diff options
author | Ludovic Courtès <ludo@gnu.org> | 2015-12-08 23:27:53 +0100 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2015-12-08 23:58:12 +0100 |
commit | 5b74fe065b33ee99372d472f2d6ee5284d720b75 (patch) | |
tree | f71f8b3bf34e65c08a794492ab22a7684326c65c /doc/guix.texi | |
parent | 2fba87ac7c3e6fc6ca1a6e94131303c37425b2ba (diff) | |
download | guix-5b74fe065b33ee99372d472f2d6ee5284d720b75.tar.gz |
guix build: Add '--rounds'.
* guix/scripts/build.scm (show-build-options-help) (%standard-build-options): Add --rounds. (set-build-options-from-command-line): Honor it. * doc/guix.texi (Invoking guix build): Document it. * doc/contributing.texi (Submitting Patches): Mention it.
Diffstat (limited to 'doc/guix.texi')
-rw-r--r-- | doc/guix.texi | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/doc/guix.texi b/doc/guix.texi index 309548be88..390e7949c0 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -3876,6 +3876,20 @@ Do not use substitutes for build products. That is, always build things locally instead of allowing downloads of pre-built binaries (@pxref{Substitutes}). +@item --rounds=@var{n} +Build each derivation @var{n} times in a row, and raise an error if +consecutive build results are not bit-for-bit identical. + +This is a useful way to detect non-deterministic builds processes. +Non-deterministic build processes are a problem because they make it +practically impossible for users to @emph{verify} whether third-party +binaries are genuine. @xref{Invoking guix challenge}, for more. + +Note that, currently, the differing build results are not kept around, +so you will have to manually investigate in case of an error---e.g., by +stashing one of the build results with @code{guix archive --export}, +then rebuilding, and finally comparing the two results. + @item --no-build-hook Do not attempt to offload builds @i{via} the daemon's ``build hook'' (@pxref{Daemon Offload Setup}). That is, always build things locally |