Handbook Talk:AMD64/Installation/Base

True multilib needs modification in make.conf
When installing selecting the multilib profile itself wasn't sufficient. I only got true multilib support after adding the follwing in make.conf. I think it's worth mentioning it upfront so that people wouldn't have to recompile @world ABI_X86="64 32"


 * No, this is not a good suggestion to make for all Gentoo users to read the Handbook. We recommend only setting enable  as-needed on a per-package basis, not globally. As explained by, "if you enable ABI_X86="32" globally up front, you save a little bit of user configuration time up front but you waste a lot of compile time on every upgrade forever". Also, if this was set globally as you suggest, revising those packages later can cause headaches. Kind regards, --Maffblaster (talk) 19:30, 3 October 2016 (UTC)

Chroot on one line
It would be imo convenient to have one-liner for the mounts before the chrooting, instead of five separate commands, so that one could easily copy-paste the one command to terminal and execute it in one take

I.e., instead of (or, placed after)

root #mount -t proc proc /mnt/gentoo/proc root #mount --rbind /sys /mnt/gentoo/sys root #mount --make-rslave /mnt/gentoo/sys root #mount --rbind /dev /mnt/gentoo/dev root #mount --make-rslave /mnt/gentoo/dev

there ought to be also

mount -t proc proc /mnt/gentoo/proc && mount --rbind /sys /mnt/gentoo/sys && mount --make-rslave /mnt/gentoo/sys && mount --rbind /dev /mnt/gentoo/dev && mount --make-rslave /mnt/gentoo/dev

--Renergy (talk) 19:39, 6 June 2015 (UTC)


 * Renergy, I can see that may be easier to copy and paste a one line command such as you posted above. Part of the purpose of the Handbook is to teach people how to install Gentoo Linux, not to make the install as fast as possible, which is why we have each command on a separate line. I will think about putting a one-liner like you suggest as a secondary option for people who are in a hurry. Sincerely, --Maffblaster (talk) 22:14, 21 December 2015 (UTC)

Potential security problem
Going though the handbook normally leads you through getting the minimal .iso and stage 3 tarball over https, checking hashes and verifying with gpg. All good so far. Here, it tells users to run emerge-webrsync, without any warning that it defaults to using http - enabling a MITM attack. If I understand correctly, this is for downloading and setting up portage, while running as root. By default, emerge-webrsync does not verify gpg signatures, so at this point the system must be considered fundamentally insecure.

The user stanley on irc suggested using this procedure: https://wiki.gentoo.org/wiki/Handbook:AMD64/Working/Features#Pulling_validated_Gentoo_ebuild_tree_snapshots - it should definitely be mentioned as an option at this stage, since doing it with an already insecure system at the later stage will make little difference.

Also, emerge-webrsync should default to using HTTPS.

--OliverUv (talk) 12:26, 28 June 2015 (UTC)


 * But this affects all arches, right? See Handbook_Talk:Parts/Installation/Base --Charles17 (talk) 17:43, 20 January 2016 (UTC)


 * Hm...I'll see what we can do about this upstream. It would be nice if the mirrors used HTTPS, but I'm not sure we have a good way of enforcing it. --Maffblaster (talk) 18:21, 18 November 2016 (UTC)


 * So, the good news is that current Gentoo minimal install images ship with a sufficiently modern Portage (>=2.3.42, with the  USE flag set) such that for a vanilla -based  (under the recommended  settings from the guide:   etc.), signature verification with failure quarantine will be carried out.


 * The not so good news is that in this section of the handbook, it is still recommended first to carry out a vanilla, which for some mirrors anyway will use unauthenticated HTTP (e.g. http://trumpetti.atm.tut.fi/gentoo), and which does not (by default) signature verify the downloaded tree.


 * This is easy enough to work around though - just set  in the  section of, temporarily set   in that file also (rather than  ) and then issue  . This will do all the necessary signature updating etc and then download and verify the daily snapshot (NB -  will complain if you try to directly invoke it with   set; you need to use  or ). Then, once done, just flip back to using  . This ensures all updates are validated, and doesn't mess the flow of the guide up too much. (I'm just in the process of switching over to recommending this workflow for my own EFI install guide, incidentally.) --Sakaki (talk) 13:33, 11 October 2018 (UTC)

Choosing profiles
I believe profiles should be chosen after the initial reboot at least for and. Choosing a desktop profile, in particular, too early causes increased and unnecessary install time added to a user's experience.

