Re: [gentoo-user] Reconstructing a Gentoo Installer Computer
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Timothy A. Holmes wrote: > Ryan - - > > Thanks for the links - > > Is that info also accessable on the web some place, since I cant print > from linux based systems, and especially cant under the live CD? > > I will be most interested to read it, but the manpage reader is horrible > to try to work from > > TIM http://gentoo-wiki.com/Index:MAN - -- Jeremy Olexa ([EMAIL PROTECTED]) Office: EE/CS 1-201 CS/IT Systems Staff University of Minnesota -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEfm/uFN7pD9kMi/URAjNkAJ9wrGqFXDvROBNHYCGbqKyreaQrpQCeO28u /0vQ868X8kZEo6fVIrR8ntI= =L8Xp -END PGP SIGNATURE- -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Reconstructing a Gentoo Installer Computer
Neil Bothwick wrote: >On Wed, 31 May 2006 14:33:38 -0400, Timothy A. Holmes wrote: > > > >>I will be most interested to read it, but the manpage reader is horrible >>to try to work from >> >> > >If you use KDE, press Alt-F2 and type '#portage' to get an HTML version >of the man page. Or you could use man2html to convert individual man >pages. > > > > Cheater. :p ;-) Dale :-) :-) -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Reconstructing a Gentoo Installer Computer
Daniel da Veiga wrote: > >> >> >> Neil: >> >> the problem before was an incomplete understanding of how the USE Flags >> worked, and a mis-understanding of some advice that I was given. The >> procedure that I used last time was: >> >> rebuild the kernel >> Set use to USE="-*" >> Emerge -e world >> > > I broke my system this way once... You are not the only one. I have read where several have broken their systems with that line. I think there is a thread on the forums with all the tears they shed trying to get it all working again. Dale :-) :-) -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Reconstructing a Gentoo Installer Computer
Ryan Tandy wrote: Timothy A. Holmes wrote: At this point then, I am going to actually build a second box for snort perhaps using the hardened sources (I am not in the least comfortable with running hardened on a production box). Wrong. The correct sentiment should be "I am not in the least comfortable with running NON-hardened on a production box". :) ESPECIALLY for network-accessible devices. While true the first time moving to hardened sources is "interesting" at minimum and downright painful at its worst. The time is worth it, but you will break and app or two as well as pull some hair out along the way depending on the complexity of your environment. However if you're building a new system do it now if possible rather than after you've got your applications working or you'll fall victim to the "don't fix what isn't broken" rule. :) kashani -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Reconstructing a Gentoo Installer Computer
On 5/31/06, Timothy A. Holmes <[EMAIL PROTECTED]> wrote: > -Original Message- > From: Neil Bothwick [mailto:[EMAIL PROTECTED] > Sent: Wednesday, May 31, 2006 11:57 AM > To: gentoo-user@lists.gentoo.org > Subject: Re: [gentoo-user] Reconstructing a Gentoo Installer Computer > > On Wed, 31 May 2006 10:46:18 -0400, Timothy A. Holmes wrote: > > > I was hoping to > > rescue the additional time for the snort install etc by being able to > > just recompile stuff rather than have to start over from the beginning, > > the system is currently running, so I may just end up putting off the > > rebuild till this summer when I have a bit more time -- I was hoping to > > be able to change the use flags, build a new kernel and be done with it, > > but that doesn't look to be the case > > It should be the case. it's not much different from doing a stage 3 > install then changing USE flags etc. I've done that with no problems. > What went wrong when you tried this before, or was it a case of changing > too much at once so you couldn't find the source of the problem? > > However, Michael's point about starting afresh with a hardened setup is a > good one. It sounds much safer for a security box. > > > -- > Neil Bothwick > > "getting performance from an Amiga is like getting water from a sponge, > getting performance from Windows is like getting blood from a stone - > after banging my head against the stone several times I got some blood" > Author of Lightwave 3D [Timothy A. Holmes] Neil: the problem before was an incomplete understanding of how the USE Flags worked, and a mis-understanding of some advice that I was given. The procedure that I used last time was: rebuild the kernel Set use to USE="-*" Emerge -e world I broke my system this way once... That procedure with the USE flags is what killed me. What I should have done -- it now appears was to set use to blank (or comment it out) and allow it to use the base flags from the profile. But trying to recompile from base with all use flags specifically excluded is what began to break stuff When you leave the USE empty