Re: [gentoo-user] long compiles
You may also want to take a look at "distcc", with which you can set up compiler farms; this can be even combined with "ccache": https://wiki.gentoo.org/wiki/Distcc#With_ccache -Ramon On 11/09/2023 23:46, Alan McKinnon wrote: On Mon, Sep 11, 2023 at 11:23 PM Michael wrote: On Monday, 11 September 2023 21:21:47 BST Alan McKinnon wrote: > On Mon, Sep 11, 2023 at 10:05 PM Neil Bothwick wrote: > > On Mon, 11 Sep 2023 21:19:27 +0200, Alan McKinnon wrote: > > > chromium has been building since 10:14, it's now 21:16 and still going > > > so 9 hours at least on this machine to build a browser - almost as bad > > > as openoffice at it's worst (regularly took 12 hours). Nodejs also took > > > a while, but I didn't record time. > > > > Chromium is definitely the worst, and strangely variable. The last few > > compiles have taken between 6 and 14 hours. Since it takes longer than > > everything else to build, it is usually compiling on its own, so parallel > > emerges aren't a factor. > > > > Qtwebengine is also bad, not surprising as it is a cut down Chromium. > > Emerging world with --exclude then timing build to coincide with sleep > > helps, although I haven't quite reached the age where I need 14 hours of > > sleep a day. > > > > > > -- > > Neil Bothwick > > > > If it isn't broken, I can fix it. > > Yup, that jibes with what I see. Oh well, just means that the need for > overnight compiles did not go away haha > > Thanks to every one else that replied too - everyone said much the same > thing so I figured one replay to rule them all was the best way > > > Alan As the old saying goes, "there ain't no substitute to cubic inches". Moar cores and moar RAM is almost always the solution, but with laptops and older PCs in general overnight builds soon become inevitable. Selectively reducing jobs and adding swap, or for packages like rust placing /var/tmp/portage on the disk becomes necessary. A solution I use for older/smaller laptops is to build binaries on a more powerful PC and emerge these in turn on the weaker PCs. There's also the option of using bin alternatives where available, e.g. google-chrome, firefox-bin, libreoffice-bin. Finally, there is a small scale project to provide systemd based binaries as an alternative to building your own: https://wiki.gentoo.org/wiki/Experimental_binary_package_host As it turns out this laptop is the most powerful machine I have available, my large collection of previous work laptops are getting older and older. Although, I *could* create a ginormous build host on one of the virtualization clusters at work hahaha :-) That link looks interesting, I'll check it out, thanks! -- Alan McKinnon alan dot mckinnon at gmail dot com -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_0x155BE26413E699BF.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: [gentoo-user] long compiles
In addition to the reference to "qlop": $ qlop ungoogled-chromium | tail 2022-08-04T19:58:22 >>> www-client/ungoogled-chromium: 9:06:54 2022-08-05T14:27:44 >>> www-client/ungoogled-chromium: 16:19:06 2022-08-25T11:45:37 >>> www-client/ungoogled-chromium: 8:01:54 2022-09-01T10:03:19 >>> www-client/ungoogled-chromium: 15:27:22 2022-09-06T16:29:49 >>> www-client/ungoogled-chromium: 9:46:16 2022-09-14T17:48:16 >>> www-client/ungoogled-chromium: 9:30:29 2022-10-08T03:40:44 >>> www-client/ungoogled-chromium: 1:52:16 2022-10-21T17:58:43 >>> www-client/ungoogled-chromium: 9:24:55 2022-12-16T17:47:27 >>> www-client/ungoogled-chromium: 20:56:08 2023-03-20T14:12:02 <<< www-client/ungoogled-chromium: 2s Since I am using "ccache", the compilation time is sometimes doubled. ZzZzZzzz -Ramon On 11/09/2023 21:42, Ramon Fischer wrote: Hi Alan, just quick and dirty, I am too tired for formalities. :) The following list contains packages, that may be too big for tmpfs and are most probably very time consuming to compile: $ < /etc/portage/package.env/no_tmpfs.conf # custom - 20181121 - rfischer: list packages, which are too big for tmpfs #app-editors/neovim no_tmpfs.conf #app-emulation/qemu-kv no_tmpfs.conf #app-office/libreoffice no_tmpfs.conf #dev-db/mysql no_tmpfs.conf #dev-java/icedtea no_tmpfs.conf #dev-lang/ghc no_tmpfs.conf #dev-lang/ghc no_tmpfs.conf #dev-lang/mono no_tmpfs.conf #dev-lang/rust no_tmpfs.conf #dev-lang/spidermonkey no_tmpfs.conf #dev-libs/libpcre no_tmpfs.conf #dev-qt/qtwebengine no_tmpfs.conf #throttle_make_emerge.conf #mail-client/thunderbird no_tmpfs.conf #media-libs/opencv no_tmpfs.conf #media-libs/opencv no_tmpfs.conf #net-libs/nodejs no_tmpfs.conf #net-misc/openssh no_tmpfs.conf #sci-libs/tensorflow no_tmpfs.conf #sys-apps/iproute2 no_tmpfs.conf #sys-devel/clang no_tmpfs.conf #sys-devel/gcc no_tmpfs.conf #www-client/chromium no_tmpfs.conf #throttle_make_emerge.conf #www-client/firefox no_tmpfs.conf #www-client/ungoogled-chromium no_tmpfs.conf #throttle_make_emerge.conf See also: * https://wiki.gentoo.org/wiki/Portage_TMPDIR_on_tmpfs#Considering_tmpfs.27_size * https://wiki.gentoo.org/wiki/Q_applets#Extracting_information_from_emerge_logs_.28qlop.29 Sleeps away. -Ramon On 11/09/2023 21:19, Alan McKinnon wrote: After my long time away from Gentoo, I thought perhaps some packages that always took ages to compile would have improved. I needed to change to ~amd64 anyway (dumb n00b mistake leaving it at amd64). So that's what I did and let emerge do it's thing. chromium has been building since 10:14, it's now 21:16 and still going so 9 hours at least on this machine to build a browser - almost as bad as openoffice at it's worst (regularly took 12 hours). Nodejs also took a while, but I didn't record time. What other packages have huge build times? -- Alan McKinnon alan dot mckinnon at gmail dot com -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_0x155BE26413E699BF.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: [gentoo-user] long compiles
Hi Alan, just quick and dirty, I am too tired for formalities. :) The following list contains packages, that may be too big for tmpfs and are most probably very time consuming to compile: $ < /etc/portage/package.env/no_tmpfs.conf # custom - 20181121 - rfischer: list packages, which are too big for tmpfs #app-editors/neovim no_tmpfs.conf #app-emulation/qemu-kv no_tmpfs.conf #app-office/libreoffice no_tmpfs.conf #dev-db/mysql no_tmpfs.conf #dev-java/icedtea no_tmpfs.conf #dev-lang/ghc no_tmpfs.conf #dev-lang/ghc no_tmpfs.conf #dev-lang/mono no_tmpfs.conf #dev-lang/rust no_tmpfs.conf #dev-lang/spidermonkey no_tmpfs.conf #dev-libs/libpcre no_tmpfs.conf #dev-qt/qtwebengine no_tmpfs.conf #throttle_make_emerge.conf #mail-client/thunderbird no_tmpfs.conf #media-libs/opencv no_tmpfs.conf #media-libs/opencv no_tmpfs.conf #net-libs/nodejs no_tmpfs.conf #net-misc/openssh no_tmpfs.conf #sci-libs/tensorflow no_tmpfs.conf #sys-apps/iproute2 no_tmpfs.conf #sys-devel/clang no_tmpfs.conf #sys-devel/gcc no_tmpfs.conf #www-client/chromium no_tmpfs.conf #throttle_make_emerge.conf #www-client/firefox no_tmpfs.conf #www-client/ungoogled-chromium no_tmpfs.conf #throttle_make_emerge.conf See also: * https://wiki.gentoo.org/wiki/Portage_TMPDIR_on_tmpfs#Considering_tmpfs.27_size * https://wiki.gentoo.org/wiki/Q_applets#Extracting_information_from_emerge_logs_.28qlop.29 Sleeps away. -Ramon On 11/09/2023 21:19, Alan McKinnon wrote: After my long time away from Gentoo, I thought perhaps some packages that always took ages to compile would have improved. I needed to change to ~amd64 anyway (dumb n00b mistake leaving it at amd64). So that's what I did and let emerge do it's thing. chromium has been building since 10:14, it's now 21:16 and still going so 9 hours at least on this machine to build a browser - almost as bad as openoffice at it's worst (regularly took 12 hours). Nodejs also took a while, but I didn't record time. What other packages have huge build times? -- Alan McKinnon alan dot mckinnon at gmail dot com -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_0x155BE26413E699BF.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: [gentoo-user] Highlight certain packages being upgraded
Hello Dale, I solved it like this: https://www.mail-archive.com/gentoo-user@lists.gentoo.org/msg186292.html I have reused the configuration file "/etc/portage/package.env/no_tmpfs.conf"[1], which already contains a list of packages, which need hours to compile. -Ramon [1] https://wiki.gentoo.org/wiki/Portage_TMPDIR_on_tmpfs#Per-package_choices_at_compile_time On 08/07/2023 10:33, Dale wrote: Howdy, I was wondering. Is there a way to highlight certain packages that are about to be upgraded? Example, I like to know when some larger packages like Firefox, LOo, that excessively long qt package and a couple others are going to be upgraded. Some that are listed in the world file show up in a darker green and are easier to see however, some are not. They are dependencies of another package but I'd like to have them stick out in the list of packages to be upgraded. I don't recall ever seeing anyone mention this as a feature of emerge or heard of a way to configure such a thing either. That said, it could be possible and just not well known. I'd like to be able to have those packages show up as red or something like that. If it is possible. Thoughts? Ever heard of such a thing? Dale :-) :-) -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_0x155BE26413E699BF.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: [gentoo-user] Joining PDFs and/or jpegs together. Help, please!
If you use "convert"[1], you should use the parameter "-density" with a decent value. "150" was always good enough for me: $ convert -density 150 *.png some_document.pdf Also, XSane is capable of creating multipages, while scanning[2]. -Ramon [1] From the package "media-gfx/imagemagick" with its unusual man page, written in HTML: $ xdg-open /usr/share/doc/imagemagick-*/html/index.html [2] See attached screenshot, which I have shamelessly stolen from some Spanish website. :) On 25/11/2022 20:23, Dale wrote: convert front.png back.png duplex.pdf -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_0x155BE26413E699BF.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: [gentoo-user] where is 'mke2fs' ?
