Keep symlinks when copying into .app bundle #5024

I need this change for the current OSX code-signing process, which looks like:

1. Deterministically gitian-build an .osx.tar.gz
2. Extract the .dmg and then the .app from the .dmg
3. Re-run macdeployqtplus -sign using the extracted, deterministic .app to create a code-signed app inside a .dmg that is actually released.

Step 3 broke with OSX 10.9.5, because symbolic links inside the .app were not preserved. This fixes that. @laanwj : this should be cherry-picked to the 0.9.3 branch in case there is a 0.9.4.

The plan is to change the code-signing process to something like:

1. Code-signer gitian builds first, producing a .osx.tar.gz that has a .dmg that is signed.
2. Everybody else uses the signatures produced in (1) as an input to the gitian-building process and verifies that end results match.

Ok, I see why I couldn't reproduce this. Fwiw, the change looks fine. @gavinandresen I'm not sure why there's a need for step 3. With the previous 0.9.x behavior, the bundle was not created in the proper format, so a newer version of macdeployqtplus needed to be used in order to rebuild it. So it made sense then.

Now that the bundle is being created correctly in the first place (I hope!), all that should be needed is a "codesign ..." on the bundle. Is there a reason I'm missing for re-running macdeployqtplus?

Shouldn't matter either way though, one we integrate the signing into gitian.

@theuni : step 3 is needed to re-create a disk image -- the .dmg files are created as read-only-when-mounted, I can't codesign the .app in the mounted .dmg and unmount. At least, I don't think I can. If I'm wrong, tell me the magic incantation....

Ok, that makes sense. I'm pretty sure you've had to remind me of that a few times now...

ACK on the changes. I'll try to get the Gitian signer up and running sooner than later.

Cherry-picked into 0.9.3 as ffab1dd