I think it should be saved until the first reboot.

--Grknight (talk) 01:46, 22 October 2015 (UTC)


 * I will experiment on a virtual machine with this. My initial thoughts are that you're right. Rebuilding world after the profile selection is probably not a necessary part of the process. --Maffblaster (talk) 23:28, 1 February 2016 (UTC)


 * Also, the profile selection should be updated to 17.0, maybe with a little warning regarding 17.1 which got stabilized recently.--Charles17 (talk) 10:28, 27 December 2017 (UTC)

Update in progress... --Maffblaster (talk) 02:44, 28 April 2018 (UTC)

Add -qt5 USE flag
Let me quote: "gnome gtk -kde -qt4 will compile programs with GNOME (and GTK) support, and not with KDE (and Qt) support, making the system fully tweaked for GNOME (if the architecture supports it)."

Please add -qt5 to the previous sentence as well.

Fturco (talk) 15:25, 16 April 2017 (UTC)


 * Good suggestion. Consider it done. --Maffblaster (talk) 06:35, 14 May 2017 (UTC)

Will we need Section of "Mounting the boot partition"?
Hello, Operation of this section is already executed in section of "Preparing the disks".

Haven't we mounting /dev/sda2 on /boot already?

Kind regards, --Komainu8 (talk) 11:04, 13 May 2017 (UTC)


 * It depends on what install path you take. With this being said, the entire disk section(s) of the Handbook need a major reworking, so I would not be surprised if mounting is inconsistently noted here. I'll leave this open for now since no one is ready to work on fixing the disk section yet... --Maffblaster (talk) 06:39, 14 May 2017 (UTC)


 * It would be great to have such thing mentioned. --Wowpetr (talk) 09:25, 12 July 2017 (UTC)

Mounting the necessary filesystems
It is good to mention that if you interrupt the installation process at any stage later (e.g. by rebooting), you may need to mount these partitions again. --Wowpetr (talk) 09:25, 12 July 2017 (UTC)


 * Thanks for the tip. Your suggestion has been implemented! --Maffblaster (talk) 23:34, 25 July 2017 (UTC)

Entering the new environment
It is good to mention that if you interrupt the installation process at any stage inside chroot environment (e.g. by rebooting), you need to chroot again. --Wowpetr (talk) 09:39, 12 July 2017 (UTC)


 * Thanks for the tip. Your suggestion has been implemented! --Maffblaster (talk) 23:34, 25 July 2017 (UTC)

Warning about 17.x profiles
Please add a big warning before the profile selection instructions, to tell users not to use 17.0 or 17.1 profiles until they have read the corresponding news items and are prepared to follow the migration instructions.

Iamben (talk) 15:34, 29 December 2017 (UTC)


 * Done. --Maffblaster (talk) 02:39, 28 April 2018 (UTC)

Typo correction
Right at the bottom of the page, the line

root #env-update && source /etc/profile && export PS1="(chroot) $PS1"

should read

root #env-update && source /etc/profile && export PS1="(chroot) ${PS1}"

to properly maintain consistency with the previous command under Entering the New Environment

Redchillipadi (talk) 02:54, 27 April 2018 (UTC)


 * It looks that way to me, . What's the exact link that you're seeing just ? --Maffblaster (talk) 02:38, 28 April 2018 (UTC)

My browser says https://wiki.gentoo.org/wiki/Handbook:AMD64/Installation/Base PS1 is mentioned under Entering the new environment as  and at the bottom under Configure Locales as  Redchillipadi (talk) 02:55, 28 April 2018 (UTC)


 * Fixed (Special:Diff/816541/prev)! For some reason I wasn't seeing it the first time. Thank you! --Maffblaster (talk) 17:23, 25 July 2019 (UTC)

Remind the user to fat32 format the esp partition
I'm a new gentoo user but I guess it's not a bad thing to have a novice's view on how this guide is structured.

The thing I noticed, following the uefi route is that it would be better to get reminded further down again to format sda2 (the esp partition) as FAT32. It isnt mentioned at the appropriate place.

The first time doing this guide, I didn't notice that, ended up installing everything and then the bootloader setup failed because I had the esp as ext2 instead of fat32 (and wasn't able to fix it). Now I'm on my second try due to that.

[...] root #mkfs.ext2 /dev/sda2 root #mkfs.ext4 /dev/sda4 Now create the filesystems on the newly created partitions (or logical volumes)."

