I got hold of a script from Demonoid for streaming TV over tinterweb. The script was taken down very quickly. Here is my modified version which seems to do the job quite well :)
All posts by cdstealer
The new build
Well I thought it was about time to upgrade the MythTV box. Poor thing couldn't play HD content and no AGP cards exist that can. So it was a total rebuild.
The new specs are:
Intel core i5 650 (3.2Ghz Dual Core HT)
4Gb Corsair XMS3 DDR3
Asus P7H55-M PRO
Now to unpack:
The CPU:
CPU fitted:
Now for the heatsink:
heh.. I stood back and laughed at this :)
Something tells me this thing isn't going to fit. OH ARSE!
Nevermind I thought, after rushing out and buying a cheap tower just to get me by. Surprisingly, it was too big for that as well. Looking into it, the heatsink is designed for large gaming cases. Oh Fook. So back I went with the case for a refund.
Being the stubborn git I am, I refused to be beaten. I was using a "Scythe Mini Ninja Socket 478/775/754/939/940/AM2 Heatpipe Cooler" and thought if I could just adapt the fittings from the new "Scythe Mugen 2 Rev B For Socket 1366, 1156, 775, 478, AM3, AM2+, AM2, 940, 939, 754 Processor Cooler".
Call it an utter fluke, but the socket 1156 bracket fitted perfectly on the mini ninja. None of the other brackets fitted at all. PHEW!
Now to get this baby installed:
The harddrive is a 5400rpm 1Tb Western Digital eco. The 2 x 120mm fans run on the slowest speed. I need this PC to be very very quiet. And it is.. very!
In conclusion, this is a very quick system now. What used to take almost an hour to compile on the old P4 3Ghz, now only take a few minutes (and yes, I use Gentoo!)
HD 1080p playback is perfect. To say the IGP (integrated graphics) is built into the CPU, this is amazing. I'm very impressed if I do say so myself!
Update: I've now installed RAID1 and an extra 4Gb RAM!.
Jack-3.1.1
Jack (not to be confused with the jackd audio daemon) is a cdripper for Linux written in python. You can download via your package manager or from the homesite. I have found on Gentoo and Fedora that jack depends on python-2.4 which is a pain when just about everything else builds against python-2.5 or higher which causes problems. I was forever getting:
$ jack
Traceback (most recent call last):
File "/usr/bin/jack", line 42, in <module>
import jack_argv
File "/usr/lib/python2.6/site-packages/jack_argv.py", line 22, in <module>
import jack_utils
File "/usr/lib/python2.6/site-packages/jack_utils.py", line 26, in <module>
import jack_functions
File "/usr/lib/python2.6/site-packages/jack_functions.py", line 222
def starts_with(str, with):
^
SyntaxError: invalid syntax
I had my fill of fixing this every time I needed to rip a cd, so I fixed it. All you need to do after it has been installed is run this script jack python-2.6 patch
If you look at the script, you'll see that it just changes any definitions from starts_with to startswith.
Another common problem is a gcc memory leak. To fix this add MALLOC_CHECK_=1 at the start of your command. I have added this as an alias in my .bash_profile eg.
alias jackflac='MALLOC_CHECK_=1 jack --device=/dev/sr0 --append-year=yes --dir-template "%a/%l" -C -Q -R --rename-fmt "%n - %a - %l - %t" --workdir /home/cdstealer/Desktop/ -E flac'
alias jackmp3='MALLOC_CHECK_=1 jack --device=/dev/sr0 --append-year=yes --dir-template "%a/%l" -C -Q -R --rename-fmt "%n - %a - %l - %t" --workdir /home/cdstealer/Desktop/ -E lame --vbr=no -b 320 -e 2 --write-id3v2=yes'
Please make sure that jack and its dependencies have been built against python-2.6+.
dev-python/id3-py
dev-python/cddb-py
dev-python/pyogg
media-libs/id3lib
dev-python/pyid3lib
dev-python/pyvorbis
media-sound/jack
I edited the files below to add high quality and forced stereo. Just add "-q0 -ms" to the end of the 4 line in each file. eg:
'cmd': "lame --preset cbr %r --strictly-enforce-ISO %i %o -q0 -ms",
'vbr-cmd': "lame -V %q --vbr-new --nohist --strictly-enforce-ISO %i %o -q0 -ms",
'otf-cmd': "lame --preset cbr %r --strictly-enforce-ISO - %o -q0 -ms",
'vbr-otf-cmd': "lame -V %q --vbr-new --nohist --strictly-enforce-ISO - %o -q0 -ms",
/usr/lib/python2.6/site-packages/jack_helpers.py
/usr/lib/python2.6/site-packages/jack_main_loop.py
/usr/lib/python2.6/site-packages/jack_plugin_lame.py
DNS/DHCP server
Generating an RNDC key.
