Gentoo Linux
- The peculiar world of Gentoo package testingblogs.gentoo.org The peculiar world of Gentoo package testing
While discussing uv tests with Fedora developers, it occurred to me how different your average Gentoo testing environment is — not only from these used upstream, but also from these used by other L…
- Arm Ltd. provides fast Ampere Altra Max server for Gentoowww.gentoo.org Arm Ltd. provides fast Ampere Altra Max server for Gentoo – Gentoo Linux
News and information from Gentoo Linux
- The perils of transition to 64-bit time_tblogs.gentoo.org The perils of transition to 64-bit time_t
In the Overview of cross-architecture portability problems, I have dedicated a section to the problems resulting from use of 32-bit time_t type. This design decision, still affecting Gentoo systems…
- What happened to the gitlab mirror?
I used to use the gitlab mirror to browse the ebuilds; I prefer the gitlab UX to the github UX. But, for some reason, it stopped getting updates several months ago. Anyone know what happened?
- KDE Plasma 6 upgrade for stable Gentoo Linuxwww.gentoo.org KDE Plasma 6 upgrade for stable Gentoo Linux – Gentoo Linux
News and information from Gentoo Linux
- make Firefox faster
I want to get more points in speedometer 3 using firefox. I've seen results above 20-24, but I can't get more than 12 because js takes a long time to process. What to do? Rebuild firefox with the -0fast flag?? Or do something with config. I use some fixes in it which just extend limits for everything (almost)
Any suggestions are welcome
- Gentoo Linux drops IA-64 (Itanium) supportwww.gentoo.org Gentoo Linux drops IA-64 (Itanium) support – Gentoo Linux
News and information from Gentoo Linux
- Should I run non-hardened Gentoo on an SSH file server behind some sort of VPN?
So, I have a desktop that has a single-core/2-threads Pentium 4 CPU @ 2.4 GHz and a much newer desktop with an i7 CPU. The older desktop was one that I found on the streets in my neighborhood and that I later fixed and started to play around with it and decided to install Gentoo on it (just because). It's CPU is also so old that it thankfully doesn't have Intel MME. I have also put my older desktop in such a place where I could keep it on for 24/7 (without the risk of it overheating or bothering anyone even when emerging packages).
So, as I was installing Gentoo on it, I figured that I could also use it as an SSH file server and put it behind a VPN (which I could install on my newer i7 desktop (which I could install Debian onto)).
Now, since I wasn't intending to use my Pentium desktop as a file server, I didn't select the hardened profile (and switching profiles would probably take a very long time). So, I was wondering, would this be much of a security concern in my case?
- It's not much, but I've made my first working Gentoo install!
It took about 23 hours to get it booted under its own power using a binary kernel. And on the 4th day (today) I've managed to get a custom kernel working. Gentoo has been very fun to use and to customize, and it's very fast and responsive, even on my old hardware and with a hard disk, browsing heavy webpages with Librewolf is no problem at all. I've been sleeping on Gentoo for WAY to long.
- Gentoo Linux becomes an SPI associated projectwww.gentoo.org Gentoo Linux becomes an SPI associated project – Gentoo Linux
News and information from Gentoo Linux
- Gentoo wiki appreciation post
Hello :)
I just finished my first arch install I wanted to set my sights on something more challenging. So, I booted a live image with QEMU Virtmanager to try out gentoo, and after reading the wiki I thought to myself “man i should have started with gentoo”
The arch wiki is good in its own right, but as a beginner i felt really confused and overwhelmed. I felt like I had to google terms just to catch up. The gentoo wiki, however, is really good at explaining concepts and the overview of the technology. When the Arch wiki just says “use mkfs.ext4 /dev/sda2” or something the gentoo wiki actually explains what sda, sdb, etc and ext4 means. I sort of learned it the hard way with arch, but i learn and understand lot more from the gentoo wiki. I love that it explains partition tables, filesystems, heck it even explains what is an IP in the networking section. Making a gentoo system and reading the wiki is basically an interactive computer science course lmao
So, thank you gentoo wiki :)
- Instead of `--autounmask --autounmask-write`, use `--autounmask{,-write}`
--autounmask
tells emerge to show you what you should add to your package.accept_keywords in order to unmask masked packages.--autounmask-write
tells emerge to automatically modify package.accept_keywords and package.use. You still need to apply the changes using dispatch-conf, since Portage's config files are protected by CONFIG_PROTECT.{,-write}
tells bash to duplicate the argument, adding-write
to the second. - HDMI Forum to AMD: No, you can’t make an open source HDMI 2.1 driverarstechnica.com HDMI Forum to AMD: No, you can’t make an open source HDMI 2.1 driver
Linux users can't hit the same resolutions and speeds as Windows—or DisplayPort.
