On Sat, Mar 12, 2022 at 01:21:24PM +0100, Marc Haber wrote: > > unpredictable or non-deterministic allocation of such ids is a cause of non- > > reproducibiliy for Debian images and installations, so us reproducible folks > > would like to see "sensible" to be expanded to take reproducible builds into > > account. > So we should go (in Policy) more towards "dynamic global UIDs and GIDs > which may post additional load towards the base-passwd maintainers?
I guess so, yes. :/
> Or would it be enough for reproducible images if adduser would finally
> implement #243929, making it possible to pre-determine UIDs before an
> image is built?
for reproducible images it would be 'enough' but I believe this would also shift
the burden of the work to each and every image designer, so in a way this feels
like a workaround with the main purpose of removing load from base-passwd
maintenance while putting load on everyone else forever :/
Roland Clobus has put a lot of work & thoughts into reproducible images, so I've
added him to cc: now, so he can comment on this aspect of #1006912.
--
cheers,
Holger
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ holger@(debian|reproducible-builds|layer-acht).org
⢿⡄⠘⠷⠚⠋⠀ OpenPGP: B8BF54137B09D35CF026FE9D 091AB856069AAA1C
⠈⠳⣄
Smart things make us dumb.
signature.asc
Description: PGP signature
