An ebuild repository, colloquially known as an overlay, is a structure of directories and files used to add and extend packages for a Gentoo-based system's package manager. Ebuild repositories can contain ebuilds conforming to one or more Ebuild APIs.
The main repository on a Gentoo system is known as the Gentoo ebuild repository. It contains ebuilds maintained by official Gentoo developers and members of the community (through the Proxy Maintainers project). System administrators can add additional ebuild repositories to the system using various utilities and methods described below.
Ebuild repositories are nothing more (or less) than a set of files (ebuilds, metadata files, ...). These can be pulled in from public repositories (git, CVS, SVN ...) or downloaded as tarballs and extracted manually onto the system. It is advised to use managed repositories by trusted third parties; any installed ebuild repository will cause Portage to look through the overlaid files when deciding which software to install. If compromised code is in the ebuild repository, then compromised packages could be installed on the system.
The now default approach for handling repositories is through /etc/portage/repos.conf which, like many other Portage related locations, can be a directory as well.
Repository definitions inside /etc/portage/repos.conf also inform Portage if and how the repository can be updated. With it, calling emerge --sync will automatically update the repositories as well.
A deprecated, yet still supported method is to use the PORTDIR_OVERLAY variable inside /etc/portage/make.conf. This variable can point to one or more additional locations on the file system where repositories are available. The use of the /etc/portage/repos.conf/ directory is highly preferred.
Each ebuild repository has a unique priority to the package manager. This ensures that in the case of a specific version being found in several ebuild repositories, the resolution is unambiguous. Ebuilds from repositories with higher priority numbers (for example 60) will take precedence over ebuilds from repositories with lower priorities (such as 50).
The list of ebuild repositories with their priorities can be obtained through the output of the following commands (look for the "Repositories" string):
emerge --info --verbose
portageq repos_config /
The Gentoo ebuild repository will have a priority of -1000 which means that all other repositories generally take precedence if they are assigned a higher priority. This is the default behavior, because ebuild repositories are designed to "lay over" or "on top" of the Gentoo repository.
A number of tools support or integrate with ebuild repositories.
The layman application makes it easier to manage and update multiple additional ebuild repositories. It is a command-line application through which publicly available ebuild repositories can be listed, subscribed to and unsubscribed from, as well as update those repositories.
- When using the make.conf method, layman manages a dedicated configuration file which should be sourced in by make.conf
- When using repos.conf, layman manages the /etc/portage/repos.conf/layman.conf file directly
See the Sync (Portage project) article and man 1 emaint.
eix-sync is a wrapper starting emerge --sync (which in turn starts emaint sync --auto) followed by eix-update. For further details see the Eix article and man 1 eix.
eselect repository maintains /etc/portage/repos.conf entries for Portage to access and synchronize. See Eselect/Repository article for details.
Emerging a duplicate package
When working with ebuild repositories it is possible to encounter a situation where multiple versions of the same package are available from different ebuild repositories. Instruct Portage to install a specific package from a specific ebuild repository with the
:: version specifier:
emerge --ask category/atom::repository-name
The same notation can be used for different emerge instructions, including uninstalling a package through
When large ebuild repositories are installed, Portage may take a long time to perform operations like dependency resolution. This is because ebuild repositories do not usually contain a metadata cache.
Generate a local metadata cache by running emerge --regen after syncing the ebuild repositories:
emaint sync --allrepos
( ulimit -n 4096 && emerge --regen )
Be careful, because emerge --regen takes a lot of time and it's not recommended for rsync users as rsync updates the cache using server-side caches (most of users of portage are rsync users). Rsync users should simply run emerge --sync (or eix-sync) to regenerate the cache. It's probably only users of very large ebuild repositories should try emerge --regen.
Masking installed but unsafe ebuild repositories
When using large ebuild repositories or those with unknown/low quality it is best practice to hardmask the whole ebuild repository and only accept specific ebuilds on a case-by-case basis:
After that unmask the packages that will be installed.
- Overlays project - The official Gentoo project for ebuild repositories' support.
- Overlays guide (Overlay project) - A user guide written by the Overlay project.
- Developer's guide to Gentoo overlays - This document is kept only for historical purposes. The current guide is maintained as Project:Overlays/Overlays guide.
- Defining a custom repository - Section in the Gentoo Handbook