The rndc tool is used to managed the named daemon.
We need to generate a keyfile called /etc/bind/rndc.key which is referenced both by /etc/bind/rndc.conf and /etc/bind/named.conf
To do this we use the following command;
# rndc-confgen -a -c /etc/bind/rndc.key
BIND (NAMED) /etc/bind/named.conf
IP addresses and host names have obviously been changed.. I'm not *THAT* stupid ;)
Forwarder file: /etc/bind/pri/forwarddns
Reverse zone: /etc/bind/pri/reversedns
Trouble Shooting Bind
Depending on your connection/setup you may see the following in your log.
09-Feb-2011 11:19:14.234 edns-disabled: info: success resolving 'markmail.org/AAAA' (in 'org'?) after disabling EDNS
or
09-Feb-2011 11:18:38.986 edns-disabled: info: success resolving 'lists.isc.org/A' (in 'isc.org'?) after reducing the advertised EDNS UDP packet size to 512 octets
These on their own are harmless enough.. they just flood your log :) They can be turned off by adding the following to your named.conf:
logging {
category lame-servers {null; };
category edns-disabled { null; };
};
Another issue I came across at the same time as above was 95% of all my DNS requests were timing out. This, coincidentally was when I upgraded my internet connection to a 30Mbit VirginMedia with "super hub". I found this was caused by the "IP flood protection" in the router settings. Disabling this solved the timeout issue and also stopped any edns errors flooding the logs.
You may receive one or both of the following lines in bind log.
pri/example.com.signed:10: signature has expired
To remedy this this, run the following command (manual signing only):
cd /etc/bind/pri dnssec-signzone -A -3 $(head -c 10 /dev/random | sha256sum | cut -b 1-16) -N INCREMENT -o example.com -t example.com
OR
/var/bind/named.cache:2: signature has expired
To remedy this this, run the following command:
/usr/bin/wget --user=ftp --password=ftp ftp://ftp.rs.internic.net/domain/root.zone -O /var/bind/named.cache /usr/sbin/rndc reload
CHROOT
If you are security conscious then you can "jail" the named process which if broken into will lock the perp in the chrooted named directories only... as these files are replaced upon restarting bind, it doesn't matter if they are damaged/compromised.
To setup a chroot envirnnment, just do the following.
1) Setup named as above so that everything is working.
2) Uncomment 'CHROOT="/chroot/dns"' in /etc/conf.d/named
3) execute emerge --config net-dns/bind
4) restart named
You should get the following:
* Starting chrooted named ... * Mounting chroot dirs * mounting /etc/bind to /chroot/dns/etc/bind * mounting /var/bind to /chroot/dns/var/bind * mounting /var/log/named to /chroot/dns/var/log/named [ ok ]
DNSSEC
Automagically
In the "options" block of named.conf, make sure the below lines are present.
dnssec-enable yes; dnssec-validation yes; key-directory "/var/bind/pri"; inline-signing yes;
Further down where your zones are defined, you should have something like this.
zone "example.com" IN {
type master;
file "pri/example.com";
notify yes;
allow-update { key "rndc-key"; };
inline-signing yes;
auto-dnssec maintain;
};
Restart named and you should see for each zone with inline-signing enabled.
example.com example.com.jbk example.com.jnl example.com.signed example.com.signed.jnl
The auto signing way seems to be more reliable as using the manual method, named would fail to find the private keys randomly several times per day.
Manually
In /etc/bind/named.conf, ensure the following are present in the options block:
dnssec-enable yes; dnssec-validation yes; key-directory "/var/bind/pri";
Next cd to either /var/bind/pri or /etc/bind/pri.
Now we'll create a Zone Signing Key (ZSK):
dnssec-keygen -a RSASHA256 -b 2048 -n ZONE example.com
Note: You need to create telemetry or this will take hours. Start a big emerge or fire up a VM.
