On Wed, Nov 27, 2019 at 2:12 PM Chris Murphy <li...@colorremedies.com> wrote: > > On Wed, Nov 27, 2019 at 7:17 AM Pablo Greco <pa...@fliagreco.com.ar> wrote: > > > > I'm starting to work on a project to make Fedora fully reproducible and > > bootstrappable from scratch. > > I know it is a long term plan and still working on the steps, but it would > > be good to know the current status, if there is an internal interest in > > this, if someone is already working (or planning to). > > One small cog in the wheel that affects reproducibility in images is > file systems. There are currently two parts to this when creating > Fedora images: the rootfs is on ext4, and ext4 creation and writes are > non-deterministic; that ext4 is then nested into a squashfs image > using xz. Parallelized xz is non-deterministic, where parallelize zstd > is reproducible, as I understand it. But that should be confirmed. > > The order of work needed: > A. Upstream squashfs needs zstd support merged. There's patches > Fedora's squashfs-tools are carrying that add this support. But it's > probably fair to say this is for testing purposes, because upstream > squashfs may have a different implementation in mind. I'm not sure of > the status of this.
squashfs-tools v4.4 has it included. The project moved to GitHub last year: https://github.com/plougher/squashfs-tools > B. Koji needs to learn about existing support for plain squashfs images in > Lorax > https://pagure.io/koji/issue/1622 > C. Releng needs to update build scripts to create plain squashfs images > https://pagure.io/releng/issue/8646 livecd-tools probably needs that too... > D. Releng needs to decide whether to use zstd instead of xz, and then > koji needs to support it, but before that A. above must happen. > https://pagure.io/releng/issue/8581 > > I floated this idea to the Btrfs list. The discussion explores Btrfs > and alternatives. A Btrfs approach is more work and coordination, flat > out. But also offers more features for free: always on metadata and > data checksumming could obviate the slow monolithic md5 ISO media > checker; simple, consistent, transparent overlay for LiveOS (either > transient in-memory, or persistent on-drive), seed/sprout fast > replication option. All of that support is in-kernel so you don't need > a sophisticated initramfs to do such assembly on the client, or > complicated build system to create such images. There is a lot of > *other* work to get there, but then I think it's a lot saner, less > fragile, and a lot more consumable across distributions. Could that be > mimicked with plain squashfs on dm-verity? Sure. And that's also > mentioned in this thread. > https://lore.kernel.org/linux-btrfs/CAJCQCtTPwQnzwkpk=4zszxfwtc7hymyetxp-9xuu_tsvotw...@mail.gmail.com/ > I'd love to explore using Btrfs for doing it. I have no idea how to get started with that... -- 真実はいつも一つ!/ Always, there's only one truth! _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