HDMI is butthurt over AMD trying to do the right thing
- ICU Updates/Rebuilds
What causes the tremendous amount of rebuilds when a new version of ICU is released?
It always seems to be a problem and takes weeks before it seemingly disappears on its own...
- Bard does Gentoo dirty
Image Transcription: screenshot
> I ask Google Bard "What's the difference between Funtoo and Gentoo?" > > Bard replies: Both Funtoo and Gentoo are Arch Linux-based distributions known for their source-based installation and high degree of customization. While they share a lot of similarities, there are some key differences to consider:
I checked, and both Gentoo and Arch initially released in March 2002, although Arch is older by 20 days.
- Gentoo's package deprecation processartemis.sh i like gentoo’s package deprecation process
Gentoo’s process for removing packages from the main gentoo package repository is designed to make me aware of it and give me time to react, and I really appreciate that.
- Let's do Gentoo HPC (Week One)!
cross-posted from: https://lemmy.srcfiles.zip/post/2231272
> I've been interested in switching away from
$PROPRIETARY_VENDOR
's HPC node / cluster management offering for a while, and the opportunity has finally arisen -$VENDOR
has decided to massively hike up their prices, so it's time to look at alternatives. > > The top option on my list is Warewulf. Warewulf is a stateless node management tool, where stateless means "we boot any image you want into memory" (compared with competing implementations which do 'magic' to image a node's disk every boot). There are advantages and disadvantages to each approach. > > The thing that attracts me most to Warewulf is that they've come to the conclusion that most HPC "disk images" are basically container images. Rather than using achroot
directory as an image (as do so many competing implementations) Warewulf have leaned wholeheartedly into the concept, and have adopted the OCI image tooling to define HPC images! > > This offers an astounding amount of flexibility that the current$VENDOR
solution does not - the ability to define, build, and run any (reasonable) flavour of Linux as an image for HPC nodes; images need only the kernel, networking, systemd, and (optionally) a nfs client (this is for convenience, it's not required for node functionality). > > Based on that I've taken it upon myself to have some fun and investigate the current state of Warewulf as a node management tool - the first step, of course, was creating a Gentoo ebuild for Warewulf that compiles and installs. I'm happy to say that, after fixing some bugs in the offline build process, I have a working ebuild. > > If you're a Gentooer with an interest in Node Management or HPC, please give my Warewulf ebuild a try; it compiles and installs but I haven't yet had a chance to do any real cluster management and I'm interested in hearing about any bugs you encounter! > > Next Week(-ish): Gentoo HPC Base Images - I'm going to have to dig into Gentoo Networking to update thewwinit
image. > - Gentoo Beckons Me
Hey everyone, I've been using an Arch system for the past 2 months and I've had an absolute ball learning more granular details about my hardware. Never in my life did I think I'd be looking at kernel modules and contemplating swapping out init systems and trying different kernels.
I write this post somewhat open-endesd because I'm clueless as to where Gentoo can take me in terms of hardware acceleration and help me learn development of software/firmware deeper. To my understanding, everything must be compiled from source code, which I'd like to learn more about as well. Ive dipped my toe in a myriad of programming languages too and found a more terminals focused work flow was ideal.
