-- Leo's gemini proxy

-- Connecting to perso.pw:1965...

-- Connected

-- Sending request

-- Meta line: 20 text/gemini;

Gentoo cheatsheet


Author: Solène

Date: 05 July 2021

Tags: linux gentoo cheatsheet


Comment on Mastodon


Introduction


This is a simple cheatsheet to manage my Gentoo systems, a linux distribution source based, meaning everything installed on the computer must be compiled locally.


Gentoo project website


Upgrade system


I use the following command to update my system, it will downloaded latest portage version and then rebuild @world (the whole set of packages manually installed).


#!/bin/sh
emerge-webrsync 2>&1 | grep "The current local"
if [ $? -eq 0 ]
then
	exit
fi

emerge -auDv --with-bdeps=y --changed-use --newuse @world

Use ccache


As you may rebuild the same program many times (especially on a new install), I highly recommend using ccache to reuse previous builded objects and will reduce build duration by 80% when you change an USE.


It's quite easy, install ccache package, add 'FEATURES="ccache"' in your make.conf and do "install -d -o root -g portage -p 775" /var/cache/ccache and it should be working (you should see files in the ccache directory).


Gentoo wiki about ccache


Use emlop to view / calculate build time from past builds


Emlop can tell you how much time will be needed or remains on a build based on previous builds information. I find it quite fun to see how long an upgrade will take.


There is another tool named "genlop" that is older, but emlop feels better.


View compilation time


From the package emlop


# emlop predict
Pid 353165: ...-newuse --backtrack=150 @world       1:07:15
sys-devel/gcc-12.2.1_p20230121-r1                   1:34:41 - 1:06:21

Using gentoolkit


The gentoolkit package provides a few commands to find informations about packages.


Gentoo wiki page about Gentoolkit


Find a package


You can use "equery" from the package gentoolkit like this "equery l -p '*package name*" globbing with * is mandatory if you are not looking for a perfect match.


Example of usage:


# equery l -p '*firefox*'
 * Searching for *firefox* ...
[-P-] [  ] www-client/firefox-78.11.0:0/esr78
[-P-] [ ~] www-client/firefox-89.0:0/89
[-P-] [ ~] www-client/firefox-89.0.1:0/89
[-P-] [ ~] www-client/firefox-89.0.2:0/89
[-P-] [  ] www-client/firefox-bin-78.11.0:0/esr78
[-P-] [  ] www-client/firefox-bin-89.0:0/89
[-P-] [  ] www-client/firefox-bin-89.0.1:0/89
[IP-] [  ] www-client/firefox-bin-89.0.2:0/89

Get the package name providing a file


Use "equery b /path/to/file" like this


# equery b /usr/bin/2to3
 * Searching for /usr/bin/2to3 ...
dev-lang/python-exec-2.4.6-r4 (/usr/lib/python-exec/python-exec2)
dev-lang/python-exec-2.4.6-r4 (/usr/bin/2to3 -> ../lib/python-exec/python-exec2)

Show installed packages


qlist -I

Upgrade parts of the system using packages sets


There are special packages sets like @security or @profile that can be used instead of @world that will restrict the packages to only a group, on a server you may only want to update @security for... security but not for newer versions.


Gentoo wiki about Packages sets


Disable network when emerging for extra security


When building programs using emerge, you can disable the network access for the building process, this is considered a good thing because if the building process requires extra files downloaded or a git repository cloned during building phase, this mean your build is not reliable over time. This is also important for security because a rogue build script could upload data. This behavior is default on OpenBSD system.


To enable this, just add "network-sandbox" in the FEATURE variable in your make.conf file.


Gentoo documentation about make.conf variables


Easy trimming kernel process


I had a bulky kernel at first but I decided to trim it down to reduce build time, it took me a long fail and retry process in order to have everything right that still work, here is a short explanation about my process.


keep an old kernel that work

install and configure genkernel with MRPROPER=no and CLEAN=no in /etc/genkernel.conf because we don't want to rebuild everything when we make changes

lspci -k will tell you which hardware requires which kernel module

visit /usr/src/linux and run make menuconfig, basically, you can remove a lot of things in "Device drivers" category that doesn't look like standard hardware on personal computers

in Ethernet, Wireless LAN, Graphical drivers, you can trim everything that doesn't look like your hardware

run genkernel all and then grub-mkconfig -o /boot/grub/grub.cfg if not done by genkernel and reboot, if something is missed, try enabling drivers you removed previously

do it slowly, not much drivers at a time, it's easier to recover an issue when you don't remove many modules from many categories

using genkernel all without cleaning, a new kernel can be out in a minute which make the process a lot faster


You can do this without genkernel but if you are like me, using LVM over LUKS and that you need an initrd file, genkernel will just ease the process and generate the initird that you need.


Use binary packages


If you use Gentoo you may want to have control over most of your packages, but some packages can be really long to compile without much benefit, or you may simply be fine using a binary package. Some packages have the suffix -bin to their name, meaning they won't require compilation.


There are a few well known packages such as firefox-bin, libreoffice-bin, rust-bin and even gentoo-kernel-bin! You can get a generic kernel pre-compiled :)


Gentoo wiki: Using distribution kernel


Create binary packages


It is possible to create a binary package of every program you compile on Gentoo, this can be used for distributing packages on similar systems or simply make a backup of your packages. In some cases, the redistribution may not work if you are on a system with a different CPU generation or different hardware, this is pretty normal because you often define the variables to optimize as much as possible the code for your CPU and the binaries produced won't work on another CPU.


The guide from Gentoo will explain all you need to know about the binary packages and how to redistribute them, but the simplest config you need to start generating packages from emerge compilation is setting FEATURES="buildpkg" in your make.conf


Gentoo wiki: Binary package guide


Good make.conf defaults


This is a chunk of my `make.conf` file that I find really useful. It accepts all licenses, make portage run with nice 15 to not disturb much a running system, make it compile with 12 threads, run up to 8 parallel package creation except if the load reach 10.


And it always create binary packages, so if you play with USE flags and revert, you will already have a binary package and this will avoid recompiling.


ACCEPT_LICENSE="-* @EULA @BINARY-REDISTRIBUTABLE"
PORTAGE_NICENESS=15
EMERGE_DEFAULT_OPTS="${EMERGE_DEFAULT_OPTS} --getbinpkg -j 8 -l 10 --keep-going y"
FEATURES="ccache buildpkg network-sandbox"
MAKEOPTS="-j12"

VIDEO_CARDS=yourcard
L10N=yourlang

-- Response ended

-- Page fetched on Thu Mar 28 19:50:41 2024