Ricardo Wurmus writes: > Hi Marius, > >> 'core-updates' has seen a lot of changes recently. Some of the goodies >> include […] glibc 2.27 […] >> >> Are there other things that should go in? > > I would really like to see a patch applied to glibc that ensures that > the “prlimit64” syscall is not used when running on the RHEL 6 kernel > (2.6.32). The lack of this syscall on that kernel means that getrlimits > fails, which makes it impossible to start the JVM. > > This problem appeared with the upgrade to glibc 2.26 already, and ever > since I’ve been trying to minimize the damage for RHEL 6 systems where > Guix is used as a package manager (such as the MDC). > > A work-around for glibc 2.27 that makes things work fine with the RHEL 6 > kernel would be very welcome! I’ve started a branch “rhel6” where the > default glibc has been bumped back to version 2.25 but I really don’t > want it to be a long-lived branch; one of the reasons is that building > all packages for this old glibc version (even just on x86_64) puts our > build farms under extra stress that I would like to avoid. Are you sure prlimit64 is the only syscall that needs to be adjusted? A quick grep through through the commit log reveals some other interfaces that may need to be restored. Here is the commit that removes the fallback code for missing prlimit64: https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=695d7d138eda449678a1650a8b8b58181033353f And here are similar commits I found by grepping the log for '3.2': https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=e92030239abb4038d4f915d47021d6c037239309 https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=1721145f0341d70a6d7807b172c5eb400b508fc0 https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=9a45f54310573c190fa270e1f80d8307750305e9 https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=e8f1225ca4d4afa4043c5267ae6dbe12268e2637 Since it's fairly late in the core-updates cycle, I think it would be better to try restoring the prlimit64 fallback on the "rhel6" branch and then revisit this during the next core-updates. This got me thinking, perhaps it's possible to run Guix through a thin hypervisor layer that uses the host virtualization facilities, or a Qemu built against glibc 2.25. This is similar to how "Docker" runs on macOS, maybe it could be used for Guix in "hostile environments" too?