My major use cases for my computer are to benchmark hardware and pick more features in software that I'd have to compile from source anyways. I do work in molecular dynamics from time to time and have used software distributions like GROMACS and LAMMPS. Any advice that could be wouldbbe greatly appreciated. The thoroughness in the Gentoo Wiki's documentation is amazing, but its a overwhelming lol
My foundation is a little like swiss cheese though. Don't know what I don't know! Looking forward to becoming a part of the Gentoo community. I'd love to develop software like DWSIM someday.
- Meta: looking for mods
Heya Gentoo Crew,
Looking for some moderators to help me out.
It's a pretty chill community, myself being one of the main posters. So should be easy.
Let me know in the comments if you want to help out.
Red.
- Home, Not So Sweet Home · GitHubgist.github.com Home, Not So Sweet Home
Home, Not So Sweet Home. GitHub Gist: instantly share code, notes, and snippets.
- Compiling for different architectures with a NAS?
Hi ! I'd like to have a Gentoo computer. But also in the future a Gentoo cell phone. Why not a Gentoo home console?
Is it possible to provide all this hardware with pre-compiled updates with a NAS that would do this automatically periodically?
I have the impression that with Gentoo, I'll be able to create tailor-made systems for my devices, and it gives me lots of ideas, but compiling on all these machines makes me feel a bit cold
Sorry if this is a silly question, I'm neither a developer nor an administrator, but I'd really like to learn how to tinker with my PC !
- Oh no it happened again
Recently got a laptop from a friend after mine got smashed to smithereens. I was going to do a fresh install of my favourite binary distro, Void Linux on it but I recently found out they dropped Monero (and Crypto programs) for ideological reasons.
I guess its time to come home!
Booted Laptop/PC to the LiveUSB, time to do my gruelling ZFS installs :)
- Gentoo accepted into Google Summer of Code 2023www.gentoo.org Gentoo accepted into Google Summer of Code 2023 – Gentoo Linux
News and information from Gentoo Linux
- Will dependency conflicts prevent updates?
I haven't gotten an update in about a week which is strange for me. I've had this dependency conflict for a while:
WARNING: One or more updates/rebuilds have been skipped due to a dependency conflict:
dev-python/docutils:0
(dev-python/docutils-0.20.1:0/0::gentoo, ebuild scheduled for merge) USE="" ABI_X86="(64)" PYTHON_TARGETS="python3_11 (-pypy3) - python3_10 (-python3_12)" conflicts with <dev-python/docutils-0.20[python_targets_python3_11(-)] required by (dev-python/sphinx-5.3.0:0/0::gentoo, installed) USE="-doc - latex -test" ABI_X86="(64)" PYTHON_TARGETS="python3_11 (-pypy3) -python3_10"
Would that prevent me from getting updates? I'm able to install things just fine.
- Gentoo vs. NixOS for a simple desktop system
Posted something similar on the NixOS sublemmy, but it basically boils down to the fact that I tend to switch back and forth between both distros, and I enjoy both very much as both Gentoo and NixOS provide an immense degree of control over my system and allow me to go wild and do whatever I want. But I feel the need to settle on one system and tinker with the other on a VM instead, as this switching back and forth is becoming a time sink and hindering my studies somewhat. The question is, which to use as the main desktop system? Gentoo feels more intuitive to me, but NixOS is definitely powerful at managing complex systems, but then again, I only have a simple desktop system. Another thing that I thought of is that maybe I can somewhat replicate NixOS' rollback feature, which is my absolute favourite feature of it, using a combination of Git and ZFS snapshots? I'd like to hear your thoughts on this.
- What exactly do the different types of stage3 archive do?
I've heard that you should be using the appropriate stage3 archive for the profile you want to use, but what exactly are the differences between them? I'm asking this because I want to try doing a Hardened/SELinux/Musl/LLVM install, and there's a profile for that, but not the stage3 archive. I was thinking of starting with either Hardened/Musl or LLVM/Musl. Any thoughts on that?