It should be placed (or at least mentioned again) here.

AnukWolf (talk) 16:00, 13 October 2018 (UTC

Add instructions for bind mounting udev
os-prober needs to function properly and will hang indefinitely if it's not bind mounted from outside. Consider adding a line for bind mounting it from outside the chroot, or at least a small blurb under the mounting to say that other things might need to be mounted. See this section of the GRUB2 wiki page for details.


 * Thank you for the feedback, . I would like to test on a current LiveCD suggested the change before implementing. --Maffblaster (talk) 18:24, 25 July 2019 (UTC)

Remove command to create /boot
The /boot directory is already present in the stage3 tarball, so `mkdir /boot' can be removed. Also the paragraph just above needs to be adjusted slightly.

--Rafo (talk) 19:02, 1 January 2019 (UTC)


 * Good point. Suggested changes implemented (Special:Diff/816547/prev). Thank you, ! --Maffblaster (talk) 17:53, 25 July 2019 (UTC)

Minor English grammar correction
Where it says, "updates can be delayed after the Gentoo installation has finished," I think it should say "delayed until after." I would change it myself, but I don't have such permissions. --Dhirsbrunner (talk) 03:58, 24 July 2019 (UTC)


 * You got it. I have made the suggested change (see Special:Diff/816511/prev). Thank you for the input! --Maffblaster (talk) 17:06, 25 July 2019 (UTC)

Unclear instructions in section 'Configuring Portage'
In the first subsection 'Installing an ebuild repository snapshot from the web', we tell users that they can skip this subsection if they have no firewalls and a fast network.

But in the second subsection 'Optional: Updating the Gentoo ebuild repository', we don't tell those users that they must run 'emerge --sync', because they skipped 'emerge-webrsync'. Instead, we tell them that 'emerge --sync' is optional. So they might skip this subsection as well and won't have a Gentoo ebuild repository.

--Mike155 (talk) 03:22, 5 November 2019 (UTC)


 * Yes. The  should be the normal and not optional.  Recommending  without the required manual setup as described in Handbook:AMD64/Working/Features is a bad idea.  Better drop it completely or move it to a  .--Charles17 (talk) 08:57, 5 November 2019 (UTC)


 * Can we make this more clear somehow? We just had this same situation play out on IRC. --Sam c (talk) 17:57, 15 March 2020 (UTC)

Incomprehensible sentence: '... as carefully chosen USE flag defaults may be configured in some ebuilds ...'
Do we configure USE flag defaults in ebuilds?

--Mike155 (talk) 18:36, 5 November 2019 (UTC)


 * You are right, it is poorly worded. I have made it more clear. --Maffblaster (talk) 00:21, 6 November 2019 (UTC)

Incomprehensible sentence: '... without prompting the user for the licenses previously accepted.'
The sentence

'Portage uses the ACCEPT_LICENSE variable to determine which packages to allow without prompting the user for the licenses previously accepted.'

doesn't seem to be right. Maybe something like: 'Portage uses the ACCEPT_LICENSE variable to determine which packages are allowed to be installed.'

--Mike155 (talk) 18:36, 5 November 2019 (UTC)

Confusion about per-package exceptions for ACCEPT_LICENSE
One of the first sentences in paragraph 'Optional: Configuring the ACCEPT_LICENSE variable' is: 'Exceptions can be made per-package in /etc/portage/package.license as well.'

The last example of the section shows how to define exceptions in /etc/portage/package.license/kernel.

Why is it etc/portage/package.license in one case and /etc/portage/package.license/kernel in the other? I doubt that new users will understand this.

--Mike155 (talk) 21:24, 5 November 2019 (UTC)

Section 'Configure locales': missing reference to /usr/share/i18n/SUPPORTED
The section tells users that they can/should configure locales in /etc/locale.gen.

The section should also tell users that only locales shown in /usr/share/i18n/SUPPORTED are allowed and that they must pay attention to small and capital letters.

Maybe we can add a box like the one below (I added such a box in the German translation):

--Mike155 (talk) 22:39, 5 November 2019 (UTC)

What is an 'rsync tree'?
'News items were created to provide a communication medium to push critical messages to users via the rsync tree.'

What is an 'rsync tree'? Maybe 'Gentoo ebuild tree'?

--Mike155 (talk) 22:27, 6 November 2019 (UTC)