Tag Archives: Gentoo

Linux

Email Server

Emerge exim, dovecot, spamassassin, clamav and of course all dependencies.

Now to configure them to work together.  First we'll configure Exim4.

The config file.

I strongly suggest reading the provided example in /etc/exim as everything is well commented.

To generate the certificate  for ssmtp/smtps use this command:

openssl genrsa -out email.key 1024
openssl req -new -key email.key -out email.csr
openssl x509 -req -days 3650 -in email.csr -signkey email.key -out email.crt
chown mail: email.key
chmod 600 email.key
chmod 644 email.crt

Ensure these go somewhere safe and accessible to the application(s).

To setup server side filtering(rules) include the file below in the users $home.

The config file

Again, there is a well commented example with the install.  [net-mail/dovecot-1.2*]

The config file

Upgrading Dovecot v1.2 to v2.0

A lot of settings have changed. Dovecot v2.0 can still use most of the v1.x configuration files, but it logs a lot of warnings at startup. A quick and easy way to convert your old config file to v2.0 format is:

doveconf -n -c dovecot-1.conf > dovecot-2.conf

This command logs a warning about each obsolete setting it converts to the new format. You can either go through the warnings to figure out what changes exactly were done, or you can simply trust doveconf and replace your old config with the newly generated one.

Once running v2.0, it's safe to downgrade to v1.2.5 or newer. Older versions don't understand some of the changes to index files and will log errors.

Other important changes:

  • Dovecot uses two system users for internal purposes now by default: "dovenull" and "dovecot". You need to create the "dovenull" user or change default_login_usersetting. "dovenull" user is used by completely untrustworthy processes, while "dovecot" user is used for slightly more trusted processes.
    • If you want to be using something else than "dovecot" as the other user, you need to change default_internal_user setting.
    • Just like with "dovecot" user, "dovenull" doesn't need a password, home directory or anything else (but it's good to give it its own private "dovenull" group).
  • no more convert plugin, use dsync instead
  • no more expire-tool, use doveadm expunge instead. also expire configuration is different.
  • Post-login scripts are configured differently and need to be modified
  • Quota warnings are configured differently and the script may need to be modified (most environment settings like $USER are gone)
  • Global ACL filenames now require namespace prefix (e.g. if you use "INBOX." prefix, /etc/acls/foo needs to be renamed to /etc/acls/INBOX.foo
  • Maildir: Permissions for newly created mail files are no longer copied from dovecot-shared file, but instead from the mail directory (e.g. for "foo" mailbox, they're taken from ~/Maildir/.foo directory)
  • dbox: v2.0 format is slightly different, but backwards compatible. The main problem is that v2.0 no longer supports maildir-dbox hybrid resulting from "fast Maildir migration". If you have any Maildir files in your dbox, you need to convert them somehow (some examples). You might also consider using dsync to get rid of the old unused metadata in your dbox files.
  • Pre-login and post-login CAPABILITY reply is now different. Dovecot expects clients to recognize new automatically sent capabilities. This should work with all commonly used clients, but some rarely used clients might have problems. Either get the client fixed, or set imap_capability manually.
  • ManageSieve protocol was assigned an official port by IANA: 4190. This is used by Pigeonhole by default now. If you want to listen also on the old 2000 port, see the Pigeonhole/ManageSieve/Configuration example.
  • dovecot --exec-mail imap has been replaced by simply running "imap" binary. You can also use "imap -u <username>" to access other users' mails more easily.

LDA

  • deliver binary was renamed to dovecot-lda (but a symlink still exists for now)
  • -n parameter was replaced by lda_mailbox_autocreate setting. The default also changed to "no".
  • -s parameter was replaced by lda_mailbox_autosubscribe setting. The default is "no", as before.

Configs:

Don't forget that ALL the configs have now changed.  No longer does everything reside in /etc/dovecot/dovecot.conf but in the following files:

# ls -1 /etc/dovecot/conf.d/
10-auth.conf
10-director.conf
10-logging.conf
10-mail.conf
10-master.conf
10-ssl.conf
15-lda.conf
20-imap.conf
20-lmtp.conf
20-pop3.conf
90-acl.conf
90-plugin.conf
90-quota.conf
auth-checkpassword.conf.ext
auth-deny.conf.ext
auth-ldap.conf.ext
auth-master.conf.ext
auth-passwdfile.conf.ext
auth-sql.conf.ext
auth-static.conf.ext
auth-system.conf.ext
auth-vpopmail.conf.ext

Hopefully the file names should indicate what does what.

