af25692214
To reduce size, stage 1 (the initrd) is populated by copying specific binaries in, then copying the libraries specifically needed by those binaries. `patchelf` is then used to make the binaries search in the directory where these libraries are copied to instead of their original store paths. Some filesystems (e.g. ZFS) do not guarantee that copying the same files in the same order into a given directory will result in `find` returning them in any particular order (though the order appears consistent so long as the directory is not modified). Therefore, when the binaries are scanned for libraries to copy in, they might be scanned in a different order each time the derivation is built. If two binaries need two different libraries with the same name, then a different instance of the library might be copied in first, changing the derivation contents and breaking reproducibility. This turns out to be the case with `libudev.so.1` from both `systemd` (needed by e.g. `mdadm`) and `systemdMinimal` (needed by e.g. `dmsetup`). This issue is fixed by sorting the list of binaries to be scanned instead of relying on filesystem order so that the same instance always gets seen and copied first. Both before this change (at least on ext4) and after this change (without any options that affect stage 1), this is the `libudev.so.1` from `systemdMinimal` by way of `dmsetup`. Whether this is appropriate and how much the two different systemd configurations and udev libraries need to be involved is a topic left for future work. |
||
---|---|---|
.. | ||
doc | ||
lib | ||
maintainers | ||
modules | ||
tests | ||
COPYING | ||
default.nix | ||
README | ||
release-combined.nix | ||
release-small.nix | ||
release.nix |
*** NixOS *** NixOS is a Linux distribution based on the purely functional package management system Nix. More information can be found at https://nixos.org/nixos and in the manual in doc/manual.