User:needle

From Gentoo Wiki
Jump to: navigation, search

Needle
Contact info
needle (IRC)


User info
Gentoo user since 2006

Meet me in freenode's fvwm IRC channel.

Automated rebuild of portage packages

This solution relies on the sys-process/cronie and the usage of anacron USE flag.

What does that anacron USE flag do, verify using the euse tool:

user $euse -i anacron
[-      ] anacron (sys-process/cronie):
Install the periodic anacron command scheduler.

it is a added feature or function to cronie. The anacron USE flag re-schedules missed cron jobs for machines that are not 24/7 online, like f.e. laptops, workstations. Apart from that it is working like an usual cron scheduler. This feature does not rely on the separate anacron package. Install cronie:

root #emerge --ask sys-process/cronie

Schedule daily rebuild by adding following file in the /etc/cron.daily/ directory:

FILE /etc/cron.daily/portage
#!/bin/sh
#
# sync portage
# eix-sync
# -U   Do not touch the database, do not show differences
# -T   Do not measure time
/usr/bin/eix-sync -U -T
logger "eix-sync has finished."

# Update now the database
/usr/bin/eix-update
logger "eix-update has finished."

# Add for *EMERGE_DEFAULT_OPTS="--keep-going"* in make.conf
emerge -uDN @world
logger "emerge --world has finished."

# And keep everything working
emerge @preserved-rebuild
logger "@preserved-rebuild has finished."

# Write a message to syslog script has ended
logger "daily cron portage update has finished."

Make the /etc/cron.daily/portage file executable by adding the +x flag:

root #chmod +x /etc/cron.daily/portage

This will schedule run the eix-sync and ebuild jobs, at ~03:00 AM. And if the job has been missed because host was turned off, the job gets scheduled after a the host has been turned on again.

Now it would be nice to see, what has been rebuild and how it worked out without using any complex commands. Add a bash script to the ~/bin directory of the root user. The script runs 2 qlop commands showing the results from beginning of the day. qlop is part of app-portage/portage-utils ebuild.

FILE /root/bin/emergelog.sh
#!/bin/sh
qlop -H -s -d '1 day ago'
qlop -H -m -u -d '1 day ago'

Make the /root/bin/emergelog.sh file executable by adding the +x flag:

root #chmod +x ~/bin/emergelog.sh

Because I am even to tazy to run that command manually, I add following lines to the /root/.profile file, this calls the upper /root/bin/emergelog.sh, each time the root user authenticates to this host. Additionally this lists the last 8 lines of the /var/log/emerge.log file:

FILE /root/.profile
echo "Last emerged packages:"
sh ~/bin/emergelog.sh
echo ""
echo "Last emerge.log entries:"
tail -n 8 /var/log/emerge.log
echo ""

And this is the prompt how it looks like if i login, or sudo su - into the machine:

user $sudo su -
Last emerged packages:
2020-04-21T02:30:13 *** gentoo
2020-04-21T03:22:44 >>> dev-util/re2c
2020-04-21T03:32:45 >>> net-misc/whois
2020-04-21T08:20:39 >>> dev-libs/libpcre2

Last emerge.log entries:
1587455666:  *** Finished. Cleaning up...
1587455669:  *** exiting successfully.
1587455669:  *** terminating.
1587455675: Started emerge on: Apr 21, 2020 09:54:34
1587455675:  *** emerge --keep-going @preserved-rebuild
1587455687:  *** Finished. Cleaning up...
1587455690:  *** exiting successfully.
1587455691:  *** terminating.

Now this solution works 99% of the time. If packages fail to build, this needs to be resolved manually by doing a world rebuild, and inspecting what has gone wrong.

laptop_mode

This article is a stub. You can help by expanding it.

This is work in progress, not finished yet. Managing daemons status and interfaces reflecting to the current powerlevel AC OR battery. This could also be accomplished by using open-rc. But the configuration and management is more complex compared to the laptop-mode-tools configuration approach. laptop-mode tools already 2 predefined ACPI dependend states batt and lm-ac: * batt * lm-ac * nolm-ac The 3-rd state nolm-ac (laptop-mode tools daemon NOT running) is unused here in this document. Overview of the laptop-mode directory:

user $tree -L 1 /etc/laptop-mode
 /etc/laptop-mode
 ├── batt-start
 ├── batt-stop
 ├── conf.d
 ├── laptop-mode.conf
 ├── lm-ac-start
 ├── lm-ac-stop
 ├── lm-profiler.conf
 ├── modules
 ├── nolm-ac-start
 └── nolm-ac-stop