Next we'll create a Key Signing Key (KSK)
dnssec-keygen -f KSK -a RSASHA256 -b 2048 -n ZONE example.com
Note: You need to create telemetry or this will take hours. Start a big emerge or fire up a VM.
You should have 1 pair of KSK and ZSK files.
Kexample.com.+008+00712.key Kexample.com.+008+00712.private Kexample.com.+008+12951.key Kexample.com.+008+12951.private
Now add the key files to the bottom of the zone file. eg
$INCLUDE Kexample.com.+008+00712.key $INCLUDE Kexample.com.+008+12951.key
Now we need to sign the zone file:
dnssec-signzone -A -3 $(head -c 10 /dev/random | sha256sum | cut -b 1-16) -N INCREMENT -o example.com -t example.com
This creates a new file named example.com.zone.signed which contains RRSIG records for each DNS record. We have to tell BIND to load this "signed" zone.
Open the bind config file /etc/bind/named.conf and add the signed file to the zone block. eg
zone "example.com" IN {
type master;
file "pri/example.com.signed";
notify yes;
allow-update { key "rndc-key"; };
inline-signing yes;
};
That's it. Reload/restart bind and you should be golden ;)
If you're using a 3rd party DNS, you will need to add the DS and DNSSEC public keys.
There should be a dsset-example.com file within /var/bind/pri, cat this and you will see:
example.com. IN DS 8449 10 2 817AC0B85419C947608AAF54ED52F137137DA157F3B86C1B08509495 5E917C14
You may have several .key files, if you need to add another DS record, you can run the command:
dnssec-dsfromkey <Kexmaple.com....key>
Add the output to the dsset-example.com file and also the external nameserver provider.
Note: Remove the space from the Digest key.
We would also need to add the corresponding DNSSEC public key. To do this, we need to cat the contents:
# cat /var/bind/keys/Kexample.com.+010+08449.key
; This is a key-signing key, keyid 8449, for example.com.
; Created: 20151115172130 (Mon Nov 15 17:21:30 2015)
; Publish: 20151115172130 (Mon Nov 15 17:21:30 2015)
; Activate: 20151115172130 (Mon Nov 15 17:21:30 2015)
example.com. IN DNSKEY 257 3 10 AwEAAdi4syP6xRyXjjGngSvFn51GR85AvWSqUCyST9CM6tJWEiRwEpTJ ....
Unfortunately this was unavailable with the provider I was with.
Testing
To varify that DNSSEC is used by the 3rd party nameservers, you can use this tool: https://dnssec-analyzer.verisignlabs.com/
You can also test your internal DNS by executing:
named-checkzone -D -f raw -o - example.com example.com.signed
This will output the encryption for each entry in the zone file.
# named-checkzone -D -f raw -o - cdstealer.com cdstealer.com.signed
zone cdstealer.com/IN: loaded serial 201421440 (DNSSEC signed)...
How to setup a DHCP that will update the dns records of bind.
DHCP /etc/dhcp/dhcp.conf
Then add the following to the top of /etc/conf/named
OPTIONS="-4" ENABLE_ZONE_WRITE=yes
Now restart named & dhcpd. If you get any errors, check /var/log/messages and double check your work.
Email Server
Emerge exim, dovecot, spamassassin, clamav and of course all dependencies.
Now to configure them to work together. First we'll configure Exim4.
I strongly suggest reading the provided example in /etc/exim as everything is well commented.
To generate the certificate for ssmtp/smtps use this command:
openssl genrsa -out email.key 1024 openssl req -new -key email.key -out email.csr openssl x509 -req -days 3650 -in email.csr -signkey email.key -out email.crt chown mail: email.key chmod 600 email.key chmod 644 email.crt
Ensure these go somewhere safe and accessible to the application(s).
To setup server side filtering(rules) include the file below in the users $home.
Again, there is a well commented example with the install. [net-mail/dovecot-1.2*]
Upgrading Dovecot v1.2 to v2.0
A lot of settings have changed. Dovecot v2.0 can still use most of the v1.x configuration files, but it logs a lot of warnings at startup. A quick and easy way to convert your old config file to v2.0 format is:
doveconf -n -c dovecot-1.conf > dovecot-2.conf
This command logs a warning about each obsolete setting it converts to the new format. You can either go through the warnings to figure out what changes exactly were done, or you can simply trust doveconf and replace your old config with the newly generated one.
