Leo Famulari skribis: > This is libressl-portable bug #290: > > https://github.com/libressl-portable/portable/issues/290 > > There is a problem with using getentropy() or getrandom() from > glibc-2.25 with Linux < 3.17, when these syscalls where introduced. > Basically, glibc will return ENOSYS, which applications are not handling > properly. > > I expect the build to succeed on armhf, where I believe the builders > have kernels > 3.17. > > In the case of libressl, the developers have closed as WONTFIX, although > perhaps they could be persuaded to make libressl handle ENOSYS somehow. > > Cpython hit the same problem, and they worked around it. This means that > the Python interpreters Hydra builds for x86_64 and i686 not use the new > getentropy() / getrandom() syscalls, even though many Guix users and > probably all GuixSD users have more recent kernels: > > https://bugs.python.org/issue29157 > > Can we disable the build on Hydra without marking the package as > non-substitutable? A simple approach is to force LibreSSL to always use its non-getentropy code, and lift this restriction once we clearly require newer kernels¹. The attached patch does that. Thoughts? Thanks, Ludo’. ¹ We currently build libc with "--enable-kernel=2.6.32", and this is pretty much what defines our minimal kernel version requirement.