Managing Your Gentoo [“Sort-Of” Easily], Tips, and More

^{***This article has been placed under constant expansion. So keep a check on it!***}

Law #1: If anyone tells you that, “To administer a Gentoo Build is easy”, tell him/her to go f*** off. Ofcourse, if your an expert at it, then it’ll be an exception for you. Yes, it really is easy if you understand what you are doing, unlike pulling your hair out.

Gentoo offers the most that you can think of getting out of any GNU/Linux box, and that is the very fact why administering it often becomes a headache. You will at first curse portage(the package manager), but eventually will realize that it’s the most superior one out there. Okay, I hate introductions, let’s get to work.

Required Gears:

• Gentoo Build from stage3(stage3 is the best method to install Gentoo)
• Some patience for reading

Package Managing and Tune-Ups:

You’ve probably noticed that compile time is long, so, if you have like >1GB RAM, you can opt to compile in RAM. Here’s how you do this in /etc/fstab. Add this line there and do a “# mount /var/tmp/portage”.

none /var/tmp/portage tmpfs nr_inodes=1M,size=900M 0 0


Portage does all its compiling in /var/tmp/portage, so if we have that in RAM, read/write speeds would be better. Again, you may also try out ccache, but it will cause some build to fail. For me, it failed to compile mono as it had some error in the cached libs. Now we have faster build time. Let’s make the searching and “Calculating dependencies…” happen a lot faster. For this, we’ll create a reiser4 loopback filesystem which will also compress the huge tree into only 220MB max. This is just done by making the blocksize a bit smaller. I prefer reiser4 as it’s extremely good with small files(you will have to patch your kernel for reiser4fs, so head out here: Patching the Linux Kernel for reiser4 support).

# dd if=/dev/zero of=s-port bs=1M count=250
# mkfs.reiser4 ./s-port
# mv ./s-port /usr
# mount -o loop /usr/s-port /usr/portage/
# emerge-webrsync

Note: You’ll have to relocate your distfiles, as this images is only 250MB and you cannot store distfiles in this image. Refer to the make.conf

You can add the following line to /etc/fstab to make it mount on every boot.

/usr/s-port /usr/portage reiser4 loop,noatime 0 0


Now, we should have a faster portage. In case you have a lower bandwidth, I suggest you to use the delta method of patching the tree. The package is called “app-portage/emerge-delta-webrsync”. Go ahead and install it. It will not download the whole tree everytime you want to sync, but only fetch patches(usually less than 2MB) and patch up the tree. It may hit your head that emerge –search is a bit slow. So then install “app-portage/eix”. It’s a common tool for searching as it displays results in less than 10 seconds.

Putting the next thing bluntly, many users are often very frustrated when portage complains about “masked” packages. For this, install “app-portage/autounmask”. The syntax for autounmask goes like this: autounmask category/package-version
# autounmask x11-wm/compiz-fusion-0.6.0
.

Law #2: You need to monitor and be able to maintain your system from remote places. If you don’t do this, you will most likely be frustrated at things going wrong and finally end up doing an rm -rf / as root.

I personally use app-admin/conky to monitor my system. It has many inbuilt functions, of which, google will be able to help you out in finding them. For a single system, you can use app-admin/webmin. It provides you everything you will ever need, including a terminal session.
Monitoring your system is crucial as when and as it happens, you are notified. If you want to make this a whole lot simpler, you can use the command notify-send in many of your own small apps that will help you to monitor it very well. For example, you can have an app that notifies you when a new ssh connection has been established, also consider making other useful network scripts and then periodically check all the open ports on your system. Having a bit of “Malware”, isn’t really a chance for a GNU/Linux system. Your chances are between zero and nil. Of course, you could have planted one yourself, to fool another person.
Keeping on your right foot, you can definitely have a system that is as secure as the NSA(or whatever it is).

Law #3: Every action has an equal and opposite reaction. You fail to create a simple but powerful and full-featured global make file, you would have to go to the extent of actually burning yourself instead of the machine. Remember, you do not use Microsoft Windows anymore. You use the superior OS. Power resides in your hands.

Having a very sophisticated CFLAGS may seem amusing to you, but I would advise you to not do so. Here is what a hardcore Gentoo person has for his CFLAGS:

* friend (~friend@172.0.0.0) has joined #blah-blah
<friend> CFLAGS="-march=core2 -mtune=core2 --param l1-cache-line-size=64 --param l1-cache-size=32 --param l2-cache-size=512 -O2 -funswitch-loops -fpredictive-commoning -fgcse-after-reload -ftree-vectorize -fomit-frame-pointer -mfpmath=sse -pipe"
<friend> my elite flags
<me> holy god
<friend> razor edge optimization

Now those are seriously some really brilliant and spectacular CFLAGS to use, but I seriously don’t get it. All I need is -O2 -march=i686 -pipe and my system is very stable. When you really understand Gentoo, you can go for all these core things.

Yes, making a make.conf is very hard to make at the first show. Often, you’ll end up recompiling many packages if you don’t have the right make flags, etc. set. Therefore, I present you my make.conf in detailed explanation.

