SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
If on current and a package is built from source shouldn't the binaries be identical to what's installed? I was surprised when a package with only three core libraries (using ldd) was a different size than the installed binary. Mine was 104 bytes larger. I may have to use objdump to determine what's different. I was thinking maybe a couple or few bytes for timestamps or something but not 104.
I'm not super worried, more curious, so don't anybody freak.
If you're curious about reproducible builds here's debian's ambitious project.
Pat updates -current by rebuilding a few packages at a time. Obviously, that means that most of the packages in -current weren't built against the current snapshot.
No, because the official package may not have been built in -current.
Ah, right. Turns out that I am making some debug binaries so they're all going to be different. But I think reproducible builds are a really good idea anyway.
I think calling it "reproducible builds" is a bit misleading. I would call it an audit. And they are capturing enough of a fingerprint so that hopefully the build system can be fully recreated where a package was built on. They are not saying that the packages must be built 100% identically in each stable release, but I could have missed it. But reproducible builds would be a nice side-effect.
Audits are good, but I don't think it should be required of distributions to track this much detail, nor to rebuild the entire package set prior to a stable release. I do think much fear of not knowing all the details can go away based on how you trust your tool-chain. I don't think that simply automating this into the packaging system really is going to gain much.
I think calling it "reproducible builds" is a bit misleading.
Not at all. You may not be understanding their project. There's a presentation by one of the devs from a linux conference that's excellent. It makes it very clear. Worth watching and was very well liked by the audience which doesn't happen that often with techies.
There was a lot of applause.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.