[prev in list] [next in list] [prev in thread] [next in thread]
List: qubes-devel
Subject: Re: [qubes-devel] Deterministic builds for Qubes OS -- the shortcut?
From: HW42 <hw42 () ipsumj ! de>
Date: 2015-12-27 22:54:06
Message-ID: 56806C0E.4050004 () ipsumj ! de
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Manuel Amador (Rudd-O):
> On 12/25/2015 11:03 AM, HW42 wrote:
> >
> >
> > I don't think NixOS makes reproducible build much easier. They have the
> > same problem with timestamps, etc. as any distro.
>
> They actually do not. Their build and package tools explicitly tackle
> this problem.
They also have the problem with timestamps etc. On the one hand one of
the NixOS developers said so in a personal conversation. You can also
convince your self. For example download the last build [0] of
erlang-18.0 and grep the package:
bzcat c0dyawpsa80ja2w91fcjkz075whw0rmx-erlang-18.0 | strings | grep -a '^%% script \
generated'
You see that the build time is included.
[0]: https://hydra.nixos.org/job/nixos/release-15.09/nixpkgs.erlang.x86_64-linux
> >
> > You also need to consider other things when choosing an OS. For example
> > the last time when I checked NixOS (for another problem, and ca. 1.5
> > years ago so might be no longer correct) it had problems with timely
> > security updates.
>
> I'm using the latest NixOS. They seem to have updated fine. I'd like
> to see more evidence of this particular point, though.
>
> >
> > The only point where I think NixOS (and Guix [1] even more) has
> > significant advantages in regards to reproducible builds is automatic
> > complete boostraping of the whole distro.
>
> This is a huge time saver.
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJWgGwOAAoJEOSsySeKZGgW6+gP/2KHSQgEikLVmXuWmFdY98w9
cMOlyaNpGY2qVT0g2frm2x3umzxxU47rmtM7a7WlBIa8fQa0DqE3575/Pzl8A3+Y
T7mJPoYsNrahQ10HQbu8V5HnN1obrnQ7YEJxr8ex+hPxJ7vI4UD0yTDnX28BReb/
pYS1Ay7qYSEURbKHCkIY6Mh7kvK/i992MuQ1eKEUclQm0Cmd3vcsizIxx+Bw/zt4
WANWcHqq92BbYr2dk6B2V4tW8U2t8CWlKsOOjHxhtlO1zhZ/eoIWsov8FyK8upuH
DwCEu6bN67FPH/BkZyDpGCFR+iE3FwjXbwhOir/Ho/DYqFOyF8VB1FQy1fevZYkf
xh7ZEZiGS0oc5j6MgnYd8UjDcHJDrOnz3DPpw+uObZFf1Znv2aTMc7EN9eh59LGp
vKqrHYFDH5aP8Pucu8cYeGVgOn9WzvOKrmh5b0tJO6Xjk8lRAJQSCZ86wyxc47l9
wEnhQcXU0Bebul12qEIq2JxptqAoN+Mn1NtcOS1ojCemsNGkueZTOVQN2gARkd+b
DJn1QZehLBHafn9wjvhvg9/LaHNMN2jam8xdPLjjpGS2RboT+RVZl1TimTkJCIEJ
HPrJJJtotlzTkKVFEcBYgeTaiRMN0+S2/KMfw7ELj6UqKu/RtfiruefN5PJLgsNy
lIoZkMV4jobhYviEFTw0
=yvdf
-----END PGP SIGNATURE-----
--
You received this message because you are subscribed to the Google Groups \
"qubes-devel" group. To unsubscribe from this group and stop receiving emails from \
it, send an email to qubes-devel+unsubscribe@googlegroups.com. To post to this group, \
send email to qubes-devel@googlegroups.com. To view this discussion on the web visit \
https://groups.google.com/d/msgid/qubes-devel/56806C0E.4050004%40ipsumj.de. For more \
options, visit https://groups.google.com/d/optout.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic