[gentoo-user] eix-sync and validated Portage tree snapshots
Hi list, I'm configuring Portage to pull and validate tree snapshots. I used to update with eix-sync, which uses emerge --sync and I wonder if there is a way to force eix to use emerge-webrsync? Right now I've hooked eix-update in to /etc/portage/postsync.d however I still miss the convenience of eix-sync updating the main tree and overlays and diff-ing it all. Any suggestions? Thanks, Dragostin Yanev
Re: [gentoo-user] eix-sync and validated Portage tree snapshots
Hi list, I'm configuring Portage to pull and validate tree snapshots. I used to update with eix-sync, which uses emerge --sync and I wonder if there is a way to force eix to use emerge-webrsync? Right now I've hooked eix-update in to /etc/portage/postsync.d however I still miss the convenience of eix-sync updating the main tree and overlays and diff-ing it all. Any suggestions? Thanks, Dragostin Yanev Sorry list, I feel stupid now... -w Run emerge-webrsync instead of emerge --sync. Regards, Dragostin Yanev
Re: [gentoo-user] Questions about CPU settings in kernel and USE
On Sat, Apr 19, 2014 at 12:12:46AM +0400, Andrew Savchenko wrote I'd like to recommend you this kernel gcc patch which enables -march=native support for kernel compilation: https://github.com/graysky2/kernel_gcc_patch Just select native and you will get both best performance and one less headache. I've been using -march=native for years. Is there any circumstance, other than a really old gcc, where it doesn't work? Thank you Andrew I didn't know about this patch. Walter, the kernel uses it's own CFLAGS defined in the makefiles. This patch adds some more options including native Regards, Dragostin Yanev
Re: [gentoo-user] Questions about CPU settings in kernel and USE
Am 18.04.2014 22:12, schrieb Andrew Savchenko: On Mon, 14 Apr 2014 22:11:05 -0400 Walter Dnes wrote: I'm (re)installing Gentoo on an older AMD notebook. The output from less /proc/cpuinfo includes... processor : 1 vendor_id : AuthenticAMD cpu family : 16 model : 6 model name : AMD Athlon(tm) II P320 Dual-Core Processor stepping: 3 microcode : 0x1b6 cpu MHz : 2100.000 cache size : 512 KB physical id : 0 siblings: 2 core id : 1 cpu cores : 2 apicid : 1 initial apicid : 1 fpu : yes fpu_exception : yes cpuid level : 5 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm 3dnowext 3dnow constant_tsc rep_good nopl nonstop_tsc extd_apicid pni monitor cx16 popcnt lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a 3dnowprefetch osvw ibs skinit wdt nodeid_msr hw_pstate npt lbrv svm_lock nrip_save bogomips: 4189.59 TLB size: 1024 4K pages Now for the questions * In make menuconfig, I'm not sure which of 2 CPU options to select in Processor type and features --- Processor family (*) --- ( ) Athlon/Duron/K7 ( ) Opteron/Athlon64/Hammer/K8 I'd like to recommend you this kernel gcc patch which enables -march=native support for kernel compilation: https://github.com/graysky2/kernel_gcc_patch Just select native and you will get both best performance and one less headache. or it creates code that is much slower or breaks in subtle and hard to catch ways. The kernel devs are very astute when it comes to gcc options - I wouldn't screw around with them. If an app is crashy, disturbing but not a big problem. If the kernel decides to write the wrong stuff all over a partition boundary you are screwed. Best regards, Andrew Savchenko Hi Volker Armin Hemmann, Have you encountered -march=native related bugs? I haven't had any problems on mainstream amd/intel cpus. With regards to the kernel I would expect more problems from an aggressive -O flag than that of -march since -march just indicates the instruction set the compiler can use. That being said if the goal is stability I wouldn't be applying unofficial patches. Regards, Dragostin Yanev
Re: [gentoo-user] re: Failed to load x86_pkg_temp_thermal