/etc/dovecot/dovecot.conf:
protocols = imap [imaps is no longer valid]

Most of the settings from the v1.2 config can be transferred to the relevant configs above.

Global changes are in /etc/spamassassin/local.cf, user rules are ~/.spamassassin/user.prefs.  However, user_prefs is ignored when using spamd (daemon).  Also user.prefs can be insecure and also increase server load.
I personally add my whitelist/blackdays addresses in the global file.  Example below:

The config file

A comprehensive list of options can be found here.

I also added grey listing to my setup.

Instructions here.

Linux

MythTV Frontend Client

Ok.. so you have your backend all setup and recording TV :D
But what if I want Mythtv in another room?
No problem!

Hardware:
Acer Revo 230: (Aspire R3600)

Intel Atom 1.6 (Hyperthreading)
1Gb RAM
160Gb WD HDD
Nvidia HDMI

Setup:
Install Gentoo and MythTV as directed in the installation guide.  Then just point the front end to the back end.
On my setup, I omitted Mytharchive, Mythweb.

Todo:
Setup Storage Directory on backend for frontend to use.

Linux

Gentoo Install

You can download a minimal install iso from here
It is assumed that you have some knowledge of Linux and how hardware is detected.

'#' = Direct command
Tips:* Once booted into the cd, press CTRL, ALT & F2 and enter

# lspci

This lists your hardware, you may need to refer to this later.*

Research... Gentoo has a fantastic user community and documentation.  If you're using the USB install the root is auto mounted under /mnt/cdrom.
Hard drive setup:-
# fdisk /dev/sda

A typical filesystem layout I use is this on an 80Gb drive.

Set partition 1 to +100M (boot)
Set partition 2 to +40G (root)
Set partition 3 to +30G (home)
Set partition 4 to the remainder (swap)

Press "t", select partition 4 then enter code 82.
Press "a", select partition 1 then "w" to write changes.

# mke2fs -L BOOTFS -t ext4 /dev/sda1
# mke2fs -L ROOTFS -t ext4 /dev/sda2
# mke2fs -L HOMEFS -t ext4 /dev/sda3
# mkswap -L SWAPFS /dev/sda4
# swapon /dev/sda4
# mount -t ext4 /dev/sda2 /mnt/gentoo
# mkdir /mnt/gentoo/boot
# mount /dev/sda1 /mnt/gentoo/boot
# cd /mnt/gentoo
Stage & Portage installation:-
# links http://www.gentoo.org/main/en/mirrors.xml
(move the highlight bar to the desired URL and hit enter.)
Move to releases and hit enter.
Select the correct arch (amd64.)
Select releases
Select your arch and hit enter. (amd64)
Select autobuilds hit enter
Select current-stage3-amd64-systemd
Select the stage file. (stage3-amd64-systemd-YYYYMMDD.tar.bz2)
select ok to save.
Go up 4 levels
Select snapshots
Select the most recent file. (portage-YYYYMMDD.tar.bz2)
# tar -xjpf stageXXX
# tar -xjf portage-XXX -C /mnt/gentoo/usr
#nano -w /mnt/gentoo/etc/portage/make.conf
press CTRL+X to exit, Y to accept changes and ENTER to save.
If you wish to define the CPU arch, please refer to this.
Also, please refer to the global useflags that maybe required depending on your end game.
# mirrorselect -i -o >> /mnt/gentoo/etc/portage/make.conf
# mount -t proc none /mnt/gentoo/proc
# mount --types proc /proc /mnt/gentoo/proc
# mount --rbind /sys /mnt/gentoo/sys
# mount --make-rslave /mnt/gentoo/sys
# mount --rbind /dev /mnt/gentoo/dev
# mount --make-rslave /mnt/gentoo/dev
# cp -L /etc/resolv.conf /mnt/gentoo/etc/resolv.conf
!!!!NOTE:  Do not be tempted to add customisation at this stage.  It is better to get the base system built, bootable and stable.
Portage rsync configs are now located in /etc/portage/repos.conf/gentoo.conf

Create the directory:

# mkdir /etc/portage/repos.conf

Then create gentoo.conf with the content below.