or commented, portage gets default set to compile, this set has options that work most of the time. But when you set it to "-*", it simply disable all optional (and sometimes most necessary) stuff for all packages. So, unless you have the time to take a full "emerge -epv" list, join it with a "emerge -epv system", put "-*" at USE and start setting each and every package at package.use or putting global configs at the USE flag, its not a good way to do it (but you would get a super fine tuned gentoo system, after a few days of configuration and a few weeks of debuging like: "why this package don't work, oh, it was because that other package needed that flag"), you should leave it empty and add/remove flags after the system is up and after knowing exactly what you'll be doying with that package. Gentoo is so flexible that it becomes a little difficult to configure (and I mean fine tunning at maximum) sometimes. For my desktops, I just leave USE empty. -- Daniel da Veiga Computer Operator - RS - Brazil -BEGIN GEEK CODE BLOCK- Version: 3.1 GCM/IT/P/O d-? s:- a? C++$ UBLA++ P+ L++ E--- W+++$ N o+ K- w O M- V- PS PE Y PGP- t+ 5 X+++ R+* tv b+ DI+++ D+ G+ e h+ r+ y++ --END GEEK CODE BLOCK-- -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Reconstructing a Gentoo Installer Computer
On Wed, 31 May 2006 14:33:38 -0400, Timothy A. Holmes wrote: > I will be most interested to read it, but the manpage reader is horrible > to try to work from If you use KDE, press Alt-F2 and type '#portage' to get an HTML version of the man page. Or you could use man2html to convert individual man pages. -- Neil Bothwick Programming just with goto's is like swatting flies with a sledgehammer. signature.asc Description: PGP signature
Re: [gentoo-user] Reconstructing a Gentoo Installer Computer
Timothy A. Holmes wrote: OOPS _- that should be RYAN -- SORRY -- I got fumble fingered Everyone does it the first time. :) -- gentoo-user@gentoo.org mailing list
RE: [gentoo-user] Reconstructing a Gentoo Installer Computer
> > [Timothy A. Holmes] > > Randy: > > That may be, however, I have seen far to many complaints about > instability in the hardened systems to be comfortable using them in a > production environment. Another user here in my area is working to [Timothy A. Holmes] OOPS _- that should be RYAN -- SORRY -- I got fumble fingered TIM Timothy A. Holmes IT Manager / Network Admin / Web Master / Computer Teacher Medina Christian Academy A Higher Standard... Jeremiah 33:3 Jeremiah 29:11 Esther 4:14 -- gentoo-user@gentoo.org mailing list
RE: [gentoo-user] Reconstructing a Gentoo Installer Computer
Ra > -Original Message- > From: Ryan Tandy [mailto:[EMAIL PROTECTED] > Sent: Wednesday, May 31, 2006 2:08 PM > To: gentoo-user@lists.gentoo.org > Subject: Re: [gentoo-user] Reconstructing a Gentoo Installer Computer > > Timothy A. Holmes wrote: > > I have read the wiki document about the USE flags, and I refer to that > > chart routinely as I am trying to construct these statements. > > > > http://www.gentoo.org/dyn/use-index.xml > > > > This is the document that I have been using, if there is a better one > > available on the web, I am quite open to using it, if someone can please > > send me a link. > > Don't restrict yourself to wikis and web-based information. The best > portage and emerge manuals are exactly that - the portage and emerge > manuals. > > $ man 5 portage > $ man 1 emerge > $ man 5 make.conf > > Once you've thoroughly read and understood all three of those, come back > here. > -- > gentoo-user@gentoo.org mailing list [Timothy A. Holmes] Ryan - - Thanks for the links - Is that info also accessable on the web some place, since I cant print from linux based systems, and especially cant under the live CD? I will be most interested to read it, but the manpage reader is horrible to try to work from TIM Timothy A. Holmes IT Manager / Network Admin / Web Master / Computer Teacher Medina Christian Academy A Higher Standard... Jeremiah 33:3 Jeremiah 29:11 Esther 4:14 -- gentoo-user@gentoo.org mailing list
RE: [gentoo-user] Reconstructing a Gentoo Installer Computer
> -Original Message- > From: Ryan Tandy [mailto:[EMAIL PROTECTED] > Sent: Wednesday, May 31, 2006 2:11 PM > To: gentoo-user@lists.gentoo.org > Subject: Re: [gentoo-user] Reconstructing a Gentoo Installer Computer > > Timothy A. Holmes wrote: > > At this point then, I am going to actually build a second box for snort > > perhaps using the hardened sources (I am not in the least comfortable > > with running hardened on a production box). > > Wrong. The correct sentiment should be "I am not in the least > comfortable with running NON-hardened on a production box". :) > > ESPECIALLY for network-accessible devices. > -- > gentoo-user@gentoo.org mailing list [Timothy A. Holmes] Randy: That may be, however, I have seen far to many complaints about instability in the hardened systems to be comfortable using them in a production environment. Another user here in my area