From f45b16d7b994208f488829818575d397cf1e6492 Mon Sep 17 00:00:00 2001 From: Helmut Grohne Date: Thu, 12 Jun 2025 22:11:41 +0200 Subject: debefivm-create: clean up unreproducible files These files are normally deleted by mmdebstrap. However, debefivm-create invokes mkfs.ext4 itself and thereby implicitly skips all cleanup actions normally done by mmdebstrap. This happens to include the truncation of /etc/machine-id and that results in non-reproducibility as well as reused images sharing a machine-id even though they should never do that. Reported-by: Stefano Rivera Closes: #1107719 --- bin/debefivm-create | 2 ++ 1 file changed, 2 insertions(+) (limited to 'bin') diff --git a/bin/debefivm-create b/bin/debefivm-create index 1c03be5..f6368df 100755 --- a/bin/debefivm-create +++ b/bin/debefivm-create @@ -415,6 +415,8 @@ set -- "$@" \ "--customize-hook=download vmlinuz '$WORKDIR/kernel'" \ "--customize-hook=download initrd.img '$WORKDIR/initrd'" \ "--customize-hook=download '/usr/lib/systemd/boot/efi/linux$EFIARCH.efi.stub' '$WORKDIR/stub'" \ + '--customize-hook=rm -f "$1/etc/apt/apt.conf.d/00mmdebstrap" "$1/etc/apt/apt.conf.d/99debconf" "$1/var/cache/ldconfig/aux-cache" "$1/var/lib/dbus/machine-id" "$1/var/log/alternatives.log" "$1/var/log/apt/eipp.log.xz" "$1/var/log/apt/history.log" "$1/var/log/apt/term.log" "$1/var/log/dpkg.log"' \ + '--customize-hook=truncate -s 0 "$1/etc/machine-id"' \ '--customize-hook=mount --bind "$1" "$1/mnt"' \ '--customize-hook=mount -t tmpfs tmpfs "$1/mnt/dev" -o mode=0755' \ '--customize-hook=rm -f "$1/usr/sbin/policy-rc.d"' \ -- cgit v1.2.3