[DEFAULT]
main-repo = gentoo
[gentoo]
location = /usr/portage
sync-type = rsync
sync-uri = rsync://rsync.europe.gentoo.org/gentoo-portage
Entering the Gentoo Environment:-
# chroot /mnt/gentoo /bin/bash
# env-update
# source /etc/profile
Install the Kernel:-
# emerge -av gentoo-sources
# cd /usr/src/linux

# make menuconfig
(configure the kernel for your system)

# make && make modules_install

# cp arch/x86_64/boot/bzimage /boot/kernel-?.?.?-gentoo-r?

# cp .config /boot/config-?.?.?-gentoo-r?
Note:  If unmasking a kernel, ensure you also unmask the linux-headers of the same version.
Setup root user password:-
# passwd
Setup Localtime:-
# ln -sf /usr/share/zoneinfo/Europe/London /etc/localtime
Setup FSTAB:-
# nano -w /etc/fstab

LABEL=BOOTFS    /boot   ext4    noauto,noatime    1 2
LABEL=SWAPFS    none    swap    sw                0 0
LABEL=ROOTFS    /       ext4    noatime           0 1
LABEL=HOMEFS    /home   ext4    noatime           0 1
Setup Grub (boot loader):-
# emerge grub
# grub-install /dev/sda
# grub-mkconfig -o /boot/grub/grub.cfg

!!! NOTE !!!
If grub fails to compile with the error "illegal instruction", as this is the first item you are compiling.  There is a good chance that the stage3 tarball is at fault.  Try using an older archive.It's also worth noting that if you are using systemd instead of initrc you should amend the following line in /etc/default/grub to save any headaches when adding a different kernel. Append parameters to the linux kernel command line for non-recovery entries:

GRUB_CMDLINE_LINUX_DEFAULT="rootfstype=ext4 init=/usr/lib/systemd/systemd"
 install systemd & networkmanager

* you may need to unmerge udev & libudev
# cd
# umount /mnt/gentoo/boot /mnt/gentoo/proc /mnt/gentoo
# reboot
REBOOT!

Login and enable NetworkManager.

systemctl enable NetworkManager

Now we have a bootable system, we can squeeze a little more speed from compiling.
Also, I highly recommend this if you're using an SSD.
Portage TMPFS
Setup hostname:-
# hostnamectl set-hostname <hostname>
Setup keyboard locale:-
# localectl set-keymap uk
Network Time:-
# systemctl enable systemd-timesyncd

Time servers are defined in /etc/systemd/timesyncd.conf.
Setup system log:-
# emerge syslog-ng logrotate
# systemctl enable syslog-ng@default
 YOU NOW HAVE GENTOO INSTALLED BUT NO GUI OR APPZ...
Now REBOOT
Select system profile
Then execute:
# eselect profile list
Available profile symlink targets:
[1] default/linux/amd64/13.0
[2] default/linux/amd64/13.0/selinux
[3] default/linux/amd64/13.0/desktop
[4] default/linux/amd64/13.0/desktop/gnome
[5] default/linux/amd64/13.0/desktop/gnome/systemd
[6] default/linux/amd64/13.0/desktop/kde
[7] default/linux/amd64/13.0/desktop/kde/systemd
[8] default/linux/amd64/13.0/desktop/plasma
[9] default/linux/amd64/13.0/desktop/plasma/systemd
[10] default/linux/amd64/13.0/developer
[11] default/linux/amd64/13.0/no-multilib
[12] default/linux/amd64/13.0/systemd *
[13] default/linux/amd64/13.0/x32
[14] hardened/linux/amd64
[15] hardened/linux/amd64/selinux
[16] hardened/linux/amd64/no-multilib
[17] hardened/linux/amd64/no-multilib/selinux
[18] hardened/linux/amd64/x32
[19] hardened/linux/musl/amd64
[20] hardened/linux/musl/amd64/x32
[21] default/linux/uclibc/amd64
[22] hardened/linux/uclibc/amd64
Then execute:
# eselect profile set 11
executing:
# emerge -uvnD world will install/rebuild the the required packages for that profile. This may take a few hours.
OK.  If everything went to plan you should now have a basic Gentoo installation.  Now for the hard bit :D

These are only my recommendations:-

create /etc/locale.gen and add "en_GB.UTF8 UTF-8"

# emerge ufed

Set any required global use flags via ufed.  Some useful ones are:

X bluetooth branding cacert cairo consolekit corefonts cups dbus egl evdev flac gd gif gles2 gnome gnome-keyring gnutls gpm gtk icu jpeg jpeg2k ibnotify mmx mp3 mpi nautilus networkmanager offensive office ogg opengl png policykit pulseaudio python qt4 smp sse sse2 sse4 sse4_1 ssse3 svg syslog systemd tiff truetype udev disks usb uxa vhosts vim-syntax vorbis xkb -bindist -ipv6 -widevine

If you don't want to set any global flags, you can opt to set these on a per package basis (recommended).

