Skip to content
Commits on Source (2)
Hide whitespace changes
Inline Side-by-side
2019-07-21-DebConf19/index.html
View file @ 7915edd7
......@@ -71,7 +71,7 @@
float: right;
}
section.title h4 {
section h4 {
font-weight: normal;
font-size: 80%;
}
......@@ -125,121 +125,132 @@
<body>
<div class="reveal">
<div class="slides">
<section class="title" data-background="images/reprobuilds-display.jpeg" data-background-size="50%" data-background-position="50% 15%">
<br>
<br>
<br>
<br>
<br>
<section class="title">
<img src="images/reprobuilds-display.jpeg" style="height: 300px">
<h3>
aiming for <em>bullseye</em>!
Aiming for <em>bullseye!</em>!
</h3>
<br>
<br>
<h4>
Vagrant Cascadian / Chris Lamb / Holger Levsen
</h4>
<br>
<h5>
Vagrant Cascadian &bull; Chris Lamb &bull; Holger Levsen
</h5>
</section>
<!-- outline -->
<section>
<ol>
<li>Introduction</li>
<li>Status update</li>
<li>Status updates</li>
<li>Issues in detail</li>
</ol>
</section>
<!--========================================================= -->
<!-- basic introduction for those in the room not fully familiar with reproducible builds -->
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<h3>Introduction</h3>
<p class="fragment">Reproducible Builds have the purpose to enable anyone to reproduce identical binary packages from a given source.</p>
<section></section><section>
<h1>Introduction</h1>
</section>
<section>
<iframe width="1000px" height="500px" src="https://www.youtube.com/embed/PSxm2DbDHG8"></iframe>
<section data-background="images/800px-Debconf19-horizontal.png" data-background-size="8%" data-background-position="90% 10%">
<p>What are we solving?</p>
<ol>
<li>Ignore the name!</li>
<li>Source code of free software available</li>
<li>&hellip;most people install pre-compiled binaries</li>
<li><strong>We have on idea whether they correspond.</strong></li>
</ol>
</section>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<h3>Project goals</h3>
<p class="fragment">Ensure builds have identical results.</p>
<p class="fragment">We want to change the meaning of ”Free Software”:
It’s only Free Software if it’s reproducible!</p>
<section data-background="images/800px-Debconf19-horizontal.png" data-background-size="8%" data-background-position="90% 10%">
<h3>Enter reproducible builds:</h3>
<ol>
<li>If identical results are always generated from the source&hellip;</li>
<li>&hellip;multiple parties reach consensus on a "correct" build.</li>
</ol>
</section>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<h3>Other talks</h3>
<br>
<p>Bornhack, All Systems Go, All ThingsOpen, OSSE, Hackmit, FreeNode Live, CubaConf, Open Compliance Summit, Linux.conf.au, FOSDEM, Scale, NYLUG, LibrePlanet, Easterhegg, MiniDebConf Curitiba, Foss-North, FLOSSUK, Uni Dakar, Prototype Fund demo day, mentioned in several talks at 3xC3...</p>
<section>
<iframe width="1000px" height="500px" src="https://www.youtube.com/embed/PSxm2DbDHG8"></iframe>
</section>
<!-- review blog posts from past ~30 weeks -->
<!--========================================================= -->
<section></section><section>
<h1>Status updates</h1>
</section>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<section data-background="images/800px-Debconf19-horizontal.png" data-background-size="8%" data-background-position="90% 10%">
<h2>New since DebConf18 Taipei</h2>
</section>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<section data-background-color="white">
<p>We have a logo:</p>
<img class="fragment" src="images/logo.png" width="584">
<p class="fragment">4th Reproducible Builds Summit in Paris</p>
</section>
</section>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<img src="images/sfc.png" width="584">
<p class="fragment">Reproducible Builds is now a Software Freedom Conservancy project</p>
<section data-background-color="white">
<img src="images/sfc.png" width="584">
<p class="fragment">We are now a Conservancy project</p>
</section>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<section data-background="images/800px-Debconf19-horizontal.png" data-background-size="8%" data-background-position="90% 10%">
<p>FIXME: gcc/dpkg-dev foo:</p>
</section>
<!-- stevenc -->
</section>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<section data-background="images/800px-Debconf19-horizontal.png" data-background-size="8%" data-background-position="90% 10%">
<h3>Other projects</h3>
<p class="fragment">Arch Linux at ~80% reproducible packages</p>
<p class="fragment">openSUSE at 93%</p>
<p class="fragment">openSUSE and Arch Linux now included in tests.reproducible-builds.org database</p>
<p class="fragment">(&hellip;)</p>
</section>
<section data-background="images/800px-Debconf19-horizontal.png" data-background-size="8%" data-background-position="90% 10%">
<h3>Other projects (continued)</h3>
<p class="fragment">Alpine being tested since MiniDebConf Hamburg 2019</p>
<p class="fragment">NetBSD and FreeBSD base systems at 100% for the base install</p>
<p class="fragment">Tails 3.3, 3.6.1 &rarr; 100% reproducible ISO images</p>
<p class="fragment">OpenWrt and coreboot images (most targets)<p>
</section>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<section data-background="images/800px-Debconf19-horizontal.png" data-background-size="8%" data-background-position="90% 10%">