- Make hardened, lightweight container images with Kubler
cross-posted from: https://lemmy.srcfiles.zip/post/3841
> ## What is Kubler? > > Kubler is a generic, extendable build orchestrator, written in Bash. It can be used to take advantage of Portage's features to build lightweight Docker or Podman images without needing to mess with crossdev, or as a tool to assist with ebuild development. > > ## Why should you use it? > > - You like lightweight, easy-to-create, containers > - You want to reduce the attack surface by including only what's required > - You want to take advantage of
USE
flags to manage package features > - You want the awesome package library offered by the Gentoo ebuild repository (and other ebuild repos) > - You want up-to-date containers > - You want a containerised environment for building and testing ebuilds > > ## A real-world example > > I recently needed to integrate a containerised application with a vendor-managed openldap instance that uses mTLS authentication. Unfortunately the containerised application does not work with mTLS and the vendor managed openldap instance can't be easily configured to use anything else. > > I came up with the solution of using openldap'slloadd
LDAP load balancer daemon to proxy connections from an encrypted internal network to the LDAP server but was left with the issue that I didn't have a working openldap container that containedlloadd
- of the existing containers that I tried the only one that actually had anlloadd
bin didn't actually include required dependencies! > > Glossing over a recent ebuild update to openldap to enable the building oflloadd
, enter Kubler - It's turned out to be an incredibly flexible and hands-off tool compared to trying to accomplish the same thing with (e.g.) Dockerfiles. > > ### Kubler in action > > This (lightly sanitised) real-world example creates create a new namespace called 'larry' which may contain multiple images. > > Use thenew
command to take care of the boilerplate; choose 'multi' when asked for the namespace type:> > ```bash > $ kubler new namespace larry > »»» > »»» <enter> to accept default value > »»» > »»» Working dir type? Choices: > »»» single - You can't add further namespaces to the created working dir, it only holds images > »»» multi - Creates a working dir that can hold multiple namespaces > »[?]» Type (single): multi > »»» > »»» Top level directory name for new namespace 'larry'? The directory is created at /data/development/gentoo-containers/ > »[?]» Namespaces Dir (kubler-images): > »»» > »»»»» Initial image tag, a.k.a. version? > »[?]» Image Tag (20230706): > »»» > »[!]» New namespace location: /data/development/gentoo-containers/kubler-images/larry > »»» > »»»»» Who maintains the new namespace? > »[?]» Name (Your Name): Larry the Cow > »[?]» EMail (your@mail.org): Larry.the.Cow@gentoo.zip > »»» > »»»»» Default build engine? > »[?]» Engine (docker): > »»» > »[✔]» Successfully created "larry" namespace at /data/development/gentoo-containers/kubler-images > »»» > »[!]» Configuration file: /data/development/gentoo-containers/kubler-images/larry/kubler.conf > »»» > »[!]» To manage the new namespace with GIT you may want to run: > »»» > »»» $ git init /data/development/gentoo-containers/kubler-images/larry > »»» > »[!]» To create images in the new namespace run: > »»» > »»» $ cd /data/development/gentoo-containers/kubler-images/larry > $ kubler new image larry/<image_name> > ``` > > Although not strictly required, installing Kubler's example images is a good idea. > > ```bash > $ cd larry/ > $ kubler update > ``` > > It is worthwhile to begin tracking this new namespace with Git so that images can be tracked as they are created and updated. Kubler has already placed a prepopulated a
