Reproducible installs
mmdebstrap
The mmdebstrap program creates reproducible chroots if the SOURCE_DATE_EPOCH environment variable is defined.
debuerreotype
The debuerreotype program creates reproducible chroots.
debootstrap
The debootstrap program does not create reproducible chroots out-of-the-box. Commands used:
for n in 1 2 ; do debootstrap --foreign unstable debootstrap-firststage-$n http://httpredir.debian.org/debian/ cp -al debootstrap-firststage-$n debootstrap-secondstage-$n DEBOOTSTRAP_DIR=debootstrap-secondstage-$n/debootstrap debootstrap --second-stage --second-stage-target=debootstrap-secondstage-$n done diffoscope debootstrap-firststage-{1,2}
The first-stage debootstrap for a particular Release file is not reproducible, the debootstrap.log file contains timestamps:
# diff -Naur debootstrap-firststage-{1,2} diff -Naur debootstrap-firststage-1/debootstrap/debootstrap.log debootstrap-firststage-2/debootstrap/debootstrap.log --- debootstrap-firststage-1/debootstrap/debootstrap.log 2014-09-24 10:18:42.472604407 +0800 +++ debootstrap-firststage-2/debootstrap/debootstrap.log 2014-09-24 10:33:57.042221221 +0800 @@ -883,8 +883,8 @@ Setting up tzdata (2014g-1) ... Current default time zone: 'Etc/UTC' -Local time is now: Wed Sep 24 02:16:57 UTC 2014. -Universal Time is now: Wed Sep 24 02:16:57 UTC 2014. +Local time is now: Wed Sep 24 02:32:13 UTC 2014. +Universal Time is now: Wed Sep 24 02:32:13 UTC 2014. Run 'dpkg-reconfigure tzdata' if you wish to change it. Setting up debconf-i18n (1.5.53) ...
The second-stage debootstrap is not reproducible, some files are different:
/etc/machine-id /var/cache/ldconfig/aux-cache /var/cache/man/cs/index.db /var/cache/man/da/index.db /var/cache/man/de/index.db /var/cache/man/es/index.db /var/cache/man/fi/index.db /var/cache/man/fr/index.db /var/cache/man/hu/index.db /var/cache/man/id/index.db /var/cache/man/index.db /var/cache/man/it/index.db /var/cache/man/ja/index.db /var/cache/man/ko/index.db /var/cache/man/nl/index.db /var/cache/man/pl/index.db /var/cache/man/pt/index.db /var/cache/man/pt_BR/index.db /var/cache/man/ru/index.db /var/cache/man/sl/index.db /var/cache/man/sv/index.db /var/cache/man/tr/index.db /var/cache/man/zh_CN/index.db /var/cache/man/zh_TW/index.db /var/log/alternatives.log /var/log/bootstrap.log /var/log/dpkg.log
The machine-id should be set on first boot instead by calling systemd-machine-id-setup
- The dpkg.log and file alternatives.log contain timestamps on each line. If they are stripped then the files are the same.
- The bootstrap.log file contains two timestamps at the beginning. If they are stripped then the file is the same.
man-db databases contain a timestamp (760895). This will be moved into the database file mtime.
debian-live images
See ReproducibleInstalls/LiveImages
debian-cloud images
No testing done yet.
Misc
Running debootstrap against snapshot.debian.org will help reproduce when time has passed.
See Also
?bash script to analyze images