<h3>Collaboration is great</h3>
<p>lots of very nice, unexpected results...</p>
<img class="fragment" src="images/reprobuilds-display.jpeg" width=100%">
</section>
<p>Lots of very nice, unexpected results...</p>
<img class="fragment" src="images/reprobuilds-display.jpeg" style="height: 300px">
</section>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<section data-background="images/800px-Debconf19-horizontal.png" data-background-size="8%" data-background-position="90% 10%">
<h3>Debian <em>buster</em></h3>
<p>Packages should build reproducibly added in Debian Policy 4.1.0.0<p>
<p>"Packages should build reproducibly" added in Debian Policy <tt>4.1.0.0</tt><p>
</section>
<!-- h01ger, lamby -->
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<p>Debian installer images</p>
<p class="fragment">Comparing against packages from the archive</p>
<p class="fragment">Lots of progress this year - thanks KiBi!</p>
<p class="fragment">#FIXME, something missing for 10.1</p>
<!-- lamby -->
<section data-background="images/800px-Debconf19-horizontal.png" data-background-size="8%" data-background-position="90% 10%">
<h3>Debian installer images</h3>
<p class="fragment">Lots of progress this year</p>
<p class="fragment"><tt>mtools</tt> (#900409 &amp; #900410)</p>
<p class="fragment"><tt>src: debian-installer</tt> (#900918, #920631, #920676, #926242)</p>
</section>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<!-- holger -->
<section data-background-color="white">
<p>Applied and unapplied patches</p>
<img class="fragment" src="images/stats_bugs_sin_ftbfs_state.png" width="120%">
</section>
</section>
<!--========================================================= -->
<section></section><section>
<h1>Issues in detail</h1>
</section>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<section data-background="images/800px-Debconf19-horizontal.png" data-background-size="8%" data-background-position="90% 10%">
<h3>What (else) is missing?</h3>
</section>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<section data-background="images/800px-Debconf19-horizontal.png" data-background-size="8%" data-background-position="90% 10%">
<p>GCC <code>-fmacro-prefix-map</code></p>
<pre class="fragment">#include &lt;stdio.h&gt;
int main() {
......@@ -257,18 +268,17 @@ int main() {
</pre></div>
</section>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<section data-background="images/800px-Debconf19-horizontal.png" data-background-size="8%" data-background-position="90% 10%">
<h3>macro-prefix-map is upstream but not used by dpkg by default</h3>
<p>so we tag this <em>bullseye-ignore</em> and (hopefully not) <em>bookworm-ignore</em> as well</p>
<p>simple workaround: rebuild in recorded path</p>
<p class="fragment">needs someone to drive $this</p>
<p>We tag this <em>bullseye-ignore</em> and (hopefully not) <em>bookworm-ignore</em> as well</p>
<p>Simple workaround: rebuild in recorded path</p>
<p class="fragment">Needs someone to drive $this</p>
<p class="fragment">FIXME: https://wiki.debian.org/ReproducibleBuilds/GCC-build-path</p>
<p class="fragment">and then this issue (build path variation) also needs to be fixed in other tools </p>
</section>
<p class="fragment">This issue (build path variation) also needs to be fixed in other tools</p>
</section>
<!-- issues in-depth -->
<section class="title">
<section>
<h3>Debian is wrong</h3>
<p>93% is a lie. We need infrastructure, processes and policies. (And testing. Currently we only have testing and a vague goal.)<p>
<p class="fragment">With the upcoming list of bugs we
......@@ -281,85 +291,81 @@ int main() {
But we are not, we can't do this alone.</p>
</section>
<section class="title">
<section>
<h3>The difference between theory and practice</h3>
<p>93% is a lie.</p>
<p class="fragment">54% on March 5th 2019.</p>
<p class="fragment">31% today.</p>
<p class="fragment">We can still improve this, though 24% (6804) of our source packages have not been uploaded nor binNMUed since December 2016.</p>
<p class="fragment">We can still improve this, though 24% (6804) of our source packages have not been uploaded nor binNMUed since December 2016.</p>
<p class="fragment">FIXME: I'm not sure I want to / we should upload &gt;5000 source packages in the next 2 years. So mass binNMUs for the rescue? maybe do those mass uploads to experimental first? contra: more work</p>
</section>
</section>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<section data-background="images/800px-Debconf19-horizontal.png" data-background-size="8%" data-background-position="90% 10%">
<h3>Major blockers, where to help</h3>
<p>#869184<br>sbuild, dput, dpkg: source uploads including <code>_amd64.buildinfo</code> causes problems</p>
<p class="fragment">#894441<br>binNMUs, mtimes and <code>rsync(1)</code> causes problems and binNMUs should be replaced by easy "no-change-except-debian/changelog-uploads"</p>
<p class="fragment">blocker for #900837<br>release.debian.org: Mass-rebuild of packages for reproducible builds"</p>
</section>