In addition to this, you might also want to take a look at "e-file", which comes from the package "app-portage/pfl" in order to find parent packages of binary files: $ e-file e-file [I] app-portage/pfl Seen Versions: 2.3 2.4-r4 2.4-r5 3.0-r1 3.0-r2 3.0.1-r2 3.0.1-r3 3.1 3.1-r1 3.2 3.2-r1 3.2-r2 Portage Versions: 3.2-r2 Installed Versions: 3.2-r2(Tue Apr 12 03:52:18 2022) Homepage: http://www.portagefilelist.de https://github.com/portagefilelist/client Description: Searchable online file/package database for Gentoo Matched Files: /gentoo64/usr/bin/e-file; /usr/bin/e-file; /usr/lib/python-exec/python3.10/e-file; /usr/lib/python-exec/python3.8/e-file; /usr/lib/python-exec/python3.9/e-file $ e-file mke2fs :( [I] sys-apps/busybox Seen Versions: 1.34.1 Portage Versions: 1.34.1 1.34.1-r1 1.35.0 1.35.0-r1 Installed Versions: 1.34.1(Mon Mar 14 16:07:15 2022) Homepage: https://www.busybox.net/ Description: Utilities for rescue and embedded systems Matched Files: /usr/bb/mke2fs [I] sys-fs/e2fsprogs Seen Versions: 1.42.7 1.43.3-r1 1.43.6 1.43.9 1.44.5 1.45.2 1.45.4 1.45.5 1.45.6 1.45.7 1.46.0 1.46.1 1.46.2 1.46.3 1.46.4 1.46.5 1.46.5-r1 Portage Versions: 1.46.5-r3 1.46.5-r4 Installed Versions: 1.46.5-r3(Sun Oct 30 22:05:09 2022) Homepage: http://e2fsprogs.sourceforge.net/ Description: Standard EXT2/EXT3/EXT4 filesystem utilities Matched Files: /gentoo64/sbin/mke2fs; /sbin/mke2fs; /usr/sbin/mke2fs; /usr/src/debug/sys-fs/e2fsprogs-1.46.4/e2fsprogs-1.46.4/misc/mke2fs That's funny. I forgot from which package the binary file "e-file" came from, so I used "e-file" to determine its origin. :D -Ramon On 17/11/2022 21:53, Matt Connell wrote: On Thu, 2022-11-17 at 21:41 +0100, Arve Barsnes wrote: Might it be hidden behind USE="tools"? This is correct. $ equery uses e2fsprogs ... + + tools : Build extfs tools (mke2fs, e2fsck, tune2fs, etc.) Philip, make sure you have the 'tools' USE flag enabled for e2fsprogs and it should be available in /sbin/ -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_0x155BE26413E699BF.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: [gentoo-user] Re: Update to /etc/sudoers disables wheel users!!!
How about "gvim"?: https://github.com/vim/vim-win32-installer/releases -Ramon On 27/10/2022 09:55, Ramon Fischer wrote: You just invented a new torture method. :D Write down the house rules with standard vim with as less key strokes as possible. Every mistake gives you an electric shock. -Ramon On 27/10/2022 05:01, Dale wrote: Ramon Fischer wrote: Do you also use "vim" from time to time? Because it is also able to compare two (or more?) files, similiar to "sdiff": $ vi -d file1 file2 or: $ vi file1 :diffthis :vsplit CTRL+w + right arrow key :e file2 :diffthis -Ramon On 27/10/2022 00:44, Dale wrote: I'd like a GUI tool where I can click the one I want to keep with my rodent and then save. I'd only use vi stuff if I had a gun pointed at me. Even then, I'd make a mess of it. lol Dale :-) :-) -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_0x155BE26413E699BF.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: [gentoo-user] Re: Update to /etc/sudoers disables wheel users!!!
You just invented a new torture method. :D Write down the house rules with standard vim with as less key strokes as possible. Every mistake gives you an electric shock. -Ramon On 27/10/2022 05:01, Dale wrote: Ramon Fischer wrote: Do you also use "vim" from time to time? Because it is also able to compare two (or more?) files, similiar to "sdiff": $ vi -d file1 file2 or: $ vi file1 :diffthis :vsplit CTRL+w + right arrow key :e file2 :diffthis -Ramon On 27/10/2022 00:44, Dale wrote: I'd like a GUI tool where I can click the one I want to keep with my rodent and then save. I'd only use vi stuff if I had a gun pointed at me. Even then, I'd make a mess of it. lol Dale :-) :-) -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_0x155BE26413E699BF.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: [gentoo-user] Update to /etc/sudoers disables wheel users!!!
Good point! This is where a public license comes into play[1] to say "we take no responsibility, if you f'ed yourself up". Just to make sure, that you are not liable. -Ramon [1] https://github.com/sudo-project/sudo/blob/main/LICENSE.md On 27/10/2022 03:47, Grant Taylor wrote: On 10/26/22 7:27 PM, Ramon Fischer wrote: Sure, you cannot cover everything, but mitigating at least a little bit would be OK or not? :) I don't know. :-/ It's the proverbial problem of spam / virus filtering and a spam / virus gets through the filters and someone saying "But it's your fault because you are supposed to protect me!!!". Sometimes there's advantages to saying "here's a gun, it's loaded, and the safety is off. we suggest not pointing it at your foot. If you do point it at your foot, don't pull the trigger." type thing. -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_0x155BE26413E699BF.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: [gentoo-user] Update to /etc/sudoers disables wheel users!!!
Sure, you cannot cover everything, but mitigating at least a little bit would be OK or not? :) -Ramon On 27/10/2022 01:06, Grant Taylor wrote: On 10/26/22 3:48 PM, Ramon Fischer wrote: I have created an issue at their Git repository. Maybe there will be solution for this: https://github.com/sudo-project/sudo/issues/190 I ... don't know where to begin. There are so many ways that you can hurt yourself with syntactically valid sudoers that it's not even funny. You could allow list almost all commands, without using the special ALL place holder and then remark critical commands and end up in a very similar situation. At some point we have to trust that Systems Administrators / Sudoers editors know what they are doing and let them do so. -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_0x155BE26413E699BF.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: [gentoo-user] Re: Update to /etc/sudoers disables wheel users!!!
Do you also use "vim" from time to time? Because it is also able to compare two (or more?) files, similiar to "sdiff": $ vi -d file1 file2 or: $ vi file1 :diffthis :vsplit CTRL+w + right arrow key :e file2 :diffthis -Ramon On 27/10/2022 00:44, Dale wrote: I'd like a GUI tool where I can click the one I want to keep with my rodent and then save. -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_0x155BE26413E699BF.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: [gentoo-user] Update to /etc/sudoers disables wheel users!!!
I have created an issue at their Git repository. Maybe there will be solution for this: https://github.com/sudo-project/sudo/issues/190 -Ramon On 26/10/2022 21:28, Grant Taylor wrote: On 10/26/22 12:22 PM, Neil Bothwick wrote: You need to be root to write to /etc/sudoers.d. If someone has that access, you are already doomed! And what happens if someone uses the existing root-via-sudo access to break sudo? You loose root-via-sudo access. Someone could become root, via sudo, edit the sudoers file without using visudo, introduce a syntax problem, thereby breaking sudo (fail secure). You could easily do this to yourself if you don't follow best practices. -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_0x155BE26413E699BF.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: [gentoo-user] Update to /etc/sudoers disables wheel users!!!
Ah, of course! Why was I thinking of a chroot? Maybe because of reading "grup/grub" a few e-mails before and thinking of "grub-mkconfig"... -Ramon On 26/10/2022 22:06, Neil Bothwick wrote: On Wed, 26 Oct 2022 20:38:35 +0200, Ramon Fischer wrote: I thought in a too complicated way. Why not just remove the entry from "/etc/sudoers.d/zzz", while being in a "chroot"? Still too complicated. Just mount the root partition from a live USB and delete the file. no need for a chroot. -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_0x155BE26413E699BF.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: [gentoo-user] Update to /etc/sudoers disables wheel users!!!
Of course, that would be sufficient. I thought in a too complicated way. Why not just remove the entry from "/etc/sudoers.d/zzz", while being in a "chroot"? -Ramon On 26/10/2022 20:35, Jack wrote: Could you not interrupt grup and append "single" or "init=/bin/bash" to the kernel command line? -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_0x155BE26413E699BF.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: [gentoo-user] Update to /etc/sudoers disables wheel users!!!
Indeed, an intersting question, which you actually already answered yourself. I just tested it myself: $ visudo -f /etc/sudoers.d/00-wheel %wheel ALL=(ALL) ALL $ sudo --list User ramon may run the following commands on : (ALL) ALL $ sudo -f /etc/sudoers.d/00-wheel # negate the entry !wheel ALL=(ALL) ALL $ sudo --list User ramon may run the following commands on : Entry is gone -Ramon On 26/10/2022 18:52, Grant Taylor wrote: What are end users / systems administrators to do if the default file has something like the following enabled in the default /etc/sudoers file and the EUs / SAs want it to not be there? %wheel ALL=(ALL:ALL) ALL They have no choice but to change (edit / replace) the /etc/sudoers file. -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_0x155BE26413E699BF.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: [gentoo-user] Update to /etc/sudoers disables wheel users!!!
Also a very interesting question! I just tested this with "visudo" and it does not intercept this. If "su" is disabled, you are locked out and you are forced to enter your system via a live USB stick and a "chroot" in order to edit "/etc/shadow" to set a root password via "mkpasswd" and enable "su". Nice. :D -Ramon On 26/10/2022 18:52, Grant Taylor wrote: What if someone were to put the following into /etc/sudoers.d/zz ALL ALL=(ALL) !ALL }:-) -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_0x155BE26413E699BF.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: [gentoo-user] Re: Update to /etc/sudoers disables wheel users!!!
Of course, you are free to do so, but then blindly overwriting default configuration files is a Layer 8 problem. -Ramon On 26/10/2022 19:12, Grant Edwards wrote: On 2022-10-26, Grant Taylor wrote: To the sudo developers, the /etc/sudoers file is *SUPPOSED* *TO* /be/ /edited/. And editing that file is how I configure sudo. And when an emerge update changes /etc/sudoers, the edited file is left as-is and there is a message that you need to run etc-update to merge the changes. -- Grant -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_0x155BE26413E699BF.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: [gentoo-user] Update to /etc/sudoers disables wheel users!!!
Interesting! Thank you for your research! After working 20 hours straight - uptime said so - I did not feel like it to do deeper research myself. :) -Ramon On 26/10/2022 13:31, Rich Freeman wrote: On Wed, Oct 26, 2022 at 3:42 AM Ramon Fischer wrote: I do not know, what the developers were thinking to encourage the user to edit a default file, which gets potentially overwritten after each package update... "etc-update" helps to have an eye on, but muscle memory and fast fingers are sometimes faster. The Gentoo preference tends to be to follow upstream. So if sudo upstream distributes a file like this that has comments encouraging users to edit it, then that is likely how Gentoo will ship it. If sudo switched to moving everything into an include-based system UPSTREAM then Gentoo would probably start shipping that. If you look at the sudo ebuild you'll see that the config files are 100% upstream. If you look at things like systemd units or udev rules they're much more include-oriented, as this is the upstream preference. Gentoo has emphasized using config file protection early on, and doesn't have any official preference for using included config directories distro-wide. Portage has been moving in this direction for a while though (for the stuff in /etc/portage). -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_0x155BE26413E699BF.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: [gentoo-user] Update to /etc/sudoers disables wheel users!!!
User "waltdnes" is a member of "wheel". If the "wheel" line is
uncommented in /etc/sudoers, sudo works for me.
So you could create the file "/etc/sudoers.d/000" with the following
content:
%wheel ALL=(ALL:ALL) ALL
%wheel ALL=(ALL:ALL) NOPASSWD: ALL
and your user is able to synchronise your clock again.
I do not know, what the developers were thinking to encourage the user
to edit a default file, which gets potentially overwritten after each
package update...
"etc-update" helps to have an eye on, but muscle memory and fast fingers
are sometimes faster.
I go with the more locked down approach
This is the best way. Try to be as precise as possible, but be aware of
wildcards![1]
-Ramon
[1]
https://blog.compass-security.com/2012/10/dangerous-sudoers-entries-part-4-wildcards/
On 26/10/2022 08:31, Walter Dnes wrote:
On Wed, Oct 26, 2022 at 05:04:35AM +0200, Ramon Fischer wrote
Hello Walter,
I do not think, that this is a bug, since it is the default file, which
should not be edited by the user.
Firstly "grep -i uncomment /etc/sudoers" results in...
## Uncomment to enable special input methods. Care should be taken as
## Uncomment to use a hard-coded PATH instead of the user's to find commands
## Uncomment to send mail if the user does not enter the correct password.
## Uncomment to enable logging of a command's output, except for
## Uncomment to allow members of group wheel to execute any command
## Uncomment to allow members of group sudo to execute any command
## Uncomment to allow any user to run sudo if they know the password
...I.e. the file is explicitly telling you to edit it if required!!!
