[guardian-dev] deterministic, repeatable build of LilDebi
Michael Rogers
michael at briarproject.org
Wed Apr 16 15:45:20 EDT 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 14/04/14 01:51, Hans of Guardian wrote:
> I ran this on Ubuntu/precise/amd64 and Debian/wheezy/amd64 using
> openjdk-7, the most recent Android SDK (updated a weekish ago) and
> NDK r9d.
I ran the previous build on Debian/squeeze/i386 - I'm now running
Debian/wheezy/i386, and I've upgraded to openjdk-7 and the latest
Android SDK and NDK.
> assets/debootstrap.tar
>
> Hmm, this would take some troubleshooting. Its unpacking the
> Debian package and repacking it, so it should be deterministic. I
> use vbindiff and bsdiff to check what the differences are. Perhaps
> different versions of GNU tar?
The difference was due to permissions inside the tar file; adding
- --same-permissions to the tar command on line 36 of
external/debootstrap/Makefile solved the problem.
> assets/busybox
>
> This is built with the NDK, so NDK differences would come into play
> here.
This still differs, I guess because I'm building on i386.
Unfortunately I don't have a 64-bit machine to test on - do you have a
32-bit machine, or is it possible to run a 32-bit VM on a 64-bit
> classes.dex
>
> Until I switched both machines to use openjdk-7, this file was
> different for me. I'm using 7u51-2.4.4-0ubuntu0.12.04.2 and
> 7u25-2.3.10-1~deb7u1
This no longer differs now I've switched to openjdk-7.
Cheers,
Michael
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQEcBAEBCAAGBQJTTt3QAAoJEBEET9GfxSfMFBAH/jIbH2rovWvNYyLsYXUn0xg2
b86S335rNZuqRHyjV7OUSYd6qP4bh0YlN5YKmpZfKQrsJmJPle+C/lyy7D8Fin7A
n8BbQvfuVYqwpMiUB+aUcxBTu1Jk8g106J/AgDDcsPJ2G5aLC8bgGK3RFJon2mW8
OyxPazGi+tFG0Z0rWbAqVjD9rQUJBZsK9dGoISHvndzDnx6zfem/0n+VDfGdlebX
znE67aTZxnFr1Q16EvRmwfE9/b0PgqtwCgU6oW9zqyBPjlxyoxS5L8/bTc7u5Zj0
Er5DnALIqRec839t2dMCnAl/nxgYsYQ1j2kqxWnxvS11Y9HtsFBJ59gcQv5y4Rc=
=MomG
-----END PGP SIGNATURE-----
More information about the Guardian-dev
mailing list