Wind River Support Network


LIN6-8390 : CLONE - lsof package pulls info from build machine

Created: Sep 8, 2014    Updated: Dec 3, 2018
Resolved Date: Sep 10, 2014
Found In Version: 6.0
Fix Version:
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Build & Config


The lsof package creates a file called version.h that includes these macros that are set based on the development machine’s (in my case Ubuntu) environment:
LSOF_CCV - version of Ubuntu’s GCC
LSOF_CCFLAGS - flags to Ubuntu GCC
LSOF_HOST - build machine hostname
LSOF_LOGNAME - builder’s login name
LSOF_SYSINFO - build machine’s info
LSOF_USER - builder’s user name

This is invasive since it could build an executable with usernames and/or build machine names in them. At the very least, it makes an unreproducible binary unless the same user on the same host
builds it every time.

Steps to Reproduce

cat bitbake_build/tmp/work/atom-wrs-linux/lsof-4.85-r1/lsof_4.85_src/version.h

#define LSOF_CCV        "4.6.3 (Ubuntu/Linaro 4.6.3-1ubuntu5) "
#define LSOF_HOST       "ala-cvl1-lx1"
#define LSOF_LOGNAME    "username"
#define LSOF_SYSINFO    "Linux ala-cvl1-lx1 3.2.0-45-generic #70-Ubuntu SMP Wed May 29 20:12:06 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux"
#define LSOF_VERSION    "4.85"

Other Downloads

Live chat