Handbook:Parts/Working/Portage

Welcome to portage
Portage is one of Gentoo's most notable innovations in software management. With its high flexibility and enormous amount of features it is frequently seen as the best software management tool available for Linux.

Portage is completely written in Python and Bash and therefore fully visible to the users as both are scripting languages.

Most users will work with Portage through the  tool. This chapter is not meant to duplicate the information available from the emerge man page. For a complete rundown of emerge's options, please consult the man page:

Ebuilds
When Gentoo's documentation talks about packages, it means software titles that are available to the Gentoo users through the portage tree. The portage tree is a collection of ebuilds, files that contain all information portage needs to maintain software (install, search, query, ...). These ebuilds reside in by default.

Whenever someone asks portage to perform some action regarding software titles, it will use the ebuilds on the system as a base. It is therefore important to regularly update the ebuilds on the system so portage knows about new software, security updates, etc.

Updating the portage tree
The portage tree is usually updated with, a fast incremental file transfer utility. Updating is fairly simple as the  command provides a front-end for  :

Sometimes firewall restrictions apply that prevent  from contacting the mirrors. In this case, update the portage tree through Gentoo's daily generated portage tree snapshots. The  tool automatically fetches and installs the latest snapshot on the system:

An additional advantage of using  is that it allows the administrator to only pull in portage tree snapshots that are signed by the Gentoo release engineering GPG key. More information on this can be found in the Portage Features section on Fetching Validated Portage Tree Snapshots.

Searching for software
There are multiple ways to search through the portage tree for software. One way is through  itself. By default,  returns the names of packages whose title matches (either fully or partially) the given search term.

For instance, to search for all packages who have "pdf" in their name:

To search through the descriptions as well, use the  (or  ) switch:

Notice that the output returns a lot of information. The fields are clearly labelled so we won't go further into their meanings:

Installing software
When a software title has been found, then the installation is just one  command away. For instance, to install gnumeric:

Since many applications depend on each other, any attempt to install a certain software package might result in the installation of several dependencies as well. Don't worry, portage handles dependencies well. To find out what portage would install, add the  switch. For instance:

During the installation of a package, portage will download the necessary source code from the Internet (if necessary) and store it by default in. After this it will unpack, compile and install the package. To tell portage to only download the sources without installing them, add the  option to the emerge command:

Finding installed package documentation
Many packages come with their own documentation. Sometimes, the doc USE flag determines whether the package documentation should be installed or not. To see if the doc USE flag is used by a package, use.

The best way of enabling the doc USE flag is doing it on a per-package basis via, so that only the documentation for the wanted packages is installed. For more information, please read the USE flags chapter.

Once the package installed, its documentation is generally found in a subdirectory named after the package under the directory. It is also possible to list all installed files with the  tool which is part of the  package.

Removing software
To remove software from a system, use. This will tell Portage to remove all files installed by that package from the system. One exception to this are the configuration files of that application if they have been altered by the user. Leaving the configuration files allows users to continue working with the package without the need for reconfiguration if the packages are installed again later on.

When a package is removed from the system, the dependencies of that package that were installed automatically when it was installed are still left on the system. To have Portage locate all dependencies that can now be removed, use emerge's  functionality, which is documented later.

Updating the system
To keep the system in perfect shape (and not to mention install the latest security updates) it is necessary to update the system regularly. Since Portage only checks the ebuilds in the portage tree, the first thing to do is to update the Portage tree. When the Portage tree is updated, the system can be updated using. In the next example, the  switch is also used which will tell Portage to display the list of packages it wants to upgrade and ask for confirmation:

Portage will then search for newer version of the applications that are installed. However, it will only verify the versions for the applications that are explicitly installed (the applications listed in ) - it does not thoroughly check their dependencies. To update the dependencies of those packages as well, add the  argument:

Still, this doesn't mean all packages: some packages on the system are needed during the compile and build process of packages, but once that package is installed, these dependencies are no longer required. Portage calls those build dependencies. To include those in an update cycle, add :

Since security updates also happen in packages that are not explicitly installed on the system (but that are pulled in as dependencies of other programs), it is recommended to run this command once in a while.

