From dd8e725d7d48d0a0c824925692033013db67e733 Mon Sep 17 00:00:00 2001
From: Florian Friesdorf <flo@chaoflow.net>
Date: Wed, 28 Dec 2011 21:46:40 +0000
Subject: [PATCH] copy only cryptsetup deps to stage-1 and test cryptsetup

popt-0.16 and cryptsetup-1.4.1 both generated pkgconfig (in contrast
to older versions). The pkgconfig files (popt.pc and cryptsetup.pc)
contain references into the store that are not removed by patchelf and
stage-1 fails with errors like: "output is not allowed to refer to
path `/nix/store/qccjhn063cfv171rcaxvxh0yk96zf7l2-cryptsetup-1.4.1'".

Now, only the cryptsetup binaries and its dependencies are copied,
determined by ldd. In addition the cryptsetup binary and lvm are
tested after patchelf has adjusted the library paths.

Thanks to Peter Simons and Eelco Dolstra for giving the rights hints.

svn path=/nixos/trunk/; revision=31128
---
 modules/system/boot/luksroot.nix | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/modules/system/boot/luksroot.nix b/modules/system/boot/luksroot.nix
index c28f46ef75b..a7608014d00 100644
--- a/modules/system/boot/luksroot.nix
+++ b/modules/system/boot/luksroot.nix
@@ -28,10 +28,20 @@ in
 
   config = mkIf (luksRoot != "") {
 
+    # copy the cryptsetup binary and it's dependencies
     boot.initrd.extraUtilsCommands = ''
-      cp -r ${pkgs.cryptsetup}/lib/* $out/lib/
-      cp -r ${pkgs.popt}/lib/* $out/lib
-      cp ${pkgs.cryptsetup}/sbin/* $out/bin
+      cp -pdv ${pkgs.cryptsetup}/sbin/cryptsetup $out/bin
+      # XXX: do we have a function that does this?
+      for lib in $(ldd $out/bin/cryptsetup |grep '=>' |grep /nix/store/ |cut -d' ' -f3); do
+        cp -pdvn $lib $out/lib
+        cp -pvn $(readlink -f $lib) $out/lib
+      done
+    '';
+
+    boot.initrd.extraUtilsCommandsTest = ''
+      $out/bin/cryptsetup --version
+      $out/bin/lvm vgscan --version
+      $out/bin/lvm vgchange --version
     '';
 
     boot.initrd.postDeviceCommands = ''