All changes should be done in "/etc/sudoers.d/" to avoid such cases.
My regular user has script "settime" in ${HOME}/bin
#!/bin/bash
date
/usr/bin/sudo /usr/bin/rdate -nsv ca.pool.ntp.org
/usr/bin/sudo /sbin/hwclock --systohc
date
/etc/sudoers.d/001 has, amongst other things, two lines...
waltdnes x8940 = (root) NOPASSWD: /sbin/hwclock --systohc
waltdnes x8940 = (root) NOPASSWD: /usr/bin/rdate -nsv ca.pool.ntp.org
User "waltdnes" is a member of "wheel". If the "wheel" line is
uncommented in /etc/sudoers, sudo works for me. If the "wheel" line is
commented, then sudo breaks for my regular user.
I kept mine unchanged from 2nd October and only have two uncommented lines:
[...]
root ALL=(ALL:AlL) ALL
[...]
@includedir /etc/sudoers.d
I am using version "1.9.11_p3-r1".
Me too.
There seem to be two different approaches here. The loose approach is
to allow a user to run "sudo ". A more locked
down approach allows regular users to run "sudo ".
This guards against "fat-finger-syndrome". I go with the more locked
down approach
--
GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF
OpenPGP_0x155BE26413E699BF.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
Re: [gentoo-user] Update to /etc/sudoers disables wheel users!!!
Good question, which confused me as well, when I was looking into the file. Maybe ask the package maintainer or the developers? -Ramon On 26/10/2022 05:34, Ramon Fischer wrote: Then why in the world does the /default/ file, as installed by Gentoo, include directions to edit the the file?!?!?! -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_0x155BE26413E699BF.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: [gentoo-user] Update to /etc/sudoers disables wheel users!!!
Hello Grant, generelly, I totally agree with you! Freedom of changing files everywhere is what makes Gentoo a good, user-suited Linux distribution. But changing *default files* comes with the risk, that a package update will overwrite it. Therefore "[...].d/" directories were "invented", where "d" is an abbreviation for "directory" as far as I remember. This is supposed to be the playground for users. Of course including external files come with risks, but how do you want to balance usability and security? It is difficult to answer this for me as well. -Ramon On 26/10/2022 05:15, Grant Taylor wrote: On 10/25/22 9:04 PM, Ramon Fischer wrote: I do not think, that this is a bug, since it is the default file, which should not be edited by the user. I *STRONGLY* /OBJECT/ to the notion that users should not edit configuration files. By design, that's the very purpose of the configuration file, for users to edit them to be what they want them to be. The concept of "don't edit configuration files" seems diametrically opposed to the idea of Gentoo as I understand it. Namely, /you/ build /your/ system to behave the way that /you/ want it to. All changes should be done in "/etc/sudoers.d/" to avoid such cases. Then why in the world does the /default/ file, as installed by Gentoo, include directions to edit the the file?!?!?! Aside: Someone recently posted a comment to the sudo users mailing list (exact name escapes me) wherein their security policy prohibited @includedir explicitly because of the capability that adding a file to such included directories inherently enabled sudo access -or- caused sudo to fail secure and perform a Denial of Service. They were required to use individual @include directives. IMHO telling a Gentoo user not to modify a file in /etc takes hutzpah. -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_0x155BE26413E699BF.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: [gentoo-user] Update to /etc/sudoers disables wheel users!!!
Hello Walter, I do not think, that this is a bug, since it is the default file, which should not be edited by the user. All changes should be done in "/etc/sudoers.d/" to avoid such cases. I kept mine unchanged from 2nd October and only have two uncommented lines: [...] root ALL=(ALL:AlL) ALL [...] @includedir /etc/sudoers.d I am using version "1.9.11_p3-r1". What version are you using? -Ramon Maybe you have edited the default file before? On 26/10/2022 04:34, Walter Dnes wrote: I had the following in my /etc/sudoers before tonight's update... ## Uncomment to allow members of group wheel to execute any command %wheel ALL=(ALL:ALL) ALL ## Same thing without a password %wheel ALL=(ALL:ALL) NOPASSWD: ALL ...and my regular user was able to run commands and scripts via /usr/bin/sudo which had been authorized in files in the /etc/sudoers.d directory. Tonight's update changed /etc/sudoers to... ## Uncomment to allow members of group wheel to execute any command # %wheel ALL=(ALL:ALL) ALL ## Same thing without a password # %wheel ALL=(ALL:ALL) NOPASSWD: ALL I was "like WTF?!?" but I let it through. sudo stopped working for my regular user. As root, I went in and manually reverted the update with visudo. Is this a bug? -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_0x155BE26413E699BF.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: [gentoo-user] Dolphin and adding a option, if it exists.
I corrected some typos. This one is syntactically correct:
$ mv file.txt{,.bak}
file.txt.bak
$ mv file.txt.{bak,img}
file.txt.img
$ mv file.txt{.img,}
file.txt
-Ramon
On 06/10/2022 17:19, Ramon Fischer wrote:
And if you like Bash brace expansions; this one is sometimes quicker,
than tab-completion and removing characters:
$ mv file.txt{,.bak}
file.txt.bak
$ mv file.txt,{bak,img}
file.txt.img
$ mv file.txt{img,}
file.txt
-Ramon
--
GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF
OpenPGP_0x155BE26413E699BF.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
Re: [gentoo-user] Dolphin and adding a option, if it exists.
And if you like Bash brace expansions; this one is sometimes quicker,
than tab-completion and removing characters:
$ mv file.txt{,.bak}
file.txt.bak
$ mv file.txt,{bak,img}
file.txt.img
$ mv file.txt{img,}
file.txt
-Ramon
On 06/10/2022 14:45, Neil Bothwick wrote:
This is probably a case of Dolphin not being a good tool, unless it
has a built-in command-line?
$ mv newfile oldfile
will overwrite the old file in place with the new file with the name
of the old file.
And tab-completion makes this a lot quicker than renaming files in a file
manager.
--
GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF
OpenPGP_0x155BE26413E699BF.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
Re: [gentoo-user] Getting printer working, the road of Pain.
Hello Alan,
(meanwhile, Windows can print to the thing effortlessly)
I guess, that you are going to configure a network printer.
I will try to explain you my setup; maybe you or others can derive
something from this.
Make sure, that the user, which you configure the printer with, is a
member of the group "lpadmin":
$ gpasswd --add lpadmin
$ getent group lpadmin
lpadmin:x::
On the server-site, the configuration file "/etc/cups/cupsd.conf" should
be configured like so. See comments for explanations:
# Only listen for connections from the local machine.
Listen localhost:631
# custom - 20210706 - rfischer: set custom listen address to
"192.168.1.80" to make it available via the network
Listen 192.168.1.80:631
Listen /run/cups/cups.sock
# custom - 20210706 - rfischer: make cups available via "hostname"
or "domain"
ServerAlias *
# Restrict access to the server...
#
# Order allow,deny
#
# custom - 20210706 - rfischer: allow access from "localhost" and
via the network
Order allow,deny
Allow localhost
Allow from 192.168.1.*
# Restrict access to the admin pages...
#
# Order allow,deny
#
# custom - 20210706 - rfischer: make administration page available
via the network
Encryption Required
Order allow,deny
Allow localhost
Allow from 192.168.1.*
Restart the daemon on the server-site:
$ systemctl restart cups
This will also restart the Systemd socket unit "cups.socket" and
"cups.path".
Make sure, that CUPS is running on "192.168.1.80:631":
$ ss -tulpan | grep "631"
tcp LISTEN 0 5 192.168.1.80:631 0.0.0.0:*
users:(("cupsd",pid=2190,fd=8))
tcp LISTEN 0 5 127.0.0.1:631
0.0.0.0:* users:(("cupsd",pid=2190,fd=7))
tcp LISTEN 0 5 [::1]:631 [::]:*
users:(("cupsd",pid=2190,fd=6))
If printing via hostname is desired, you can add the following entry for
your local DNS server:
192.168.1.80 cups.intern
This Forward DNS lookup entry can also be entered on the client-site in
the configuration file "/etc/hosts".
Your CUPS isntance should be now available via "cups.intern:631". There
you should be able to configure your printer.
I configured the server-site via USB:
usb:/?serial=
In the best case, CUPS already has a pre-installed printer driver or you
have a PPD (PostScript Printer Description) file, which you can upload,
when adding the printer.
Once configured, the directory tree of "/etc/cups/" on the server-site
should look like this:
$ tree -ugp --noreport --charset iwantprintableasciiplease /etc/cups
/etc/cups
|-- [-rw--- root lp ] classes.conf
|-- [-rw-r--r-- root root ] cups-browsed.conf
|-- [-rw-r--r-- root root ] cupsd.conf
|-- [-rw-r--r-- root root ] cups-files.conf
|-- [drwxr-xr-x root root ] interfaces
|-- [drwxr-xr-x root lp ] ppd
| |-- [-rw-r- root lp ] .ppd
|-- [-rw--- root lp ] printers.conf
|-- [-rw-r--r-- root root ] raw.convs
|-- [-rw-r--r-- root root ] raw.types
|-- [-rw-r--r-- root root ] snmp.conf
|-- [drwx-- root lp ] ssl
| |-- [-rw-r--r-- root root ]
.crt
| |-- [-rw-r--r-- root root ]
.key
`-- [-rw-r- root lp ] subscriptions.conf
Since I do not want to install the printer driver on every client and
let the clients render the pages, I want to let the server handle these
things.
On the client-site (localhost:631) therefore, I can just add the printer
via "http/s" or "ipp/s" and transfer everything either via "IPP
everywhere" or "raw":
ipps://cups.intern:631/printers/
Be aware, that "raw" is deprecated and newer versions of CUPS will
remove it. So "IPP everywhere" would be the choice, but I stick to
"raw", since the former shuffles print jobs for some reason, when I want
to print multiple files via "lpr " on either
the client- or server-site.
You should now be able to print a test page on the client- and server-site.
Much success and a pinch of luck! :)
-Ramon
On 08/09/2022 18:52, Alan Grimes wrote:
Ok. I'm going to have to do it. I'm going to have to get my blessed
printer working.
It is the finest laser printer money can buy. God himself uses it to
process the paperwork involved in assigning souls to either heaven or
hell... What I'm saying is that the printer is such an immaculate
example of printing perfection that linux is going to give me absolute
hell getting it working.
I will be sthocked if I can get it working in less than two weeks
working full time and without influcting a migraine and/or an ulcer on
myself.
(meanwhile, Windows can print to the thing effortlessly)
Right now linux is so broken that the CUPS web interface will deny all
attempts to administer the
Re: [gentoo-user] rsync not deleting removed directory and drive PW DIS 3.3v question
Hello Dale, if I understand you correctly, you had renamed the source directory "/home/dale/Desktop/Crypt/Video/" to "/home/dale/Desktop/Crypt/Video-1/" and want to have it removed in the target directory, which is still "/mnt/10tb/Video/"? Important!: Please read everything first, then do an isolated test in "/tmp/", since the commands are dangerous!: You can instruct "rsync" to copy the entire parent directory: $ rsync --delete "[...]/Crypt/" "/mnt/10tb" Note the trailing slash behind "Crypt", which is an indicator[1] to tell "rsync", that it is a directory and that all files and subdirectories should be copied to the target directory "/mnt/10tb". If something is missing in the source directory "[...]/Crypt/", it will be also deleted in "/mnt/10tb"! Side notes, which may be useful: 1. "rsync" is also capable of creating the (missing) target directory: $ rsync --delete "[...]/Crypt/Video-1/" "/mnt/10tb/something" "rsync" creates the target directory "/mnt/10tb/something" first and then copies all files and subdirectories from the source directory "[...]/Crypt/Video-1/" to it. But "/mnt/10tb/Video/" would still be orphaned. 2. There is a parameter, called "--mkpath"[2], which creates all missing subdirectories of the target directory first. -Ramon [1] See "man 1 rsync" "USAGE": "A trailing slash on the source changes this behavior to avoid creating an additional directory level at the destination. You can think of a trailing / on a source as meaning "copy the contents of this directory"[...] [2] See "man 1 rsync". On 02/09/2022 10:35, Dale wrote: time rsync -auv --progress --delete/home/dale/Desktop/Crypt/Video/* /mnt/10tb/Video/ I've tried removing the -u, adding --force but no change. Basically, if I remove a directory on the source, how do I get it to remove the same on the backup/target? I went through the options on the man page and nothing hit me as a fix. What am I missing? -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_signature Description: OpenPGP digital signature
Re: [gentoo-user] Selective news?
