On Tue, 01/14 15:45, Daniel P. Berrange wrote: > On Tue, Jan 14, 2014 at 04:19:41PM +0100, Paolo Bonzini wrote: > > Il 14/01/2014 15:47, Richard Henderson ha scritto: > > >>>> +echo "CONFIG_STAMP=`date +%s`_$$_$RANDOM" >> $config_host_mak > > >>> >> > > >>> >> I really really don't like random numbers that make for > > >>> >> non-repeatable builds. > > >>> >> It's a quality-assurance nightmare. > > >> > > > >> > Can you elaborate this, please? > > > Build systems like we use at Red Hat want to be able to produce > > > bit-for-bit > > > identical binaries when given the exact same input. Using random numbers > > > during the build process prevents that. > > > > I totally agree, but AIUI people wanted the symbol to be something that > > you couldn't know in advance (e.g. when compiling an out-of-tree > > module). For some definition of "couldn't" and "in advance". > > You can't stop a determined person. The goal is really just to make sure > they have to jump through painful hoops if they're going to delibrately > ignore our policy that this is not for 3rd party out of tree modules to > use. > > When doing RHEL / Fedora builds, we *do* want this to change each time > the RPM is rebuilt for a new release. eg any time we add a new patch > to the RPM we want it to change, but if you're just rebuilding an > src.rpm without making changes we don't need it to be different. > > You could use a sha256 sum of 'configure content + version + pkgversion' > to get something that'd change each time distros did a formal new build, > but would still allow reproducible builds.
This sounds like a nice solution, I'll adopt. Thanks. Fam
