Send patches - preferably formatted by git format-patch - to patches at archlinux32 dot org.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--archbuild.in7
-rw-r--r--lib/archroot.sh6
-rw-r--r--makechrootpkg.in5
3 files changed, 13 insertions, 5 deletions
diff --git a/archbuild.in b/archbuild.in
index 7e1a964..73ae65d 100644
--- a/archbuild.in
+++ b/archbuild.in
@@ -45,7 +45,7 @@ while getopts 'hcr:' arg; do
esac
done
-check_root
+check_root SOURCE_DATE_EPOCH
if [ "${arch}" = "x86_64" ]; then
cache_dir=''
@@ -100,5 +100,10 @@ else
pacman --arch ${arch} -Syu --noconfirm || abort
fi
+# Always build official packages reproducibly
+if [[ ! -v SOURCE_DATE_EPOCH ]]; then
+ export SOURCE_DATE_EPOCH=$(date +%s)
+fi
+
msg "Building in chroot for [%s] (%s)..." "${repo}" "${arch}"
exec makechrootpkg -r "${chroots}/${repo}-${arch}" "${makechrootpkg_args[@]}"
diff --git a/lib/archroot.sh b/lib/archroot.sh
index 98fd2cf..f279603 100644
--- a/lib/archroot.sh
+++ b/lib/archroot.sh
@@ -6,13 +6,15 @@
CHROOT_VERSION='v4'
##
-# usage : check_root
+# usage : check_root $keepenv
##
orig_argv=("$0" "$@")
check_root() {
+ local keepenv=$1
+
(( EUID == 0 )) && return
if type -P sudo >/dev/null; then
- exec sudo -- "${orig_argv[@]}"
+ exec sudo --preserve-env=$keepenv -- "${orig_argv[@]}"
else
exec su root -c "$(printf ' %q' "${orig_argv[@]}")"
fi
diff --git a/makechrootpkg.in b/makechrootpkg.in
index ab9a244..2398818 100644
--- a/makechrootpkg.in
+++ b/makechrootpkg.in
@@ -206,6 +206,7 @@ EOF
{
printf '#!/bin/bash\n'
declare -f _chrootbuild
+ declare -p SOURCE_DATE_EPOCH 2>/dev/null
printf '_chrootbuild "$@" || exit\n'
if $run_namcap; then
@@ -235,7 +236,7 @@ _chrootbuild() {
# use "$" in arguments to commands with "sudo -i". ${foo} or
# ${1} is OK, but $foo or $1 isn't.
# https://bugzilla.sudo.ws/show_bug.cgi?id=765
- sudo -iu builduser bash -c 'cd /startdir; makepkg "$@"' -bash "$@"
+ sudo --preserve-env=SOURCE_DATE_EPOCH -iu builduser bash -c 'cd /startdir; makepkg "$@"' -bash "$@"
}
_chrootnamcap() {
@@ -346,7 +347,7 @@ main() {
[[ -n $makepkg_user && -z $(id -u "$makepkg_user") ]] && die 'Invalid makepkg user.'
makepkg_user=${makepkg_user:-${SUDO_USER:-$USER}}
- check_root
+ check_root SOURCE_DATE_EPOCH
# Canonicalize chrootdir, getting rid of trailing /
chrootdir=$(readlink -e "$passeddir")

Copyright © 2002-2022 Judd Vinet and Aaron Griffin. Copyright © 2022 Erich Eckner.
The Arch Linux name and logo are recognized trademarks. Some rights reserved. The registered trademark Linux® is used pursuant to a sublicense from LMI, the exclusive licensee of Linus Torvalds, owner of the mark on a world-wide basis.