| Message ID | 20240304103716.1100116-2-Adithya.Balakumar@toshiba-tsip.com |
|---|---|
| State | Superseded, archived |
| Headers | show |
| Series | Fix reproducibility of /etc/shadow file when image built on different days | expand |
On 3/4/24 11:37 AM, Adithya Balakumar wrote: > The third field in the /etc/shadow file (sp_lstchg) contains the date of > the last password change expressed as the number of days since Jan 1, > 1970. The sp_lstchg value changes when the images are built on > different days making the image not reproducible. > > Exporting the SOURCE_DATE_EPOCH variable ensures that sp_lstchg value is > set with respect to the SOURCE_DATE_EPOCH value while debootstrap creates > the minimal rootfile system. > > Signed-off-by: Adithya Balakumar <Adithya.Balakumar@toshiba-tsip.com> > --- > meta/recipes-core/isar-bootstrap/isar-bootstrap.inc | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc b/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc > index 3477c2fb..89746e85 100644 > --- a/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc > +++ b/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc > @@ -292,6 +292,10 @@ do_bootstrap() { > sudo rm -rf --one-file-system "${ROOTFSDIR}" > deb_dl_dir_import "${ROOTFSDIR}" "${BOOTSTRAP_BASE_DISTRO}-${BASE_DISTRO_CODENAME}" > > + if [ ! -z "${SOURCE_DATE_EPOCH}" ]; then ' ! -z ' is the same as ' -n ' . Quirin > + export SOURCE_DATE_EPOCH="${SOURCE_DATE_EPOCH}" > + fi > + > sudo -E -s <<'EOSUDO' > set -e > if [ "${BOOTSTRAP_FOR_HOST}" = "0" ]; then
Thanks Quirin, Will update it in v2. Thanks and Regards, Adithya Balakumar -----Original Message----- From: Gylstorff Quirin <quirin.gylstorff@siemens.com> Sent: Monday, March 4, 2024 9:36 PM To: balakumar adithya(TSIP TEUR) <Adithya.Balakumar@toshiba-tsip.com>; isar-users@googlegroups.com; amikan@ilbers.de Cc: jan.kiszka@siemens.com; hayashi kazuhiro(林 和宏 DME ○DIG□MPS○MP4) <kazuhiro3.hayashi@toshiba.co.jp>; dinesh kumar(TSIP TMIEC ODG Porting) <dinesh.kumar@toshiba-tsip.com>; kunijadar shivanand(TSIP TMIEC ODG Porting) <Shivanand.Kunijadar@toshiba-tsip.com>; ashrith sai(TSIP) <Sai.Sathujoda@toshiba-tsip.com> Subject: Re: [PATCH 1/2] isar-bootstrap.inc: Export SOURCE_DATE_EPOCH variable On 3/4/24 11:37 AM, Adithya Balakumar wrote: > The third field in the /etc/shadow file (sp_lstchg) contains the date > of the last password change expressed as the number of days since Jan > 1, 1970. The sp_lstchg value changes when the images are built on > different days making the image not reproducible. > > Exporting the SOURCE_DATE_EPOCH variable ensures that sp_lstchg value > is set with respect to the SOURCE_DATE_EPOCH value while debootstrap > creates the minimal rootfile system. > > Signed-off-by: Adithya Balakumar <Adithya.Balakumar@toshiba-tsip.com> > --- > meta/recipes-core/isar-bootstrap/isar-bootstrap.inc | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc > b/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc > index 3477c2fb..89746e85 100644 > --- a/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc > +++ b/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc > @@ -292,6 +292,10 @@ do_bootstrap() { > sudo rm -rf --one-file-system "${ROOTFSDIR}" > deb_dl_dir_import "${ROOTFSDIR}" "${BOOTSTRAP_BASE_DISTRO}-${BASE_DISTRO_CODENAME}" > > + if [ ! -z "${SOURCE_DATE_EPOCH}" ]; then ' ! -z ' is the same as ' -n ' . Quirin > + export SOURCE_DATE_EPOCH="${SOURCE_DATE_EPOCH}" > + fi > + > sudo -E -s <<'EOSUDO' > set -e > if [ "${BOOTSTRAP_FOR_HOST}" = "0" ]; then
diff --git a/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc b/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc index 3477c2fb..89746e85 100644 --- a/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc +++ b/meta/recipes-core/isar-bootstrap/isar-bootstrap.inc @@ -292,6 +292,10 @@ do_bootstrap() { sudo rm -rf --one-file-system "${ROOTFSDIR}" deb_dl_dir_import "${ROOTFSDIR}" "${BOOTSTRAP_BASE_DISTRO}-${BASE_DISTRO_CODENAME}" + if [ ! -z "${SOURCE_DATE_EPOCH}" ]; then + export SOURCE_DATE_EPOCH="${SOURCE_DATE_EPOCH}" + fi + sudo -E -s <<'EOSUDO' set -e if [ "${BOOTSTRAP_FOR_HOST}" = "0" ]; then
The third field in the /etc/shadow file (sp_lstchg) contains the date of the last password change expressed as the number of days since Jan 1, 1970. The sp_lstchg value changes when the images are built on different days making the image not reproducible. Exporting the SOURCE_DATE_EPOCH variable ensures that sp_lstchg value is set with respect to the SOURCE_DATE_EPOCH value while debootstrap creates the minimal rootfile system. Signed-off-by: Adithya Balakumar <Adithya.Balakumar@toshiba-tsip.com> --- meta/recipes-core/isar-bootstrap/isar-bootstrap.inc | 4 ++++ 1 file changed, 4 insertions(+)