</section>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<section data-background="images/800px-Debconf19-horizontal.png" data-background-size="8%" data-background-position="90% 10%">
<h3><code>.buildinfo</code> files</h3>
<p>#862073<br>ftp.debian.org: Please POST .buildinfo files to buildinfo.debian.net</p>
<p class="fragment">#763822<br>ftp.debian.org: please include .buildinfo file in the archive</p>
<p class="fragment">#862538<br>security.debian.org: Please POST .buildinfo files to buildinfo.debian.net</p>
</section>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<section data-background="images/800px-Debconf19-horizontal.png" data-background-size="8%" data-background-position="90% 10%">
<h3><code>.buildinfo</code> files</h3>
<p>buildinfo.debian.net</p>
<p class="fragment">buildinfos.debian.net</p>
</section>
</section>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<section data-background="images/800px-Debconf19-horizontal.png" data-background-size="8%" data-background-position="90% 10%">
<h3><code>.buildinfo</code> files</h3>
<p>buildinfo.debian.net: allows submissions from everyone</p>
<p>buildinfo.debian.net: Allows submissions from everyone (PostgreSQL)</p>
<p class="fragment">buildinfos.debian.net: FTP view with pool structure and build date based</p>
</section>
</section>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<h3><code>.buildinfo</code> files from an unofficial service?</h3>
<p class="fragment">there should be a debian.org machine serving <code>.buildinfo</code> files to the public.</p>
<p class="fragment">since December 2016: 965333 files in total, eg 118195 amd64 related.</p>
<p class="fragment">12 GB files, 4 GB links.</p>
</section>
<section data-background="images/800px-Debconf19-horizontal.png" data-background-size="8%" data-background-position="90% 10%">
<h3><code>.buildinfo</code> files from an unofficial service?</h3>
<p class="fragment">There should be a debian.org machine serving <code>.buildinfo</code> files to the public.</p>
<p class="fragment">Since December 2016: 965,333 files in total, eg 118,195 amd64 related.</p>
<p class="fragment">12 GB files, 4 GB links.</p>
</section>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<h3>user facing interface</h3>
<section data-background="images/800px-Debconf19-horizontal.png" data-background-size="8%" data-background-position="90% 10%">
<h3>User-facing interface</h3>
<p class="fragment">#863622<br> apt: warn when installing packages that are not reproducible</p>
<p class="fragment">that would be great for bullseye, but...</p>
<p class="fragment">the goal should be to not install nor to run unreproducible software.</p>
<p class="fragment">That would be great for bullseye, but...</p>
<p class="fragment">The goal should be to not install nor to run unreproducible software.</p>
<p class="fragment">FIXME wording: in-toto brings this to the next level...(and is about to land in NEW)</p>
</section>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<section data-background="images/800px-Debconf19-horizontal.png" data-background-size="8%" data-background-position="90% 10%">
<h3>tests.reproducible-builds.org</h3>
<p>results saved in common database</p>
<p>json for Debian, openSUSE, Arch Linux, OpenWrt, Alpine</p>
<p class="fragment">shared notes, cross distro links</p>
<p class="fragment">two kinds of tests: CI tests (like we have now) and tests against what's on "ftp.(debian|archlinux|...).org"</p>
</section>
<p>Results saved in common database</p>
<p><tt>.json</tt> for Debian, openSUSE, Arch Linux, OpenWrt, Alpine</p>
<p class="fragment">shared notes, cross distro links</p>
<p class="fragment">Two kinds of tests: CI tests (like we have now) and tests against what's on "ftp.(debian|archlinux|...).org"</p>
</section>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<section data-background="images/800px-Debconf19-horizontal.png" data-background-size="8%" data-background-position="90% 10%">
<h3>Debian <em>stretch</em></h3>
<p>the 'reproducibly in theory but not in practice' release</p>
<p>The "reproducible in theory but not in practice" release</p>
<h3>Debian <em>buster</em></h3>
<p>the 'we could be reproducible but we are not' release</p>
<p>The "we could be reproducible but we are not" release</p>
<h3>Debian <em>bullseye</em></h3>
<p>the 'we are almost there but still haven't sorted out...' release???</p>
<p>The "we are almost there but still haven't sorted out..." release?</p>
</section>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="90% 10%">
<section data-background="images/800px-Debconf19-horizontal.png" data-background-size="8%" data-background-position="90% 10%">
<h3>Debian <em>bullseye</em></h3>
<p>the release is still far away and we haven't frozen yet! :-)</p>
<p><i>Ride like the wind, bullseye</i></p>
<p>The release is still far away and we haven't frozen yet!</p>
<p><em>Ride like the wind, bullseye</em></p>
<img class="fragment" src="images/hc_fdroid_fosdem16-idea.png" width="584">
</section>
<section class="title" data-background="images/800px-Debconf19-horizontal.png" data-background-size="15%" data-background-position="50% 15%">
<section data-background="images/800px-Debconf19-horizontal.png" data-background-size="8%" data-background-position="50% 15%">
<br>
<br>
<br>
......