.gitignorefile for convenience. > > ```bash > pushd /data/development/gentoo-containers/kubler-images/larry > git init . > git add . > git commit -m "Initial commit" > popd > ``` > Create the new 'openldap' within the existing 'larry' namespace, based on the 'kubler/busybox' image. > > ```bash > kubler new image larry/openldap > »»» > »»» <enter> to accept default value > »»» > »»» Extend an existing Kubler managed image? Fully qualified image id (i.e. kubler/busybox) or scratch > »[?]» Parent Image (scratch): kubler/busybox > »»» > »»» Add test template(s)? Possible choices: > »»» hc - Add a stub for Docker's HEALTH-CHECK, recommended for images that run daemons > »»» bt - Add a stub for a custom build-test.sh script, a good choice if HEALTH-CHECK is not suitable > »»» yes - Add stubs for both test types > »»» no - Fck it, we'll do it live! > »[?]» Tests (hc): yes > »»» > »[✔]» Successfully created new image at /data/development/gentoo-containers/kubler-images/larry/images/openldap > »»» > ``` > > >**Note**: This step is ''not'' required; it is possible to directly edit the
build.shfile if you are familiar with Portage. > > Kubler brings a unique feature to the table when constructing an container image: the
--interactivebuild argument. As the name implies, this launches the build container in an interactive manner, enabling users to investigate the current / inherited configuration. > > ```bash > $ kubler build larry/openldap -i > ``` > > This will build any missing parent images/builders; the first run may take quite a bit of time - once the local binary package cache and build containers are seeded future runs will be much faster. Once the prerequisite images are ready the build container will present a shell. > > For first-time users it may be convenient to search for the openldap package to ensure that the correct atom is selected and investigate any USE flags that are of interest: > > ```bash > # eix openldap|output=<pre> > * net-nds/openldap > Available versions: 2.4.59-r2^t 2.5.14(0/2.5)^t 2.6.3-r7(0/2.6)^t ~2.6.4-r1(0/2.6)^t ~2.6.4-r2(0/2.6)^t {argon2 autoca +berkdb +cleartext crypt cxx debug experimental gnutls iodbc ipv6 kerberos kinit minimal odbc overlays pbkdf2 perl samba sasl selinux sha2 smbkrb5passwd ssl static-libs +syslog systemd tcpd test ABI_MIPS="n32 n64 o32" ABI_S390="32 64" ABI_X86="32 64 x32"} > Homepage: https://www.openldap.org/ > Description: LDAP suite of application and development tools > ``` > > Edit the image's build script: > > ```bash > nano /config/build.sh > ``` > > >**Note**: The
/configdirectory in the build container is the host mounted image directory at
larry/images/openldap/. Feel free to use a local IDE/editor to edit
build.shinstead. > > Add the
net-nds/openldapand
net-misc/curlpackages to the
_packagesvariable in
build.sh, update cURL USE flags, enable the
~arch` (~amd64 - the Gentoo 'testing' keyword) for packages we care about: > >bash > _packages="net-nds/openldap net-misc/curl" > ... > configure_rootfs_build() > { > # Update a Gentoo package use flag. > update_use 'net-misc/curl' '+ldap' > # ..or a Gentoo package keyword > update_keywords 'net-misc/curl' '+~amd64' > update_keywords 'net-nds/openldap' '+~amd64' > ... > } >
> > >Note: If using the busybox image as a parent, unset the `su` USE flag from `sys-apps/util-linux` in the `build.sh`. > > Perform a test run of the first build phase: > >bash > $ kubler-build-root >
> > Once this completes successfully exit the interactive builder using `exit`. > > #### Building the image > > Assuming that `build.sh` has been configured as described above, it should be safe to attempt to build the image. > >bash > $ kubler build larry/openldap -nF > »[✘]»[larry/openldap]» fatal: build-test.sh for image larry/openldap:20230704 failed with exit signal: 1 >
> > >Note: The arguments are short hand for `--no-deps` and `--force-full-image-build`, omitting `-n` would also rebuild all parent images, which is waste of time in this case. > > The build will fail, as expected, due to the `build-test.sh` script not being implemented. This is a good time to implement the `build-test.sh` script, which will be used to verify that the image is functional. > > >Note: `pipefail` will cause build-test.sh to fail on busybox-based images > >bash > #!/usr/bin/env sh > > set -eo > > # Do some tests and exit with either 0 for healthy or 1 for unhealthy > # Check that the openldap bin launches and provides some expected output > /usr/lib/openldap/lloadd -VV 2>&1 | grep "OpenLDAP" || exit 1 > > exit 0 >
> > Unfortunately this image is not suitable for a build-time docker health check via the `docker-healthcheck.sh` mechanism, so must be disabled in `larry/images/openldap/build.conf`: > >bash > POST_BUILD_HC=false >
