PostgreSQL fails to start inside Nix' darwin sandbox

Nix on Linux runs all builds and tests in a sandboxed environment by 
default.  Nix on Darwin/macOS doesn't enable the sandbox by default, 
because macOS' native sandboxing capabilities are limited.  We'd like to 
enable the sandbox by default in the future.  Currently, this prevents 
running PostgreSQL's test suite or building extensions with cargo-pgrx, 
both of which require *running* initdb / postgres inside the sandbox.

This is because the Darwin sandbox doesn't allow creating System V 
shared memory segments.  Nix' Linux sandbox is able to create IPC 
namespaces, which allows creating these safely.  To our knowledge it's 
not possible to create these namespaces with the native darwin 
sandboxing capabilities.  Enabling IPC regardless would allow 
communicating with other sandboxes and the host system, defeating the 
point of the sandbox.

System V shared memory segments are used by PostgreSQL to provide a lock 
on the data directory, as explained in sysv_shmem.c.  The comment also 
mentions the possibility to introduce a compile and/or run-time test 
here.  For our use-case, a run-time test seems much better, because we'd 
want the same binaries to not do this inside the sandbox, but work as 
before when actually run on the host.

Right now, initdb fails with his error:

  FATAL:  could not create shared memory segment: Operation not permitted
  DETAIL:  Failed system call was shmget(key=80109247, size=56, 03600).

It would be great if this was fixed to allow running PostgreSQL in this 
environment.

Thanks,

Wolfgang