D01_hostname | 10 | ||||
-rw-r--r-- | etc/sudoers.d/jenkins | 1 |
3 files changed, 12 insertions, 1 deletions
diff --git a/bin/reproducible_build.sh b/bin/reproducible_build.sh index faa15d59..a17816d4 100755 --- a/bin/reproducible_build.sh +++ b/bin/reproducible_build.sh @@ -130,7 +130,7 @@ else echo "Re-building ${SRCPACKAGE} now." echo "=============================================================================" set -x - timeout 12h nice ionice -c 3 sudo DEB_BUILD_OPTIONS="parallel=$NUM_CPU" LANG="fr_CH.UTF-8" LC_ALL="fr_CH.UTF-8" pbuilder --build --configfile $TMPCFG --debbuildopts "-b" --basetgz /var/cache/pbuilder/base-reproducible.tgz --distribution sid ${SRCPACKAGE}_${EVERSION}.dsc + timeout 12h nice ionice -c 3 sudo DEB_BUILD_OPTIONS="parallel=$NUM_CPU" LANG="fr_CH.UTF-8" LC_ALL="fr_CH.UTF-8" unshare --uts /usr/sbin/pbuilder --build --configfile $TMPCFG --hookdir /etc/pbuilder/rebuild-hooks --debbuildopts "-b" --basetgz /var/cache/pbuilder/base-reproducible.tgz --distribution sid ${SRCPACKAGE}_${EVERSION}.dsc set +x dcmd cp /var/cache/pbuilder/result/${SRCPACKAGE}_${EVERSION}_amd64.changes b2 # and again (see comment 5 lines above) diff --git a/etc/pbuilder/rebuild-hooks/D01_hostname b/etc/pbuilder/rebuild-hooks/D01_hostname new file mode 100755 index 00000000..1bf4c2d2 --- /dev/null +++ b/etc/pbuilder/rebuild-hooks/D01_hostname @@ -0,0 +1,10 @@ +#!/bin/sh + +set -e + +# exit if we are in the same UTS namespace than init +[ "$(readlink /proc/1/ns/uts)" = "$(readlink /proc/self/ns/uts)" ] && exit 0 + +echo "I: Changing hostname to test build reproducibility" >&2 +sed -e '/^127.0.0.1/s/$/ i-capture-the-hostname/' -i /etc/hosts +hostname i-capture-the-hostname diff --git a/etc/sudoers.d/jenkins b/etc/sudoers.d/jenkins index 11713c2e..677e5886 100644 --- a/etc/sudoers.d/jenkins +++ b/etc/sudoers.d/jenkins @@ -30,6 +30,7 @@ jenkins ALL= \ /bin/cp -rv /media/*, \ /bin/chown -R jenkins\:jenkins /var/lib/jenkins/jobs/*,\ SETENV: NOPASSWD: /usr/sbin/pbuilder *, \ + SETENV: NOPASSWD: /usr/bin/unshare /usr/sbin/pbuilder *, \ /bin/mv /var/cache/pbuilder/base*.tgz /var/cache/pbuilder/base*.tgz, \ /bin/rm /var/cache/pbuilder/base*.tgz, \ /bin/rm -v /var/cache/pbuilder/base*.tgz, \ |