Take a look in "/etc/pulse/client.conf". You can either set "autospawn = yes" or comment it. "pulseaudio" is automatically started via "/etc/xdg/autostart/pulseaudio.desktop"; at least in my case. -Ramon On 31/07/2022 14:33, Alexander Puchmayr wrote: Not sure which start script to add it to; .login or .profile are unsuitable because it would then start it at every login even with ssh). -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_signature Description: OpenPGP digital signature
Re: [gentoo-user] plasmashell becomes sluggish with 100% CPU usage
Hello Nikos, a malfunctioning widget could cause this issue. A few years ago, I experienced this with "plasmoid-gentoo-sync-reminder"[1]. If it does not find the file "/usr/portage/metada/timestamp.chk", the CPU usage went up to 200%. Maybe it could be related with your issue? -Ramon [1] https://github.com/burlog/plasmoid-gentoo-sync-reminder/issues/1 On 24/05/2022 22:20, Nikos Chantziaras wrote: Anyone noticed anything lately with plasmashell? I think it started happening after Qt was upgraded from 5.15.3 to 5.15.4. At login, the desktop is very unresponsive and sluggish. Mouse clicks take over a second to register. The plasmashell process is hogging one core of the CPU to almost 100%. It only happens on login. Logging out and back in again usually fixes it. -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_signature Description: OpenPGP digital signature
Re: [gentoo-user] Any way to run multiple commands from single script in parallel?
Hello Joost,
I suppose, that you are talking about Bash scripts.
If so, you may put each individual command in a subshell by using an
ampersand ("&") at the end of the line.
This example[1] shows it nicely.
-Ramon
[1] 3. Parallelize running commands by grabbing PIDs.:
https://will-keleher.com/posts/5-Useful-Bash-Patterns.html
On 14/03/2022 11:13, J. Roeleveld wrote:
Hi,
I often put multiple commands into a single file/script to be run in sequence.
(each line can be executed individually, there is no dependency)
Is there a tool/method to execute multiple lines/commands simultaneously? Like
having 3 or 4 run together and when 1 is finished, it will grab the next one in
the list?
I would prefer this over simply splitting the file as the different lines/
commands will not take the same amount of time.
Thanks,
Joost
--
GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF
OpenPGP_signature
Description: OpenPGP digital signature
Re: [gentoo-user] Options for "emerge"
Is it a good practise to update @system first?
I always update @world almost every seven days and I only get into
package conflicts, if I do not update for more than 60 days or so. Last
time was 99 days ago and I had to resolve circular package dependencies
and so forth manually.
I wrote this update script[1] for my weekly update routine, where I am
still testing "--changed-use", instead of "--newuse":
[...]
no_tmpfs_file="/etc/portage/package.env/no_tmpfs.conf"
[...]
large_package_list=$(/bin/grep --extended-regexp --only-matching
"[0-9a-zA-Z]+-[0-9a-zA-Z]+\/[-0-9a-zA-Z]+" "${no_tmpfs_file}")
[...]
/usr/bin/eix-sync
if /usr/bin/eix --upgrade sys-apps/portage >/dev/null
then
/bin/echo -e "\e[01;31mA new version of 'sys-apps/portage' was
found. Updating it first...\e[0m"
/usr/bin/emerge --ask --oneshot sys-apps/portage
fi
/usr/bin/emerge --ask --update --deep --changed-use --tree --verbose
--exclude="${large_package_list//$'\n'/ }" @world
# always compile large packages as last packages
/usr/bin/emerge --update --deep --changed-use --tree --verbose @world
/usr/sbin/etc-update
/usr/bin/emerge --ask --depclean --verbose
/usr/bin/glsa-check --test all
/usr/bin/glsa-check --list
/usr/bin/glsa-check --fix --quiet all
/usr/bin/revdep-rebuild --verbose -- --ask
/usr/bin/eclean --deep --time-limit="1m" distfiles
/usr/bin/eclean --deep --time-limit="1m" packages
/usr/bin/eix-test-obsolete
/usr/bin/elogv
/usr/bin/eselect news read
-Ramon
[1]
https://codeberg.org/keks24/dotfiles/src/branch/master/root/bin/update.sh
On 22/02/2022 07:24, hitachi303 wrote:
Am 22.02.2022 um 06:27 schrieb Andreas Fink:
On Mon, 21 Feb 2022 22:26:30 +0100
hitachi303 wrote:
emerge -av --depclean
emerge -a --depclean --with-bdeps=n
only then when there are as few programs installed as possible I run
emerge --sync
emerge -Dua --reinstall changed-use @world
I think what you really are doing can be simplified by:
emerge -auvDN @system
emerge -auvDN @world
Once @system is updated it is much simpler to get @world to update too.
Maybe you have to help with a couple of `--exclude ATOM` when updating
world.
From time to time I ran into trouble with @system where emerge
couldn't resolve blocks but using @world did not have this problems
and went fine.
--
GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF
OpenPGP_signature
Description: OpenPGP digital signature
Re: [gentoo-user] How to compress lots of tarballs
Addendum:
To complete the list. Here the parallel implementation of "lzip":
"plzip": https://www.nongnu.org/lzip/plzip.html
-Ramon
On 26/09/2021 14:23, Ramon Fischer wrote:
In addition to this, you may want to use the parallel implementations
of "gzip", "xz", "bzip2" or the new "zstd" (zstandard), which are
"pigz"[1], "pixz"[2], "pbzip2"[3], or "zstmt" (within package
"app-arch/zstd")[4] in order to increase performance:
$ cd
$ for tar_archive in *.tar; do pixz "${tar_archive}"; done
-Ramon
[1]
* https://www.zlib.net/pigz/
[2]
* https://github.com/vasi/pixz
[3]
* https://launchpad.net/pbzip2
* http://compression.ca/pbzip2/
[4]
* https://facebook.github.io/zstd/
On 26/09/2021 13:36, Simon Thelen wrote:
[2021-09-26 11:57] Peter Humphrey
part text/plain 382
Hello list,
Hi,
I have an external USB-3 drive with various system backups. There
are 350 .tar
files (not .tar.gz etc.), amounting to 2.5TB. I was sure I wouldn't
need to
compress them, so I didn't, but now I think I'm going to have to. Is
there a
reasonably efficient way to do this? I have 500GB spare space on
/dev/sda, and
the machine runs constantly.
Pick your favorite of gzip, bzip2, xz or lzip (I recommend lzip) and
then:
mount USB-3 /mnt; cd /mnt; lzip *
The archiver you chose will compress the file and add the appropriate
extension all on its own and tar will use that (and the file magic) to
find the appropriate decompresser when you want to extract files later
(you can use `tar tf' to test if you want).
--
Simon Thelen
--
GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF
OpenPGP_signature
Description: OpenPGP digital signature
Re: [gentoo-user] How to compress lots of tarballs
In addition to this, you may want to use the parallel implementations of
"gzip", "xz", "bzip2" or the new "zstd" (zstandard), which are
"pigz"[1], "pixz"[2], "pbzip2"[3], or "zstmt" (within package
"app-arch/zstd")[4] in order to increase performance:
$ cd
$ for tar_archive in *.tar; do pixz "${tar_archive}"; done
-Ramon
[1]
* https://www.zlib.net/pigz/
[2]
* https://github.com/vasi/pixz
[3]
* https://launchpad.net/pbzip2
* http://compression.ca/pbzip2/
[4]
* https://facebook.github.io/zstd/
On 26/09/2021 13:36, Simon Thelen wrote:
[2021-09-26 11:57] Peter Humphrey
part text/plain 382
Hello list,
Hi,
I have an external USB-3 drive with various system backups. There are 350 .tar
files (not .tar.gz etc.), amounting to 2.5TB. I was sure I wouldn't need to
compress them, so I didn't, but now I think I'm going to have to. Is there a
reasonably efficient way to do this? I have 500GB spare space on /dev/sda, and
the machine runs constantly.
Pick your favorite of gzip, bzip2, xz or lzip (I recommend lzip) and
then:
mount USB-3 /mnt; cd /mnt; lzip *
The archiver you chose will compress the file and add the appropriate
extension all on its own and tar will use that (and the file magic) to
find the appropriate decompresser when you want to extract files later
(you can use `tar tf' to test if you want).
--
Simon Thelen
--
GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF
OpenPGP_signature
Description: OpenPGP digital signature
Re: [gentoo-user] Advice sought on the use of a VCS (specifically git) to keep track of my Softscroll patch.
If GitHub is preferred, there is also an official GitHub repository of the Linux Kernel: https://github.com/torvalds/linux -Ramon On 23/09/2021 21:27, Marco Rebhan wrote: On Thursday, 23 September 2021 20:23:57 CEST Alan Mackenzie wrote: Where would I find a suitable kernel git repository to clone? An "official" repository, whatever that means? Ideally, I want one with just the various kernel releases, not one containing gigabytes of intermediate versions. Where would I even start searching to find this out? Hey Alan, The official repository I think is https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/. What I would do is apply your patch on top of that, and then to update it, rebase the patch onto the new upstream commit you want to update to. This leads to your patches always being at the tip of the commit history and not somewhere buried between commits from upstream. However, this rewrites git history so you'd have to force push the branch to whatever remote you're tracking it in, so keep that in mind. You could do this though and additionally have another branch where you track the patch files themselves that are rebased onto a certain kernel commit (you can export them with "git format-patch upstream/master" if upstream/master is whatever branch the patch is currently rebased on). That of course you don't have to then force push. I hope this helps :P -Marco -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_signature Description: OpenPGP digital signature
Re: [gentoo-user] Re: Compile large packages as last package [SOLVED]
Thank you for the hint, but I am very aware of this.
As the subject says, I want to compile large packages as last package,
since it sometimes happens, that a large package may get compiled as
package 245 of 300 for example; blocking other small packages.
I just re-used "/etc/portage/package.env/no_tmpfs.conf", since it
already contains a list of large packages, which most likely need a long
time to compile.
I should have been more elaborate in my last e-mail:
I was actually hoping for a neat hack, where you can tag or
prioritise (not nice or renice) packages in "/etc/portage/env/" or
"/etc/portage/package.env/" to compile them as last packages.
The solution with "--exclude" is working well so far; I had no redundant
rebuilds. :)
Maybe I need to tweak it later on, if rebuilds occur frequently, but
this for another time.
-Ramon
On 08/09/2021 17:24, David M. Fellows wrote:
Thank you for your ideas!
I was actually hoping for a neat hack with "/etc/portage/env/" and
"/etc/portage/package.env/", where you can set environment variables.
Did you look at example 2 in
https://wiki.gentoo.org/wiki//etc/portage/package.env ?
It seems to address your problem.
