cat /var/log/portage/app-admin:mongo-tools-3.0.14:20170204-225201.log * Package: app-admin/mongo-tools-3.0.14 * Repository: gentoo * Maintainer: ultrabug@gentoo.org * USE: abi_x86_64 amd64 elibc_glibc kernel_linux ssl userland_GNU * FEATURES: preserve-libs sandbox userpriv usersandbox >>> Unpacking source... >>> Unpacking mongo-tools-3.0.14.tar.gz to /var/tmp/portage/app-admin/mongo-tools-3.0.14/work >>> Source unpacked in /var/tmp/portage/app-admin/mongo-tools-3.0.14/work >>> Preparing source in /var/tmp/portage/app-admin/mongo-tools-3.0.14/work/mongo-tools-r3.0.14 ... >>> Source prepared. >>> Configuring source in /var/tmp/portage/app-admin/mongo-tools-3.0.14/work/mongo-tools-r3.0.14 ... >>> Source configured. >>> Compiling source in /var/tmp/portage/app-admin/mongo-tools-3.0.14/work/mongo-tools-r3.0.14 ... fatal: Not a git repository (or any of the parent directories): .git fatal: Not a git repository (or any of the parent directories): .git Building bsondump... ./bin/bsondump: error while loading shared libraries: cannot make segment writable for relocation: Permission denied * ERROR: app-admin/mongo-tools-3.0.14::gentoo failed (compile phase): * build failed * * Call stack: * ebuild.sh, line 115: Called src_compile * environment, line 1949: Called die * The specific snippet of code: * ./build.sh ${myconf} || die "build failed" * * If you need support, post the output of `emerge --info '=app-admin/mongo-tools-3.0.14::gentoo'`, * the complete build log and the output of `emerge -pqv '=app-admin/mongo-tools-3.0.14::gentoo'`. * The complete build log is located at '/var/log/portage/app-admin:mongo-tools-3.0.14:20170204-225201.log'. * The ebuild environment file is located at '/var/tmp/portage/app-admin/mongo-tools-3.0.14/temp/environment'. * Working directory: '/var/tmp/portage/app-admin/mongo-tools-3.0.14/work/mongo-tools-r3.0.14' * S: '/var/tmp/portage/app-admin/mongo-tools-3.0.14/work/mongo-tools-r3.0.14' PaX message [11635022.087849] grsec: From 10.0.101.100: denied RWX mprotect of /var/tmp/portage/app-admin/mongo-tools-3.0.14/work/mongo-tools-r3.0.14/bin/bsondump by /var/tmp/portage/app-admin/mongo-tools-3.0.14/work/mongo-tools-r3.0.14/bin/bsondump[bsondump:12482] uid/euid:250/250 gid/egid:250/250, parent /var/tmp/portage/app-admin/mongo-tools-3.0.14/work/mongo-tools-r3.0.14/build.sh[build.sh:11942] uid/euid:250/250 gid/egid:250/250 Reproducible: Always emerge --info '=app-admin/mongo-tools-3.0.14::gentoo' Portage 2.3.3 (python 3.4.5-final-0, hardened/linux/amd64, gcc-4.9.4, glibc-2.22-r4, 4.1.7-hardened-r1-server-kvm x86_64) ================================================================= System Settings ================================================================= System uname: Linux-4.1.7-hardened-r1-server-kvm-x86_64-Intel-R-_Xeon-R-_CPU_E5-2620_v3_@_2.40GHz-with-gentoo-2.3 KiB Mem: 65839784 total, 5459004 free KiB Swap: 0 total, 0 free Timestamp of repository gentoo: Sat, 04 Feb 2017 21:00:01 +0000 sh bash 4.3_p48-r1 ld GNU ld (Gentoo 2.25.1 p1.1) 2.25.1 app-shells/bash: 4.3_p48-r1::gentoo dev-java/java-config: 2.2.0-r3::gentoo dev-lang/perl: 5.22.3_rc4::gentoo dev-lang/python: 2.7.12::gentoo, 3.4.5::gentoo dev-util/cmake: 3.7.2::gentoo dev-util/pkgconfig: 0.28-r2::gentoo sys-apps/baselayout: 2.3::gentoo sys-apps/openrc: 0.22.4::gentoo sys-apps/sandbox: 2.10-r1::gentoo sys-devel/autoconf: 2.69::gentoo sys-devel/automake: 1.14.1::gentoo, 1.15::gentoo sys-devel/binutils: 2.25.1-r1::gentoo sys-devel/gcc: 4.9.4::gentoo sys-devel/gcc-config: 1.7.3::gentoo sys-devel/libtool: 2.4.6-r2::gentoo sys-devel/make: 4.1-r1::gentoo sys-kernel/linux-headers: 4.4::gentoo (virtual/os-headers) sys-libs/glibc: 2.22-r4::gentoo Repositories: gentoo location: /usr/portage sync-type: rsync sync-uri: rsync://rsync.gentoo.org/gentoo-portage priority: -1000 aytpo