Once running v2.0, it's safe to downgrade to v1.2.5 or newer. Older versions don't understand some of the changes to index files and will log errors.
Other important changes:
- Dovecot uses two system users for internal purposes now by default: "dovenull" and "dovecot". You need to create the "dovenull" user or change default_login_usersetting. "dovenull" user is used by completely untrustworthy processes, while "dovecot" user is used for slightly more trusted processes.
- If you want to be using something else than "dovecot" as the other user, you need to change default_internal_user setting.
- Just like with "dovecot" user, "dovenull" doesn't need a password, home directory or anything else (but it's good to give it its own private "dovenull" group).
- no more convert plugin, use dsync instead
- no more expire-tool, use doveadm expunge instead. also expire configuration is different.
- Post-login scripts are configured differently and need to be modified
- Quota warnings are configured differently and the script may need to be modified (most environment settings like $USER are gone)
- Global ACL filenames now require namespace prefix (e.g. if you use "INBOX." prefix, /etc/acls/foo needs to be renamed to /etc/acls/INBOX.foo
- Maildir: Permissions for newly created mail files are no longer copied from dovecot-shared file, but instead from the mail directory (e.g. for "foo" mailbox, they're taken from ~/Maildir/.foo directory)
- dbox: v2.0 format is slightly different, but backwards compatible. The main problem is that v2.0 no longer supports maildir-dbox hybrid resulting from "fast Maildir migration". If you have any Maildir files in your dbox, you need to convert them somehow (some examples). You might also consider using dsync to get rid of the old unused metadata in your dbox files.
- Pre-login and post-login CAPABILITY reply is now different. Dovecot expects clients to recognize new automatically sent capabilities. This should work with all commonly used clients, but some rarely used clients might have problems. Either get the client fixed, or set imap_capability manually.
- ManageSieve protocol was assigned an official port by IANA: 4190. This is used by Pigeonhole by default now. If you want to listen also on the old 2000 port, see the Pigeonhole/ManageSieve/Configuration example.
- dovecot --exec-mail imap has been replaced by simply running "imap" binary. You can also use "imap -u <username>" to access other users' mails more easily.
LDA
- deliver binary was renamed to dovecot-lda (but a symlink still exists for now)
- -n parameter was replaced by lda_mailbox_autocreate setting. The default also changed to "no".
- -s parameter was replaced by lda_mailbox_autosubscribe setting. The default is "no", as before.
Configs:
Don't forget that ALL the configs have now changed. No longer does everything reside in /etc/dovecot/dovecot.conf but in the following files:
# ls -1 /etc/dovecot/conf.d/
10-auth.conf
10-director.conf
10-logging.conf
10-mail.conf
10-master.conf
10-ssl.conf
15-lda.conf
20-imap.conf
20-lmtp.conf
20-pop3.conf
90-acl.conf
90-plugin.conf
90-quota.conf
auth-checkpassword.conf.ext
auth-deny.conf.ext
auth-ldap.conf.ext
auth-master.conf.ext
auth-passwdfile.conf.ext
auth-sql.conf.ext
auth-static.conf.ext
auth-system.conf.ext
auth-vpopmail.conf.ext
Hopefully the file names should indicate what does what.
/etc/dovecot/dovecot.conf:
protocols = imap [imaps is no longer valid]
Most of the settings from the v1.2 config can be transferred to the relevant configs above.
Global changes are in /etc/spamassassin/local.cf, user rules are ~/.spamassassin/user.prefs. However, user_prefs is ignored when using spamd (daemon). Also user.prefs can be insecure and also increase server load.
I personally add my whitelist/blackdays addresses in the global file. Example below:
A comprehensive list of options can be found here.
I also added grey listing to my setup.
Instructions here.
Split audio image files
First off, install cuetools & shntool via your package manager. cuetag is not part of the gentoo portage package.
Cuetag pop this in /usr/bin/ <-- taken from the source from berlios.de
Cuesplit pop this in /usr/bin/ <-- adapted from archlinux forum
Obviously you will need the libraries for your media ie flac, mac, shn, wavpak etc.