> > A health check suitable for your environment should be provided using standard docker syntax in the image's `Dockerfile.template` instead. Ensure that the provided `docker-healthcheck.sh` script iS updated (or commented out of the dockerfile) as the default will fail. > > Modify the image's `Dockerfile.template` to add any finishing touches, such as the `ENTRYPOINT` or `CMD` directives. In this example the container will act as an LDAP proxy via `lloadd`; additional configuration will be provided at runtime by mounting the configuration into the container. > >Dockerfile > FROM ${IMAGE_PARENT} > LABEL maintainer="${MAINTAINER}" > > ADD rootfs.tar / > > COPY docker-healthcheck.sh /usr/bin/docker-healthcheck > HEALTHCHECK --interval=60s --timeout=5s --start-period=5s --retries=3 CMD ["docker-healthcheck"] > > CMD ["/usr/lib/openldap/lloadd"] >
> > Re-run the build: > >bash > $ kubler build larry/openldap -nF > »[✔]»[larry/openldap]» done. >
> > At this point the image should exist in the local Docker/Podman registry and be ready for use: > >bash > docker images > REPOSITORY TAG IMAGE ID CREATED SIZE > larry/openldap 20230704 09347c55282b 2 minutes ago 56.4MB > larry/openldap latest 09347c55282b 2 minutes ago 56.4MB >
> > Hopefully this has been useful and you are now ready to build your own images! I've been incredibly impressed with how easy it is to use the tool (and it it'll run from any distro with a recent version of Docker/Podman), and the quality of the resulting images. I'm a recent convert, but have updated the Gentoo Wiki with the above information (and some extra info on using it for ebuild development) and will be using Kubler in future wherever I need to create images. > > Happy containering! - Successfully installed gentoo on a Oracle always-free 4xARM 24GB RAM instance!
Was able to install gentoo on a Oracle always-free instance. It has 4x ARM CPUs and 24 GB RAM. Those specs are really nice for a free instance.
for now I'll use it to self host some public facing services. Who knows, maybe I'll host a personal lemmy instance on it :)
- Hello from across the fediverse!
A neofetch screenshot from the machine I just unpacked and am finally ready to do actual work on. I swear I have a 6.4 kernel pending a reboot!
- Setting DNS Server When Using iwd with standalone USE flag
cross-posted from: https://reddthat.com/post/221970
> Hello friends! I kept searching how to do this but had trouble finding the information, but now that I have found out how to do it, I thought I would post it here in case others are looking for it. > > ## Problem we are solving > > You want to set the DNS server's address for your network connection. Typically, this is handled by DHCP server, but if you have enabled
EnableNetworkConfiguration
in the iwd config, then iwd is the one deciding which is your DNS server, and relays that information to your resolver, which in most cases is systemd-resolved but sometimes openresolv.This is also the same as setting the standalone USE flag
> > ## How to Set DNS > > Go to
/var/lib/iwd
folder, and look for the file that holds NETWORK_NAME.psk (where NETWORK_NAME is the SSID of the network you are connected to). > > In this file, you will find some text pre-written. If it does not exist already, create a[IPv4]
section. Under this section, add the lineDNS=192.168.1.1
or whatever you wanted the DNS server to be. Your file should end up having a section that looks like this: > >> [IPv4] > DNS=192.168.1.1 >
> > restart iwd server and now you should be connecting to the right DNS server! - What's your favorite desktop environment (or window manager) to use?
Personally for me, I've always been a fan of bspwm
I've been using hyprland as of recent to try it out. But I think I'll be trying something else soon. But I do want to stick with wayland.
- PSA: Wayland + Hyprland with nvidia drivers and RTX 3060 Ti card work OOTB without issues
I tried wayland with Hyprland on gentoo with proprietary nvidia drivers. I have the RTX 3060 Ti card. It works out of the box without having to mess with anything.
I tried sway as well. I have to specify the --unsupported-gpu flag for it to launch. The one issue I noticed with sway is that the background does not seem to load. I did not spend time debugging so it maybe a super simple fix. I'll report back if I ever do.
But I'm happy to see its all working flawlessly!