archive-be.com » BE » S » SIPHOS.BE

Total: 45

Choose link from "Titles, links and description words view":

Or switch to "Titles and links view".
  • Chapter 2. How does Free Software affect Linux?
    installation and usage support or for the resources that the distribution has to acquire itself like infrastructure Most distributions have free downloads with online documentation and wonderful community support active mailing lists or Internet fora which is why Linux is that popular you can download install and use several distributions to decide which one is best for you You can try the software without loosing any functionality and you don t even have to pay for it to continue using it as is the case with shareware Gentoo is one of those distribution projects Such distributions get their financial backing for infrastructure and organisational needs including juridical support and bureaucratic paperwork from user donations or sales of pressed DVDs Companies also tend to support distributions financially or with hardware bandwidth donations Some distributions are only available when you pay for it In that case you often pay for the support or for additional software in the distribution which isn t freely available A popular distribution is RedHat Enterprise Linux a Linux distribution specifically targeting companies who want to set up Linux servers You don t just pay for the support but also for the resources that RedHat has put in the distribution to make it certified for other software such as Oracle and SAP so that you can run with support from the software company this software on your RHEL installations It is important however to understand that distribution projects only develop a very small part of the software that you install on your system Most software comes from other free software projects and these projects often don t get gifts from the distribution projects Nonetheless they do face the same problems as any other larger free software project bureaucratic paperwork juridical support infrastructure needs So it comes to no surprise that these projects also have the same income streams as the distribution projects user gifts commercial sponsorship and software support sales Development Model Due to the nature of free software projects you ll find that it has quite some differences with closed source commercial off the shelf software Multi Project Development One distribution provides an aggregation of software Each of those software titles is built by a software project which usually differs from the distribution project Hence when you install a distribution on your system it contains software from hundreds of software projects around the world So to obtain support for a flaw you found or an issue you come across the first place to seek support would be the distribution but chances are that the distribution will put the support question upstream meaning that it forwards the request to the software project that develops the software you have an issue with Transparent Development Free software is usually developed transparently if you are interested in the development of your favourite software title you can quickly find out how its development works and how to participate Usually software projects use a concurrent versions system such as CVS or SVN to keep the source code in Such systems allow for dozens or even hundreds of developers to work on the same source code simultaneously and keep track of all changes that have happened so they can easily be reverted This isn t just for free software projects almost all software projects use such a system However free software projects usually allow non developers to see the progress of the development by giving them read only access to the system This way you can track every change to the software personally To discuss the future of the software or to take software design decisions most free software projects can t use real life meetings their developers are scattered around the world A solution to this problem are communication systems such as mailing lists IRC chat or forums Internet or Usenet Most of these communication systems are also open for non developers to participate in the discussions meaning that end users have direct communication with developers The latter has a major advantage changes requested by the users are directly communicated to the developers so that misinterpretation is less frequent allowing for projects to update their software more accurate and frequent Fast Release Cycles Larger free software projects have hundreds of contributors and several dozens of developers Those developers are very motivated to work on the software by passion If they weren t they wouldn t be working on the software as there usually is no other incentive to work for such as a nice pay check although it must be said that there are software projects and they aren t small in numbers who have paid developers as well As a result the software is quickly progressing and new features are added quickly some projects even have new features on an almost daily basis To make sure that new features and fixes are tested properly software development snapshots are communicated to a broad community of testers and stable snapshots are often released to the general public as a new release of the software Different release types are commonly used in free software environments nightly snapshots are extracts of the source code at a certain period in time which are built and put online for everyone to use These releases are automatically generated and are bleeding edge as they represent the state of the software title only a few moments ago They are highly experimental and only meant for developers or experienced contributors development releases are intermediate releases similar to nightly snapshots but somewhat more coordinated by the developers They usually have a ChangeLog which lists the changes in it since the previous release Such releases are meant for experienced contributors and testers who don t mind the software to be broken from time to time beta releases contain a preliminary vision of how the final release will look like It might not be fully stable or complete but individuals who don t participate in the frequent tests can try and see if the