Howdy, I'm running: Linux box0 3.12.13-gentoo #2 SMP Sat Mar 29 22:38:01 EET 2014 i686 Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz GenuineIntel GNU/Linux My '/var/log/rc.log' says: * Loading module x86_pkg_temp_thermal ... * Failed to load x86_pkg_temp_thermal [ !! ] 'modprobe x86_pkg_temp_thermal' says: modprobe: ERROR: could not insert 'x86_pkg_temp_thermal': No such device 'modinfo x86_pkg_temp_thermal' filename: /lib/modules/3.12.13-gentoo/kernel/drivers/thermal/x86_pkg_temp_thermal.ko license:GPL v2 author: Srinivas Pandruvada srinivas.pandruv...@linux.intel.com description:X86 PKG TEMP Thermal Driver alias: x86cpu:vendor::family:*:model:*:feature:*00E6* depends: intree: Y vermagic: 3.12.13-gentoo SMP mod_unload CORE2 parm: notify_delay_ms:User space notification delay in milli seconds. (int) I found 'CONFIG_X86_PKG_TEMP_THERMAL=m' in .config for my current kernel only. Does the output above mean that my CPU doesn't support this feature, and as such should be disabled in my kernel config? Thanks. Hi Alexander Kapshuk, You probably don't need that module. Grep your dmesg for therm|thermal. You should see ACPI registering your thermal zones: [1.424899] thermal LNXTHERM:00: registered as thermal_zone0 [1.424944] ACPI: Thermal Zone [TZS0] (32 C) then look for them in: /sys/class/thermal/ /sys/bus/acpi/devices/LNXTHERM:00/thermal_zone/temp if not check your kernel config for needed options like: CONFIG_ACPI_THERMAL=y Regards, Dragostin Yanev
Re: [gentoo-user] Question about binary packages
Hi list, I was wondering how it works for binary packages when they are compiled: Are all binary packages compiled on Gentoo infrastructure after a source upload from the maintainer, or are there any binary packages compiled on maintainers computers and then uploaded on Gentoo infra? In fact, we had lots of trolls^W discussions about this point with friends and colleagues who use other distros. And there is a security question: do we allow uploads from developers without being sure the binary comes from the corresponding sources? (the maintainer may be malicious, or his computer may be compromised) The « binary upload » practice is very common in other distro communities such as Debian. Therefore I would like to know if we also have this flaw in Gentoo. (and what do you think about it) Thank you, JC Hi Jean-Christophe Bach, The difference between the Debian, etc distros and Gentoo for me is that Gentoo is source distribution first with the tools to use binary packages later. For instance the way I update my servers is I have a tree mirror and a build server. I can track the changes, compile the packages, test them and finally deploy the built binary packages. Debian has tools to make all this happen too but I don't think it's the standard way. Gentoo keeps me close to the source with all the power to mix and mash versions, patches, etc and unties my hands to take control and responsibility over my systems. I take security very seriously too and I would suggest you take a look at the Gentoo Hardened Project. Regards, Dragostin Yanev
Re: [gentoo-user]
No terminal handling library was found on your system. This is probably a library called 'curses' or 'ncurses'. You may need to install a package called 'curses-devel' or 'ncurses-devel' on your system. See `config.log' for more details Hi Nikita Tropin, No terminal handling library was found on your system. This is probably a library called 'curses' or 'ncurses'. You may need to install a package called 'curses-devel' or 'ncurses-devel' on your system. See `config.log' for more details the ebuild has =sys-libs/ncurses-5.1 RDEPEND that portage should have dealt with. Is your system up to date, clean and synced?
Re: [gentoo-user] Brand new instalation - Network problem
On Sat, 26 Oct 2013 20:44:00 + João Matos jaon...@gmail.com wrote: Hi list, I`ve just installed a brand new gentoo amd64 and there is this problem: my Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168 PCI Express Gigabit Ethernet controller (rev 06) is recognized as *sit0* , but I can't get any IP Adress. dhcp takes long and doesn't get any result. dhcpcd doesn't work either. Even if I choose a manual address I cant ping other devices. When I used ifconfig, I got something like ipv6 over ipv4, but I will only need ipv4. So I disabled ipv6 USE flag, but I didn't change anything. The weird thing is that if I disable the IPV6 kernel support (manual configuration btw), the network interface (sit0) desappears! When I reboot the system using a usb botable Ubuntu everything works fine, using the same hardware/infrastructure. I have no idea what is going on here, so, please, send me some links. Thank you all, Hi João, Let's do some basic troubleshooting. look at the output of the following commands # lspci # dmesg | grep -b2 -a2 -i ethernet # lsmod This will hopefully help us determine if the correct driver is loaded.
