summary refs log tree commit diff
path: root/doc/guix.texi
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2015-12-08 23:27:53 +0100
committerLudovic Courtès <ludo@gnu.org>2015-12-08 23:58:12 +0100
commit5b74fe065b33ee99372d472f2d6ee5284d720b75 (patch)
treef71f8b3bf34e65c08a794492ab22a7684326c65c /doc/guix.texi
parent2fba87ac7c3e6fc6ca1a6e94131303c37425b2ba (diff)
downloadguix-5b74fe065b33ee99372d472f2d6ee5284d720b75.tar.gz
guix build: Add '--rounds'.
* guix/scripts/build.scm (show-build-options-help)
(%standard-build-options): Add --rounds.
(set-build-options-from-command-line): Honor it.
* doc/guix.texi (Invoking guix build): Document it.
* doc/contributing.texi (Submitting Patches): Mention it.
Diffstat (limited to 'doc/guix.texi')
-rw-r--r--doc/guix.texi14
1 files changed, 14 insertions, 0 deletions
diff --git a/doc/guix.texi b/doc/guix.texi
index 309548be88..390e7949c0 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -3876,6 +3876,20 @@ Do not use substitutes for build products.  That is, always build things
 locally instead of allowing downloads of pre-built binaries
 (@pxref{Substitutes}).
 
+@item --rounds=@var{n}
+Build each derivation @var{n} times in a row, and raise an error if
+consecutive build results are not bit-for-bit identical.
+
+This is a useful way to detect non-deterministic builds processes.
+Non-deterministic build processes are a problem because they make it
+practically impossible for users to @emph{verify} whether third-party
+binaries are genuine.  @xref{Invoking guix challenge}, for more.
+
+Note that, currently, the differing build results are not kept around,
+so you will have to manually investigate in case of an error---e.g., by
+stashing one of the build results with @code{guix archive --export},
+then rebuilding, and finally comparing the two results.
+
 @item --no-build-hook
 Do not attempt to offload builds @i{via} the daemon's ``build hook''
 (@pxref{Daemon Offload Setup}).  That is, always build things locally