Useage: cd into the directory of the audio image and run cuespilt. Done. :)
JSymphonic (Sony Alternative)
A linux alternative to Sonys' SonicStage.
http://symphonic.sourceforge.net/
Installation:
Download and unpack the zip file (not the source). And create a launcher.
ie. I unzipped mine to /usr/local/bin. The local user will need write permissions in this directory as an xml config file will be created when you first run. Then create a launcher in ~/.local/share/applications/
$ cat .local/share/applications/SonicStage.desktop
[Desktop Entry] Encoding=UTF-8 Type=Application Terminal=false Exec=/usr/bin/java -jar /usr/local/bin/JSymphonic_v0.3.0b.jar Comment=SonicStage alternative Name=SonicStage Icon=/usr/share/pixmaps/sonicstage.png Catagories=AudioVideo
MythTV Frontend Client
Ok.. so you have your backend all setup and recording TV :D
But what if I want Mythtv in another room?
No problem!
Hardware:
Acer Revo 230: (Aspire R3600)
Intel Atom 1.6 (Hyperthreading)
1Gb RAM
160Gb WD HDD
Nvidia HDMI
Setup:
Install Gentoo and MythTV as directed in the installation guide. Then just point the front end to the back end.
On my setup, I omitted Mytharchive, Mythweb.
Todo:
Setup Storage Directory on backend for frontend to use.
MythTV Installation
I have create this guide based on my experience of Installing and configuring MythTV. If you're looking for a PVR project, then MythTV is perfect.
This is for a dedicated box so no desktop environment will be installed.
I have compiled this on the assumption that you are competent in Linux so it won't be much use as a beginners guide, though I may turn it into one if I get time.
Obviously this guide is specific to my hardware so please make changes where needed for your setup.
The Hardware:
Samsung Dual Layer SATA DVD-RW
Western Digital 1Tb HDD [System & Storage]
Asus P7H55M PRO Mainboard
4Gb Corsair XMS3 1333Mhz DDR3
Intel 3.2Ghz i5 650 CPU
MCE Remote v2 (Phillips
Leadtek DTV1000 DVB-T PCI x2
Once you have you base Linux system up and running it's time to start installing applications. The version currently being used at the time of writing this is:
media-tv/mythtv-0.22_p22860
media-plugins/mythgallery-0.22_p22763
media-plugins/mythgame-0.22_p22763
media-plugins/mythvideo-0.22_p22864-r1
media-plugins/mytharchive-0.22_p22763
x11-themes/mythtv-themes-0.22_p22869
media-plugins/mythmusic-0.22_p22763
x11-themes/mythtv-themes-extra-0.22_p22492
www-apps/mythweb-0.22_p22763-r1
So we now have a base Gentoo install and Mythtv. If you have used the "autostart" flag then follow the steps below:
(you may need to use ALT+F1 to get a terminal) Assuming you have installed mysql and have not yet setup the root account for mysql.. execute:
- mysqladmin -uroot -p
- Edit /etc/inittab and add c8:2345:respawn:/sbin/mingetty --autologin mythtv tty8 underneath the #TERMINALS section.
- Edit /usr/share/mythtv/database/mc.sql and change the username and password entries.
- Run mysql -uroot -p < /usr/share/mythtv/database/mc.sql to create the Mythtv database with the details used in previous step.
- Log into mysql as root and run GRANT ALL PRIVILEGES ON `mythconverg`.* TO 'mythtv'@'localhost'; this just gives permissions to the mythtv user for the Mythtv database.
- Run rc-update add mythbackend default to have Mythtv's brains startup on reboot.
- Edit /home/mythtv/.xinitrc
# .xinitrc
#[ -x /usr/bin/nvidia-settings ] && /usr/bin/nvidia-settings -l
/usr/bin/killall -9 mythfrontend evilwm
sleep 1
/usr/bin/xset s noblank
/usr/bin/xset s off
/usr/bin/xset -dpms
/uar/bin/xsetroot -cursor_name dot
/usr/bin/evilwm &
exec /usr/bin/mythfrontend -l /var/log/mythtv/mythfrontend.log -v important,general
#exec /usr/bin/mythtv-setup
*TIP* If you need to enter mythtv-setup for whatever reason, comment out exec /usr/bin/mythfrontend -l /var/log/mythtv/mythfrontend.log -v important,general and add exec /usr/bin/mythtv-setup to your .xinitrc. Then exit the frontend. Don't forget to change back when finished.
You can reboot now
If things are working as they should, you will now have a language selection screen.