# These settings were set by the catalyst build script that automatically
# built this stage.
# Please consult /etc/make.conf.example for a more detailed example
# These are your Processor Flags. Never change it once you have the first package installed
CFLAGS="-O2 -march=k8 -pipe -fomit-frame-pointer"
# CXXFLAGS should be the same as CFLAGS
CXXFLAGS="${CFLAGS}"

# WARNING: Changing your CHOST is not something that should be done lightly.
# Please consult http://www.gentoo.org/doc/en/change-chost.xml before changing
CHOST="i686-pc-linux-gnu"

# For max 2 parallel compilations. Set by Me
# When using a quadcore, you have to set this to 4 cores + 1, so it would become -j5. If your using an Intel i7, you have to set this to 9 cores as the i7 has multi-threading features that make each core seem like 2
MAKEOPTS="-j2"
# From the command mirrorselect, select the ones closest to you as the download speed would be faster
GENTOO_MIRRORS="http://mirror.bytemark.co.uk/gentoo/ http://www.ibiblio.org/pub/Linux/distributions/gentoo"

# The following are your settings for ccache if you decide to use it.
# ccache config for Portage
# As of Friday, August 28 2009, I hate ccache!!!!
# Uncomment the next 3 lines to enable it, do this after you have followed the ccache guide
# FEATURES="ccache"
# CCACHE_DIR="/var/tmp/ccache"
# CCACHE_SIZE="2G"
# You can always move your tree from place to place. But keeping it in /usr/portage is ideal for most systems
PORTDIR="/usr/portage"
# We're relocating the distfiles directory, as the loopback image is very small and meant only for the tree. This section is covered in the next part of this tutorial
DISTDIR="/var/portage/distfiles"

# Do not touch these flags!!!
# These are your global compile flags. Please follow the Official Gentoo Handbook to do this.
# This is not what you should copy/paste into make.conf. Read the Gentoo Handbook.
USE=" -apache2 -apache -networkmanager acpi spell gnome real truetype libnotify xulrunner nautilus hal dbus gstreamer jpeg alsa gnome-keyring png cairo svg gtk X acpi gnome qt alsa dvd cdr bash-completion bluetooth bonodo bzip2 dri -debug ffmpeg mp3 ogg vorbis win32codecs xvid xinerama"
# You can choose more languages. I only speak and read English, so I have only one language enabled.
LINGUAS="en"
# Here is you display drivers. When emerging xorg and other stuff that are made for a specific graphic card, it will be compiled with these drivers
VIDEO_CARDS="via openchrome vesa"

# Bandwith limiting
# Just incase your stuck with slow internet speed and you have important work to do, as well as need a package installed ASAP, you can uncomment this whenever you need it
# thanks to Hopeless on Gentoo forums, this a better approach then my earlier one.
PORTAGE_BANDWIDTH='200'
PORTAGE_RSYNC_EXTRA_OPTS="--bwlimit=${PORTAGE_BANDWIDTH}"
FETCHCOMMAND="/usr/bin/wget -t 5 -T 60 --passive-ftp -O \${DISTDIR}/\${FILE} \${URI} --limit-rate=${PORTAGE_BANDWIDTH}k"
RESUMECOMMAND="/usr/bin/wget -c -t 5 -T 60 --passive-ftp -O \${DISTDIR}/\${FILE} \${URI} --limit-rate=${PORTAGE_BANDWIDTH}k"
# Arch flags
ACCEPT_KEYWORDS="x86"
# If you would like to use the testing branch, uncomment the next line and comment the line above
# ACCEPT_KEYWORDS="~x86"

DO NOT COPY/PASTE THIS EXAMPLE MAKE.CONF

Law #4: Taking backups is essential. When information is lost, you will have already shot yourself in the head.

Taking backups is a very good thing. Let’s say that you have installed and configured Gentoo to run perfectly on your machine, then wham! Your hard-disk dies. Now what? Take another month to setup everything properly? Or even a year?
So take backups regularly. One good one out there is Bacula. That is meant for complete network backup when your managing many servers. Since I don’t manage many servers, I have found a very simple app to do that. app-backup/simplebackup is your answer if you run one or two machines. It has many noticeable features like incremental, differential and full backups. Here is my conf:

Directories & Files...
To backup .....: [ /home</var/www</var/lib/mysql</etc</var/lib/portage/world ]
Will do the backup of 4 directori(es)
and 1 file(s)
Temporary .....: [ /tmp ]
Backup destiny : [ /backup ]

Generic...
Text Note ..............................: Backup of Gentoo System
Screen Height ..........................: 24
Selected O.S. ..........................: unix (linux)
O.S. null device is ....................: 2>/dev/null
Include hostname on the backup files ...: no
Include username on the backup files ...: no
Backup mode is .........................: full
Network timeout ........................: 480
Backup rejections (full path) ..........: /var/log/backups</tmp/simplebackup.conf.support_file_copy1.db</tmp/simplebackup.conf.support_file_copy2.db</tmp/simplebackup.conf.support_file_copy3.db</backup</proc
Backup rejections (file type) ..........: mp3,mpg,mpeg,avi,flv,mp4,ogg
Backup rejections (file name) ..........: None configured
Backup file size limit .................: None configured
Compressed backup files size limit .....: None configured
Backup archiver format .................: tar.bz2
Use Encryption .........................: no
Backup compression ratio ...............: maximal
Real backup ratio (passed to archiver) .: 9
Backup list encoding ...................: ascii
Restore list encoding ..................: selected at restore time
Debug_level ............................: none
Backup sessions to keep ................: 3 (3 plus the current)
Backup list on log .....................: no
Restore list on log ................... : no

Really neat, isn’t it?
Contributors:
Hopeless (gentoo veteran in the forums)

I would request you to suggest suggestions, tips and tricks on managing a Gentoo Box.