Each of the 3 predefined states batt lm-ac an nolm-ac has a -start and -stop suffix in the directory structure. There is also a conf.d directory for services configuration that would be handled by laptop-mode and a modules directory for modules to be used explicitelly. The goal is reached when the laptop automatically determines which daemons need to be started and which need to be stopped depending on the ACPI battery level. There are 2 states in which the laptop is working: * laptop is docked, ac connected, wired access, printing available, ssh daemon running * laptop is not docked, battery, wireless access, no priting available, no ssh daemon running Overview of running daemons handled by openrc runlevel default:

user $rc-status default
Runlevel: default
 lm_sensors                                                        [  started  ]
 sysklogd                                                          [  started  ]
 sensord                                                           [  started  ]
 alsasound                                                         [  started  ]
 mpd                                                               [  started  ]
 acpid                                                             [  started  ]
 cupsd                                                             [  started  ]
 cronie                                                            [  started  ]
 chronyd                                                           [  started  ]
 laptop_mode                                                       [  started  ]
 local                                                             [  started  ]
 sshd                                                              [  started  ]

Following daemons need to be managed by laptop-tools:

user $rc-status default
 net.eth0                                                          [  started  ]
 net.wlan0                                                         [  started  ]
 sshd                                                              [  started  ]
 cupsd                                                             [  started  ]

Migrate the openrc daemons that are by default assigned to according openrc runlevel to laptop-mode: Start and Stop daemons handled by the battery status:

user $tree -L 1 /etc/laptop-mode/batt-st*
tree -L 1 /etc/laptop-mode/batt-st*
/etc/laptop-mode/batt-start
└── net.wlan0 -> /etc/init.d/net.wlan0
/etc/laptop-mode/batt-stop
├── cupsd -> /etc/init.d/cupsd
├── net.eth0 -> /etc/init.d/net.eth0
└── sshd -> /etc/init.d/sshd

Start and Stop daemons handled by the battery status:

user $tree -L 1 /etc/laptop-mode/lm-ac-st*
/etc/laptop-mode/lm-ac-start
├── cupsd -> /etc/init.d/cupsd
├── net.eth0 -> /etc/init.d/net.eth0
└── sshd -> /etc/init.d/sshd
/etc/laptop-mode/lm-ac-stop
└── net.wlan0 -> /etc/init.d/net.wlan0

Result: Docked laptop and service status:

user $rc-status default
Runlevel: default
 lm_sensors                                                        [  started  ]
 sysklogd                                                          [  started  ]
 sensord                                                           [  started  ]
 alsasound                                                         [  started  ]
 mpd                                                               [  started  ]
 acpid                                                             [  started  ]
 cronie                                                            [  started  ]
 chronyd                                                           [  started  ]
 laptop_mode                                                       [  started  ]
 local                                                             [  started  ]
Dynamic Runlevel: hotplugged
Dynamic Runlevel: needed/wanted
 net.eth0                                                          [  started  ]
 cupsd                                                             [  started  ]
Dynamic Runlevel: manual
 sshd                                                              [  started  ]

Undocked status:

user $rc-status default
Runlevel: default
 lm_sensors                                                        [  started  ]
 sysklogd                                                          [  started  ]
 sensord                                                           [  started  ]
 alsasound                                                         [  started  ]
 mpd                                                               [  started  ]
 acpid                                                             [  started  ]
 cronie                                                            [  started  ]
 chronyd                                                           [  started  ]
 laptop_mode                                                       [  started  ]
 local                                                             [  started  ]
Dynamic Runlevel: hotplugged
Dynamic Runlevel: needed/wanted
 net.wlan0                                                         [  started  ]

Is not ready yet.

libressl migration on headless productive raspberry pi2

Migration to libressl on pi2 works exactly like described in Project:LibreSSL with 2 major differences: * Need to add this particular file instead of /etc/portage/profile/use.stable.mask

FILE /etc/portage/profile/use.mask
-libressl
-curl_ssl_libressl
  • The migration worked on a productive system, a headless box with minimal dependencies, no fancy stuff like f.e. X. Made successful migration from openssl to libressl. Stick to the Project Website in this wiki it will work.

Enable IPv6 privacy extensions (RFC4941)

IPv6 privacy extensions are disabled by default on GNU/linux, they lead to problems if users are not aware of this. To enable privacy extensions on gentoo permanently add following lines and reboot the system:

FILE /etc/sysctl.confEnabling IPv6 privacy extensions
...
# Enabling IPv6 privacy extensions for specified interfaces. 
# here eth0 and wlan0
# net.ipv6.conf.eth0.use_tempaddr = 2
# net.ipv6.conf.wlan0.use_tempaddr = 2
net.ipv6.conf.all.use_tempaddr = 2
net.ipv6.conf.default.use_tempaddr = 2

# Setting q shorter timeout for a temporary IPv6 prefix
# default setting is one day
net.ipv6.conf.eth0.temp_prefered_lft = 14400
net.ipv6.conf.wlan0.temp_prefered_lft = 14400

The setting net.ipv6.conf.all.use_tempaddr is used to propagate its value to all interfaces currently attached to the system. This setting might not work reliably for all interfaces. At least not on my own tested gentoo installations up to kernel 4.14.

There are two old bugs in the Linux kernel bugtracker for this issue:

Wiki templates for templates