If you do define/remove any global flags, ensure you run an "emerge -puvND world" and rebuild any packages.
Example only:

/etc/portage/package.use/qtwebkit
dev-qt/qtwebkit printsupport

/etc/portage/package.use/iputils
net-misc/iputils -caps -filecaps

/etc/portage/package.use/libpng
media-libs/libpng apng

/etc/portage/package.use/python
dev-lang/python sqlite

/etc/portage/package.use/ffmpeg
media-video/ffmpeg opus vpx aac aacplus bluray cdio faac fdk x264 xvid
virtual/ffmpeg threads -vdpau x264

/etc/portage/package.use/libpcre
dev-libs/libpcre pcre16

/etc/portage/package.use/qtkeychain
dev-libs/qtkeychain qt5

/etc/portage/package.use/zlib
sys-libs/zlib minizip

/etc/portage/package.use/cogl
media-libs/cogl gles2

/etc/portage/package.use/mesa
media-libs/mesa gles2
# emerge -evD system (optional but recommended)
[this will rebuild the install for your architecture. It may take a while]

#emerge gentoolkit
[this will install some handy tools. One is below]

# revdep-rebuild
[this will reinstall any dependencies. Add a "-p" to see what will be done]

Now it's time to get a GUI installed.
Install GDM & Gnome
Install your Desktop Environment.

# emerge av gdm gnome-light

Once complete enable gdm to autostart
# systemctl enable gdm
Caveats and Cleanups
Gnome-terminal may not start

# locale-gen

And then:

# localectl set-locale LANG="en_GB.UTF-8"

And reboot.

Gnome-shell screen cast may not work.

You may get the error:

gnome-session[736]: ** (gnome-shell:805): WARNING **: ShellRecorder: failed to parse pipeline: no element "vp9enc"
gnome-session[736]: ** (gnome-shell:805): CRITICAL **: shell_recorder_close: assertion 'recorder->state != RECORDER_STATE_CLOSED' failed

To fix this, ensure that gst-plugins-good, libvpx & ffmpeg are installed.

There you have it.  A full Gentoo Linux install with a Gnome3 desktop.

Time to spend a few more hours emerging your apps: ;)

A few useful apps are:

extundelete 
app-misc/screen 
libreoffice (take >1 hour)
google-chrome
firefox
app-admin/keepassx 
eog 
gimp 
vim 
corefonts
linux-firmware
dosfstools
chrome-binary-plugins
gnome-tweak-tool
Linux

Gentoo Live USB

1. Introduction

The LiveUSB

This HOWTO explains how to create a Gentoo Linux LiveUSB or, in other words, how to emulate an x86 or AMD64 Gentoo Linux LiveCD using a USB flash drive. This is particularly useful for installing Gentoo Linux on a modern laptop with no CD-ROM drive.

Note: The sys-boot/unetbootin package provides a much easier alternative to create a bootable USB stick from any bootable CD image.

Although the instructions found in this document aim at emulating a Gentoo Linux LiveCD using a USB flash drive, they should work for any arbitrary block device as long as you adjust the device names accordingly.

Prerequisites

In order to use a Gentoo Linux LiveUSB you need the following:

  • Bootable USB flash drive with at least 1GB
  • i686 or x86_64 computer with support for booting from USB

You will also need access to the following for creating the LiveUSB:

  • A computer running Gentoo Linux (or alternatively another Linux distribution)
Note: If you want to use the minimal CD on a smaller key or boot a <i686 system, you need to follow the procedure described in this document with a 2006.0 minimal CD image because of a bug in more recent releases.

2. Preparing the USB flash drive

Partitioning the drive

Warning: These instructions will erase all data from the USB flash drive. Make sure to backup your data first.
Important: This HOWTO assumes that the /dev/sdc device node corresponds to your USB flash drive. If you have other SCSI-like devices make sure to use the correct device node.

Create a FAT16 partition on your USB flash drive and mark it bootable using fdisk. An example partitioning scheme can be seen below:

Note: If your key is 4GB or larger, use partition type b (W95 FAT32).

Code Listing 2.1: Example partitioning scheme 
# fdisk -l /dev/sdc

Disk /dev/sdc: 2063 MB, 2063597056 bytes
255 heads, 63 sectors/track, 250 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

   Device Boot      Start         End      Blocks   Id  System
/dev/sdc1   *           1         250     2008124+   6  FAT16

Creating the filesystem

Create a FAT16 filesystem on the USB flash drive using mkdosfs:

Note: If your key is 4GB or larger, use -F 32 to create a FAT32 filesystem.

