Hello everybody,
With the aim of reducing the size of a container (with nix2container), I am testing direct copying of libraries.
I’m surprised to see that some packages are added when I don’t see any dependencies.
Example :
If i copy libceph-common.so.2 file, ceph-18.2.0-lib is added to the container (with all its dependencies).
$ldd /nix/store/*-ceph-18.2.0-lib/lib/ceph/libceph-common.so.2 | awk '{print $1}'
linux-vdso.so.1
libresolv.so.2
libboost_thread.so.1.79.0
libboost_system.so.1.79.0
libboost_random.so.1.79.0
libboost_program_options.so.1.79.0
libboost_date_time.so.1.79.0
libboost_iostreams.so.1.79.0
libfmt.so.8
libblkid.so.1
libcrypto.so.3
libdl.so.2
libudev.so.1
libibverbs.so.1
librdmacm.so.1
libcap.so.2
libstdc++.so.6
libm.so.6
libgcc_s.so.1
libc.so.6
/lib64/ld-linux-x86-64.so.2
librt.so.1
libpthread.so.0
libz.so.1
libbz2.so.1
liblzma.so.5
libzstd.so.1
libnl-route-3.so.200
libnl-3.so.200
None of these libraries depend on Ceph, of course
If i do the same exercise with file libceph_crypto_isal.so.1, ceph-18.2.0-lib is not added to the container
$ldd /nix/store/wya455l9sfccbbdqz1l5b51wd708fl3n-ceph-18.2.0-lib/lib/ceph/crypto/libceph_crypto_isal.so.1 |awk '{print $1}'
linux-vdso.so.1
libstdc++.so.6
libgcc_s.so.1
libc.so.6
/lib64/ld-linux-x86-64.so.2
libm.so.6
The test is very basic :
cephfs_min = {
layer = nix2container.buildLayer {
copyToRoot = pkgs.runCommand "cmd" {} ''
# cp /nix/store/wya455l9sfccbbdqz1l5b51wd708fl3n-ceph-18.2.0-lib/lib/ceph/libceph-common.so.2 $out
cp /nix/store/wya455l9sfccbbdqz1l5b51wd708fl3n-ceph-18.2.0-lib/lib/ceph/crypto/libceph_crypto_isal.so.1 $out
'';
deps = [ ];
layers = [ ];
};
paths = [ ];
};
Does Nix use anything other than ELF to identify dependencies?
Thank you for your feedback