is working to change my mind, but at this point, unless something changes dramatically, hardened in my mind is a specialty subset for very isolated applications that are very very crash tolerant. The problem in my mind is that if the system is so unstable that it will not properly function with a major component like X, I am worried that it may prove unstable with other applications as well. It seems quite often that I see messages going past someone has had a problem with hardened and more often then not, these are fairly critical problems -- while it may be that hardened sources are fine, I have high doubts about them, and specifically their stability. I realize that this topic has the potential to very quickly become a flame fest, and I have no desire for this to happen, but at the same time, I cant risk a critical system on unstable sources either. I am open to the possibility of using them, BUT, for now it will be in parallel with sources that I KNOW work correctly. I cant risk our network to be part of an experiment. Timothy A. Holmes IT Manager / Network Admin / Web Master / Computer Teacher Medina Christian Academy A Higher Standard... Jeremiah 33:3 Jeremiah 29:11 Esther 4:14 -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Reconstructing a Gentoo Installer Computer
Timothy A. Holmes wrote: At this point then, I am going to actually build a second box for snort perhaps using the hardened sources (I am not in the least comfortable with running hardened on a production box). Wrong. The correct sentiment should be "I am not in the least comfortable with running NON-hardened on a production box". :) ESPECIALLY for network-accessible devices. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Reconstructing a Gentoo Installer Computer
Timothy A. Holmes wrote: I have read the wiki document about the USE flags, and I refer to that chart routinely as I am trying to construct these statements. http://www.gentoo.org/dyn/use-index.xml This is the document that I have been using, if there is a better one available on the web, I am quite open to using it, if someone can please send me a link. Don't restrict yourself to wikis and web-based information. The best portage and emerge manuals are exactly that - the portage and emerge manuals. $ man 5 portage $ man 1 emerge $ man 5 make.conf Once you've thoroughly read and understood all three of those, come back here. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Reconstructing a Gentoo Installer Computer
Timothy A. Holmes wrote: > > >> -Original Message- >> From: Neil Bothwick [mailto:[EMAIL PROTECTED] >> Sent: Wednesday, May 31, 2006 11:57 AM >> To: gentoo-user@lists.gentoo.org >> Subject: Re: [gentoo-user] Reconstructing a Gentoo Installer Computer >> >> On Wed, 31 May 2006 10:46:18 -0400, Timothy A. Holmes wrote: >> >>> I was hoping to >>> rescue the additional time for the snort install etc by being able > to >>> just recompile stuff rather than have to start over from the > beginning, >>> the system is currently running, so I may just end up putting off > the >>> rebuild till this summer when I have a bit more time -- I was hoping > to >>> be able to change the use flags, build a new kernel and be done with > it, >>> but that doesn't look to be the case >> It should be the case. it's not much different from doing a stage 3 >> install then changing USE flags etc. I've done that with no problems. >> What went wrong when you tried this before, or was it a case of > changing >> too much at once so you couldn't find the source of the problem? >> >> However, Michael's point about starting afresh with a hardened setup > is a >> good one. It sounds much safer for a security box. >> >> >> -- >> Neil Bothwick >> >> "getting performance from an Amiga is like getting water from a > sponge, >> getting performance from Windows is like getting blood from a stone - >> after banging my head against the stone several times I got some > blood" >> Author of Lightwave 3D > [Timothy A. Holmes] > > Neil: > > the problem before was an incomplete understanding of how the USE Flags > worked, and a mis-understanding of some advice that I was given. The > procedure that I used last time was: > > rebuild the kernel > Set use to USE="-*" > Emerge -e world > > That procedure with the USE flags is what killed me. What I should have > done -- it now appears was to set use to blank (or comment it out) and > allow it to use the base flags from the profile. But trying to > recompile from base with all use flags specifically excluded is what > began to break stuff > > TIM > > > > Timothy A. Holmes > IT Manager / Network Admin / Web Master / Computer Teacher > > Medina Christian Academy > A Higher Standard... > > Jeremiah 33:3 > Jeremiah 29:11 > Esther 4:14 > > Hi, Don't just wipe out all USE-flags IIRC you'll need "readline ncurses..." Search mail-list archives for "minimal USE flags", a year or more ago (mail was from ciaranm IIRC). HTH.Rumen smime.p7s Description: S/MIME Cryptographic Signature