DaveF
I will try out the following solution:
$ < "/etc/portage/package.env/no_tmpfs.conf
# custom - 20181121 - rfischer: list packages, which are too big for
tmpfs
#app-emulation/qemu-kv no_tmpfs.conf
#app-office/libreoffice no_tmpfs.conf
#dev-java/icedtea no_tmpfs.conf
#dev-lang/ghc no_tmpfs.conf
#dev-lang/rust no_tmpfs.conf
#mail-client/thunderbird no_tmpfs.conf
#sci-libs/tensorflow no_tmpfs.conf
#sys-devel/gcc no_tmpfs.conf
#www-client/firefox no_tmpfs.conf
#www-client/ungoogled-chromium no_tmpfs.conf #throttle_make_emerge.conf
$ < "${HOME}/bin/update.sh"
[...]
large_package_list=$(/bin/grep --extended-regexp --only-matching
"[a-z]+-[a-z]+\/[-0-9a-zA-Z]+" "/etc/portage/package.env/no_tmpfs.conf")
[...]
/usr/bin/emerge --ask --update --deep --newuse --tree --verbose
--exclude="${large_package_list//$'\n'/ }" @world
/usr/bin/emerge --ask --update --deep --newuse --tree --verbose @world
-Ramon
On 15/08/2021 17:48, Nikos Chantziaras wrote:
On 14/08/2021 22:20, Ramon Fischer wrote:
Is there any way to tell "portage", that packages like "qtwebengine",
"(ungoogled-)chromium", "firefox" and so on are always compiled as
last package?
The simplest way is to exclude those packages in the first update, and
then allow them in the second:
emerge -uDU @world --exclude "qtwebengine firefox chromium" && emerge
-uDU @world
The dependency tracker of portage will of course also exclude packages
that depend on the excluded packages, unless they themselves have
updates pending. In that case, they *might* get built twice; once
against the current version of the excluded packages, and then perhaps
again on the second run, if there's rebuild triggers involved.
Most of the time though, you won't run into cases of redundant
rebuilds. Rebuild triggers are not very common.
--
GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF
application/pgp-signature attachment, name=OpenPGP_signature
--
GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF
OpenPGP_signature
Description: OpenPGP digital signature
Re: [gentoo-user] Re: Compile large packages as last package
Thank you for your ideas!
I was actually hoping for a neat hack with "/etc/portage/env/" and
"/etc/portage/package.env/", where you can set environment variables.
I will try out the following solution:
$ < "/etc/portage/package.env/no_tmpfs.conf
# custom - 20181121 - rfischer: list packages, which are too big for
tmpfs
#app-emulation/qemu-kv no_tmpfs.conf
#app-office/libreoffice no_tmpfs.conf
#dev-java/icedtea no_tmpfs.conf
#dev-lang/ghc no_tmpfs.conf
#dev-lang/rust no_tmpfs.conf
#mail-client/thunderbird no_tmpfs.conf
#sci-libs/tensorflow no_tmpfs.conf
#sys-devel/gcc no_tmpfs.conf
#www-client/firefox no_tmpfs.conf
#www-client/ungoogled-chromium no_tmpfs.conf #throttle_make_emerge.conf
$ < "${HOME}/bin/update.sh"
[...]
large_package_list=$(/bin/grep --extended-regexp --only-matching
"[a-z]+-[a-z]+\/[-0-9a-zA-Z]+" "/etc/portage/package.env/no_tmpfs.conf")
[...]
/usr/bin/emerge --ask --update --deep --newuse --tree --verbose
--exclude="${large_package_list//$'\n'/ }" @world
/usr/bin/emerge --ask --update --deep --newuse --tree --verbose @world
-Ramon
On 15/08/2021 17:48, Nikos Chantziaras wrote:
On 14/08/2021 22:20, Ramon Fischer wrote:
Is there any way to tell "portage", that packages like "qtwebengine",
"(ungoogled-)chromium", "firefox" and so on are always compiled as
last package?
The simplest way is to exclude those packages in the first update, and
then allow them in the second:
emerge -uDU @world --exclude "qtwebengine firefox chromium" && emerge
-uDU @world
The dependency tracker of portage will of course also exclude packages
that depend on the excluded packages, unless they themselves have
updates pending. In that case, they *might* get built twice; once
against the current version of the excluded packages, and then perhaps
again on the second run, if there's rebuild triggers involved.
Most of the time though, you won't run into cases of redundant
rebuilds. Rebuild triggers are not very common.
--
GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF
OpenPGP_signature
Description: OpenPGP digital signature
[gentoo-user] Compile large packages as last package
Hello list, I would like to tag or be able to prioritise (not via "nice" or "renice") large packages. Currently, one system is compiling package 245 of 279 and nothing else. "qlop --running --verbose --time" shows me, that it is "qtwebengine", which will compile for a few hours, blocking all other packages. I set "MAKEOPTS" AND "EMERGE_DEFAULT_OPTS" like so: MAKEOPTS="--jobs 8 --load-average 7.2" EMERGE_DEFAULT_OPTS="--jobs 8 --load-average 7.2" Is there any way to tell "portage", that packages like "qtwebengine", "(ungoogled-)chromium", "firefox" and so on are always compiled as last package? Regards -Ramon -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_signature Description: OpenPGP digital signature
Re: [gentoo-user] cryptsetup close and device in use when it is not
Hi Dale, So, something says it is busy but eventually releases it if left alone for a while. I'd like to know what it is and if it is really in use or not. Thing is, I can't find a way to know what it is that is using it. The dmsetup command shows it is in use but no way to know what is using it. I could reproduce this issue by killing my desktop process, unmounting the home partition and playing some "kill process" bingo. I could backtrace it to one unkillable process "kcryptd": 1. Kill "awesomewm": + Backspace 2. Kill other processes accessing "/home/" 3. umount /home 4. cryptsetup close crypthome Device crypthome is still in use 5. dmsetup info /dev/mapper/crypthome Name: crypthome State: ACTIVE Read Ahead: 256 Tables present: LIVE Open count: 1 Event number: 0 Major, minor: 253, 1 Number of targets: 1 UUID: CRYPT-LUKS2--crypthome 6. Kill any unnecessary process and try "cryptsetup close crypthome" 7. Search for major, minor: ps aux | grep "253:1" root 150 0.2 0.0 0 0 ? I 15:21 0:02 [kworker/u16:5-kcryptd/253:1] 8. Does not work: kill 150 9. Does not work and could be dangerous: kill -9 150 So, there was still one "kcryptd" process left, accessing the hard drive, but I found no way to kill it. Maybe this could be helpful? -Ramon On 02/08/2021 15:33, Dale wrote: Ramon Fischer wrote: OK, if it could be "udev", you might want to try to check the following: $ grep -rF "" /etc/udev/rules.d/ $ grep -rF "" /lib/udev/rules.d/ $ grep -rF "" /etc You could also try to search for the partition device, maybe there will be some interesting configuration files. If you are using "systemd", you might want to check every service unit file as well: $ systemctl Recently, I had a similar issue with "cryptsetup" on Raspbian, where the "/etc/crypttab" was faulty, which may be applicable here. It had the following entry: # # [...] Therefore, the systemd service unit "systemd-cryptsetup@dev-disk-by\x2duuid-# # [...]" - if I remember correctly - failed. It seems, that "systemd-cryptsetup-generator" only searches for matching UUIDs in "/etc/crypttab", even, if they are commented and creates service units for each match in "/run/systemd/generator/". I remember, that I had issues to access the hard drive. Nevertheless, I was able to mount it normally, due to the other correct entry(?). By removing the accidentally pasted UUID from "/etc/crypttab" and rebooting, I was able to use the hard drive without issues again. Maybe this is something, where you could poke around? :) -Ramon I'm running openrc here. I don't recall making any udev rules recently. This is a list of what I have. root@fireball / # ls -al /etc/udev/rules.d/ total 20 drwxr-xr-x 2 root root 4096 Apr 27 15:07 . drwxr-xr-x 3 root root 4096 Jul 27 03:17 .. -rw-r--r-- 1 root root 2064 Apr 27 15:07 69-libmtp.rules -rw-r--r-- 1 root root 1903 Apr 4 2012 70-persistent-cd.rules -rw-r--r-- 1 root root 814 Jan 1 2008 70-persistent-net.rules -rw-r--r-- 1 root root 0 Mar 22 2015 80-net-name-slot.rules root@fireball / # One is for CD/DVD stuff. I wonder if I can remove that now. Two is for network cards and top one is something to do with my old Motorola cell phone, rest in peace. All this said, it did it again last night. I tried a few things and went to bed while my updates were compiling. When I got up a bit ago, it closed just fine. So, something says it is busy but eventually releases it if left alone for a while. I'd like to know what it is and if it is really in use or not. Thing is, I can't find a way to know what it is that is using it. The dmsetup command shows it is in use but no way to know what is using it. Dale :-) :-) -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_signature Description: OpenPGP digital signature
Re: [gentoo-user] cryptsetup close and device in use when it is not
OK, if it could be "udev", you might want to try to check the following: $ grep -rF "" /etc/udev/rules.d/ $ grep -rF "" /lib/udev/rules.d/ $ grep -rF "" /etc You could also try to search for the partition device, maybe there will be some interesting configuration files. If you are using "systemd", you might want to check every service unit file as well: $ systemctl Recently, I had a similar issue with "cryptsetup" on Raspbian, where the "/etc/crypttab" was faulty, which may be applicable here. It had the following entry: # # [...] Therefore, the systemd service unit "systemd-cryptsetup@dev-disk-by\x2duuid-# # [...]" - if I remember correctly - failed. It seems, that "systemd-cryptsetup-generator" only searches for matching UUIDs in "/etc/crypttab", even, if they are commented and creates service units for each match in "/run/systemd/generator/". I remember, that I had issues to access the hard drive. Nevertheless, I was able to mount it normally, due to the other correct entry(?). By removing the accidentally pasted UUID from "/etc/crypttab" and rebooting, I was able to use the hard drive without issues again. Maybe this is something, where you could poke around? :) -Ramon On 12/07/2021 10:31, Dale wrote: Ramon Fischer wrote: Interesting. I have some other ideas, but this is really grasping at straws. Create a backup of the backup drive before doing any tests, since you have to move it a lot for this: 1. Connect the hard drive to a different eSATA port 2. Try another eSATA cable 3. Try to mount the hard drive on different devices 4. Try different hard drive cases with different connection types (Maybe you have a better enclosure with USB or even FireWire, which does not damage your drive?) 5. Connect it internally via SATA and try to mount it 6. Mirror the hard drive to a second hard drive and try to mount the second one I think, this would entirely cover Layer 1 of the OSI Layer Model[1]. :) -Ramon [1] https://en.wikipedia.org/wiki/OSI_model That's a lot of effort. It's annoying it doesn't close like it should but doing all that would be a tedious task as well. It would eliminate a lot of potential causes tho. Thing is, I think it's a software issue not hardware. To add to this, the 6TB drive just did the same thing. I had been using UUID to mount it since it was working. After getting the same problem as the other drive, I changed it. It took some effort to get it to close but restarting lvm and friends did eventually get it to close. I then changed it to mount by label like I been doing with the 8TB drive. I think by just continuing to note what it is doing, eventually the problem will show itself. Personally, I sort of wonder if it is a udev problem or lvm. Thing is, a lot of this software works together so closely, it's hard to know where one stops and the other starts. I finished my backups to the 8TB drive and it worked start to finish with no errors at all. I guess we'll see what happens next week with the 6TB drive. See if it starts to work again with no problem or still has issues of some kind. So far, mounting by label seems to have worked well for the 8TB drive. Will update again as things move along. Dale :-) :-) -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_signature Description: OpenPGP digital signature
Re: [gentoo-user] Inquiry about gentoo kernel configuration