Hit ALT+F1 and login as root and stop the mythbackend daemon. /etc/init.d/mythbackend stop
SU to mythtv. su - mythtv Execute DISPLAY=":0.0" mythtv-setup and hit ALT-F7.
Now to tell Mythtv where it's brains are. Most of the screens can be left as the default settings. If you are only have 1 box leave the IP's as 127.0.0.1, if you are planning remote frontends then change to the IP of the backend (ie this box).
Change this screen to your TV settings.
Click Next
Click Next
Click Next
Click Next
Change the CPU to HIGH and uncheck Allow Advert Detection Jobs.
Click Next
Click Finish
Capture Cards
Highlight (new capture card) and hit enter.
Change the card type for your tuner.
Select Recording options.
If you only have one card, leave the max recordings as 1.
Tick Wait for SEQ start header
Tick Open DVB card on demand
Tick Use DVB card for active EIT scan
Video Sources
Highlight (new video source) and press enter
Enter a name in the Video source name box
Change the Listings Grabber to EIT
Input Connections
Here you should see the card(s) you have just setup in the previous step.
Select your card and press enter.
Change the Video Source (there should only be the one)
Use Quick Tuning should be fine as the default Live TV Only
Click Scan for Channels (you may need to change the country)
Change the Input group 1 to DVB0 if setting up the first card.
Channel Editor (optional)
Click Icon Download
Storage Directories
Highlight default and press enter
Highlight Add New Directory and press enter
Enter the full path to where you want TV streams to be saved.
Exit mythtv-setup by pressing ESC (you may see the language screen again.. do not select anything!
Hit ALT+F1 and reboot.. you should now boot straight into Mythtv.
Mythvideo
Highlight Setup and press enter.
Highlight Video Settings and press enter.
Highlight General Settings and press enter.
Enter the full path to where you want mythtv to find other videos etc that mythtv did not record.
DVD's ripped by Mythtv will be put here.
PLAYER SETTINGS:
The defaults should be ok.
FILE TYPES:
Here you can add files types of videos that are not enabled by default.
RIP SETTINGS:
MythGallery
MythGame
MythArchive
MythWeb
You need apache2 and php5 installed and setup for mythweb to function. Apache instructions
cp /usr/share/webapps/mythweb/<version>/htdocs/mythweb.conf.apache /etc/apache2/modules.d/mythweb.conf
edit /etc/apache2/modules.d/mythweb.conf and change the directory path to eg /var/www/localhost/htdocs/mythweb
Change the setenv entries to reflect the mythtv mysql account. run
htpasswd2 -c /path/to/your/.htpasswd <username> This will prompt for a username and password.
^ this should be outside the root of mythweb. The -c option creates a new file. If you are adding a second user or more, omit the -c to apend the file.
Restart apache /etc/init.d/apache2 restart
Advanced: Setup SSL Add the following lines to .htaccess in the root of mythweb to encrypt user details.
SSLOptions +StrictRequire
SSLRequireSSL
SSLRequire %{HTTP_HOST} eq "<domain>"
ErrorDocument 403 https://domain/path/to/403.html
AuthType Basic
AuthUserFile /path/to/your/.htpasswd
AuthName "Please enter your username and password."
require valid-user
You will also need to create SSL keys and tell apache about them. You will be forced to provide a password. This will cause apache not to start if not attended.
openssl genrsa -des3 -out server.key 1024
To remove the password:
cp server.key server.key.org
openssl rsa -in server.key.org -out server.key
To create the certificate request:
openssl req -new -key server.key -out server.csr
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
Now change the perms so only root can read them.
chmod 400 server*
Copy the generated key and crt files to somewhere that apache can read eg /etc/apache2/ssl/. Enter the following into your vhosts:
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/server.crt
SSLCertificateKeyFile /etc/apache2/ssl/server.key
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
Restart apache
Trouble Shooting:
I've come across the occasional update where upon restarting mythbackend, the system load would max out for no reason. I found to resolve this I needed to run mythtv-setup and delete the dvb cards, readd them and rescan the channels. Upon restarting mythbackend, load would remain normal.