Re: [gentoo-user] Reconstructing a Gentoo Installer Computer
On Wed, 31 May 2006 12:01:05 -0400, Timothy A. Holmes wrote: > the problem before was an incomplete understanding of how the USE Flags > worked, and a mis-understanding of some advice that I was given. The > procedure that I used last time was: > > rebuild the kernel Fine > Set use to USE="-*" Aaargh! > Emerge -e world Unnecessary, but normally harmless. > That procedure with the USE flags is what killed me. Yes. Some USE flags are required, such as readline. > What I should have > done -- it now appears was to set use to blank (or comment it out) and > allow it to use the base flags from the profile. Yes, and then remove USE flags a few at a time, with USE="-xxx -yyy -zzz" and recompile to see the effect. > But trying to > recompile from base with all use flags specifically excluded is what > began to break stuff You may have been able to recover by booting from the live CD, chrooting into the system and rebuilding with fixed USE flags, but the system may have been to hosed to allow this. -- Neil Bothwick Beware of low-flying butterflies. signature.asc Description: PGP signature
RE: [gentoo-user] Reconstructing a Gentoo Installer Computer
> -Original Message- > From: Neil Bothwick [mailto:[EMAIL PROTECTED] > Sent: Wednesday, May 31, 2006 11:57 AM > To: gentoo-user@lists.gentoo.org > Subject: Re: [gentoo-user] Reconstructing a Gentoo Installer Computer > > On Wed, 31 May 2006 10:46:18 -0400, Timothy A. Holmes wrote: > > > I was hoping to > > rescue the additional time for the snort install etc by being able to > > just recompile stuff rather than have to start over from the beginning, > > the system is currently running, so I may just end up putting off the > > rebuild till this summer when I have a bit more time -- I was hoping to > > be able to change the use flags, build a new kernel and be done with it, > > but that doesn't look to be the case > > It should be the case. it's not much different from doing a stage 3 > install then changing USE flags etc. I've done that with no problems. > What went wrong when you tried this before, or was it a case of changing > too much at once so you couldn't find the source of the problem? > > However, Michael's point about starting afresh with a hardened setup is a > good one. It sounds much safer for a security box. > > > -- > Neil Bothwick > > "getting performance from an Amiga is like getting water from a sponge, > getting performance from Windows is like getting blood from a stone - > after banging my head against the stone several times I got some blood" > Author of Lightwave 3D [Timothy A. Holmes] Neil: the problem before was an incomplete understanding of how the USE Flags worked, and a mis-understanding of some advice that I was given. The procedure that I used last time was: rebuild the kernel Set use to USE="-*" Emerge -e world That procedure with the USE flags is what killed me. What I should have done -- it now appears was to set use to blank (or comment it out) and allow it to use the base flags from the profile. But trying to recompile from base with all use flags specifically excluded is what began to break stuff TIM Timothy A. Holmes IT Manager / Network Admin / Web Master / Computer Teacher Medina Christian Academy A Higher Standard... Jeremiah 33:3 Jeremiah 29:11 Esther 4:14 -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Reconstructing a Gentoo Installer Computer
On Wed, 31 May 2006 10:46:18 -0400, Timothy A. Holmes wrote: > I was hoping to > rescue the additional time for the snort install etc by being able to > just recompile stuff rather than have to start over from the beginning, > the system is currently running, so I may just end up putting off the > rebuild till this summer when I have a bit more time -- I was hoping to > be able to change the use flags, build a new kernel and be done with it, > but that doesn't look to be the case It should be the case. it's not much different from doing a stage 3 install then changing USE flags etc. I've done that with no problems. What went wrong when you tried this before, or was it a case of changing too much at once so you couldn't find the source of the problem? However, Michael's point about starting afresh with a hardened setup is a good one. It sounds much safer for a security box. -- Neil Bothwick "getting performance from an Amiga is like getting water from a sponge, getting performance from Windows is like getting blood from a stone - after banging my head against the stone several times I got some blood" Author of Lightwave 3D signature.asc Description: PGP signature
RE: [gentoo-user] Reconstructing a Gentoo Installer Computer