Yes, but the image does not need to be up-to-date, since you only use it temporarily; everything else is done in a chroot environment. One thing to mention, though: The LiveDVD can be booted from UEFI, which you will need to finalise[2] the Gentoo installation on a UEFI system. As William already mentioned, you can boot from almost any Linux live media and install Gentoo[1] from there. -Ramon [1] https://wiki.gentoo.org/wiki/Handbook:AMD64/Full/Installation [2] See important note: https://wiki.gentoo.org/wiki/Handbook:AMD64/Full/Installation#Booting_the_installation_media On 11/07/2021 15:11, Dongliang Mu wrote: On Sun, Jul 11, 2021 at 1:23 AM Ramon Fischer wrote: In addition to this: I did some further research about this, since I actually never thought about getting the Kernel sources without having an installed Gentoo system: You may take a look at one of the HTTP mirrors[1], preferably one in your country and navigate to "/releases//". There you will find a Live DVD image - "livedvd-amd64-multilib-20160704.iso" for example - from which you could boot from; either virtually in VirtualBox or other virtualisation solutions or directly from hardware. Click on "Login" to login and get the Kernel sources from "/usr/src/linux/.config". Thanks for your effort. But it seems such livecd is not maintained anymore. The latest version is 20170118 [1], right? [1] http://mirrors.kernel.org/gentoo/releases/amd64/20170118/ -Ramon [1] https://www.gentoo.org/downloads/mirrors/ On 10/07/2021 14:24, William Kenworthy wrote: On 10/7/21 7:40 pm, Ramon Fischer wrote: Hello Dongliang, you could retrieve kernel configuration files from a "Minimal Installation CD"[1] of Gentoo. Mount it and look for "/boot/gentoo-config". But I guess, you want a untouched version, don't you? -Ramon Hi, to expand on this - Gentoo doesn't really have a standardised kernel config - the nearest to that is the above install CD, or the default generic catchall "genkernel" one - most people seem to manually configurate and tune/customise a .config and then copy it from system to system. There are a few bin(ary) kernels in portage/sys-kernel/* that might work for you but I have never tried them. You can boot almost any linux live media on your target hardware and extract the config (sysrescuecd is a good one) and use their sources, or build the kernel using their config on top of Gentoo's vanilla-sources, or gentoo-sources. Or grab another distros boot directory (containing the kernel, initrd and config files), the matching /lib/modules directory and boot that instead of building your own (I do this often on uboot based arm systems and raspberry pi's.) Or ask on the list if someone has a config that matches your target (occasionally it comes up). BillK [1] https://www.gentoo.org/downloads/ On 10/07/2021 11:15, Dongliang Mu wrote: Hi Gentoo users, I am a newbie to Gentoo. For Debian, I can get configuration files from Debian packages. I wonder if possible to get the kernel configuration files of Gentoo. If this question is invalid, please let me know. [1] http://ftp.debian.org/debian/pool/main/l/linux/linux-config-5.10_5.10.46-1_amd64.deb -- My best regards to you. No System Is Safe! Dongliang Mu -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_signature Description: OpenPGP digital signature
Re: [gentoo-user] Inquiry about gentoo kernel configuration
In addition to this: I did some further research about this, since I actually never thought about getting the Kernel sources without having an installed Gentoo system: You may take a look at one of the HTTP mirrors[1], preferably one in your country and navigate to "/releases//". There you will find a Live DVD image - "livedvd-amd64-multilib-20160704.iso" for example - from which you could boot from; either virtually in VirtualBox or other virtualisation solutions or directly from hardware. Click on "Login" to login and get the Kernel sources from "/usr/src/linux/.config". -Ramon [1] https://www.gentoo.org/downloads/mirrors/ On 10/07/2021 14:24, William Kenworthy wrote: On 10/7/21 7:40 pm, Ramon Fischer wrote: Hello Dongliang, you could retrieve kernel configuration files from a "Minimal Installation CD"[1] of Gentoo. Mount it and look for "/boot/gentoo-config". But I guess, you want a untouched version, don't you? -Ramon Hi, to expand on this - Gentoo doesn't really have a standardised kernel config - the nearest to that is the above install CD, or the default generic catchall "genkernel" one - most people seem to manually configurate and tune/customise a .config and then copy it from system to system. There are a few bin(ary) kernels in portage/sys-kernel/* that might work for you but I have never tried them. You can boot almost any linux live media on your target hardware and extract the config (sysrescuecd is a good one) and use their sources, or build the kernel using their config on top of Gentoo's vanilla-sources, or gentoo-sources. Or grab another distros boot directory (containing the kernel, initrd and config files), the matching /lib/modules directory and boot that instead of building your own (I do this often on uboot based arm systems and raspberry pi's.) Or ask on the list if someone has a config that matches your target (occasionally it comes up). BillK [1] https://www.gentoo.org/downloads/ On 10/07/2021 11:15, Dongliang Mu wrote: Hi Gentoo users, I am a newbie to Gentoo. For Debian, I can get configuration files from Debian packages. I wonder if possible to get the kernel configuration files of Gentoo. If this question is invalid, please let me know. [1] http://ftp.debian.org/debian/pool/main/l/linux/linux-config-5.10_5.10.46-1_amd64.deb -- My best regards to you. No System Is Safe! Dongliang Mu -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_signature Description: OpenPGP digital signature
Re: [gentoo-user] Inquiry about gentoo kernel configuration
Hello Dongliang, you could retrieve kernel configuration files from a "Minimal Installation CD"[1] of Gentoo. Mount it and look for "/boot/gentoo-config". But I guess, you want a untouched version, don't you? -Ramon [1] https://www.gentoo.org/downloads/ On 10/07/2021 11:15, Dongliang Mu wrote: Hi Gentoo users, I am a newbie to Gentoo. For Debian, I can get configuration files from Debian packages. I wonder if possible to get the kernel configuration files of Gentoo. If this question is invalid, please let me know. [1] http://ftp.debian.org/debian/pool/main/l/linux/linux-config-5.10_5.10.46-1_amd64.deb -- My best regards to you. No System Is Safe! Dongliang Mu -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_signature Description: OpenPGP digital signature
Re: [gentoo-user] cryptsetup close and device in use when it is not
Interesting. I have some other ideas, but this is really grasping at straws. Create a backup of the backup drive before doing any tests, since you have to move it a lot for this: 1. Connect the hard drive to a different eSATA port 2. Try another eSATA cable 3. Try to mount the hard drive on different devices 4. Try different hard drive cases with different connection types (Maybe you have a better enclosure with USB or even FireWire, which does not damage your drive?) 5. Connect it internally via SATA and try to mount it 6. Mirror the hard drive to a second hard drive and try to mount the second one I think, this would entirely cover Layer 1 of the OSI Layer Model[1]. :) -Ramon [1] https://en.wikipedia.org/wiki/OSI_model On 07/07/2021 20:08, Dale wrote: Dr Rainer Woitok wrote: Ramon, Dale, On Tuesday, 2021-07-06 20:40:32 +0200, Ramon Fischer wrote: This is just a guess. Maybe you have two devices with the same UUID? If so, you can change it with: $ cryptsetup --uuid="" luksUUID "/dev/sdx1" Good idea. But to find out whether or not this is the cause of Dale's problems I would suggest to first run "cryptsetup" without the "--uuid" option (in order to get the UUID listed) and to then compare this with the output from "ls /dev/disk/by-uuid". Sincerely, Rainer Well, it's midweek and I wanted to test this theory even tho it is early. Plus, it's raining outside so I'm a bit bored. I pulled the backup drive from the safe and did a backup. While it was backing up new stuff, I ran this: root@fireball / # blkid | grep dde669 /dev/mapper/8tb: LABEL="8tb-backup" UUID="0277ff1b-2d7c-451c-ae94-f20f42dde669" BLOCK_SIZE="4096" TYPE="ext4" root@fireball / # ls /dev/disk/by-uuid | grep dde669 0277ff1b-2d7c-451c-ae94-f20f42dde669 root@fireball / # I just grepped the last little bit of the UUID to see if anything else matched. It didn't. I tried both methods just in case. It was grasping at straws a bit but hey, sometimes that straw solves the problem. I might add, I unmounted the drive and cryptsetup closed it first time with not a single error. It didn't even burp. Given I've done this several times with no problem after doing the UUID way with consistent errors, I think it is safe to assume that changing from UUID to labels solves this problem. The question now is this, why? It's not like one mounts something different or anything. It's the same device, just using a different link basically. This is thoroughly confusing. It just doesn't make sense at all. Either way should work exactly the same. I'm open to ideas on this. Anybody have one? I'll test it if I can even if it is a serious grasp at a small straw. ;-) Dale :-) :-) -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_signature Description: OpenPGP digital signature
Re: [gentoo-user] cryptsetup close and device in use when it is not
This is just a guess. Maybe you have two devices with the same UUID? If so, you can change it with: $ cryptsetup --uuid="" luksUUID "/dev/sdx1" -Ramon On 05/07/2021 05:19, Dale wrote: Dale wrote: Dale wrote: After staring at it a while, it hit me that lsblk is showing it as still mounted, even tho I umounted already without error. So, I just ran the umount command again. After that, it closed just fine. So, it seems to be mounted twice, not once. I mount using this command 'mount /mnt/8tb' which uses fstab to mount the correct UUID device to that mount point. Surely it only mounts once. Always has in the past. So why is it being mounted twice now? None of my scripts used for backups includes any mounting commands. There's also only one entry in fstab as well. Anyone have any idea while it gets mounted twice? Does the cryptsetup open command mount it in some way and then I mount it manually as well?? When I opened it just now, it didn't show anything as mounted. So it doesn't appear to be the open command. What else could it be?? Ideas? Dale :-) :-) The same drive just did it again. I had to reboot to get it to reset. This is Linux not windoze. Rebooting to reset something like that is plain ridiculous. I also checked, this time it was mounted only once. When I tried to umount it again, it said it wasn't mounted. The thing that really gets me, nothing can tell me what it is that is using the device. It says it is in use but no clue what it is using it. To test a theory, I changed fstab to mount by label instead of UUID. Maybe that will change something. I dunno. I do know, if this doesn't improve soon, I'm going to erase the drive and either find another encryption tool or just not encrypt it at all. I'm not rebooting every time this thing wants to act ugly. I'm used to rebooting like every 6 months or so. Usually when the power fails. If anyone has any ideas, please post. In the meantime, I'm going to try this mounting by label idea. Dale :-) :-) Here's a update. I'm doing my weekly updates which means I close web browsers, to conserve memory mostly. While I'm doing updates, I update my backups. As usual, the 6TB drive did fine. I ran the usual commands, got the proper response and everything worked fine. The 8TB drive did the same. It ran every command from decrypting it to unmounting and closing without a single problem. I even opened it, mounted it, unmounted it and closed it again. Still, no problems at all. The only thing I changed, I mounted by label instead of UUID. Can someone explain to me why that should matter? It's the same thing being mounted so one would think it wouldn't matter at all. Heck, most even say mounting by UUID is the best way. Dang near impossible to have two of anything with the same UUID. So why does it work fine with labels but not UUID? I'm looking forward to someone having a clue on this. I'm very confused, happy it works but confused for sure. This makes no sense. Dale :-) :-) -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_signature Description: OpenPGP digital signature
Re: [gentoo-user] cryptsetup close and device in use when it is not
If the "umount" command seems to be hanging next time, it is most likely due to cache writebacks. You can monitor this like so: $ watch "grep 'Dirty\|Writeback' /proc/meminfo" -Ramon On 15/06/2021 17:26, Dale wrote: Jack wrote: On 6/15/21 10:21 AM, Dale wrote: Ramon Fischer wrote: Hello Dale, this also happens to me sometimes and the culprit was an open process still accessing the hard drive. Maybe you can solve it like this: $ lsof /mnt/8tb zsh 8390 root cwd DIR 253,2 4096 27787265 /mnt/8tb $ kill 8390 $ lsof /mnt/8tb After that, you should be able to close the drive via "cryptsetup". -Ramon On 14/06/2021 06:50, Dale wrote: root@fireball / # cryptsetup close 8tb Device 8tb is still in use. root@fireball / # mount | grep 8tb root@fireball / # I've tried lsof before, for both mount point and device, it shows nothing open. It's weird. When this happened last night, just before I posted, I let the drive sit there while I was doing updates. Later on, I tried to close it again and it closed just fine. I hadn't done anything except let it sit there. While I was glad it closed, I wonder why it did it. Did udev finally catch up to the state of the drive? Did some other device update and allow it to close? This is weird. Everything says it is ready to be closed but it thinks something is open. I'm not sure what to point too for the problem. Yet anyway. Thanks for the tip. It was worth mentioning. Dale Is it possible it was still syncing cache out to the physical drive? I wonder if iotop would show any activity for that drive if that's the case? Jack I may try that next time but the light had stopped blinking for several minutes. Since it is a SMR drive, I always leave it running until I can't feel the heads bumping around. I don't think it would be that but, it's worth a try. It may lead to something. Will update when it does it again. Thanks. Dale :-) :-) -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_signature Description: OpenPGP digital signature
Re: [gentoo-user] cryptsetup close and device in use when it is not
Hello Dale, this also happens to me sometimes and the culprit was an open process still accessing the hard drive. Maybe you can solve it like this: $ lsof /mnt/8tb zsh 8390 root cwd DIR 253,2 4096 27787265 /mnt/8tb $ kill 8390 $ lsof /mnt/8tb After that, you should be able to close the drive via "cryptsetup". -Ramon On 14/06/2021 06:50, Dale wrote: root@fireball / # cryptsetup close 8tb Device 8tb is still in use. root@fireball / # mount | grep 8tb root@fireball / # -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_signature Description: OpenPGP digital signature
Re: [gentoo-user] Disable password required to mount removable hard disk. (solved)
Awesome!
