What does HackerNews think of patchelf?
A small utility to modify the dynamic linker and RPATH of ELF executables
The parent commenter is already suggesting "just run a regex", so it seems like a trivial extension to their simple solution to "just run patchelf on every binary on your system"
It's a key part of how nix works.
I feel that patchelf[0] is an ingenious little tool for exactly that purpose that isn't getting enough love. Not as useful for FOSS stuff, but it's been really useful for the times I had to relink proprietary things on our cluster in order to patch a security vulnerability or two.
One problem is dynamically linked binaries, where the library points to a global position (like /usr/lib). In NixOS, different builds can depend on different versions of the same binary, so there is no single global location. This is not necessarily a bad thing in itself. And normal cases can be fixed with the patchelf [^1] utility. I couldn't make it work with a Z3 binary, so I finally gave up.
The other problem is when I tried to configure jackdbus. There's only one example [^2] configuration. It is marked as outdated by the wiki, and indeed none of the settings work for me.
Then I realized these two are not problems that Nix tries to solve. Pointing to a global binary is okay for some quick fixes. And JACK module is better to work out-of-the-box, I don't want to dive into all of the configurations before I haven't even used it.
Now I use Ubuntu for casual desktop applications and write Nix derivations for projects that need reproducibility. And I think I find my perfect balance.
[^1]: https://github.com/NixOS/patchelf [^2]: https://nixos.wiki/wiki/JACK
That actually is impossible, Nix will only depend on packages in nix, and nothing else. So whatever you have installed won't affect it.
The important part of Nix on Linux is patchelf[1] basically binaries generated are processed by it, this rewrites elfs to link to libraries in the /nix/store
Regarding syscalls, if you use NixOS then you're tied to specific state of nixpkgs, which also dictates the kernel installed. So you shouldn't run into it. You probably might run if you install Nix on Ubuntu. I don't remember running into it, and I think it should be rare since linux ABI supposed to not break compatibility.