> On 5/31/06, Timothy A. Holmes <[EMAIL PROTECTED]> wrote: > > > > Neil - > > > > I understand your suggestion -- I used the installer as an attempted > > shortcut after having done several (5+) installs via the basic disk and > > the handbook. I have paid for that error in spades - believe me -- > > since then I have done an additional 5 or so installations by hand from > > the basic disk. I understand the processes there, I was hoping to > > rescue the additional time for the snort install etc by being able to > > just recompile stuff rather than have to start over from the beginning, > > the system is currently running, so I may just end up putting off the > > rebuild till this summer when I have a bit more time -- I was hoping to > > be able to change the use flags, build a new kernel and be done with it, > > but that doesn't look to be the case > > Tim... > > I concur with Neil's assessment that you should just wipe the box and > start afresh, the main reason being that you should be running > hardened sources and USE="-*" instead of trying to do a basic install. > Security related boxes such as firewalls, routers, and IDS should be a > slim as possible to eliminate potential for security holes and in all > cases they should be running with the hardened profile. Just my $0.02. > > -Mike [Timothy A. Holmes] Mike and Neil -- Ok -- sounds good to me -- At this point then, I am going to actually build a second box for snort perhaps using the hardened sources (I am not in the least comfortable with running hardened on a production box). This will allow me to get things working and evaluate the stability of the hardened sources in my production environment. Thanks a bunch for the input TIM Timothy A. Holmes IT Manager / Network Admin / Web Master / Computer Teacher Medina Christian Academy A Higher Standard... Jeremiah 33:3 Jeremiah 29:11 Esther 4:14 -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Reconstructing a Gentoo Installer Computer
On 5/31/06, Timothy A. Holmes <[EMAIL PROTECTED]> wrote: Neil - I understand your suggestion -- I used the installer as an attempted shortcut after having done several (5+) installs via the basic disk and the handbook. I have paid for that error in spades - believe me -- since then I have done an additional 5 or so installations by hand from the basic disk. I understand the processes there, I was hoping to rescue the additional time for the snort install etc by being able to just recompile stuff rather than have to start over from the beginning, the system is currently running, so I may just end up putting off the rebuild till this summer when I have a bit more time -- I was hoping to be able to change the use flags, build a new kernel and be done with it, but that doesn't look to be the case Tim... I concur with Neil's assessment that you should just wipe the box and start afresh, the main reason being that you should be running hardened sources and USE="-*" instead of trying to do a basic install. Security related boxes such as firewalls, routers, and IDS should be a slim as possible to eliminate potential for security holes and in all cases they should be running with the hardened profile. Just my $0.02. -Mike -- Michael E. Crute http://mike.crute.org It is a mistake to think you can solve any major problems just with potatoes. --Douglas Adams -- gentoo-user@gentoo.org mailing list
RE: [gentoo-user] Reconstructing a Gentoo Installer Computer
> -Original Message- > From: Neil Bothwick [mailto:[EMAIL PROTECTED] > Sent: Wednesday, May 31, 2006 10:41 AM > To: gentoo-user@lists.gentoo.org > Subject: Re: [gentoo-user] Reconstructing a Gentoo Installer Computer > > On Wed, 31 May 2006 09:53:05 -0400, Timothy A. Holmes wrote: > > > I am rapidly getting the idea that either leaving the system alone, or > > just wiping it out and starting over is going to be preferable to trying > > to repair this one, since no one can seem to tell me if it can be done. > > My original thought was to simply change the use flags to those that I > > wanted, and emerge -e world, apparently, this is not correct? > > Re-emerging everything is unnecessary, especially if you are only > changing a few flags. > > emerge -uavDN world > > will re-emerge everything affected by your changed flags, and allow you > to see what it is going to do before it starts. If you have any doubt as > to what an emerge will do, run it with --verbose and either --pretend or > --ask first. > > > As far as portage documentation, I have not been able to find a wiki > > article or other document that indicates how to change from a system > > created by the installer disk to one that is personally optimized. > > Therein lies one of the problems with the installer. The manual > installation requires you to gain some understanding of how Gentoo works > in order to build a system. That understanding is also needed to > administer the system. By using the installer, you bypass the initial > learning curve which, paradoxically, can make things more difficult in > the long run. > > I am going to suggest a course of action that I normally find totally > pointless, re-install. If you build your system again without the > installer, you will be able to configure it to suit your needs