diff options
| author | Arnout Engelen | 2021-02-28 19:03:50 +0100 |
|---|---|---|
| committer | GitHub | 2021-02-28 18:03:50 +0000 |
| commit | 0aeba64fb26e4defa0842a942757144659c6e29f (patch) | |
| tree | e916f657df91f4101d6145d3bd9ce84a9b915ac2 /nixos/lib | |
| parent | c6898f85418fd2a895a17fb9a9ba64d2ca1e9803 (diff) | |
squashfs: use -no-hardlinks for reproducible squashfs images (#114454)
the nix store may contain hardlinks: derivations may output them directly, or users may be using store optimization which automatically hardlinks identical files in the nix store. The presence of these links are intended to be a 'transparent' optimization. However, when creating a squashfs image, the image will be different depending on whether hard links were present on the filesystem, leading to reproducibility problems. By passing '-no-hardlinks' to mksquashfs the files are stored as duplicates in the squashfs image. Since squashfs has support for duplicate files this does not lead to a larger image. For more details see https://github.com/NixOS/nixpkgs/issues/114331
Diffstat (limited to 'nixos/lib')
| -rw-r--r-- | nixos/lib/make-squashfs.nix | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/nixos/lib/make-squashfs.nix b/nixos/lib/make-squashfs.nix index ee76c9c5bf24..8690c42e7ac9 100644 --- a/nixos/lib/make-squashfs.nix +++ b/nixos/lib/make-squashfs.nix @@ -23,6 +23,6 @@ stdenv.mkDerivation { # Generate the squashfs image. mksquashfs nix-path-registration $(cat $closureInfo/store-paths) $out \ - -keep-as-directory -all-root -b 1048576 -comp ${comp} + -no-hardlinks -keep-as-directory -all-root -b 1048576 -comp ${comp} ''; } |