User:Flyser/Low maintenance Gentoo
This is only a draft version of this article and far from being complete yet.
This article aims to collect instructions and scripts to reduce the maintenance overhead of gentoo to a minimum.
This is an advice rather than actual instruction and should be a no-brainer, but I want to mention it nonetheless: Whenever you need to execute the same tasks periodically, use a cron daemon.
Depending on the type of the task and the system, you may choose a traditional cron daemon such as vixie-cron or dcron or you might prefer a cron implementation that tries to be slightly more intelligent such as anacron, which is often a good choice of non-server systems.
atd is a daemon, which allows users to schedule commands to run at one specific time. For example:
at 1145 jan 29
at> cc -o foo foo.c at> ^D #(press Control-D while at the beginning of a line)
Runs cc -o foo foo.c at 11:45 on the 29th January.
Set up a system logger
Unless you skipped this part of the gentoo installation guide, you should already have one. If you do, pause for a moment and ponder if its configuration could be improved.
The ntp daemon is a convenient way to keep the clock of an unix system in sync. While you could also run ntp manually once in a while, the daemon solution is preferable as it uses the adjtime syscall to avoid large time jumps. Here is how you do it:
mkdir -p /var/lib/openntpd/chroot
then, optionally edit /etc/ntpd.conf and run
rc-update add ntpd default
Note that the system time will not change immediately after starting the daemon. Be patient.
Set up logrotate
Set up local mail delivery
Hard drive monitoring with smartd
Automatic system updates
This is a very dangerous thing to do and will break your system at some point!
First create the following script and make sure it's executable:
#!/bin/sh # This script is meant to be run as a cron job to update a gentoo system automatically set -e # Redirect output exec 1>>/var/log/autoupdate.log exec 2>>/var/log/autoupdate.log echo echo "Starting system update on $(date)" # Drop our priority to the lowest possible renice -n 20 $$ ionice -c3 -p$$ chrt -i -p 0 $$ emerge --sync || return 1 layman -S || true # uncritical eix-update & emerge -f @world & emerge -uDN --keep-going --complete-graph=y --with-bdeps=y --jobs 2 @world \ || ( emerge -ukDN portage -j2 python-updater -- -j2 perl-cleaner --all haskell-updater emerge -uDN --keep-going --complete-graph=y --with-bdeps=y --jobs 2 @system emerge -uDN --keep-going --complete-graph=y --with-bdeps=y --jobs 2 @world ) || true emerge -c emerge -1 --keep-going --jobs 2 @preserved-rebuild || true revdep-rebuild -i -- --jobs 2 --keep-going || true prelink -amR || true env-update && source /etc/profile
then add it to your crontab, e.g. like so
0 3 * * * /root/autoupdate.sh
Automatic installation of security fixes