# Emerge apache fails on pcre-config script [SOLVED]

## Ivion

I've recently reinstalled Gentoo on my homeserver and while in the business of installing and configuring everything again I came across an apache unwilling to compile:

```
checking for APR-util... yes

  adding "-L/usr/lib64" to LDFLAGS

checking for x86_64-pc-linux-gnu-gcc... x86_64-pc-linux-gnu-gcc

checking whether the C compiler works... yes

checking for C compiler default output file name... a.out

checking for suffix of executables... 

checking whether we are cross compiling... no

checking for suffix of object files... o

checking whether we are using the GNU C compiler... yes

checking whether x86_64-pc-linux-gnu-gcc accepts -g... yes

checking for x86_64-pc-linux-gnu-gcc option to accept ISO C89... none needed

checking how to run the C preprocessor... x86_64-pc-linux-gnu-gcc -E

configure: error: Did not find pcre-config script at /compile/portage/www-servers/apache-2.2.25/temp/pcre-config

```

But when I go to `/compile/portage/www-servers/apache-2.2.25/temp/` the `pcre-config` file is there, containing:

```
#!/bin/sh

[ "${flag}" = "--version" ] && set -- --modversion

exec ${PKG_CONFIG} libpcre "$@"

```

So I'm not sure what it exactly is that the configure step is failing on... any help would be appreciated. (The full build.log is located here.)

----------

## Hu

```
!!! Please attach the following file when seeking support:

!!! /compile/portage/www-servers/apache-2.2.25/work/httpd-2.2.25/config.log
```

----------

## TomWij

Can you file this bug at Gentoo Bugzilla? Read here how to write a bug report, for more in-depth details and troubleshooting steps you can read our Bugzilla HOWTO.

----------

## Ivion

 *TomWij wrote:*   

> Can you file this bug at Gentoo Bugzilla? Read here how to write a bug report, for more in-depth details and troubleshooting steps you can read our Bugzilla HOWTO.

 

Alright, I've done so: Bug #500928. So I guess this will be continued there...

----------

## Ivion

Thanks to SpanKY I can say this problem has been resolved. It was the Trusted Path Execution settings in my hardened kernel, specifically the CONFIG_GRKERNSEC_TPE_ALL option. This option restricts all non-root users so that they cannot execute files in directories that are world or group writable (amongst other things), and it happens to be the case that the build part of emerge drops its root privileges and works in directories that are group writable (portage group). So when the build process requires a file to be executed from there it gets denied, as conform the settings. If I'd known that emerge drops down to the user portage when actually building I might've figured it out sooner, but at least now I know.  :Smile: 

Also I should've looked more carefully at my log files, because as SpanKY says in the bug report, the cause for the build-failure was plainly to be found in `dmesg`:

```
grsec: From x.x.x.x: denied untrusted exec (due to file in group-writable directory) of /compile/portage/www-servers/apache-2.2.25/temp/pcre-config by /compile/portage/www-servers/apache-2.2.25/temp/pcre-config[configure:5389] uid/euid:250/250 gid/egid:250/250, parent /compile/portage/www-servers/apache-2.2.25/work/httpd-2.2.25/configure[configure:4220] uid/euid:250/250 gid/egid:250/25
```

----------

