When building apache it fails to build because of TEXTREL. In the below lines -prefer-non-pic is used as an argument to libtool. after did the following: pushd /var/tmp/portage/apache-2.0.59/work/httpd-2.0.59/srclib/pcre (redo below commands with s/prefer-non-pic/prefer-pic/g) linking works. /usr/share/apr-0/build/libtool --silent --mode=compile i686-pc-linux-gnu-gcc -pthread -march=pentium3 -O2 -pipe -DLINUX=2 -D_REENTRANT -D_GNU_SOURCE -DAP_HAVE_DESIGNATED_INITIALIZER -I/usr/include/apr-0 -I/usr/include/db4.2 -I. -I/var/tmp/portage/apache-2.0.59/work/httpd-2.0.59/os/unix -I/var/tmp/portage/apache-2.0.59/work/httpd-2.0.59/server/mpm/worker -I/var/tmp/portage/apache-2.0.59/work/httpd-2.0.59/modules/http -I/var/tmp/portage/apache-2.0.59/work/httpd-2.0.59/modules/filters -I/var/tmp/portage/apache-2.0.59/work/httpd-2.0.59/modules/proxy -I/var/tmp/portage/apache-2.0.59/work/httpd-2.0.59/include -I/var/tmp/portage/apache-2.0.59/work/httpd-2.0.59/modules/generators -I/usr/include/openssl -I/var/tmp/portage/apache-2.0.59/work/httpd-2.0.59/modules/dav/main -prefer-non-pic -static -c dftables.c && touch dftables.lo /usr/share/apr-0/build/libtool --silent --mode=compile i686-pc-linux-gnu-gcc -pthread -march=pentium3 -O2 -pipe -DLINUX=2 -D_REENTRANT -D_GNU_SOURCE -DAP_HAVE_DESIGNATED_INITIALIZER -I/usr/include/apr-0 -I/usr/include/db4.2 -I. -I/var/tmp/portage/apache-2.0.59/work/httpd-2.0.59/os/unix -I/var/tmp/portage/apache-2.0.59/work/httpd-2.0.59/server/mpm/worker -I/var/tmp/portage/apache-2.0.59/work/httpd-2.0.59/modules/http -I/var/tmp/portage/apache-2.0.59/work/httpd-2.0.59/modules/filters -I/var/tmp/portage/apache-2.0.59/work/httpd-2.0.59/modules/proxy -I/var/tmp/portage/apache-2.0.59/work/httpd-2.0.59/include -I/var/tmp/portage/apache-2.0.59/work/httpd-2.0.59/modules/generators -I/usr/include/openssl -I/var/tmp/portage/apache-2.0.59/work/httpd-2.0.59/modules/dav/main -prefer-non-pic -static -c pcreposix.c && touch pcreposix.lo /usr/share/apr-0/build/libtool --silent --mode=link i686-pc-linux-gnu-gcc -pthread -march=pentium3 -O2 -pipe -DLINUX=2 -D_REENTRANT -D_GNU_SOURCE -DAP_HAVE_DESIGNATED_INITIALIZER -I/usr/include/apr-0 -I/usr/include/db4.2 -I. -I/var/tmp/portage/apache-2.0.59/work/httpd-2.0.59/os/unix -I/var/tmp/portage/apache-2.0.59/work/httpd-2.0.59/server/mpm/worker -I/var/tmp/portage/apache-2.0.59/work/httpd-2.0.59/modules/http -I/var/tmp/portage/apache-2.0.59/work/httpd-2.0.59/modules/filters -I/var/tmp/portage/apache-2.0.59/work/httpd-2.0.59/modules/proxy -I/var/tmp/portage/apache-2.0.59/work/httpd-2.0.59/include -I/var/tmp/portage/apache-2.0.59/work/httpd-2.0.59/modules/generators -I/usr/include/openssl -I/var/tmp/portage/apache-2.0.59/work/httpd-2.0.59/modules/dav/main -export-dynamic -L/usr/lib -o dftables -L/usr/lib dftables.lo -lz -lssl -lcrypto -ldl /usr/lib/gcc/i686-pc-linux-gnu/3.4.6/../../../../i686-pc-linux-gnu/bin/ld: warning: creating a DT_TEXTREL in object. ./dftables > /var/tmp/portage/apache-2.0.59/work/httpd-2.0.59/srclib/pcre/chartables.c ./dftables: error while loading shared libraries: cannot make segment writable for relocation: Permission denied make[3]: *** [/var/tmp/portage/apache-2.0.59/work/httpd-2.0.59/srclib/pcre/chartables.c] Error 127 make[3]: Leaving directory `/var/tmp/portage/apache-2.0.59/work/httpd-2.0.59/srclib/pcre' make[2]: *** [all-recursive] Error 1 make[2]: Leaving directory `/var/tmp/portage/apache-2.0.59/work/httpd-2.0.59/srclib/pcre' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/var/tmp/portage/apache-2.0.59/work/httpd-2.0.59/srclib' make: *** [all-recursive] Error 1 !!! ERROR: net-www/apache-2.0.59 failed. # emerge --info Portage 2.1-r1 (hardened/x86/2.6, gcc-3.4.6, glibc-2.3.6-r4, 2.6.16-hardened-r11 i686) ================================================================= System uname: 2.6.16-hardened-r11 i686 Pentium III (Coppermine) Gentoo Base System version 1.6.15 distcc 2.18.3 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [enabled] app-admin/eselect-compiler: [Not Present] dev-lang/python: 2.3.5, 2.4.3-r1 dev-python/pycrypto: 2.0.1-r5 dev-util/ccache: [Not Present] dev-util/confcache: [Not Present] sys-apps/sandbox: 1.2.17 sys-devel/autoconf: 2.13, 2.59-r7 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2 sys-devel/binutils: 2.16.1-r3 sys-devel/gcc-config: 1.3.13-r3 sys-devel/libtool: 1.5.22 virtual/os-headers: 2.6.11-r2 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CBUILD="i686-pc-linux-gnu" CFLAGS="-march=pentium3 -O2 -pipe" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /var/qmail/alias /var/qmail/control" CONFIG_PROTECT_MASK="/etc/env.d /etc/gconf /etc/revdep-rebuild /etc/terminfo" CXXFLAGS="-march=pentium3 -O2 -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="autoconfig collision-protect distcc distlocks metadata-transfer parallel-fetch sandbox sfperms strict stricter userpriv usersandbox"
Created attachment 93106 [details, diff] files/apache-2.0.59-pic.patch fixes compile fault. Not tested operationally. Still trying to trace down spurious apache SEGV.
After re-reading http://www.gentoo.org/proj/en/hardened/pic-internals.xml to make sure I understand things correctly, I beleive turning on PIC for the entire apache build as your patch does is not the correct solution. We are not building a shared library. Digging into the source, I find dftables is tool used for generating another source file, and is never installed onto the system. (In fact, the error comes up when dftables is run, not when it is built) dftables is also part of the bundled pcre. One solution would be patching apache 2.0 to use the system pcre (apache 2.2 already does this, upstream gives that option). I have no idea how patched the bundled pcre is, and how tied apache 2.0 is to the version that is bundled with it however. Another option would be to replace dftables with say a PERL script.
This should be fixed with =apache-2.2.4* (at least I don't see any TEXTRELS on amd64/x86 with my builds up till now).