    Original URL path: http://swift.siphos.be/linux_sea/freesoftware.html (2016-05-01)
    Open archived version from archive


  • Chapter 3. The Role of the Community
    allows users to edit existing documentation or author new documentation online with a simple browser and the results of their editing is immediately visible to others Online web forums where people can participate in discussions by placing messages and reacting to other messages The advantage of web forums is that they are accessible through your web browser which most firewalls still allow can be consulted after the discussion has long been closed and where messages can be extended with images attachments and formatted text Mailinglists which is similar function wise to web forums but then organized through e mail People subscribe to a mailing list and then receive all mails sent to that mailing list to their personal mailbox Replies to these mails are sent back to the mailing lists where they are again distributed to all mailing list participants Mailinglists are quite popular in free software communities as they are easily moderated and can be filtered Also mails often reach people faster than messages on a web forum so you could see a mailing list as a faster discussion medium IRC Internet Relay Chat is a way of communicating with many people interactively Most people know Instant Messaging software such as MSN or Google Talk Well IRC is somewhat older but still very much used as it supports chat rooms where several hundreds of people can participate IRC is the fastest medium for participating in discussions and can be seen as a method for creating online meetings People centric social media such as Google Plus or Facebook where likeminded people collaborate and discuss their favorite topics The advantage of these is that they are much better integrated with recent technological evolutions people with modern cellphones smartphones are continuously available and can quickly interact with whatever is happening on the communities Support Communities often perform the role of support people if you have a question about their software project they are eager to answer and help If you think the software is insufficient they will help you expand it or have it work together with other tools or even redirect you to other software projects if they feel you want something out of their favourite tool that the tool isn t made for Support can be given on many levels Documentation Guides A documentation guide is often created with one goal describe how to do something with the tool Such guides are therefore often called HOWTOs Much work is put in such HOWTOs because they should be correct well formed but also complete The better the HOWTO the lesser questions are asked after reading it If you ask the community how to perform a certain action and the action is described in such a HOWTO you ll be redirected to that HOWTO sometimes with a more crude reference to the RTFM term or Read The Fucking Manual although the third term is also often read as Fine Other types of documentation are FAQs Frequently Asked Questions which are generally very

    Original URL path: http://swift.siphos.be/linux_sea/community.html (2016-05-01)
    Open archived version from archive