location: /var/lib/layman/aytpo masters: gentoo priority: 0 Installed sets: @amanda, @benchmark, @certbot, @graylog, @nagios, @network, @openvas, @server-mail, @stage4 ACCEPT_KEYWORDS="amd64" ACCEPT_LICENSE="*" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -mtune=core2 -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/genkernel/arch/x86 /usr/share/genkernel/defaults/ /usr/share/gnupg/qualified.txt" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5.6/ext-active/ /etc/php/cgi-php5.6/ext-active/ /etc/php/cli-php5.6/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c" CXXFLAGS="-O2 -mtune=core2 -pipe" DISTDIR="/usr/portage/distfiles" EMERGE_DEFAULT_OPTS="--rebuild-if-new-ver=y --rebuild-if-new-rev=y --quiet-build=y --fail-clean=y --autounmask-write=y --autounmask --jobs=2 --keep-going --with-bdeps=y" FCFLAGS="-O2 -pipe" FEATURES="assume-digests binpkg-logs buildpkg collision-protect config-protect-if-modified distlocks ebuild-locks fail-clean fixlafiles merge-sync metadata-transfer news parallel-fetch parallel-install preserve-libs protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr" FFLAGS="-O2 -pipe" GENTOO_MIRRORS="http://mirror.yandex.ru/gentoo-distfiles/" LDFLAGS="-Wl,-O1 -Wl,--as-needed" MAKEOPTS="-j12" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git" PORTAGE_TMPDIR="/var/tmp" USE="acl amd64 berkdb bindist bzip2 cli cracklib crypt cxx dri gdbm hardened iconv ipv6 justify modules multilib ncurses nls nptl openmp pam pax_kernel pcre pie readline seccomp session ssl ssp tcpd unicode urandom vim-syntax xattr xtpax zlib" ABI_X86="64" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="kexi words flow plan sheets stage tables krita karbon braindump author" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_X86="mmx mmxext sse sse2 sse3 sse4_1 ssse3" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock isync itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf skytraq superstar2 timing tsip tripmate tnt ublox ubx" INPUT_DEVICES="evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" LINGUAS="en ru" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php5-6" PYTHON_SINGLE_TARGET="python2_7" PYTHON_TARGETS="python2_7 python3_4" QEMU_SOFTMMU_TARGETS="i386" QEMU_USER_TARGETS="i386" RUBY_TARGETS="ruby21" USERLAND="GNU" VIDEO_CARDS="vesa" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CC, CPPFLAGS, CTARGET, CXX, INSTALL_MASK, LANG, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, USE_PYTHON
can you attach the buildlog?
Created attachment 463368 [details] buildlog
Created attachment 463370 [details] ebuild mongo-tools-3.0.10.ebuild clean install
Confirmed with my =sys-kernel/hardened-sources-4.8.17-hardened-r2 with CONFIG_PAX_ELFRELOCS=n (default, and common) It rejects all relocations on .text (nowadays ELFs do not do relocations on .text, using GOT/PLT way instead) I solved it by adding argument -buildmode=pie to `go build`: build.sh:25: go build -buildmode pie -o "bin/$i" -tags "$tags" "$i/main/$i.go" `go help buildmode` tells: -buildmode=default Listed main packages are built into executables and listed non-main packages are built into .a files (the default behavior). -buildmode=exe Build the listed main packages and everything they import into executables. Packages not named main are ignored. -buildmode=pie Build the listed main packages and everything they import into position independent executables (PIE). Packages not named main are ignored. Since producing PIEs significantly increases compilation time, I suggest adding a USE flag "pie" or "hardened" and handling it in ebuild. NOTE: Didn't do tests to ensure consistent program behavior because I'm a newbie to mongodb and not a golang user. Just make it runnable.
fixed in tree, thanks mate PS: 3.0 is starting to get old and will get dropped sometimes soon