Gentoo Install
You can download a minimal install iso from here
It is assumed that you have some knowledge of Linux and how hardware is detected.
| '#' = Direct command |
| Tips:* Once booted into the cd, press CTRL, ALT & F2 and enter
# lspci This lists your hardware, you may need to refer to this later.* Research... Gentoo has a fantastic user community and documentation. If you're using the USB install the root is auto mounted under /mnt/cdrom. |
| Hard drive setup:- |
| # fdisk /dev/sda
A typical filesystem layout I use is this on an 80Gb drive. Set partition 1 to +100M (boot) Press "t", select partition 4 then enter code 82. # mke2fs -L BOOTFS -t ext4 /dev/sda1 # mke2fs -L ROOTFS -t ext4 /dev/sda2 # mke2fs -L HOMEFS -t ext4 /dev/sda3 # mkswap -L SWAPFS /dev/sda4 # swapon /dev/sda4 # mount -t ext4 /dev/sda2 /mnt/gentoo # mkdir /mnt/gentoo/boot # mount /dev/sda1 /mnt/gentoo/boot # cd /mnt/gentoo |
| Stage & Portage installation:- |
| # links http://www.gentoo.org/main/en/mirrors.xml (move the highlight bar to the desired URL and hit enter.) Move to releases and hit enter. Select the correct arch (amd64.) Select releases Select your arch and hit enter. (amd64) Select autobuilds hit enter Select current-stage3-amd64-systemd Select the stage file. (stage3-amd64-systemd-YYYYMMDD.tar.bz2) select ok to save. Go up 4 levels Select snapshots Select the most recent file. (portage-YYYYMMDD.tar.bz2) # tar -xjpf stageXXX # tar -xjf portage-XXX -C /mnt/gentoo/usr #nano -w /mnt/gentoo/etc/portage/make.conf press CTRL+X to exit, Y to accept changes and ENTER to save. If you wish to define the CPU arch, please refer to this. Also, please refer to the global useflags that maybe required depending on your end game. # mirrorselect -i -o >> /mnt/gentoo/etc/portage/make.conf # mount -t proc none /mnt/gentoo/proc # mount --types proc /proc /mnt/gentoo/proc # mount --rbind /sys /mnt/gentoo/sys # mount --make-rslave /mnt/gentoo/sys # mount --rbind /dev /mnt/gentoo/dev # mount --make-rslave /mnt/gentoo/dev # cp -L /etc/resolv.conf /mnt/gentoo/etc/resolv.conf !!!!NOTE: Do not be tempted to add customisation at this stage. It is better to get the base system built, bootable and stable. |
| Portage rsync configs are now located in /etc/portage/repos.conf/gentoo.conf
Create the directory: # mkdir /etc/portage/repos.conf Then create gentoo.conf with the content below. [DEFAULT] main-repo = gentoo [gentoo] location = /usr/portage sync-type = rsync sync-uri = rsync://rsync.europe.gentoo.org/gentoo-portage |
| Entering the Gentoo Environment:- |
| # chroot /mnt/gentoo /bin/bash # env-update # source /etc/profile |
| Install the Kernel:- |
| # emerge -av gentoo-sources # cd /usr/src/linux # make menuconfig # make && make modules_install # cp arch/x86_64/boot/bzimage /boot/kernel-?.?.?-gentoo-r? # cp .config /boot/config-?.?.?-gentoo-r? |
| Note: If unmasking a kernel, ensure you also unmask the linux-headers of the same version. |
| Setup root user password:- |
| # passwd |
| Setup Localtime:- |
| # ln -sf /usr/share/zoneinfo/Europe/London /etc/localtime |
| Setup FSTAB:- |
# nano -w /etc/fstab
LABEL=BOOTFS /boot ext4 noauto,noatime 1 2 LABEL=SWAPFS none swap sw 0 0 LABEL=ROOTFS / ext4 noatime 0 1 LABEL=HOMEFS /home ext4 noatime 0 1 |
| Setup Grub (boot loader):- |
| # emerge grub # grub-install /dev/sda # grub-mkconfig -o /boot/grub/grub.cfg !!! NOTE !!! GRUB_CMDLINE_LINUX_DEFAULT="rootfstype=ext4 init=/usr/lib/systemd/systemd" |
| install systemd & networkmanager
* you may need to unmerge udev & libudev |
| # cd # umount /mnt/gentoo/boot /mnt/gentoo/proc /mnt/gentoo # reboot |
| REBOOT!
