On Fri, Sep 23, 2011 at 1:40 AM, Andy Grover <agrover@xxxxxxxxxx> wrote: > On 09/22/2011 03:46 AM, Jerome Martin wrote: >> On Thu, Sep 22, 2011 at 6:58 AM, Andy Grover <agrover@xxxxxxxxxx> wrote: >> >>> Basically, RPM assumes an upstream download URL. If this is possible for >>> you to provide then it would make life a little easier. If not, then at >>> least please use gzip -n option for the archive. This will ensure all >>> tar.gzs of the same version are byte-for-byte identical. >> >> That should ensure that 'make release' always produce tarballs with the same >> md5sum for a given version. That required however much more than just gzip -n: >> >> * Now forcing gzip -n to compress the release tarball. >> * Forcing gzip compression level to 6. >> * Setting the timestamp for all files in the archive to the last commit's one. >> * Feeding a sorted list of files to tar. >> * Forcing numeric UIDs in tarball and original owner/group to be uid 0. >> * Forcing gnu archive format. >> * Forcing blocking factor. >> * Forcing name quoting style. >> * Preserve git archive original permissions. >> >> My tests on various sytems - using different user IDs and umasks, different >> versions of tar and gzip, pulled and cloned repositories - all >> produces identical >> release tarballs now according to md5sum. > > I had no idea it would be so tricky! Now we now and have part of the recipe. However I suspect that this is still not 100% bulletproof: selinux permissions, extended attributes would make the tarball different, and tar options to ignore those are not (yet?) present on all systems I tested with. -- Jérôme Martin -- To unsubscribe from this list: send the line "unsubscribe target-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