Re: [gentoo-user] OT: default route dependent on dest port?
On Fri, 4 Oct 2013 20:55:25 + (UTC) Grant Edwards grant.b.edwa...@gmail.com wrote: Let's posit two network interfaces net1 (192.168.x.y/16) and net2 (172.16.a.b/16). There's a NAT/gateway available on each of the networks. I want to use the 172.16 gateway for TCP connections to port 80 and the 192.168 gateway for everything else. I'm primarily following this example: http://www.tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.netfilter.html My main routing table contains all directly accessible subnets plus a default route via the 192.168 gateway. I created a second route table named pmain which is identical to main except it has a different default route via the 172.16 gateway. My ip rules are: 0: from all lookup local 1: from all fwmark 0x1 lookup pmain 32766: from all lookup main 32767: from all lookup default I then add an iptables rule like this: iptables -A OUTPUT -t mangle -p tcp --dport 80 -j MARK --set-mark 1 Now all TCP packets destined for port 80 are sent to the 172.16 gateway, _but_ they're being sent with a 192.168 source address. The TCP stack is apparently unaware of the advanced routing tricks and thinks that the packets are going out via the 192.168 gateway. IOW I've succesfully re-routed TCP _packets_ but not the TCP _connection_. How do I tell the TCP stack that it's supposed to use the 172.16 inteface/gateway for connections to port 80? Hi, It's been a while but i believe you want to route via interface not gateway. Providing more info will make it easier to help you.
Re: [gentoo-user] Where to put advanced routing configuration?
On Fri, 04 Oct 2013 17:58:14 -0400 Michael Orlitzky mich...@orlitzky.com wrote: On 10/03/2013 04:28 PM, Kerin Millar wrote: The iptables runscript is ideal for persisting the rules. However, during the initial construction of a non-trivial ruleset, I prefer to write a script that adds the rules. An elegant way of doing this is to use iptables-restore with a heredoc. The method - and its advantages - are described in this document (section 3): http://inai.de/documents/Perfect_Ruleset.pdf This advice is dubious in my opinion. The `iptables` command line is the published interface to iptables. The iptables-restore syntax is an implementation detail, subject to change at any time. Here are his arguments: 1. Calling iptables repeatedly is slow. Who cares? How often do you invoke the script? Once or twice a year when you change it. 2. There is an opportunity for someone to bypass the rules between dropping/recreating them. Again, you run the script once or twice a year. Turn off the interface beforehand if a few microseconds per year is too long to run without a firewall. And my counterarguments: 1. The iptables-restore syntax is uglier and harder to read. 2. You get better error reporting calling iptables repeatedly. 3. The published interface will never change; iptables-restore reads an input language whose specification is whatever iptables-save outputs. 4. A bash script is far more standard and less confusing to your coworkers. 5. You can't script iptables-restore! What if you want to call sed, cut, or grep on something and pass that to iptables? You can write a bash script that writes an iptables-restore script to accomplish the same thing, but how much complexity are you willing to add for next to no benefit? Hi, Many people use netfilter for busy firewalls not just for set and forget firewalls. Having hundreds or thousands of rules and IPs makes managing netfilter with iptables problematic. That is when it's advisable to change the filter in one swoop with restore or ipset. Bottom line is your individual use case is just that, individual.
Re: [gentoo-user] Sloppy sterm screen update over ssh
On Wed, 2 Oct 2013 19:06:51 -0400 Walter Dnes waltd...@waltdnes.org wrote: On Wed, Oct 02, 2013 at 11:33:19AM -0500, Paul Hartman wrote On Mon, Sep 30, 2013 at 7:10 PM, Walter Dnes waltd...@waltdnes.org wrote: I've recently noticed when ssh'ing into another machine that the xterm display doesn't fully update. I.e. there are holes where an app updates over a previous screen. I've tried Google, but any mention of screen is interpreted as the screen utility. Hi, Are you running xterm over ssh (X11 forwarding) or are you running an ssh session inside of an xterm? If the latter I have experienced something similar when my TERM variable was not set correctly and things like Midnight Commander would not fill in the blue background (for example) or fail to blank the screen on updates. Another Midnight Commander user! Yes, I fire up an xterm locally, and then ssh to another machine. I notice this especially with mc and vim. Thanks for the pointer. Now that I know what I should be looking for, a Google search indicates I should have... TERM=xterm Is that correct? It seems to solve my problem. Hi Walter, TERM=xterm is a reasonable default if you are running xterm. You might loose color or unicode on some old machines. You can then try xterm-unicode, xterm-256color, rxvt, rxvt-unicode, etc or even better delve in to the terminfo database. The only rule is that terminfo on the remote machine has to have the TERM profile you have set. You can also set the TERM on the misbehaving machine(if it's a bug) or copy the profile from your terminfo database to the remote machine database and fix it that way.