Code Listing 2.2: Running mkdosfs 
(Make sure you have sys-fs/dosfstools installed)
# emerge -av sys-fs/dosfstools
# mkdosfs -F 16 /dev/sdc1
mkdosfs 2.11 (12 Mar 2005)

Installing a Master Boot Record

Install the precompiled Master Boot Record (MBR) from syslinux on the USB flash drive:

Code Listing 2.3: Installing a master boot record 
(Make sure you have sys-boot/syslinux-3.00 or later installed)
# emerge -av '>sys-boot/syslinux-3'
# dd if=/usr/share/syslinux/mbr.bin of=/dev/sdc
0+1 records in
0+1 records out
304 bytes (304 B) copied, 0.0162317 s, 18.7 kB/s

3. Copying the files to your key

Mounting the Gentoo Linux Installation CD

Download either livecd-i686-installer-2007.0.iso or livecd-amd64-installer-2007.0.iso from your local Gentoo Linux mirror site and mount the ISO image on /mnt/cdrom as shown below:

Code Listing 3.1: Mounting the Gentoo Linux Installation CD ISO image 
(Create the /mnt/cdrom mount point if needed)
# mkdir -p /mnt/cdrom
# mount -o loop,ro -t iso9660 livecd-i686-installer-2007.0.iso /mnt/cdrom
Note: If you receive a Could not find any loop device error message when mounting the iso, you need to enable the Loopback device support option in your kernel configuration.

Mounting the LiveUSB

Mount the newly formatted USB flash drive on /mnt/usb as shown below:

Code Listing 3.2: Mounting the USB flash drive 
(Create the /mnt/usb mount point if needed)
# mkdir -p /mnt/usb
# mount -t vfat /dev/sdc1 /mnt/usb

Copying the files

Copy the files from the Gentoo Linux Installation CD to the LiveUSB. The files need to be reordered a bit as we will be using the syslinux bootloader instead of isolinux:

Code Listing 3.3: Copying the files 
# cp -r /mnt/cdrom/* /mnt/usb
# mv /mnt/usb/isolinux/* /mnt/usb
# mv /mnt/usb/isolinux.cfg /mnt/usb/syslinux.cfg
# rm -rf /mnt/usb/isolinux*

(The memtest86 kernel needs to be renamed for loading it via syslinux)
# mv /mnt/usb/memtest86 /mnt/usb/memtest

You can now unmount the ISO image:

Code Listing 3.4: Unmounting the ISO image 
# umount /mnt/cdrom

Adjusting the bootloader configuration

Adjust the syslinux configuration file using sed as shown below. The slowusb parameter will introduce some extra delays before attempting to mount the filesystem. This is needed to allow the USB flash drive to settle upon detection.

Code Listing 3.5: Adjusting the boot parameters 
# sed -i \
    -e "s:cdroot:cdroot slowusb:" \
    -e "s:kernel memtest86:kernel memtest:" \
    /mnt/usb/syslinux.cfg

4. Installing a bootloader

Unmounting the drive

Make sure you unmount the USB flash drive before installing the bootloader:

Code Listing 4.1: Unmounting the USB flash drive 
# umount /mnt/usb

Installing syslinux

Finally install the syslinux bootloader on the USB flash drive:

Code Listing 4.2: Running syslinux 
# syslinux /dev/sdc1
Important: You will need to rerun syslinux /dev/sdc1 each time you modify the syslinux.cfg file for the configuration changes to take affect.

5. Using the LiveUSB

Booting

Insert the USB flash drive and turn on the computer, making sure the BIOS is set to boot from USB. If all goes well you should be presented with a standard syslinux prompt.

You should be able to follow the generic installation instructions found in the Gentoo Handbook from here on.

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

Linux

Dropbox install

This is now moot.. Dropbox is now in portage!  I'll keep this here just for prosperity :)

There is no ebuild in portage for Dropbox.  However, there is an ebuild out there.  Here's what to do:

Go here http://bugs.gentoo.org/237433 and download the latest ebuild.

The latest one today is nautilus-dropbox-0.6.1.ebuild created on 2009-05-11.

As root:
Copy the file to /usr/portage/gnome-base/nautilus-dropbox/ You will need to create the destination folder.
*NOTE* The destination folder has to be the same name as the ebuild.

Now run "ebuild /usr/portage/gnome-base/nautilus-dropbox/nautilus-dropbox-0.6.1.ebuild digest"
This should pull down the tarball of source code.

Chances are you will also need to add dropbox to your keywords file.
$ echo "gnome-base/nautilus-dropbox" >> /etc/portage/packages.keywords

Now just emerge the app as usual.
$ emerge -av nautilus-dropbox