diff options
| author | Graham Christensen <graham@grahamc.com> | 2019-03-29 08:02:56 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-03-29 08:02:56 -0400 |
| commit | bb32e322a5aa81203eb3494081539eea8a70adcb (patch) | |
| tree | 24784d78575f97af488d7309065b1f2263e4a5a5 /nixos/modules/installer | |
| parent | e0b4356c0dc7d35d9ee17d23b53d8c2020d4e618 (diff) | |
| parent | f7fb88c32426ef0fc7ff075a1af70c207da5dc5a (diff) | |
Merge pull request #57559 from Ekleog/iso-image-reproducibilization
iso-image: make reproducible by not relying on mcopy's readdir
Diffstat (limited to 'nixos/modules/installer')
| -rw-r--r-- | nixos/modules/installer/cd-dvd/iso-image.nix | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/nixos/modules/installer/cd-dvd/iso-image.nix b/nixos/modules/installer/cd-dvd/iso-image.nix index fd780be2082..12b8d85edf3 100644 --- a/nixos/modules/installer/cd-dvd/iso-image.nix +++ b/nixos/modules/installer/cd-dvd/iso-image.nix @@ -338,8 +338,10 @@ let efiImg = pkgs.runCommand "efi-image_eltorito" { buildInputs = [ pkgs.mtools pkgs.libfaketime ]; } # Be careful about determinism: du --apparent-size, - # dates (cp -p, touch, mcopy -m, faketime for label), IDs (mkfs.vfat -i) + # dates (cp -p, touch, mcopy -m, faketime for label), IDs (mkfs.vfat -i), + # mcopy's write order (-s uses `readdir` order) '' + # Prepare the ./EFI and ./boot directories mkdir ./contents && cd ./contents cp -rp "${efiDir}"/EFI . mkdir ./boot @@ -347,6 +349,7 @@ let "${config.system.build.initialRamdisk}/${config.system.boot.loader.initrdFile}" ./boot/ touch --date=@0 ./EFI ./boot + # Prepare the image file usage_size=$(du -sb --apparent-size . | tr -cd '[:digit:]') # Make the image 110% as big as the files need to make up for FAT overhead image_size=$(( ($usage_size * 110) / 100 )) @@ -356,8 +359,16 @@ let echo "Usage size: $usage_size" echo "Image size: $image_size" truncate --size=$image_size "$out" + + # Make the filesystem ${pkgs.libfaketime}/bin/faketime "2000-01-01 00:00:00" ${pkgs.dosfstools}/sbin/mkfs.vfat -i 12345678 -n EFIBOOT "$out" - mcopy -psvm -i "$out" ./EFI ./boot :: + + # Copy the files + # Note: we can't use mcopy's recursive copying as it uses `readdir` order. + # So just copy file-after-file + find ./EFI ./boot -type f -print0 | sort -z | \ + xargs -0I '{}' mcopy -pvm -i "$out" '{}' :: + # Verify the FAT partition. ${pkgs.dosfstools}/sbin/fsck.vfat -vn "$out" ''; # */ |