Loading...
Loading...
Arch Linux has released a bit-for-bit reproducible Docker image under a new repro tag, confirming digest equality across builds and verification with diffoci. To achieve reproducibility, the image strips pacman keys (users must run pacman-key --init && pacman-key --populate archlinux before using pacman), and documentation and reproducible build instructions are provided. The team reused their deterministic rootFS build system from the WSL image and applied Docker-specific fixes: honoring SOURCE
Arch Linux Now Has a Bit-for-Bit Reproducible Docker Image | Hacker News Hacker News new | past | comments | ask | show | jobs | submit login Arch Linux Now Has a Bit-for-Bit Reproducible Docker Image ( antiz.fr ) 25 points by maxloh 5 hours ago | hide | past | favorite | discuss help Consider applying for YC's Summer 2026 batch! Applications are open till May 4 Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact Search:
Arch Linux has released a bit-for-bit reproducible Docker image under a new repro tag, confirming identical digests across builds via podman and diffoci. To achieve determinism, maintainers strip pacman keys from the image (so users must run pacman-key --init && pacman-key --populate archlinux before using pacman), normalize timestamps with SOURCE_DATE_EPOCH and build flags, and remove nondeterministic artifacts like the ldconfig auxiliary cache. The image reuses the rootFS build system from Arch's reproducible WSL image; documentation and diffoci reports are available in the archlinux-docker repo. The project lead plans to explore periodic rebuilders to verify and publish reproducibility results.
Arch Linux has released a bit-for-bit reproducible Docker image under a new repro tag, confirming identical digests across builds via podman and diffoci. To achieve determinism the image strips pacman keys (so pacman must be reinitialized inside containers with pacman-key --init && pacman-key --populate archlinux), normalizes timestamps using SOURCE_DATE_EPOCH and build flags, removes non-deterministic files like the ldconfig aux-cache, and reuses the WSL rootFS build process. Documentation and diffoci reports are available in the archlinux-docker repo. The maintainer plans a future rebuilder to automatically verify reproducibility and publish logs. This milestone advances Arch’s broader reproducible-builds effort for trustworthy base images.
Arch Linux now has a bit-for-bit reproducible Docker image
Arch Linux has released a bit-for-bit reproducible Docker image under a new repro tag, confirming digest equality across builds and verification with diffoci. To achieve reproducibility, the image strips pacman keys (users must run pacman-key --init && pacman-key --populate archlinux before using pacman), and documentation and reproducible build instructions are provided. The team reused their deterministic rootFS build system from the WSL image and applied Docker-specific fixes: honoring SOURCE_DATE_EPOCH in the image label, removing ldconfig cache files, and normalizing timestamps with --source-date-epoch and --rewrite-timestamp during docker/podman build. The change set and reproduction guide are available in the archlinux-docker repository.