  • Chapter 4. Running Linux
    rest Each set contains several flags read access to the file or directory write access to the file or directory execute rights on the file probably because it is an application binary or a script or entering rights on the directory meaning you can jump inside the directory Next to these three sets additional permissions can be set for executable files and directories but these are far less important to understand at this moment set user group id on the file when the file is executed the process is not ran as the user group who executed it but as the owner or directory only applies to the group set in this case files created inside the directory automatically get the group ownership of the directory allowing to easily share files between accounts restriction deletion flag restricts deletion of files inside the affected directory unless the user is the owner of the file or directory The restriction deletion flag needs some explanation It is used on world writable directories a well known example is tmp where temporary files can be stored and used to prevent users to remove files they didn t create A world writable directory would otherwise allow other users to remove files from that directory as they too have write access to the directory The restriction deletion flag is also known as the sticky flag Using the Command Line Most Linux distributions once booted up provide you with a graphical logon screen or even log you on automatically With Gentoo Linux this isn t the case Rather you ll be greeted with a command line prompt asking you to identify yourself This is seaheaven homeworld Linux x86 64 3 8 5 22 30 00 seaheaven login At this prompt you are asked to enter your user name which you have undoubtedly created during the Linux installation Next you are asked for your account password If the user name exists and the password matches then you are greeted with a command line prompt The next listing shows a typical prompt for the account with user name captain on a system with host name seaheaven captain seaheaven The prompt is structured as follows the user name of the account logged on to the system the host name of the system where the user is logged on to the current location where the user is on the file system means the users home directory a prompt sign telling the user if he is a regular user or root user In the following sections I ll give you a quick introduction to the world of the Linux command line Navigating The prompt is actually something rendered by a shell A shell is an interactive program which takes on commands from the user input keyboard and executes those on the system One prime example of commands are those used for navigating through the file system pwd shows the present working directory where the user is currently in cd allows a user to change the directory he is in ls shows the contents of the current directory listing or any other location if asked An example session is shown below captain seaheaven pwd home captain captain seaheaven ls Documents Movies Music Pictures TODO captain seaheaven cd Documents captain seaheaven Documents pwd home captain Documents To navigate from one directory to another there are a couple of ways to use the cd command Note that the pwd command is shown to show the current location It is not part of the process of navigating between directories You can use a relative path to go down a tree In the example the cd Documents goes from home captain to home captain Documents through the relative path Documents pwd home captain cd Documents pwd home captain Documents You can go up through the special name dot dot so cd would go from home captain Documents to home captain pwd home captain Documents cd pwd home captain You can also use absolute paths For instance to go immediately to etc init d a special directory we ll talk about later you would type cd etc init d pwd home captain Documents cd etc init d pwd etc init d A special character is the tilde which means the home directory so cd would go to your home directory Even shorter just entering cd would go to your home directory The can be used in two ways either to denote your home directory cd Documents goes to home captain Documents or someone else s home directory In the latter case you append the user name to the sign so cd raghat public html translates to home raghat public html pwd etc init d cd Documents pwd home captain Documents If for some reason the change directory command cannot succeed no permission to enter the directory or the directory doesn t exist you will be notified of the failure pwd home captain cd etc cron daily bash cd etc cron daily Permission denied pwd home captain Listing Content To list the contents of a directory you would use the ls command By default it shows the files and directories of the current directory but ls is one of those commands that takes a multitude of options It is not my intention to describe each and every single option but there are a few which are quite important to know right now First of all the l option shows not only the files and directories of a certain directory or the current directory but also information about each file directory captain seaheaven ls l drwxr xr x 2 captain users 4096 2013 10 31 22 24 Documents drwxr xr x 2 captain users 4096 2013 10 31 22 24 Movies drwxr xr x 2 captain users 4096 2013 10 31 22 25 Music drwxr xr x 2 captain users 4096 2013 10 31 22 24 Pictures rw r r 1 captain users 66 2013 10 31 22 30 TODO The information contains amongst other things the permission sets three times three characters Read Write and eXecute the owning user and group the size directories are in multiples of 4 kilobytes in this case and their creation date Another interesting option is a which lets the ls command show all files including the hidden files A hidden file on a Unix Linux system starts with a dot Inside your home directory you ll find a variety of hidden files by default the example below shows just a subset of such files captain seaheaven ls a Documents Movies Music Pictures history maildir profile vimrc Hidden files are not meant to really hide the files but rather not to show them using regular listings so they do not clutter the listing output too much Most hidden files are configuration files like the vimrc file which is the configuration file for the vim editor for the current user As with most command line utilities you can combine arguments you are even able to put them together so ls l a is the same as ls la The order also doesn t matter so ls la and ls al are both the same Analyzing ls l output You will find that you often use ls l to get the necessary information about a file or directory As such I give you a quick overview of the meaning of the various fields in ls output ls l 12 servicemanagement xml rw r r 1 swift users 26976 Apr 22 21 21 12 servicemanagement xml file name or directory name last modification time size in bytes group owning the file or directory user owning the file or directory number of hard links to the file or directory privileges in this case read only for everybody privileges in this case read only for owning group users privileges in this case read write for owning user swift type of file in this case regular file Basic File Manipulation The most basic manipulations are copying moving renaming and deleting files which we explain below Copying Files Directories To copy a file you would use the cp command Its basic syntax is simple cp source destination The destination can be a directory in which case the file is copied to that directory If the destination is a file name the file is copied to that file name captain seaheaven ls Documents captain seaheaven cp TODO Documents tasks txt captain seaheaven ls Documents tasks txt captain seaheaven cp TODO Documents captain seaheaven ls Documents TODO tasks txt By default the cp command creates the destination file with the privileges and ownership of the user that is executing the command In the next example I copy the file etc inittab to the current directory ls l etc inittab rw r r 1 root root 1890 Feb 15 20 39 etc inittab cp etc inittab