I am glad to hear, that I could help. :)
-Ramon
On 01/04/2021 13:28, William Kenworthy wrote:
In the end it was easy: created a polkit rule enabling users in the
wheel group to not use a password.
rattus ~ # cat /etc/polkit-1/rules.d/55-disks.rules
// Allow any user in the 'wheel' group to mount a disk
// without entering a password.
polkit.addRule(function(action, subject) {
if (action.id == "org.freedesktop.udisks2.filesystem-mount-system" &&
subject.isInGroup("wheel"))
{
return polkit.Result.YES;
}
});
rattus ~ #
Thanks for the polkit hint.
BillK
On 1/4/21 6:08 pm, William Kenworthy wrote:
Hi, I only have a default polkit rule - nothing about usb.
Just noticed the mount dialog box contains:
Action: org.freedesktop.udisks2.filesystem-mount-system
Vendor: The Udsks Project"
I have found some documents on the web, but nothing yet on how to deal
with this issue.
BillK
On 1/4/21 3:21 pm, Ramon Fischer wrote:
Addendum:
I forgot to answer your other question:
Maybe you also have set some rules in "/etc/polkit/rules.d/"[1], which
allows your unprivileged user to mount USB drives and SD cards without
any password.
-Ramon
[1] https://wiki.gentoo.org/wiki/Polkit
On 01/04/2021 09:13, Ramon Fischer wrote:
Hello BillK,
I guess, that you are looking for the mount option "user":
/etc/fstab
/dev/sdx / ext4 noauto,user,relatime
0 2
In this way, I can mount "/dev/sdx" with an unprivileged user:
$ mount /
See also "man 8 mount" ("Non-superuser mounts").
I am not sure, if this also works with "automount" from
"net-fs/autofs", if this is what you meant with "automounter".
-Ramon
On 01/04/2021 06:51, William Kenworthy wrote:
Hi,
I use a sata drive caddy with 2Tb hard disks for offline backups.
Almost everytime (within sessions are ok?) it asks for a password
before
automounting. This is just annoying and has no security benefit in my
environment (why just hard disks when USB keys and SD cards don't ask
for one?).
So, how can I disable the automounter asking for a password either in
general, or just for my backup drives?
BillK
--
GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF
OpenPGP_signature
Description: OpenPGP digital signature
Re: [gentoo-user] Disable password required to mount removable hard disk.
Addendum:
I forgot to answer your other question:
Maybe you also have set some rules in "/etc/polkit/rules.d/"[1], which
allows your unprivileged user to mount USB drives and SD cards without
any password.
-Ramon
[1] https://wiki.gentoo.org/wiki/Polkit
On 01/04/2021 09:13, Ramon Fischer wrote:
Hello BillK,
I guess, that you are looking for the mount option "user":
/etc/fstab
/dev/sdx / ext4 noauto,user,relatime
0 2
In this way, I can mount "/dev/sdx" with an unprivileged user:
$ mount /
See also "man 8 mount" ("Non-superuser mounts").
I am not sure, if this also works with "automount" from
"net-fs/autofs", if this is what you meant with "automounter".
-Ramon
On 01/04/2021 06:51, William Kenworthy wrote:
Hi,
I use a sata drive caddy with 2Tb hard disks for offline backups.
Almost everytime (within sessions are ok?) it asks for a password before
automounting. This is just annoying and has no security benefit in my
environment (why just hard disks when USB keys and SD cards don't ask
for one?).
So, how can I disable the automounter asking for a password either in
general, or just for my backup drives?
BillK
--
GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF
OpenPGP_signature
Description: OpenPGP digital signature
Re: [gentoo-user] Disable password required to mount removable hard disk.
Hello BillK,
I guess, that you are looking for the mount option "user":
/etc/fstab
/dev/sdx / ext4 noauto,user,relatime 0 2
In this way, I can mount "/dev/sdx" with an unprivileged user:
$ mount /
See also "man 8 mount" ("Non-superuser mounts").
I am not sure, if this also works with "automount" from "net-fs/autofs",
if this is what you meant with "automounter".
-Ramon
On 01/04/2021 06:51, William Kenworthy wrote:
Hi,
I use a sata drive caddy with 2Tb hard disks for offline backups.
Almost everytime (within sessions are ok?) it asks for a password before
automounting. This is just annoying and has no security benefit in my
environment (why just hard disks when USB keys and SD cards don't ask
for one?).
So, how can I disable the automounter asking for a password either in
general, or just for my backup drives?
BillK
--
GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF
OpenPGP_signature
Description: OpenPGP digital signature
Re: [gentoo-user] HOWTO: Freezing/unfreezing (groups of) processes
Awesome stuff!
It might be unrelated, but I would like to mention a script[1] here,
which I have written in Bash to analyse process signals. It is called
"psig", which mimics some of the behaviour of Solaris' "psig" binary:
$ psig 23024
PID: 23024
Name: chrome
Queued: 0/63858
Signals caught:
---
Signal 17: SIGCHLD
Signal 15: SIGTERM
Signal 2: SIGINT
Signal 1: SIGHUP
Hexadecimal: 0 0 0 0 0 0 0 1 8
0 0 1 4 0 0 3
Binary: 0001 1000
0001 0100 0011
Signals pending (process):
--
No signals found.
Signals pending (thread):
-
No signals found.
Signals blocked:
No signals found.
Signals ignored:
Signal 13: SIGPIPE
Hexadecimal: 0 0 0 0 0 0 0 0 0
0 0 0 1 0 0 0
Binary:
0001
-Ramon
[1] https://github.com/keks24/psig
On 05/02/2021 08:45, Walter Dnes wrote:
Thanks for all the help over the years fellow Gentoo'ers. Maybe I can
return the favour. So you've got a bunch of programs like Gnumeric or
QEMU or Pale Moon ( or Firefox or Chrome or Opera ) sessions open, that
are chewing up cpu and ram. You need those resouces for another
program, but you don't want to shut those programs down and lose your
place. If the programs could be frozen, cpu usage would go away, and
memory could be swapped out. Here's a real-life example subset of a
"ps -ef" output on my system. Replace "palemoon" with "firefox" or
"chrome" or whatever browser you're using.
waltdnes 4025 3173 0 Jan20 ?01:54:21
/home/waltdnes/pm/palemoon/palemoon -new-instance -p palemoon
waltdnes 7580 3173 4 Jan21 ?17:45:11
/home/waltdnes/pm/palemoon/palemoon -new-instance -p dslr
waltdnes 9813 3173 4 Jan21 ?16:24:23
/home/waltdnes/pm/palemoon/palemoon -new-instance -p wxforum
waltdnes 22455 3173 58 01:31 ?00:08:29
/home/waltdnes/pm/palemoon/palemoon -new-instance -p slashdot
waltdnes 22523 3173 0 01:31 ?00:00:05
/home/waltdnes/pm/palemoon/palemoon -new-instance -p youtube
waltdnes 22660 3173 12 01:45 ?00:00:04 /usr/bin/gnumeric
/home/waltdnes/worldtemps/temperatures/temperatures.gnumeric
waltdnes 20346 20345 4 Jan28 ?08:10:50 /usr/bin/qemu-system-x86_64
-enable-kvm -runas waltdnes -cpu host -monitor vc -display gtk -drive
file=arcac.img,format=raw -netdev user,id=mynetwork -device
e1000,netdev=mynetwork -rtc base=localtime,clock=host -m 1024 -name ArcaOS VM
-vga std -parallel none
You might want to RTFM on the "kill" command if you're skeptical. It
does a lot more than kill programs. "kill -L" will give you a nicely
formatted list of available signals. For this discussion we're
interested in just "SIGCONT" and "SIGSTOP" ( *NOT* "SIGSTP" ). If I
want to freeze the Slashdot session, I can run "kill -SIGSTOP 22455". To
unfreeze it, I can run "kill -SIGCONT 22455". You can "SIGSTOP" on a
pid multiple times consecutively without problems; ditto for "SIGCONT".
So far, so good, but running "ps -ef | grep whatever" and then
typing the kill -SIGSTOP/SIGCONT command on the correct pid is grunt
work, subject to typos. I've set up a couple of scripts in ~/bin to
stop/continue processes, or groups thereof. The following scripts do a
"dumb grep" of "ps -ef" output, redirecting to /dev/shm/temp.txt. That
file is then read, and the second element of each line is the pid, which
is fed to the "kill" command. I store the scripts as ~/bin/pstop and
~/bin/pcont.
== pstop (process stop) script ==
#!/bin/bash
ps -ef | grep ${1} | grep -v "grep ${1}" | grep -v pstop > /dev/shm/temp.txt
while read
do
inputarray=(${REPLY})
kill -SIGSTOP ${inputarray[1]}
done < /dev/shm/temp.txt
pcont (process continue) script
#!/bin/bash
ps -ef | grep ${1} | grep -v "grep ${1}" | grep -v pcont > /dev/shm/temp.txt
while read
do
inputarray=(${REPLY})
kill -SIGCONT ${inputarray[1]}
done < /dev/shm/temp.txt
=
To stop all Pale Moon instances, execute "pstop palemoon". To stop
only the Slashdot session, run "pstop slashdot". Ditto for the pcont
command. I hope people find this useful.
