From 5c6b40767d74a5f2210751b9c405faf0ef35051c Mon Sep 17 00:00:00 2001
From: Luke Yang <luke.jia.yang@gmail.com>
Date: Wed, 17 Jul 2024 17:14:43 -0400
Subject: [PATCH 1/3] composepost: apply add-determinism pyc-zero-mtime

Fixes: https://github.com/ostreedev/ostree/issues/1469

Assuming that add-determinism is installed on the system,
apply add-determinism to set the embedded mtime in all .pyc
files to zero.

Signed-off-by: Luke Yang <luyang@redhat.com>
Co-authored-by: Steven Presti <spresti@redhat.com>
---
 rust/src/composepost.rs | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/rust/src/composepost.rs b/rust/src/composepost.rs
index 1a5ae86937..c29d1c8c33 100644
--- a/rust/src/composepost.rs
+++ b/rust/src/composepost.rs
@@ -1201,7 +1201,18 @@ fn workaround_selinux_cross_labeling_recurse(
 /// This is the nearly the last code executed before we run `ostree commit`.
 pub fn compose_postprocess_final(rootfs_dfd: i32, _treefile: &Treefile) -> CxxResult<()> {
     let rootfs = unsafe { &crate::ffiutil::ffi_dirfd(rootfs_dfd)? };
-
+    if std::process::Command::new("add-determinism").status().expect("Failed to find add-determinism on system.").success() {
+         // add-determinism --handler pyc-zero-mtime
+        let r = std::process::Command::new("add-determinism")
+        .arg("--handler")
+        .arg("pyc-zero-mtime")
+        .arg("/usr")
+        .status()
+        .expect("Failed to normalize .pyc files using add-determinism");
+        if !r.success() {
+            return Err(anyhow!("Failed to execute add-determinism --handler pyc-zero-mtime: {:?}", r).into());
+        }
+    }
     hardlink_rpmdb_base_location(rootfs, None)?;
     Ok(())
 }

From fff1ddb501b044fbcaff98755fe10816d419f2f0 Mon Sep 17 00:00:00 2001
From: Luke Yang <luke.jia.yang@gmail.com>
Date: Thu, 8 Aug 2024 10:27:13 -0400
Subject: [PATCH 2/3] wip: do not merge

Mobbing WIP. Contains pseudo code.
---
 rust/src/composepost.rs | 37 ++++++++++++++++++++++++-------------
 1 file changed, 24 insertions(+), 13 deletions(-)

diff --git a/rust/src/composepost.rs b/rust/src/composepost.rs
index c29d1c8c33..627e8c0b66 100644
--- a/rust/src/composepost.rs
+++ b/rust/src/composepost.rs
@@ -1197,22 +1197,33 @@ fn workaround_selinux_cross_labeling_recurse(
     }
     Ok(())
 }
-
+fn run_add_determinisim(rootfs: &Dir){
+    let path = std::env::var_os("PATH");
+    let bin = "add-determinism";
+    for path in std::env::split_paths(&path){
+        let bin_path = path.join(bin);
+        if bin_path.exists() {
+            // let usr_path = rootfs.open_dir("usr");
+            // cwd_dir(usr_path);
+            cwd_dir(rootfs);
+            std::env::current_dir("usr");
+                // add-determinism --handler pyc-zero-mtime
+            let r = std::process::Command::new("add-determinism")
+            .arg("--handler")
+            .arg("pyc-zero-mtime")
+            .arg(".")
+            .status()
+            .expect("Failed to normalize .pyc files using add-determinism");
+            if !r.success() {
+                return Err(anyhow!("Failed to execute add-determinism --handler pyc-zero-mtime: {:?}", r).into());
+            }
+        }
+    }
+}
 /// This is the nearly the last code executed before we run `ostree commit`.
 pub fn compose_postprocess_final(rootfs_dfd: i32, _treefile: &Treefile) -> CxxResult<()> {
     let rootfs = unsafe { &crate::ffiutil::ffi_dirfd(rootfs_dfd)? };
-    if std::process::Command::new("add-determinism").status().expect("Failed to find add-determinism on system.").success() {
-         // add-determinism --handler pyc-zero-mtime
-        let r = std::process::Command::new("add-determinism")
-        .arg("--handler")
-        .arg("pyc-zero-mtime")
-        .arg("/usr")
-        .status()
-        .expect("Failed to normalize .pyc files using add-determinism");
-        if !r.success() {
-            return Err(anyhow!("Failed to execute add-determinism --handler pyc-zero-mtime: {:?}", r).into());
-        }
-    }
+    run_add_determinisim(rootfs);
     hardlink_rpmdb_base_location(rootfs, None)?;
     Ok(())
 }