from > scratch, and you will have a greater understanding of the system, making > it easier to maintain. > > > -- > Neil Bothwick > > "Bother," said Pooh, as the Death Star exploded around him. [Timothy A. Holmes] Neil - I understand your suggestion -- I used the installer as an attempted shortcut after having done several (5+) installs via the basic disk and the handbook. I have paid for that error in spades - believe me -- since then I have done an additional 5 or so installations by hand from the basic disk. I understand the processes there, I was hoping to rescue the additional time for the snort install etc by being able to just recompile stuff rather than have to start over from the beginning, the system is currently running, so I may just end up putting off the rebuild till this summer when I have a bit more time -- I was hoping to be able to change the use flags, build a new kernel and be done with it, but that doesn't look to be the case Thanks again TIM Timothy A. Holmes IT Manager / Network Admin / Web Master / Computer Teacher Medina Christian Academy A Higher Standard... Jeremiah 33:3 Jeremiah 29:11 Esther 4:14 -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Reconstructing a Gentoo Installer Computer
On Wed, 31 May 2006 09:53:05 -0400, Timothy A. Holmes wrote: > I am rapidly getting the idea that either leaving the system alone, or > just wiping it out and starting over is going to be preferable to trying > to repair this one, since no one can seem to tell me if it can be done. > My original thought was to simply change the use flags to those that I > wanted, and emerge -e world, apparently, this is not correct? Re-emerging everything is unnecessary, especially if you are only changing a few flags. emerge -uavDN world will re-emerge everything affected by your changed flags, and allow you to see what it is going to do before it starts. If you have any doubt as to what an emerge will do, run it with --verbose and either --pretend or --ask first. > As far as portage documentation, I have not been able to find a wiki > article or other document that indicates how to change from a system > created by the installer disk to one that is personally optimized. Therein lies one of the problems with the installer. The manual installation requires you to gain some understanding of how Gentoo works in order to build a system. That understanding is also needed to administer the system. By using the installer, you bypass the initial learning curve which, paradoxically, can make things more difficult in the long run. I am going to suggest a course of action that I normally find totally pointless, re-install. If you build your system again without the installer, you will be able to configure it to suit your needs from scratch, and you will have a greater understanding of the system, making it easier to maintain. -- Neil Bothwick "Bother," said Pooh, as the Death Star exploded around him. signature.asc Description: PGP signature
RE: [gentoo-user] Reconstructing a Gentoo Installer Computer
> On Wed, 31 May 2006 08:29:49 -0400, Timothy A. Holmes wrote: > > > Raymond - the dev-lang/php use flag is there to pull in the PHP stuff as > > BASE requires it. > > dev-lang/php is not a valid USE flag, php is. > > If a program installed via portage requires php, portage will install it > as a dependency of that program. USE flags only affect optional > dependencies, such as when a program can be built with or without php > support. > > You really should read the USE flag documentation before messing with > them too much. Along with the flexibility it brings, Gentoo gives you a > great deal of power to totally fsck your system by fiddling with things > you don't understand. > > One would have thought that after destroying five systems in this way, > you would have resorted to the documentation. > > Check /usr/portage/profiles/use.*desc for descriptions of all USE flags > and 'emerge --info' to see which are in effect on your system. > > Finally, don't change to many at once, and keep track of what you have > done. that way, if things do go wrong, you can retrace your steps and > find the cause (and solution). > > > -- > Neil Bothwick > > Jimmy Hoffa is buried here --> X [Timothy A. Holmes] Neil and others: Thanks for the input, you are correct, I accidentally put a package specification into the original post rather than the appropriate use flag -- my goof The USE line that I want should look more like: USE="php session cli gd pear apache2 mysql ssl png jpeg gif" This USE Specification comes from the WIKI article about the installation of Snort and BASE found at: http://gentoo-wiki.com/HOWTO_Setup_BASE_with_Apache,_Snort,_and_PostgreS QL With two slight changes 1. I use MySQL rather than postgreSQL 2. I am not using hardened sources or hardened php I am rapidly getting the idea that either leaving the system alone, or just wiping it out and starting over is going to be preferable to trying to repair this