Login and enable NetworkManager. systemctl enable NetworkManager Now we have a bootable system, we can squeeze a little more speed from compiling. |
| Setup hostname:- |
| # hostnamectl set-hostname <hostname> |
| Setup keyboard locale:- |
| # localectl set-keymap uk |
| Network Time:- |
| # systemctl enable systemd-timesyncd
Time servers are defined in /etc/systemd/timesyncd.conf. |
| Setup system log:- |
| # emerge syslog-ng logrotate # systemctl enable syslog-ng@default |
| YOU NOW HAVE GENTOO INSTALLED BUT NO GUI OR APPZ... |
| Now REBOOT |
| Select system profile |
| Then execute: # eselect profile list Available profile symlink targets: [1] default/linux/amd64/13.0 [2] default/linux/amd64/13.0/selinux [3] default/linux/amd64/13.0/desktop [4] default/linux/amd64/13.0/desktop/gnome [5] default/linux/amd64/13.0/desktop/gnome/systemd [6] default/linux/amd64/13.0/desktop/kde [7] default/linux/amd64/13.0/desktop/kde/systemd [8] default/linux/amd64/13.0/desktop/plasma [9] default/linux/amd64/13.0/desktop/plasma/systemd [10] default/linux/amd64/13.0/developer [11] default/linux/amd64/13.0/no-multilib [12] default/linux/amd64/13.0/systemd * [13] default/linux/amd64/13.0/x32 [14] hardened/linux/amd64 [15] hardened/linux/amd64/selinux [16] hardened/linux/amd64/no-multilib [17] hardened/linux/amd64/no-multilib/selinux [18] hardened/linux/amd64/x32 [19] hardened/linux/musl/amd64 [20] hardened/linux/musl/amd64/x32 [21] default/linux/uclibc/amd64 [22] hardened/linux/uclibc/amd64 Then execute: # eselect profile set 11 executing: # emerge -uvnD world will install/rebuild the the required packages for that profile. This may take a few hours. |
| OK. If everything went to plan you should now have a basic Gentoo installation. Now for the hard bit :D |
|
These are only my recommendations:- create /etc/locale.gen and add "en_GB.UTF8 UTF-8" # emerge ufed Set any required global use flags via ufed. Some useful ones are: X bluetooth branding cacert cairo consolekit corefonts cups dbus egl evdev flac gd gif gles2 gnome gnome-keyring gnutls gpm gtk icu jpeg jpeg2k ibnotify mmx mp3 mpi nautilus networkmanager offensive office ogg opengl png policykit pulseaudio python qt4 smp sse sse2 sse4 sse4_1 ssse3 svg syslog systemd tiff truetype udev disks usb uxa vhosts vim-syntax vorbis xkb -bindist -ipv6 -widevine If you don't want to set any global flags, you can opt to set these on a per package basis (recommended). If you do define/remove any global flags, ensure you run an "emerge -puvND world" and rebuild any packages. |
| Example only:
/etc/portage/package.use/qtwebkit /etc/portage/package.use/iputils /etc/portage/package.use/libpng /etc/portage/package.use/python /etc/portage/package.use/ffmpeg /etc/portage/package.use/libpcre /etc/portage/package.use/qtkeychain /etc/portage/package.use/zlib /etc/portage/package.use/cogl /etc/portage/package.use/mesa |
| # emerge -evD system (optional but recommended) [this will rebuild the install for your architecture. It may take a while] #emerge gentoolkit # revdep-rebuild Now it's time to get a GUI installed. |
| Install GDM & Gnome |
| Install your Desktop Environment.
# emerge av gdm gnome-light Once complete enable gdm to autostart |
| Caveats and Cleanups |
| Gnome-terminal may not start
# locale-gen And then: # localectl set-locale LANG="en_GB.UTF-8" And reboot. Gnome-shell screen cast may not work. You may get the error: gnome-session[736]: ** (gnome-shell:805): WARNING **: ShellRecorder: failed to parse pipeline: no element "vp9enc" To fix this, ensure that gst-plugins-good, libvpx & ffmpeg are installed. |
There you have it. A full Gentoo Linux install with a Gnome3 desktop.
Time to spend a few more hours emerging your apps: ;)
A few useful apps are:
extundelete app-misc/screen libreoffice (take >1 hour) google-chrome firefox app-admin/keepassx eog gimp vim corefonts linux-firmware dosfstools chrome-binary-plugins gnome-tweak-tool