If the USE settings of the system have been altered, it is recommended to add  as well. Portage will then verify if the change requires the installation of new packages or recompilation of existing ones:

Metapackages
Some packages in the Portage tree don't have any real content but are used to install a collection of packages. For instance, the package will install a complete KDE environment on the system by pulling in various KDE-related packages as dependencies.

To remove such a package from your system, running  on the package won't have much effect as the dependencies remain on the system.

Portage has the functionality to remove orphaned dependencies as well, but since the availability of software is dynamically dependent it is important to first update the entire system fully, including the new changes applied when changing USE flags. After this one can run  to remove the orphaned dependencies. When this is done, it might be necessary to rebuild the applications that were dynamically linked to the now-removed software titles but don't require them anymore, although recently support for this has been added to portage.

All this is handled with the following three commands:

is provided by the package; don't forget to emerge it first:

Licenses
Beginning with Portage version 2.1.7, it is possible to accept or reject software installation based on its license. All packages in the tree contain a LICENSE entry in their ebuilds. Running  will show the package's license.

By default, Portage permits all licenses, except End User License Agreements (EULAs) that require reading and signing an acceptance agreement.

The variable that controls permitted licenses is called, which can be set in. In the next example, this default value is shown:

With this configuration, packages that require interaction during installation to approve their EULA will not be installable. Packages without an EULA will be installable.

It is possible to set  globally in, or to specify it on a per-package basis in.

For example, to allow the license for, add the following to :

This permits installation of truecrypt versions that have the license, but not versions with the  license.

License groups defined in  are prefixed with an  sign. A commonly requested setting is to only allow the installation of free software and documentation. To accomplish this, remove all currently accepted licenses (using ) and then only allow the licenses in the FREE group as follows:

In this case, "free" is mostly defined by the FSF and OSI. Any package whose license does not meet these requirements will not be installable on the system.

Terminology
As stated before, portage is extremely powerful and supports many features that other software management tools lack. To understand this, we explain a few aspects of portage without going into too much detail.

With portage different versions of a single package can coexist on a system. While other distributions tend to name their package to those versions (like freetype and freetype2) portage uses a technology called SLOTs. An ebuild declares a certain SLOT for its version. Ebuilds with different SLOTs can coexist on the same system. For instance, the freetype package has ebuilds with SLOT="1" and SLOT="2".

There are also packages that provide the same functionality but are implemented differently. For instance, metalogd, sysklogd and syslog-ng are all system loggers. Applications that rely on the availability of "a system logger" cannot depend on, for instance, metalogd, as the other system loggers are as good a choice as any. Portage allows for virtuals: each system logger is listed as an "exclusive" dependency of the logging service in the logger virtual package of the virtual category, so that applications can depend on the package. When installed, the package will pull in the first logging package mentioned in the package, unless a logging package was already installed (in which case the virtual is satisfied).

Software in the portage tree can reside in different branches. By default the system only accepts packages that Gentoo deems stable. Most new software titles, when committed, are added to the testing branch, meaning more testing needs to be done before it is marked as stable. Although the ebuilds for those software are in the portage tree, portage will not update them before they are placed in the stable branch.

Some softwares are only available for a few architectures. Or the software doesn't work on the other architectures, or it needs more testing, or the developer that committed the software to the portage tree is unable to verify if the package works on different architectures.

Each Gentoo installation also adheres to a certain profile which contains, amongst other information, the list of packages that are required for a system to function normally.

Blocked packages
Portage warning about blocked packages (with --pretend)

Portage warning about blocked packages (without --pretend)

Ebuilds contain specific fields that inform Portage about its dependencies. There are two possible dependencies: build dependencies, declared in DEPEND and run-time dependencies, declared in RDEPEND. When one of these dependencies explicitly marks a package or virtual as being not compatible, it triggers a blockage.

