Binary package guide/zh-cn

除了支持通常的 ebuilds 之外， Portage 还支持构建、安装二进制包. 本指南将解释如何创建他们，如何安装他们以及如何配置一个二进制包服务器.

介绍
有很多原因为什么系统管理员喜欢在 Gentoo 中使用二进制包安装方式.


 * 1) 首先，它允许管理员 将相似的系统保持最新. 从源代码编译所有东西是很耗费时间的. 维护许多相似的系统，可能其中的一些硬件较老，如果一个系统将所有东西从源代码编译好，其他系统重用这些二进制包，工作就会变得轻松.
 * 2) 第二个原因是 执行安全升级. 对于关键任务系统来说，保持尽可能大的 可用性 是很重要的. 这可以通过一台预备服务器来实现，它首先自己执行所有的更新. 一旦预备服务器更新后状态良好，那么更新可以被应用到关键系统上. 这种方法的一个变形是在同一个系统的一个 chroot 中执行更新，并且在真正的系统中使用所创建的二进制包.
 * 3) 第三个原因是 作为一个备份. 通常二进制包是恢复一个受损系统的唯一方法（例如编译器受损）. 拥有一台二进制包服务器上的或者本地的预编译二进制包，对于工具链受损的情况有很大的帮助.
 * 4) 最后，它也支持 更新非常旧的系统. 更新非常旧的系统这项任务可以通过使用二进制包来大大减轻. 通常在旧的系统上安装二进制包是有益的，因为它们不需要安装/更新构建时依赖. 因为二进制包是预编译的，这也避免了在构建过程中发生失败.

本向导将关注下列话题：
 * 如何构建二进制包；
 * 如何向客户分发二进制包；
 * 如何使用二进制包；
 * 如何维护二进制包.

在向导的末尾还包含几个关于二进制包操作的高级话题.

创建二进制包
There are three main methods for creating binary packages:
 * 1) After a regular installation, using the quickpkg application;
 * 2) Explicitly during an emerge operation by using the   option;
 * 3) Automatically through the use of the   as a Portage feature.

所有这三种方法都将在  变量指向的目录创建二进制包（默认为 ）.

使用 quickpkg
quickpkg 程序接收一个或多个依赖 atoms （或者包集合）并对所有与那个 atom 匹配的 已安装 包创建二进制包.

例如，要对所有已安装 GCC 版本创建二进制包：

要对系统中所有已安装包创建二进制包，使用  通配符：

这种方法有一点要警告：它依赖已安装的文件，会在配置文件上发生问题. 管理员经常在安装完软件后改变配置文件. 因为这可能向包中泄露重要（甚至可能是机密）数据， quickpkg 默认通过  方法保护，不包含配置文件. 要强制包含配置文件，使用  或   选项.

使用 --buildpkg 作为 emerge 选项
当使用 emerge 安装软件， Portage 可以通过  选项被要求创建二进制包：

还可以要求 Portage 只 创建二进制包却 不 在活动系统上安装软件. 这种情况下，使用  选项：

后一种方法还是需要构建时的依赖事先已安装.

作为 Portage 特性实现 buildpkg
最常用的自动创建二进制包的方式是每当使用 Portage 安装一个包就自动创建二进制包，通过使用  特性来实现，可以在  中进行设置，例如：

开启这项特性后，每次 Portage 安装软件，它将也创建一个二进制包.

排除一些包的创建
告诉 Portage 不要对一些指定的包或分类创建二进制包也是可以的. 这个可以通过向 emerge 传递  选项：

这可以对那些不值得创建二进制包的包使用. 例如 Linux 内核代码包或上游二进制包（那些以 -bin 结尾如 ）.

配置二进制包主机
Portage 支持多种下载二进制包的协议：FTP、FTPS、HTTP、HTTPS和SSH. 这为多种可能的二进制包主机的实现提供了空间.

可是，Portage 并没有提供一个“现成”的方法来分发二进制包. 根据需求还需要安装额外的软件.

基于 Web 的二进制包主机
一种常用的分发二进制包的方法是创建一个基于 web 的二进制包主机.

使用一个 web 服务器如 lighttpd 并且将其配置为提供对  中   位置的读权限.

之后，在客户系统，对应地设置  变量：

SSH 二进制包主机
要提供一种更多身份验证的二进制包方法，可是考虑使用 SSH.

当使用 SSH ，可以使用 Portage Linux 用户的 SSH 密钥 (without passphraze as the installations need to happen in the background) 来连接到远程二进制包主机.

要实现这个，确保 Portage 用户的 SSH 密钥被服务器所允许：

看起来如下：

NFS 导出
当在内网中使用二进制包，可以更简单地通过 NFS 导出包并在客户系统进行挂载.