one, since no one can seem to tell me if it can be done. My original thought was to simply change the use flags to those that I wanted, and emerge -e world, apparently, this is not correct? As far as portage documentation, I have not been able to find a wiki article or other document that indicates how to change from a system created by the installer disk to one that is personally optimized. If there is such a document, I will be most happy to read it, as it would really simplify things. I do understand that there is significant power in the USE flags, and after having destroyed 5 systems, I came to the group asking for help to avoid making a similar mistake again. The portage docs that I have seen so far (specifically those in the gentoo handbook), do not SEEM (that I have found) to cover this type of eventuality, but rather provide a general guide line for its use. Again, If I have missed the appropriate doc someplace, please let me know. To answer Raymonds question specifically, BASE is the web interface and reporting engine that I use for the SNORT IDS, and it is the reason that php and mysql and apache2 are in the list I will freely admit that my understanding of portage and the USE flags is somewhat limited, and that is part of the reason that I came to the group for help rather than just blindly plunging ahead as I did previously. I have read the wiki document about the USE flags, and I refer to that chart routinely as I am trying to construct these statements. http://www.gentoo.org/dyn/use-index.xml This is the document that I have been using, if there is a better one available on the web, I am quite open to using it, if someone can please send me a link. Thank you all for your time and your help - -I greatly appreciate it TIM Timothy A. Holmes IT Manager / Network Admin / Web Master / Computer Teacher Medina Christian Academy A Higher Standard... Jeremiah 33:3 Jeremiah 29:11 Esther 4:14 -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Reconstructing a Gentoo Installer Computer
On Wed, 31 May 2006 08:29:49 -0400, Timothy A. Holmes wrote: > Raymond - the dev-lang/php use flag is there to pull in the PHP stuff as > BASE requires it. dev-lang/php is not a valid USE flag, php is. If a program installed via portage requires php, portage will install it as a dependency of that program. USE flags only affect optional dependencies, such as when a program can be built with or without php support. You really should read the USE flag documentation before messing with them too much. Along with the flexibility it brings, Gentoo gives you a great deal of power to totally fsck your system by fiddling with things you don't understand. One would have thought that after destroying five systems in this way, you would have resorted to the documentation. Check /usr/portage/profiles/use.*desc for descriptions of all USE flags and 'emerge --info' to see which are in effect on your system. Finally, don't change to many at once, and keep track of what you have done. that way, if things do go wrong, you can retrace your steps and find the cause (and solution). -- Neil Bothwick Jimmy Hoffa is buried here --> X signature.asc Description: PGP signature
Re: [gentoo-user] Reconstructing a Gentoo Installer Computer
Hi, On Wed, 31 May 2006 08:29:49 -0400 "Timothy A. Holmes" <[EMAIL PROTECTED]> wrote: > Raymond - the dev-lang/php use flag is there to pull in the PHP stuff > as BASE requires it. What makes you think there's a) a slash-notation in USE flags b) this specific USE flag? "dev-lang/php" really looks like a package specification, not a USE flag. And: What is BASE? > The -mmx and several of the others are there to keep conky from > pulling in a bunch of stuff as well that it does not need When mmx isn't set by default there's no good reason to disable it, right? Make sure that you have understood what USE flags really do. As you're talking about a IDS, my suggestion would even be to start with all USE flags unset by default, i.e. your USE variable in /etc/make.conf should start with "-*" then. You'll probably want to add some of these to the default flags, too: nptl nptlonly ssl zlib jpeg png alsa ncurses pic nls pam. You can then specify further package specific refinements in /etc/portage/package.use. For an explanation what is happening at all, see man portage and man make.conf. -hwh -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Reconstructing a Gentoo Installer Computer
I believe you're looking for the 'php' USE flag. dev-lang/php is not a USE flag it's the php package. As I stated previously, mmx is not set by default, so '-mmx' is redundant. On Wednesday, 31 May 2006 21:59, Timothy A. Holmes wrote: > > [Timothy A. Holmes] > > > Raymond - the dev-lang/php use flag is there to pull in the PHP stuff as > BASE requires it. > > The -mmx and several of the others are there to keep conky from pulling > in a bunch of stuff as well that it does not need > > Thanks > > TIM > > > > Timothy A. Holmes > IT Manager / Network Admin / Web Master / Computer Teacher > > Medina Christian Academy > A Higher Standard... > > Jeremiah 33:3 > Jeremiah 29:11 > Esther 4:14 -- Raymond Lewis Rebbeck -- gentoo-user@gentoo.org mailing list
