Reproducible builds enable anyone to reproduce bit by bit identical binary packages from a given source, so that anyone can verify that a given binary derived from the source it was said to be derived. There is more information about reproducible builds on the Debian wiki and on https://reproducible-builds.org. These pages explain in more depth why this is useful, what common issues exist and which workarounds and solutions are known.
Reproducible FreeBSD is an effort to apply this to FreeBSD. Thus FreeBSD is build twice, with a few variations added and then the resulting filesystems from the two builds are put into a compressed tar archive, which is finally compared using diffoscope. Please note that the toolchain is not varied at all as the rebuild happens on exactly the same system. More variations are expected to be seen in the wild.
There is a weekly run jenkins job to test the
master branch of freebsd.git. The jenkins job is running reproducible_freebsd.sh, which via ssh triggers a build on a FreeBSD 11.2 system and this script is solely responsible for creating this page. Feel invited to join
#reproducible-builds (on irc.oftc.net) to request job runs whenever sensible. Patches and other feedback are very much appreciated - if you want to help, please start by looking at the ToDo list for FreeBSD, you might find something easy to contribute.
Thanks to Profitbricks for donating the virtual machines this is running on!
0 (0%) out of 0 FreeBSD files were reproducible in our test setup . These tests were last run on 2019-03-14 for the branch master at commit 4ac89986f using diffoscope 113.
|variation||first build||second build|
|hostname||osuosl-build169-amd64 or osuosl-build170-amd64||the other one|
|domainname||is not yet varied between rebuilds of FreeBSD.|
|env LC_ALL||not set||LC_ALL="fr_CH.UTF-8"|
|env PATH||is not yet varied between rebuilds of FreeBSD.|
|env USER||is not yet varied between rebuilds of FreeBSD.|
|uid||is not yet varied between rebuilds of FreeBSD.|
|gid||is not yet varied between rebuilds of FreeBSD.|
|FreeBSD kernel version||is not yet varied between rebuilds of FreeBSD.|
|umask||is not yet varied between rebuilds of FreeBSD.|
|CPU type||AMD Opteron 62xx class CPU||same for both builds|
|/bin/sh||is not yet varied between rebuilds of FreeBSD.|
|year, month, date||osuosl-build171-amd64: today (2019-03-14) or osuosl-build172-amd64: 398 days in the future (2020-04-15)||the other one|
|year, month, date||today (2019-03-14)||the 2nd build is done with the build node set 1 year, 1 month and 1 day in the future|
|hour, minute||hour and minute will vary between two builds||additionally the "future build" also runs 6h and 23min ahead|
|filesystem of the build directory||ufs||same for both builds|
|everything else...||is likely the same. There will be more variations in the wild.|
|Artifacts for |
|freebsd_master_git4ac89986f failed to build from source.|
commit 4ac89986fbfe79dbcf5b6529246c21b87976a8c2 Author: glebius
Date: Thu Mar 14 22:52:16 2019 +0000 PFIL_MEMPTR for ipfw link level hook With new pfil(9) KPI it is possible to pass a void pointer with length instead of mbuf pointer to a packet filter. Until this commit no filters supported that, so pfil run through a shim function pfil_fake_mbuf(). Now the ipfw(4) hook named "default-link", that is instantiated when net.link.ether.ipfw sysctl is on, supports processing pointer/length packets natively. - ip_fw_args now has union for either mbuf or void *, and if flags have non-zero length, then we use the void *. - through ipfw_chk() we handle mem/mbuf cases differently. - ether_header goes away from args. It is ipfw_chk() responsibility to do parsing of Ethernet header. - ipfw_log() now uses different bpf APIs to log packets. Although ipfw_chk() is now capable to process pointer/length packets, this commit adds support for the link level hook only, see ipfw_check_frame(). Potentially the IP processing hook ipfw_check_packet() can be improved too, but that requires more changes since the hook supports more complex actions: NAT, divert, etc. Reviewed by: ae Differential Revision: https://reviews.freebsd.org/D19357