diff mbox series

[2/3] image_types: make tar images more reproducible

Message ID 20240919162500.2642940-2-danismostlikely@gmail.com
State New
Headers show
Series [1/3] python3-pip: keep pip program name | expand

Commit Message

Dan McGregor Sept. 19, 2024, 4:24 p.m. UTC 
From: Dan McGregor <dan.mcgregor@usask.ca>

Use tar-native from our build system. GNU tar changed its behaviour
starting with version 1.35. It no longer stores device numbers for
regular, non-device files. Since some supported host distributions
still use 1.34, rely on tar-native for consistency.

Strip atime and ctime from tar archives, they're not necessary and
can change from invocation to invocation. Eliminate them from the
tar output as suggested in the tar 1.35 documentation[1].

[1] https://www.gnu.org/software/tar/manual/html_node/Reproducibility.html

Signed-off-by: Dan McGregor <dan.mcgregor@usask.ca>
---
 meta/classes-recipe/image_types.bbclass | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)
diff mbox series

Patch

diff --git a/meta/classes-recipe/image_types.bbclass b/meta/classes-recipe/image_types.bbclass
index b230add3141..87d6effc6cf 100644
--- a/meta/classes-recipe/image_types.bbclass
+++ b/meta/classes-recipe/image_types.bbclass
@@ -145,7 +145,7 @@  IMAGE_CMD:vfat = "oe_mkvfatfs ${EXTRA_IMAGECMD}"
 
 IMAGE_CMD_TAR ?= "tar"
 # ignore return code 1 "file changed as we read it" as other tasks(e.g. do_image_wic) may be hardlinking rootfs
-IMAGE_CMD:tar = "${IMAGE_CMD_TAR} --sort=name --format=posix --numeric-owner -cf ${IMGDEPLOYDIR}/${IMAGE_NAME}.tar -C ${IMAGE_ROOTFS} . || [ $? -eq 1 ]"
+IMAGE_CMD:tar = "${IMAGE_CMD_TAR} --sort=name --format=posix --pax-option=delete=atime,delete=ctime --numeric-owner -cf ${IMGDEPLOYDIR}/${IMAGE_NAME}.tar -C ${IMAGE_ROOTFS} . || [ $? -eq 1 ]"
 SPDX_IMAGE_PURPOSE:tar = "archive"
 
 do_image_cpio[cleandirs] += "${WORKDIR}/cpio_append"
@@ -283,6 +283,7 @@  EXTRA_IMAGECMD:f2fs ?= ""
 # otherwise mkfs.vfat will automatically pick one.
 EXTRA_IMAGECMD:vfat ?= ""
 
+do_image_tar[depends] += "tar-replacement-native:do_populate_sysroot"
 do_image_cpio[depends] += "cpio-native:do_populate_sysroot"
 do_image_jffs2[depends] += "mtd-utils-native:do_populate_sysroot"
 do_image_cramfs[depends] += "util-linux-native:do_populate_sysroot"
@@ -391,3 +392,5 @@  IMAGE_TYPES_MASKED ?= ""
 
 # bmap requires python3 to be in the PATH
 EXTRANATIVEPATH += "${@'python3-native' if d.getVar('IMAGE_FSTYPES').find('.bmap') else ''}"
+# reproducible tar requires our tar, not the host's
+EXTRANATIVEPATH += "${@'tar-native' if 'tar' in d.getVar('IMAGE_FSTYPES') else ''}"