While recent versions of Portage are smart enough to work around minor blockages without user intervention, occasionally such blockages need to be resolved manually.

To fix a blockage, users can choose to not install the package or unmerge the conflicting package first. In the given example, one can opt not to install postfix or to remove ssmtp first.

Sometimes there are also blocking packages with specific atoms, such as. In this case, updating to a more recent version of the blocking package could remove the block.

It is also possible that two packages that are yet to be installed are blocking each other. In this rare case, try to find out why both would need to be installed. In most cases it is sufficient to do with one of the packages alone. If not, please file a bug on Gentoo's bugtracking system.

Masked packages
Portage warning about masked packages

Portage warning about masked packages - reason

When trying to install a package that isn't available for the system, this masking error occurs. Users should try installing a different application that is available for the system or wait until the package is marked as available. There is always a reason why a package is masked:


 * ~arch keyword
 * the application is not tested sufficiently to be put in the stable branch. Wait a few days or weeks and try again.


 * -arch keyword or -* keyword
 * the application does not work on your architecture. If you believe the package does work file a bug at our bugzilla website.


 * missing keyword
 * the application has not been tested on your architecture yet. Ask the architecture porting team to test the package or test it for them and report the findings on our bugzilla website.


 * package.mask
 * the package has been found corrupt, unstable or worse and has been deliberately marked as do-not-use.


 * profile
 * the package has been found not suitable for the current profile. The application might break the system if it is installed or is just not compatible with the profile currently in use.


 * license
 * the package's license is not compatible with the ACCEPT_LICENSE setting. Permit its license or the right license group by setting it in or in

Necessary USE flag changes
Portage warning about USE flag change requirement

The error message might also be displayed as follows, if  isn't set:

Portage error about USE flag change requirement

Such warning or error occurs when a package is requested for installation which not only depends on another package, but also requires that that package is built with a particular USE flag (or set of USE flags). In the given example, the package app-text/feelings needs to be built with USE="test", but this USE flag is not set on the system.

To resolve this, either add the requested USE flag to the global USE flags in, or set it for the specific package in.

Missing dependencies
Portage warning about missing dependency

The application to install depends on another package that is not available for the system. Please check bugzilla if the issue is known and if not, please report it. Unless the system is configured to mix branches, this should not occur and is therefore a bug.

Ambiguous ebuild name
Portage warning about ambiguous ebuild names

The application that is selected for installation has a name that corresponds with more than one package. Supply the category name as well to resolve this. Portage will inform the user about possible matches to choose from.

Circular dependencies
Portage warning about circular dependencies

Two (or more) packages to install depend on each other and can therefore not be installed. This is most likely a bug in one of the packages in the portage tree. Please resync after a while and try again. It might also be beneficial to check bugzilla to see if the issue is known and if not, report it.

Fetch failed
Portage warning about fetch failed

Portage was unable to download the sources for the given application and will try to continue installing the other applications (if applicable). This failure can be due to a mirror that has not synchronised correctly or because the ebuild points to an incorrect location. The server where the sources reside can also be down for some reason.

Retry after one hour to see if the issue still persists.

System profile protection
Portage warning about profile-protected package

The user has asked to remove a package that is part of the system's core packages. It is listed in the profile as required and should therefore not be removed from the system.

Digest verification failure
Digest verification failure

This is a sign that something is wrong with the portage tree -- often, it is because a developer may have made a mistake when committing a package to the tree.

When the digest verification fails, do not try to re-digest the package personally. Running  will not fix the problem; it will almost certainly make it worse!

Instead, wait an hour or two for the tree to settle down. It's likely that the error was noticed right away, but it can take a little time for the fix to trickle down the portage tree. Check Bugzilla and see if anyone has reported the problem yet or ask around on #gentoo (IRC). If not, go ahead and file a bug for the broken package.

Once the bug has been fixed, re-sync the portage tree to pick up the fixed digest.