 |
Title: Gentoo cheatsheet |
|
Author: Solène |
|
Date: 05 July 2021 |
|
Tags: linux gentoo cheatsheet |
|
Description: |
|
|
|
# Introduction |
|
|
|
This is a simple cheatsheet to manage my Gentoo systems, a linux |
|
distribution source based, meaning everything installed on the computer |
|
must be compiled locally. |
|
|
 |
Gentoo project website |
|
|
|
# Upgrade system |
|
|
|
I use the following command to update my system, it will downloaded |
|
latest portage version and then rebuild @world (the whole set of |
|
packages manually installed). |
|
|
|
``` |
|
#!/bin/sh |
|
emerge-webrsync 2>&1 | grep "The current local" |
|
if [ $? -eq 0 ] |
|
then |
|
exit |
|
fi |
|
|
|
emerge -auDv --with-bdeps=y --changed-use --newuse @world |
|
``` |
|
|
|
# Use ccache |
|
|
|
As you may rebuild the same program many times (especially on a new |
|
install), I highly recommend using ccache to reuse previous builded |
|
objects and will reduce build duration by 80% when you change an USE. |
|
|
|
It's quite easy, install ccache package, add 'FEATURES="ccache"' in |
|
your make.conf and do "install -d -o root -g portage -p 775" |
|
/var/cache/ccache and it should be working (you should see files in the |
|
ccache directory). |
|
|
|
Gentoo wiki about ccache |
|
|
|
# Use emlop to view / calculate build time from past builds |
|
|
|
Emlop can tell you how much time will be needed or remains on a build |
|
based on previous builds information. I find it quite fun to see how |
|
long an upgrade will take. |
|
|
|
There is another tool named "genlop" that is older, but emlop feels |
|
better. |
|
|
|
## View compilation time |
|
|
|
From the package emlop |
|
|
|
```shell command |
|
# emlop predict |
|
Pid 353165: ...-newuse --backtrack=150 @world 1:07:15 |
|
sys-devel/gcc-12.2.1_p20230121-r1 1:34:41 - 1:06:21 |
|
``` |
|
|
|
# Using gentoolkit |
|
|
|
The gentoolkit package provides a few commands to find informations |
|
about packages. |
|
|
|
Gentoo wiki page about Gentoolkit |
|
|
|
## Find a package |
|
|
|
You can use "equery" from the package gentoolkit like this "equery l -p |
|
'*package name*" globbing with * is mandatory if you are not looking |
|
for a perfect match. |
|
|
|
Example of usage: |
|
|
|
```shell command |
|
# equery l -p '*firefox*' |
|
* Searching for *firefox* ... |
|
[-P-] [ ] www-client/firefox-78.11.0:0/esr78 |
|
[-P-] [ ~] www-client/firefox-89.0:0/89 |
|
[-P-] [ ~] www-client/firefox-89.0.1:0/89 |
|
[-P-] [ ~] www-client/firefox-89.0.2:0/89 |
|
[-P-] [ ] www-client/firefox-bin-78.11.0:0/esr78 |
|
[-P-] [ ] www-client/firefox-bin-89.0:0/89 |
|
[-P-] [ ] www-client/firefox-bin-89.0.1:0/89 |
|
[IP-] [ ] www-client/firefox-bin-89.0.2:0/89 |
|
``` |
|
|
|
## Get the package name providing a file |
|
|
|
Use "equery b /path/to/file" like this |
|
|
|
```shell command |
|
# equery b /usr/bin/2to3 |
|
* Searching for /usr/bin/2to3 ... |
|
dev-lang/python-exec-2.4.6-r4 (/usr/lib/python-exec/python-exec2) |
|
dev-lang/python-exec-2.4.6-r4 (/usr/bin/2to3 -> ../lib/python-exec/python-exec2) |
|
``` |
|
|
|
## Show installed packages |
|
|
|
```shell command |
|
qlist -I |
|
``` |
|
|
|
# Upgrade parts of the system using packages sets |
|
|
|
There are special packages sets like @security or @profile that can be |
|
used instead of @world that will restrict the packages to only a group, |
|
on a server you may only want to update @security for... security but |
|
not for newer versions. |
|
|
|
Gentoo wiki about Packages sets |
|
|
|
# Disable network when emerging for extra security |
|
|
|
When building programs using emerge, you can disable the network access |
|
for the building process, this is considered a good thing because if |
|
the building process requires extra files downloaded or a git |
|
repository cloned during building phase, this mean your build is not |
|
reliable over time. This is also important for security because a |
|