文件看起来如下：

在客户系统，这个位置就可以被挂载. 例如 看起来如下：

使用二进制包

For binary packages to be usable on other systems they must fulfill some requirements.
 * The client and server architecture and CHOST must match.
 * The  and   that were used to build the binary packages must be compatible with all clients.
 * USE flags for processor specific features (like MMX, SSE,...) have to be carefully selected; all clients need to support them.

Next to these, Portage will check if the binary package is built using the same USE flags as expected on the client. If a package is built with a different USE flag combination, Portage will either ignore the binary package (and use source-based build) or fail, depending on the options passed to the emerge command upon invocation (see Installing binary packages).

On clients, a few configuration changes are needed in order for the binary packages to be used.

Installing binary packages
There are a few options that can be passed on to the emerge command that inform Portage about using binary packages:

In order to automatically use binary package installations, the appropriate option can be added to the  variable:

There is a Portage feature that automatically implements the equivalent of  without the need for updating the   variable: getbinpkg.

Pulling packages from a binary package host
When using a binary package host, clients need to have the  variable set. Otherwise the client will not know where the binary packages are stored which results in Portage being unable to retrieve them.

The  variable uses a space-separated list of URIs. This allows administrators to use several binary package servers simultaneously. The URI must always point to the directory in which the file resides.

Reinstalling modified binary packages
Passing the  option to emerge will reinstall every binary that has been rebuilt since the package was installed. This is useful in case rebuilding tools like revdep-rebuild or python-updater are run on the binary package server.

A related option is. It causes emerge not to consider binary packages for a re-install if those binary packages have been built before the given time stamp. This is useful to avoid re-installing all packages, if the binary package server had to be rebuild from scratch but  is used otherwise.

Additional client settings
Next to the getbinpkg feature, Portage also listens to the binpkg-logs feature. This one controls if log files for successful binary package installations should be kept. It is only relevant if  is set and is enabled by default.

Similar to excluding binary packages for a certain set of packages or categories, clients can be configured to exclude binary package installations for a certain set of packages or categories.

To accomplish this, use the  option:

Maintaining binary packages
Exporting and distributing the binary packages will lead to useless storage consumption if the binary package list is not actively maintained.

Removing outdated binary packages
In the package an application called eclean is provided. It allows for maintaining Portage-related variable files, such as downloaded source code files, but also binary packages.

The following command will remove all binary packages that have no corresponding ebuild:

For more details please read the Eclean article.

Another tool that can be used is the qpkg</tt> tool from the. However, this tool is a bit less configurable.

To clean up unused binary packages (in the sense of used by the server on which the binary packages are stored):

Maintaining the Packages file
Inside the packages directory, a file called exists. This file acts as a cache for the metadata of all binary packages in the packages directory. The file is updated whenever Portage adds a binary package to the directory. Similarly, eclean</tt> updates it when it removes binary packages.

If for some reason binary packages are simply deleted or copied into the packages directory, or the file gets corrupted or deleted, then it must be recreated. This is done using emaint</tt> command:

Creating snapshots of the packages directory
When deploying binary packages for a large number of client systems it might become worthwhile to create snapshots of the packages directory. The client systems then do not use the packages directory directly but use binary packages from the snapshot.

Snapshots can be created using the tool. It takes four arguments,
 * 1) A source directory (the path to the packages directory);
 * 2) A target directory (that must not exist);
 * 3) A URI;
 * 4) A binary package server directory.

The files from the package directory are copied to the target directory. A file is then created inside the binary package server directory (fourth argument) with the provided URI.

Client systems need to use an URI that points to the binary package server directory. From there they will be redirected to the URI that was given to binhost-snapshot</tt>. This URI has to refer to the target directory.

Understanding the binary package format
Binary packages created by Portage have the file name ending with "tbz2". These files consist of two parts:
 * 1) A .tar.bz2 archive containing the files that will be installed on the system;
 * 2) A xpak archive containing package metadata, the ebuild and the environment file.

See man xpak for a description of the format.

In some tools exists that are able to split or create tbz2 and xpak files.

The following command will split the tbz2 into a and an  file:

The xpak file can be examined using the qxpak</tt> utility.

To list the contents:

The next command will extract a file called which contains the enabled USE flags for this package:

The PKGDIR layout
The currently used format version 2 has the following layout:

The is the major improvement (and also the trigger for Portage to know that the binary package directory uses version 2) over the first binary package directory layout (version 1). In version 1, all binary packages were also hosted inside a single directory (called ) and the category directories only had symbolic links to the binary packages inside the directory.

Unpacking with quickunpkg
Zoobab wrote a simple shell tool named quickunpkg to quickly unpack tbz2 files.