Title: Gentoo cheatsheet
Author: Solène
Date: 05 July 2021
Tags: linux gentoo cheatsheet
Description:
# Introduction
This is a simple cheatsheet to manage my Gentoo systems, a linux
distribution source based, meaning everything installed on the computer
must be compiled locally.
(HTM) Gentoo project website
# Upgrade system
I use the following command to update my system, it will downloaded
latest portage version and then rebuild @world (the whole set of
packages manually installed).
```
#!/bin/sh
emerge-webrsync 2>&1 | grep "The current local"
if [ $? -eq 0 ]
then
exit
fi
emerge -auDv --with-bdeps=y --changed-use --newuse @world
```
# Use ccache
As you may rebuild the same program many times (especially on a new
install), I highly recommend using ccache to reuse previous builded
objects and will reduce build duration by 80% when you change an USE.
It's quite easy, install ccache package, add 'FEATURES="ccache"' in
your make.conf and do "install -d -o root -g portage -p 775"
/var/cache/ccache and it should be working (you should see files in the
ccache directory).
(HTM) Gentoo wiki about ccache
# Use emlop to view / calculate build time from past builds
Emlop can tell you how much time will be needed or remains on a build
based on previous builds information. I find it quite fun to see how
long an upgrade will take.
There is another tool named "genlop" that is older, but emlop feels
better.
## View compilation time
From the package emlop
```shell command
# emlop predict
Pid 353165: ...-newuse --backtrack=150 @world 1:07:15
sys-devel/gcc-12.2.1_p20230121-r1 1:34:41 - 1:06:21
```
# Using gentoolkit
The gentoolkit package provides a few commands to find informations
about packages.
(HTM) Gentoo wiki page about Gentoolkit
## Find a package
You can use "equery" from the package gentoolkit like this "equery l -p
'*package name*" globbing with * is mandatory if you are not looking
for a perfect match.
Example of usage:
```shell command
# equery l -p '*firefox*'
* Searching for *firefox* ...
[-P-] [ ] www-client/firefox-78.11.0:0/esr78
[-P-] [ ~] www-client/firefox-89.0:0/89
[-P-] [ ~] www-client/firefox-89.0.1:0/89
[-P-] [ ~] www-client/firefox-89.0.2:0/89
[-P-] [ ] www-client/firefox-bin-78.11.0:0/esr78
[-P-] [ ] www-client/firefox-bin-89.0:0/89
[-P-] [ ] www-client/firefox-bin-89.0.1:0/89
[IP-] [ ] www-client/firefox-bin-89.0.2:0/89
```
## Get the package name providing a file
Use "equery b /path/to/file" like this
```shell command
# equery b /usr/bin/2to3
* Searching for /usr/bin/2to3 ...
dev-lang/python-exec-2.4.6-r4 (/usr/lib/python-exec/python-exec2)
dev-lang/python-exec-2.4.6-r4 (/usr/bin/2to3 -> ../lib/python-exec/python-exec2)
```
## Show installed packages
```shell command
qlist -I
```
# Upgrade parts of the system using packages sets
There are special packages sets like @security or @profile that can be
used instead of @world that will restrict the packages to only a group,
on a server you may only want to update @security for... security but
not for newer versions.
(HTM) Gentoo wiki about Packages sets
# Disable network when emerging for extra security
When building programs using emerge, you can disable the network access
for the building process, this is considered a good thing because if
the building process requires extra files downloaded or a git
repository cloned during building phase, this mean your build is not
reliable over time. This is also important for security because a
rogue build script could upload data. This behavior is default on
OpenBSD system.
To enable this, just add "network-sandbox" in the FEATURE variable in
your make.conf file.
(HTM) Gentoo documentation about make.conf variables
# Easy trimming kernel process
I had a bulky kernel at first but I decided to trim it down to reduce
build time, it took me a long fail and retry process in order to have
everything right that still work, here is a short explanation about my
process.
* keep an old kernel that work
* install and configure genkernel with MRPROPER=no and CLEAN=no in
/etc/genkernel.conf because we don't want to rebuild everything when we
make changes
* lspci -k will tell you which hardware requires which kernel module
* visit /usr/src/linux and run make menuconfig, basically, you can
remove a lot of things in "Device drivers" category that doesn't look
like standard hardware on personal computers
* in Ethernet, Wireless LAN, Graphical drivers, you can trim everything
that doesn't look like your hardware
* run genkernel all and then grub-mkconfig -o /boot/grub/grub.cfg if
not done by genkernel and reboot, if something is missed, try enabling
drivers you removed previously
* do it slowly, not much drivers at a time, it's easier to recover an
issue when you don't remove many modules from many categories
* using genkernel all without cleaning, a new kernel can be out in a
minute which make the process a lot faster
You can do this without genkernel but if you are like me, using LVM
over LUKS and that you need an initrd file, genkernel will just ease
the process and generate the initird that you need.
# Use binary packages
If you use Gentoo you may want to have control over most of your
packages, but some packages can be really long to compile without much
benefit, or you may simply be fine using a binary package. Some
packages have the suffix -bin to their name, meaning they won't require
compilation.
There are a few well known packages such as firefox-bin,
libreoffice-bin, rust-bin and even gentoo-kernel-bin! You can get a
generic kernel pre-compiled :)
(HTM) Gentoo wiki: Using distribution kernel
# Create binary packages
It is possible to create a binary package of every program you compile
on Gentoo, this can be used for distributing packages on similar
systems or simply make a backup of your packages. In some cases, the
redistribution may not work if you are on a system with a different CPU
generation or different hardware, this is pretty normal because you
often define the variables to optimize as much as possible the code for
your CPU and the binaries produced won't work on another CPU.
The guide from Gentoo will explain all you need to know about the
binary packages and how to redistribute them, but the simplest config
you need to start generating packages from emerge compilation is
setting FEATURES="buildpkg" in your make.conf
(HTM) Gentoo wiki: Binary package guide
# Good make.conf defaults
This is a chunk of my `make.conf` file that I find really useful. It
accepts all licenses, make portage run with nice 15 to not disturb much
a running system, make it compile with 12 threads, run up to 8 parallel
package creation except if the load reach 10.
And it always create binary packages, so if you play with USE flags and
revert, you will already have a binary package and this will avoid
recompiling.
```text
ACCEPT_LICENSE="-* @EULA @BINARY-REDISTRIBUTABLE"
PORTAGE_NICENESS=15
EMERGE_DEFAULT_OPTS="${EMERGE_DEFAULT_OPTS} --getbinpkg -j 8 -l 10 --keep-going y"
FEATURES="ccache buildpkg network-sandbox"
MAKEOPTS="-j12"
VIDEO_CARDS=yourcard
L10N=yourlang
```