--
GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF
OpenPGP_signature
Description: OpenPGP digital signature
Re: [gentoo-user] app-crypt/pinentry - major rework: "/usr/bin/pinentry-gtk-2" missing [RESOLVED]
Thanks! The USE flag "gtk" for the package "app-crypt/gcr" was missing. After following your instructions, it is working again using "/usr/bin/pinentry-gnome3": $ < /etc/portage/package.use/pinentry app-crypt/pinentry gtk app-crypt/gcr gtk $ emerge --ask --changed-use gcr $ emerge --ask pinentry $ ls -l /usr/bin/pinentry-gnome3 -rwxr-xr-x 1 root root 81520 Jan 31 17:21 /usr/bin/pinentry-gnome3 $ eselect pinentry list Available pinentry binary implementations: [1] pinentry-gnome3 [2] pinentry-curses * [3] pinentry-tty $ eselect pinentry set 1 $ eselect pinentry list Available pinentry binary implementations: [1] pinentry-gnome3 * [2] pinentry-curses [3] pinentry-tty From the issue ticket: Therefore I propose that if app-crypt/pinentry uses +gtk, there should be a dependency for app-crypt/gcr +gtk I totally agree with this. See <https://developer.gnome.org/gtk2/> This module is heading towards planned deprecation. It will continue to be supported and API/ABI stable throughout the GNOME 2.x series, but we do not recommend using it in new applications unless you require functionality that has not already been moved elsewhere. It have been un-recommended for a long time. Thanks for the clarification! -Ramon On 31/01/2021 13:43, Wynn Wolf Arbor wrote: On 2021-01-31 13:03, Ramon Fischer wrote: The USE flag "gtk" was not removed: -IUSE="caps emacs gnome-keyring fltk gtk ncurses qt5" +IUSE="caps emacs gnome-keyring gtk ncurses qt5" Since when is this obsolete and is there any alternative? I cannot comment directly on the obsolescence of pinentry-gtk2 (most certainly a decision upstream), but the alternative is pinentry-gnome3. The gtk flag was not removed because it now configures pinentry-gnome3 instead of -gtk2. You should be able to select that using 'eselect pinentry', but because of [1] you'll have to enable the gtk flag for app-crypt/gcr first and then rebuild app-crypt/pinentry. [1] https://bugs.gentoo.org/show_bug.cgi?id=767424 -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_signature Description: OpenPGP digital signature
[gentoo-user] app-crypt/pinentry - major rework: "/usr/bin/pinentry-gtk-2" missing
Hello list,
I recently updated "app-crypt/pinentry" and suddenly
"/usr/bin/pinentry-gtk-2" was missing.
I am using "pinentry-gtk-2", so I can enter the passphrase for my GPG
private key, when using the browser extension "Gopass Bridge".
Taking a look at the commit of the package[1], it states:
[...]
-disable gtk2 (obsolete)
[...]
@@ -58,16 +57,15 @@ src_configure() {
econf \
[...]
--disable-pinentry-gtk2 \
[...]
The USE flag "gtk" was not removed:
-IUSE="caps emacs gnome-keyring fltk gtk ncurses qt5"
+IUSE="caps emacs gnome-keyring gtk ncurses qt5"
Since when is this obsolete and is there any alternative?
-Ramon
[1]
https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=acad5327d6e44f7f4b2dd8a5eb6a563a1297aac3
--
GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF
OpenPGP_signature
Description: OpenPGP digital signature
Re: [gentoo-user] ebuild : how to check for python version
Hi Helmut,
maybe "python_is_python3"[1] will help? I am still new to creating
ebuilds. :)
-Ramon
[1]
https://devmanual.gentoo.org/eclass-reference/python-utils-r1.eclass/index.html
On 02/08/2020 16:47, Helmut Jarausch wrote:
Hi,
in an ebuild I have to apply a patch only if this package is installed
for python3.9.
The ebuild should work for PYTHON_COMPAT=( python3_{8,9} )
How can I check for Pythons version in src_prepare or similar functions.
Many thanks for a hint,
Helmut
[SOLVED] Re: [gentoo-user] Ebuild: How to deal with external repositories properly (best practise)?
I decided to use "EGIT_COMMIT" to let the ebuild pulling a certain commit. Using the archive tarball is indeed interesting! Thank you for your help! -Ramon On 28/07/2020 15:32, Ramon Fischer wrote: Oh yeah, as Neil was pointing that out. I will give it a try and report soon. -Ramon On 28/07/2020 14:52, tastytea wrote: On 2020-07-28 12:02+0200 Ramon Fischer wrote: Hello tastytea, I am aware of this "workaround", thank you. :) I guess, I was not precise enough: The ebuild "drm_master_util-"[1] is hosted on my repository, but the ebuild file itself pulls in an external repository[2]. Sorry, I misread your first email. My question is: Is it a best practise to fork the external repository[2], to link my fork with "drm_master_util-"[1], so I have full control about updating the fork. Just to check, that the external source is not doing shenanigans? I would use either EGIT_COMMIT from git-r3.eclass¹ or download a snapshot via SRC_URI². ¹ <https://devmanual.gentoo.org/eclass-reference/git-r3.eclass/index.html#lbAF> ² <https://github.com/gch1p/drm_master_util/archive/.tar.gz>
Re: [gentoo-user] Ebuild: How to deal with external repositories properly (best practise)?
Oh yeah, as Neil was pointing that out. I will give it a try and report soon. -Ramon On 28/07/2020 14:52, tastytea wrote: On 2020-07-28 12:02+0200 Ramon Fischer wrote: Hello tastytea, I am aware of this "workaround", thank you. :) I guess, I was not precise enough: The ebuild "drm_master_util-"[1] is hosted on my repository, but the ebuild file itself pulls in an external repository[2]. Sorry, I misread your first email. My question is: Is it a best practise to fork the external repository[2], to link my fork with "drm_master_util-"[1], so I have full control about updating the fork. Just to check, that the external source is not doing shenanigans? I would use either EGIT_COMMIT from git-r3.eclass¹ or download a snapshot via SRC_URI². ¹ <https://devmanual.gentoo.org/eclass-reference/git-r3.eclass/index.html#lbAF> ² <https://github.com/gch1p/drm_master_util/archive/.tar.gz>
Re: [gentoo-user] Ebuild: How to deal with external repositories properly (best practise)?
Hello tastytea, I am aware of this "workaround", thank you. :) I guess, I was not precise enough: The ebuild "drm_master_util-"[1] is hosted on my repository, but the ebuild file itself pulls in an external repository[2]. My question is: Is it a best practise to fork the external repository[2], to link my fork with "drm_master_util-"[1], so I have full control about updating the fork. Just to check, that the external source is not doing shenanigans? -Ramon [1] https://codeberg.org/keks24/gentoo-overlay/src/branch/master/x11-misc/drm_master_util/drm_master_util-.ebuild#L27 [2] https://github.com/gch1p/drm_master_util.git On 28/07/2020 10:53, tastytea wrote: On 2020-07-28 06:47+0200 Ramon Fischer wrote: […] The thing I am concerned about, is, that I am pulling something from an external source, which I am installing on my system and giving it root privileges[4]. The only best practise I can think of, is, to fork the external repository, linking the ebuild to my fork and updating it on demand, so I have full control over it. Would this be the way to do it? You can mask all packages from a repository in /etc/portage/package.mask/ with */*::repo-name and unmask the packages you want in /etc/portage/package.unmask/ with x11-misc/drm_master_util::repo-name or just the version you want with =x11-misc/drm_master_util-::repo-name . The maintainer of the repo could still replace the ebuild with a malware installer.
[gentoo-user] Ebuild: How to deal with external repositories properly (best practise)?
Hello list, I have set up my first ebuild repository[1] with one package "x11-misc/drm_master_util" to run "X" without root privileges. I am still making it to work[2]. The ebuild file accesses an external git repository[3]. The thing I am concerned about, is, that I am pulling something from an external source, which I am installing on my system and giving it root privileges[4]. The only best practise I can think of, is, to fork the external repository, linking the ebuild to my fork and updating it on demand, so I have full control over it. Would this be the way to do it? [1] https://codeberg.org/keks24/gentoo-overlay [2] https://wiki.gentoo.org/wiki/User:Keks24/drafts/Non_root_Xorg [3] https://github.com/gch1p/drm_master_util.git [4] https://wiki.gentoo.org/wiki/Non_root_Xorg#Handling_of_DRM_ioctls
[gentoo-user] Colorized output when piping to tee
Hi there, I am looking for a way to have a colorized output when piping to tee, e.g.: /usr/bin/emerge --ask --update --deep --newuse --tree --verbose @world | tee --append nom.txt I already tried installing "dev-tcltk/expect" which should actually contain "unbuffer" which can help me out. But there is no unbuffer command. Am I missing something or is there any other way to do that? -Ramon
Re: [gentoo-user] Userspace CPU frequency scaling not available on one machine
You can disable the intel p state driver by adding an additional kernel parameter through your bootloader. For GRUB2 you can do the following: /etc/default/grub: GRUB_CMDLINE_LINUX="intel_pstate=disable" terminal: sudo grub-mkconfig -o /boot/grub/grub.cfg sudo reboot After that, the other governors should be available, too. -Ramon On 11/01/2017 04:12 AM, Walter Dnes wrote: I've cobbled together a script that runs under eselect to list/set COU speeds/governors on my machines. I set max speed when I'm using the machine, and min speed when not. It has run fine so far, except recently on an Intel Silvermont machine (64-bit Atom family) running Gentoo kernel 4.12.12. Userspace CPU control is not available, even though I've asked for it under "make menuconfig". On other machines /sys/devices/system/cpu/cpu0/cpufreq/scaling_available_governors shows... conservative userspace ondemand performance ...but on this one machine it only shows... performance powersave ...so I know it's the machine, not my script, that's the problem. Note that I set conservative, performance, powersave, and userspace in the "make menuconfig" process, and made userspace the default governor. One difference I noticed on the Silvermont is CONFIG_X86_INTEL_PSTATE=y which is the opposite of the machines that things work properly on. So I went into "make menuconfig" to try to switch it off, but I get... -*- Intel P state control Yes, it is *FORCED* on on that one machine. Now what? I'm attaching /proc/config.gz from the Silvermont in case it helps. Feel free to comment on other stuff in config.gz as well.
[gentoo-user] eix: coloured output of package versions
Hi everyone, I was just wondering what the colouring of the different versions means and I could not find any documentation about it or I cannot formulate my search keywords precisely. What I can guess is that: green is stable, yellow is testing and red is unstable I am going to put it here, if there is no other documentation about that: https://wiki.gentoo.org/wiki/Eix In the attachment you will find a cropped screenshot when executing "eix chromium". -Ramon
Re: [gentoo-user] Re: Plasma5: Missing shutdown, restart and suspend button
It was so obvious... I did the following: 1) Select the respective profile according to the currently used desktop (kde) and init system (openrc): "eselect profile set 6" 2) Update world packages: "emerge -auDN world" 3) Follow the steps here: https://wiki.gentoo.org/wiki/KDE/Troubleshooting#Missing_shutdown.2Freboot.2Fsuspend.2Fhibernate_buttons_.28with_consolekit.29 4) Reboot Thank you very much for the help! -Ramon On 10/14/2017 03:27 AM, Michael Palimaka wrote: On 10/14/2017 09:25 AM, Daniel Frey wrote: On 10/13/2017 03:10 PM, Ramon Fischer wrote: Hello everyone, I successfully installed Gentoo with Plasma5 for the first time on first try (yay!) and now I am going to fix stuff and ran into an issue with missing buttons in the kde menu as mentioned in the subject. I followed all these instructions: https://wiki.gentoo.org/wiki/KDE One guess is that it could be OpenRC because I actually selected the systemd profile for kde. I am done with my debug-fu at this point. :) In the attachment you will find a lot of information. Customized parts are marked with "# custom". Thanks! -Ramon Are you using openrc? It is possible it's looking for systemd to provide the shutdown and reboot options. If you're not using systemd, switch to the non-systemd plasma profile and issue `emerge -auDN world`. Dan If openrc is being used, check out this article: https://wiki.gentoo.org/wiki/KDE/Troubleshooting#Missing_shutdown.2Freboot.2Fsuspend.2Fhibernate_buttons_.28with_consolekit.29 Another option (that works well for me) is to use elogind.