From 5bc2034364e7efaa7b86f60336ef05b5ea779f23 Mon Sep 17 00:00:00 2001
From: Luke Yang <luke.jia.yang@gmail.com>
Date: Thu, 15 Aug 2024 10:42:25 -0400
Subject: [PATCH 3/3] WIP: do not merge

---
 rust/src/composepost.rs | 47 +++++++++++++++++++++++++----------------
 1 file changed, 29 insertions(+), 18 deletions(-)

diff --git a/rust/src/composepost.rs b/rust/src/composepost.rs
index 627e8c0b66..4f5d3536f2 100644
--- a/rust/src/composepost.rs
+++ b/rust/src/composepost.rs
@@ -36,6 +36,7 @@ use std::os::unix::prelude::IntoRawFd;
 use std::path::{Path, PathBuf};
 use std::pin::Pin;
 use std::process::Stdio;
+use cap_std_ext::cmdext::CapStdExtCommandExt;
 
 /// Directories that are moved out and symlinked from their `/var/lib/<entry>`
 /// location to `/usr/lib/<entry>`.
@@ -1197,33 +1198,43 @@ fn workaround_selinux_cross_labeling_recurse(
     }
     Ok(())
 }
-fn run_add_determinisim(rootfs: &Dir){
-    let path = std::env::var_os("PATH");
+
+fn run_add_determinisim(rootfs: &Dir) -> CxxResult<()> {
+    let path = std::env::var_os("PATH").unwrap();
     let bin = "add-determinism";
-    for path in std::env::split_paths(&path){
-        let bin_path = path.join(bin);
-        if bin_path.exists() {
-            // let usr_path = rootfs.open_dir("usr");
-            // cwd_dir(usr_path);
-            cwd_dir(rootfs);
-            std::env::current_dir("usr");
+    if let Some(path) = std::env::var_os("PATH") {
+        for path in std::env::split_paths(&path){
+            let bin_path = path.join(bin);
+            if bin_path.exists() {
+                // let usr_path = rootfs.open_dir("usr");
+                // cwd_dir(usr_path);
+                let mut cmd = std::process::Command::new("/bin/bash");
+                cmd.cwd_dir(rootfs.try_clone()?);
+                let usr_path = Path::new("usr");
+                std::env::set_current_dir(&usr_path)?;
                 // add-determinism --handler pyc-zero-mtime
-            let r = std::process::Command::new("add-determinism")
-            .arg("--handler")
-            .arg("pyc-zero-mtime")
-            .arg(".")
-            .status()
-            .expect("Failed to normalize .pyc files using add-determinism");
-            if !r.success() {
-                return Err(anyhow!("Failed to execute add-determinism --handler pyc-zero-mtime: {:?}", r).into());
+                let r = std::process::Command::new("add-determinism")
+                .arg("--handler")
+                .arg("pyc-zero-mtime")
+                .arg(".")
+                .status()?;
+                // .expect("Failed to normalize .pyc files using add-determinism");
+                // if !r.success() {
+                //     return Err(anyhow!("Failed to execute add-determinism --handler pyc-zero-mtime: {:?}", r).into());
+                // }
             }
         }
     }
+    else {
+        return Err(anyhow!("Failed to find PATH var").into());
+    }
+    Ok(())
 }
+
 /// This is the nearly the last code executed before we run `ostree commit`.
 pub fn compose_postprocess_final(rootfs_dfd: i32, _treefile: &Treefile) -> CxxResult<()> {
     let rootfs = unsafe { &crate::ffiutil::ffi_dirfd(rootfs_dfd)? };
-    run_add_determinisim(rootfs);
+    run_add_determinisim(rootfs)?;
     hardlink_rpmdb_base_location(rootfs, None)?;
     Ok(())
 }