[Nix-dev] Deterministic(bit-perfect) Builds
Vladimír Čunát
vcunat at gmail.com
Tue Jun 25 10:57:06 CEST 2013
On 06/25/2013 10:45 AM, phreedom at yandex.ru wrote:
> This is what I have achieved so far:
Sounds nice.
Wouldn't it be more certain/universal to LD_PRELOAD or something to
achieve that the system time always looks the same to any build-time
tool? (e.g. UNIX time =0)
> Unstripped binaries: may be contaminated by "build-id". Can be avoided either
> by passing ld --build-id=none param or careful stripping. Needs testing.
> Luckily this is a very small subset of packages.
I looked at "man ld" and I think we rather want --build-id=sha1 as it's
explicitly stated that the ID is uniquely determined by the output.
Vlada
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3251 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.science.uu.nl/pipermail/nix-dev/attachments/20130625/bde83e6f/attachment.bin
More information about the nix-dev
mailing list