ls l inittab rw r r 1 swift users 1890 Apr 22 22 49 inittab You can ask cp to preserve all information like access privileges ownership and time stamps although you might need to be root to do so To recursively copy an entire directory and its content use the r option For instance the following example would copy the folder workdocuments and all files and directories inside it to the current working directory cp r media usb workdocuments Moving and Renaming Files Directories To move a file the mv command should be used Its syntax is mv source destination If the destination is a file name rather than a directory then the mv command also performs the task of renaming files In the next example the tasks txt file is moved from the Documents folder to the media usb workdocuments directory captain seaheaven ls Documents TODO tasks txt captain seaheaven mv Documents tasks txt media usb workdocuments captain seaheaven ls Documents TODO captain seaheaven ls media usb workdocuments tasks txt Removing Files Directories The final task is removing files The rm command uses the following syntax rm filename To remove an entire directory you could just give the directory name but that only works if the directory is empty Otherwise you need to add the r option which stands for recursive the directory and every file and directory inside it captain seaheaven rm Documents TODO captain seaheaven rm tasks txt A popular set of options to rm is rf it tells rm to remove all files and directories recursively and also tells it not to ask the user for validation force Make sure you know what you are doing Linux does not have an undo feature rm rf Documents Luckily rm only works with the privileges of the user that is executing it so you cannot accidentally remove system files if you aren t running as the privileged root user rm f etc passwd rm cannot remove etc passwd Permission denied Editing Text Files An important task for any Linux user is knowing how to edit text files There are many text editors around such as the popular vim and emacs Gentoo recommends nano as your first editor because it is easy to work with and understand My preference is for vim Using Nano As such a quick primer in the use of nano If you launch nano it shows you the main editor screen for a new file If you launch nano with a file name as its argument it opens up the text file ready for editing As an example I open up the TODO file using nano captain seaheaven nano TODO Figure 4 1 nano editor opened with the TODOfile as its working document The first line shows the name of the file opened while the last two lines show you a summary of the keyboard commands to manipulate the file The character means that you have to press the Control character Ctrl so to save the file you would press Ctrl O To exit the editor press Ctrl X Some text files are very sensitive to newlines configuration files are the most important ones By default nano automatically wraps lines when you hit the sidebar To inform nano that you want to keep lines as they are add the w argument nano w TODO This is the recommended approach when editing configuration files Viewing Text Files If you want to view the content of a text file but don t want to launch the text editor you can use cat or less This also allows you to view the content of files without accidentally modifying them With cat you dump the content of a file to the terminal If the file is large all text will scroll by very quickly You can try to scroll up using Shift PgUp but this buffer is limited in length With less you view the content of a file page by page The less command is called a pager and supports scrolling up down with the arrow keys or using the PgUp PgDown keys searching for specific text The less pager is not only used for viewing content of text files but also for manual pages which are discussed further down this chapter Table 4 1 Short summary of frequently used actions for the less pager scroll down one line e j return or arrow key down scroll up one line y k or arrow key up scroll down one page f space or PgDown scroll up one page b or PgUp searchtext search forward for searchtext use n for every next hit searchtext search backward for searchtext use for every previous hit h display the help screen In case you were wondering the name less is a hint to an older still supported pager called more With more you can also view the content of a file page by page but more only supports scrolling down one line return or page space So less is more than more Linking Files and Directories Linux supports two types of links symbolic links and hard links You might wonder why I m already telling you here in the introductionary chapter on running Linux Well that s because symbolic links are often used in Linux whereas you ll find output related to hard links all over the place In fact we already had some output related to hard links earlier in the output of the ls l command Symbolic links also known as symlinks are the easiest to understand They re not real files but rather references to files somewhere on the file system Their reference is a location string which allows the link to be used across media and even to files that don t exist any more As an example you could have a symbolic link that points to home swift TODO even when this file doesn t exist any more Hard links on the contrary are immediate links They actually refer to the same location on the disk as their target file through inode s and the file system will not release this location as free space until there are no references to this location In fact every file you see in the file system is a link to a location With hard links you just create additional links Due to their technology hard links can only point to file locations on the same medium and they cannot handle directories To create links use ln hard links or ln s symlinks ln targetfilename newfilename ln s targetfilename newfilename Thanks to links you can manage your files more easily For instance you can have an important text file located inside Documents Work Thesis myThesis txt but link to it from your home directory myThesis txt points to Documents Work Thesis myThesis txt so that you don t have to traverse all these directories every time you want to open edit the file File Command Completion A powerful feature of most Linux shells is file and command completion When you want to edit a file called for instance TODO you can start with typing nano T followed by the tab key If TODO is the only file or directory that starts with an T the shell will automatically expand the command to nano TODO If there are more files or directories that start with T typing tab twice will show you a list of candidates The same is true for commands If nano is the only command starting with na it isn t but suppose it is then typing na followed by a tab expands the command to nano Pressing tab twice if it isn t the only command displays all matches na tab tab namei nautilus nano nasl nasm native2ascii na Switching Terminals One of Unix Linux advantages is the support for multiple terminals When you are logged on to your system you are actually watching one of the virtual terminals most likely the first one You can switch from one terminal to another using Alt F where F is F1 F2 If you are on a graphical session you ll need to use Ctrl Alt F first The graphical screen is positioned at the first terminal that can not be used to log on to most likely Alt F7 The support for multiple terminals allows you to log on to your system several times and spread the tasks you want to execute in parallel across the various terminals For instance if you are configuring a program you might want to have the configuration file itself open in one terminal and the program in another Hint if you are working on the command line you can also use the chvt command to switch between terminals chvt 2 switches to the second terminal similar to Alt F2 Logging Out To log out from an existing session enter exit or press Ctrl d captain seaheaven exit This is seaheaven homeworld Linux x86 64 3 8 5 22 30 00 seaheaven login Shutting Down Finally if you want to shut down

