btrfs-fs.img is not a reproducible build [bug] [priority:low] [upstream]

[nakato]

The output of btrfs-fs.img is not a reproducible build. This issue tracks that as well as a upstream bug around permissions.

1. Files inside the image produced by make-btrfs-fs.nix are owned by UID 1000 and GID 100.
   • Fixed by swapping fakeroot for a user-namespace (unshare -U -r) in forked make-btrfs-fs.nix.
   • Fix needs to be submitted upstream
2. mkfs.btrfs copies other attributes of the files being included into the new image, such as CTIME and maybe ATIME, these times are not set to Epoch+1 for any files in the image
   • ctime/atime on /nix/store paths [upstream bug]
3. mkdir invocations use current time for A/C/M/BTIME.
   • mkdir -p ./rootImage/nix/store [upstream bug]
4. Populating /boot is similarly not using controlled times.

[nakato]

I've got a fix for the ownership problem of this issue, it requires access to make-btrfs-fs.nix, so I'll make the fix be part of #20, which already requires modifications to make-btrfs-fs.nix, and thus already is pulling it in.

[nakato]

mkfs.btrfs switched from a bespoke file-tree walking implementation to using nftw(3) in https://github.com/kdave/btrfs-progs/commit/c6464d3f99ed1dabceff1168eabb207492c37624

This has broken both libfaketime and fakeroot.

I've submitted bugs upstream to both libfaketime and fakeroot, as the best case scenario is those get updated and we can get faketime back and drop the root ownership hacks.

libfaketime issue 476 fakeroot debian bug ID 1081976