the nix store may contain hardlinks: derivations may output them
directly, or users may be using store optimization which automatically
hardlinks identical files in the nix store.
The presence of these links are intended to be a 'transparent'
optimization. However, when creating a squashfs image, the image
will be different depending on whether hard links were present
on the filesystem, leading to reproducibility problems.
By passing '-no-hardlinks' to mksquashfs the files are stored
as duplicates in the squashfs image. Since squashfs has support
for duplicate files this does not lead to a larger image.
For more details see
https://github.com/NixOS/nixpkgs/issues/114331
I took the patch, and applied it on top of the previous squashfs-tools
commit that we packaged (which required editing one line in the patch,
as it assumed to be applied on top of the reproducibility patches). Then
I rebased that on top of master, resolved one conflict, and I formatted
a new patch for this.
A new release has been made upstream. Reproducibility issues were fixed
in that release, so we no longer need those patches. For a full overview
of the changes, see the 4.4-specific readme at [1].
The alignment patch no longer applies cleanly; I disabled it for now,
and I will try to restore it in a follow-up commit.
[1]: 52eb4c279c/README-4.4
The 4k-align squashfs patch was broken in the update to squashfs 4.4dev,
such that the patch was no longer actually applied in full (command line
option not even parsed).
Without these patches, the output of mksquashfs is not reproducible.
The patches are taken from https://github.com/squashfskit/squashfskit,
a fork of squashfs-tools, licensed under the GPL2 or later like
squashfs-tools itself.
This prevents failures like "libgcc_s.so.1 must be installed for
pthread_cancel to work" that occur because Glibc assumes libgcc_s.so.1
to be in Glibc's libdir.
This solution is pretty hacky, because the libgcc_s.so.1 from
bootstrap-tools might be too old. So if we update GCC, programs might
end up using an outdated libgcc_s.so.1. Ideally, we would build
libgcc_s.so.1 *before* Glibc, which might not be impossible...
Fixes#3548.
to be in the buildInputs). While at it, update to
version 4.2. "attr" is no longer needed as a dependency.
svn path=/nixpkgs/branches/stdenv-updates/; revision=31744