Re: [gentoo-user] Re: s6 et al
On Thu, 03 Oct 2013 14:57:38 +0200 Alan McKinnon alan.mckin...@gmail.com wrote: On 03/10/2013 14:55, James wrote: William Hubbs williamh at gentoo.org writes: On Wed, Oct 02, 2013 at 12:04:24AM -0500, Bruce Hill wrote: Just stumbled across some very interesting software/ideas: http://skarnet.org/poweredby.html Yes, I have been looking at this for a few days, and some of the other members of the OpenRC team are interested in it as well. I'm not too sure about the kernel sources: is provided by Gandi and cannot be modified That's a GPL violation right there. Hi, I think you are misreading that sentence out of it's context. The context as I read it states that the hosting server is a VPS leased by Gandi and they don't have control over the kernel (openvz, lxc, containers, etc..). The developer absolutely totally cannot do that. He/she may refuse to provide support if the kernel image is not what is shipped, but by using Linux they have already bound themselves to an agreement that the sources must be provided and be modifiable. And, they have to host the sources on their own network or provide them on demand My experiences with embedded *nix is that the kernel sources are tinkered with, almost constantly to infinity.. You'd be wise to post to the gentoo-embedded group, where those learking in the shadows (memory crevaces) have lots of experiences with a multitude of embedded ventures. Most embedded ventures end up on the waste heap; they made critical decision that leave the effort..borked. I'd research into the coding+user community, as being naked and alone on an embedded vetnure, does give rise to abandonment. Another consideration is the processor architecture(s) that the codebase runs on. Most embedded and high end processor efforts are looking at LOW POWER architectures, as the thrust of all future efforts. This means on ARM or ARM+x86 or such. That said, the project does look attractive. caveat emptor. hth, James
Re: PORTDIR default - changing PORTDIR variable - WAS Re: [gentoo-user] Re: separate / and /usr to require initramfs 2013-11-01
On Tue, 01 Oct 2013 08:35:16 -0400 Tanstaafl tansta...@libertytrek.org wrote: On 2013-09-30 3:14 PM, Alan McKinnon alan.mckin...@gmail.com wrote: On 30/09/2013 19:25, Volker Armin Hemmann wrote: Alan wrote: Charles wrote: But... is /usr/portage the default/recommended location? If so, then I don't think I want to move it - I generally never change defaults unless there is a very good reason to do so. It's /var/portage for new installs. If you want it to be somewhere else, just move it and adjust make.conf really? so when I moved PORTDIR to /var/portage I was ahead of the rest? Wow... You were ahead of me for sure :-) So... if the change from /usr/portage to /var/portage was official, is there any (official) documentation on precisely how to move it? Hmmm more importantly, when did this change occur? Is it possibly tied to portage 2.2? The reason I ask is, I'm still on 2.1, and man portage still has references to: /usr/portage/sets /usr/portage/metadata /usr/portage/profiles /usr/share/portage/config and man make.conf still says: PKGDIR = [path] snip Defaults to /usr/portage/packages. and most importantly: PORTDIR = [path] snip Defaults to /usr/portage. So... are you quite certain that this default has in fact changed? I know that it is probably trivial, but I like to read official docs for things like this... Thanks again... Hi, I haven't kept up with documentation but moving portage is fairly straightforward. Here's how I'd do it: mkdir /var/portage chown portage:portage /var/portage rsync -aHx /usr/portage/ /var/portage/ #add flags if using ext attr. edit /etc/make.conf PORTDIR=/var/portage DISTDIR=${PORTDIR}/distfiles PKGDIR=${PORTDIR}/packages edit /etc/portage/repos.conf/* accordingly change default profile with eselect profile list or manually link /etc/make.profile to the correct path emerge --sync when everything is working ok clean /usr/portage Hope i was helpful, netixen