rogue build script could upload data. This behavior is default on |
|
OpenBSD system. |
|
|
|
To enable this, just add "network-sandbox" in the FEATURE variable in |
|
your make.conf file. |
|
|
|
Gentoo documentation about make.conf variables |
|
|
|
# Easy trimming kernel process |
|
|
|
I had a bulky kernel at first but I decided to trim it down to reduce |
|
build time, it took me a long fail and retry process in order to have |
|
everything right that still work, here is a short explanation about my |
|
process. |
|
|
|
* keep an old kernel that work |
|
* install and configure genkernel with MRPROPER=no and CLEAN=no in |
|
/etc/genkernel.conf because we don't want to rebuild everything when we |
|
make changes |
|
* lspci -k will tell you which hardware requires which kernel module |
|
* visit /usr/src/linux and run make menuconfig, basically, you can |
|
remove a lot of things in "Device drivers" category that doesn't look |
|
like standard hardware on personal computers |
|
* in Ethernet, Wireless LAN, Graphical drivers, you can trim everything |
|
that doesn't look like your hardware |
|
* run genkernel all and then grub-mkconfig -o /boot/grub/grub.cfg if |
|
not done by genkernel and reboot, if something is missed, try enabling |
|
drivers you removed previously |
|
* do it slowly, not much drivers at a time, it's easier to recover an |
|
issue when you don't remove many modules from many categories |
|
* using genkernel all without cleaning, a new kernel can be out in a |
|
minute which make the process a lot faster |
|
|
|
You can do this without genkernel but if you are like me, using LVM |
|
over LUKS and that you need an initrd file, genkernel will just ease |
|
the process and generate the initird that you need. |
|
|
|
# Use binary packages |
|
|
|
If you use Gentoo you may want to have control over most of your |
|
packages, but some packages can be really long to compile without much |
|
benefit, or you may simply be fine using a binary package. Some |
|
packages have the suffix -bin to their name, meaning they won't require |
|
compilation. |
|
|
|
There are a few well known packages such as firefox-bin, |
|
libreoffice-bin, rust-bin and even gentoo-kernel-bin! You can get a |
|
generic kernel pre-compiled :) |
|
|
|
Gentoo wiki: Using distribution kernel |
|
|
|
# Create binary packages |
|
|
|
It is possible to create a binary package of every program you compile |
|
on Gentoo, this can be used for distributing packages on similar |
|
systems or simply make a backup of your packages. In some cases, the |
|
redistribution may not work if you are on a system with a different CPU |
|
generation or different hardware, this is pretty normal because you |
|
often define the variables to optimize as much as possible the code for |
|
your CPU and the binaries produced won't work on another CPU. |
|
|
|
The guide from Gentoo will explain all you need to know about the |
|
binary packages and how to redistribute them, but the simplest config |
|
you need to start generating packages from emerge compilation is |
|
setting FEATURES="buildpkg" in your make.conf |
|
|
|
Gentoo wiki: Binary package guide |
|
|
|
# Good make.conf defaults |
|
|
|
This is a chunk of my `make.conf` file that I find really useful. It |
|
accepts all licenses, make portage run with nice 15 to not disturb much |
|
a running system, make it compile with 12 threads, run up to 8 parallel |
|
package creation except if the load reach 10. |
|
|
|
And it always create binary packages, so if you play with USE flags and |
|
revert, you will already have a binary package and this will avoid |
|
recompiling. |
|
|
|
```text |
|
ACCEPT_LICENSE="-* @EULA @BINARY-REDISTRIBUTABLE" |
|
PORTAGE_NICENESS=15 |
|
EMERGE_DEFAULT_OPTS="${EMERGE_DEFAULT_OPTS} --getbinpkg -j 8 -l 10 --keep-going… |
|
FEATURES="ccache buildpkg network-sandbox" |
|
MAKEOPTS="-j12" |
|
|
|
VIDEO_CARDS=yourcard |
|
L10N=yourlang |
|
``` |