RE: [gentoo-user] Reconstructing a Gentoo Installer Computer
> -Original Message- > From: Raymond Lewis Rebbeck [mailto:[EMAIL PROTECTED] > Sent: Wednesday, May 31, 2006 8:22 AM > To: gentoo-user@lists.gentoo.org > Subject: Re: [gentoo-user] Reconstructing a Gentoo Installer Computer > > On Wednesday, 31 May 2006 21:31, Timothy A. Holmes wrote: > > Hi folks: > > > > A few months back, I went through a phase where I built several > > computers via the gentoo installer disk, they work, but they are not as > > well optimized as I would like. I have successfully destroyed 5 of them > > trying to fix the use flags, so after that im to the point of asking for > > some help :) -- > > Too much optimisation can be a bad thing. > > > > > My IDS box is the next one on the list to be fixed. I would like to be > > able to rebuild the kernel for what I use it for - -No problem there -- > > that's simple. And I would like to take out all the unused use flags > > and replace them with a basic set - -this is where I have gotten into > > trouble before on the other systems -- I can edit them in make.conf so I > > have what I want - right now it looks like I will be using > > > > USE="apache2 dev/lang-php mysql -ipv6 -mmx -mp3 -nls -xmms -alsa -arts" > > What is dev/lang-php doing in there? If your intention is for the mysql > USE > flag to only apply to dev/lang-php then put the line 'dev-lang/php mysql' > into /etc/portage/package.use > > Also mmx is not a default USE flag, specifically disabling it is > redundant. > > > > > Knowing that, once I edit make.conf, what do I need to do next to get > > stuff re-compiled etc? > > if you had looked at the emerge man page you'd have noticed the 'N' > argument. > > > > > Any other recommendation etc??? > > My recommendation is to not touch any USE flags that you don't understand. > The > defaults are usually perfectly fine unless you have a good reason to > disable > particular flags. > > I would also recommend that you go through and read all the portage > documentation. > > > > > Thanks > > > > TIM > > > > > > Timothy A. Holmes > > IT Manager / Network Admin / Web Master / Computer Teacher > > > > Medina Christian Academy > > A Higher Standard... > > > > Jeremiah 33:3 > > Jeremiah 29:11 > > Esther 4:14 > > -- > Raymond Lewis Rebbeck > -- > gentoo-user@gentoo.org mailing list [Timothy A. Holmes] Raymond - the dev-lang/php use flag is there to pull in the PHP stuff as BASE requires it. The -mmx and several of the others are there to keep conky from pulling in a bunch of stuff as well that it does not need Thanks TIM Timothy A. Holmes IT Manager / Network Admin / Web Master / Computer Teacher Medina Christian Academy A Higher Standard... Jeremiah 33:3 Jeremiah 29:11 Esther 4:14 -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Reconstructing a Gentoo Installer Computer
On Wednesday, 31 May 2006 21:31, Timothy A. Holmes wrote: > Hi folks: > > A few months back, I went through a phase where I built several > computers via the gentoo installer disk, they work, but they are not as > well optimized as I would like. I have successfully destroyed 5 of them > trying to fix the use flags, so after that im to the point of asking for > some help :) -- Too much optimisation can be a bad thing. > > My IDS box is the next one on the list to be fixed. I would like to be > able to rebuild the kernel for what I use it for - -No problem there -- > that's simple. And I would like to take out all the unused use flags > and replace them with a basic set - -this is where I have gotten into > trouble before on the other systems -- I can edit them in make.conf so I > have what I want - right now it looks like I will be using > > USE="apache2 dev/lang-php mysql -ipv6 -mmx -mp3 -nls -xmms -alsa -arts" What is dev/lang-php doing in there? If your intention is for the mysql USE flag to only apply to dev/lang-php then put the line 'dev-lang/php mysql' into /etc/portage/package.use Also mmx is not a default USE flag, specifically disabling it is redundant. > > Knowing that, once I edit make.conf, what do I need to do next to get > stuff re-compiled etc? if you had looked at the emerge man page you'd have noticed the 'N' argument. > > Any other recommendation etc??? My recommendation is to not touch any USE flags that you don't understand. The defaults are usually perfectly fine unless you have a good reason to disable particular flags. I would also recommend that you go through and read all the portage documentation. > > Thanks > > TIM > > > Timothy A. Holmes > IT Manager / Network Admin / Web Master / Computer Teacher > > Medina Christian Academy > A Higher Standard... > > Jeremiah 33:3 > Jeremiah 29:11 > Esther 4:14 -- Raymond Lewis Rebbeck -- gentoo-user@gentoo.org mailing list