Red Hat Bugzilla – Bug 1386662
[RFE] support for cpio --reproducible
Last modified: 2018-04-10 06:07:50 EDT
cloning to RHEL +++ This bug was initially created as a clone of Bug #1254537 +++ Description of problem: The OSTree system uses content-addressed storage, and when initramfs images generated by dracut are in the tree, because the cpio format contains modification and it causes a different checksum every time it's created, so causing the download of the initrd even if not changed from last time. Dracut has already support for --reproducible and it is used whenever it is supported by cpio. Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. cpio --help | grep reproducible Actual results: no support for --reproducible Expected results: --reproducible is supported Additional info: The backport of the upstream patch: commit 3945f9db44c935608caa5f084fd7f67ae59ee9e1 Author: Sergey Poznyakoff <gray@gnu.org.ua> Date: Mon Dec 1 15:02:38 2014 +0200 New options to create device and inode-independent archives. * src/util.c (inode_val): New member trans_inode (find_inode_val): New function. (find_inode_file): Rewrite using the above. (add_inode): Initialize the trans_inode member depending on the value of renumber_inodes_option. (get_inode_and_dev): New function. (stat_to_cpio): Use get_inode_and_dev. (arf_stores_inode_p): New function. * src/extern.h (renumber_inodes_option) (ignore_devno_option): New externs. * src/global.c (renumber_inodes_option) (ignore_devno_option): New variables. * src/main.c: Add new options. * NEWS: Document changes. * doc/cpio.1: Document new options. * doc/cpio.texi: Likewise. is required --- Additional comment from Ondrej Vasik on 2015-08-18 09:35:04 EDT --- It is 5 years since the cpio-2.11 was released. I think it would be better to ask upstream to release cpio-2.12 - this might be good excuse for it. Backport is of course doable (although almost all hunks fail when applying directly) - but there are more useful commits in cpio upstream in the last 5 years (and we backported just a few). Pavel, will you ask Sergey there? --- Additional comment from Giuseppe Scrivano on 2015-08-20 05:35:50 EDT --- Good idea. I have sent some patches to bug-cpio@gnu.org (still didn't appear in the archives) to get the latest version built on Fedora 22 and get "make check" to pass. --- Additional comment from Giuseppe Scrivano on 2015-08-26 09:37:25 EDT --- now they are on the archives: https://lists.gnu.org/archive/html/bug-cpio/2015-08/msg00000.html --- Additional comment from Giuseppe Scrivano on 2015-09-13 06:24:29 EDT --- cpio 2.12 that was released on the 12th of September contains --reproducible: http://lists.gnu.org/archive/html/bug-cpio/2015-09/msg00004.html
As Ondřej originally said (when we talked about this in Fedora), the patch doesn't apply now (though probably doable). And I don't think it is worth doing a rebase in RHEL7. Giuseppe, do we know about existing back-port attempts?
Pavel, no I don't know of any attempt to rebase that patch on top of rhel-7.3. The patch itself should not be very difficult to backport, the conflicts in the code part seem quite straightforward to solve (but I have no really tried to see if they hide something else). Some conflicts in the src/ directory can be solved backporting this additional patch before: commit 4c7d4359d2dc58126e4e7c6e3dd7cc196322ef28 Author: Sergey Poznyakoff <gray@gnu.org.ua> Date: Thu Jul 22 11:34:56 2010 +0300 Provide a tar-like --directory (-D) option. before: commit 3945f9db44c935608caa5f084fd7f67ae59ee9e1 Author: Sergey Poznyakoff <gray@gnu.org.ua> Date: Mon Dec 1 15:02:38 2014 +0200 New options to create device and inode-independent archives.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2018:0693