    Original URL path: http://swift.siphos.be/linux_sea/runninglinux.html (2016-05-01)
    Open archived version from archive

  • Chapter 5. The Linux File System
    a pseudo file system used to register executable formats Through binfmt the Linux kernel is able to execute arbitrary executable file formats by recognizing the registered executable formats and passing it on to userspace applications Many more special file systems exist some are even mentioned in the mount output above but I leave that to the interested reader to find out more about these file systems Partitions and Disks Every hardware device except the network interface available to the Linux system is represented by a device file inside the dev location Partitions and disks are no exception Let s take a serial ATA hard disk as an example A SATA disk driver internally uses the SCSI layer to represent and access data As such a SATA device is represented as a SCSI device The first SATA disk on your system is represented as dev sda its first partition as dev sda1 You could read sda1 backwards as 1st partition 1 on the first a scsi device sd ls l dev sda1 brw rw 1 root disk 8 1 Nov 12 10 10 dev sda1 A regular ATA disk or DVD ROM would be represented by dev sdc sd stood for scsi disk but is now seen as the identification of a ATA device or dev sr0 The device management software on the system will most likely create symbolic links to dev sdc called dev cdrom or dev dvdrom for the administrator s convenience ls l dev sda brw rw 1 root cdrom 3 0 Apr 23 21 00 dev sda On a default Gentoo installation the device manager which is called udev creates the device files as it encounters the hardware For instance on my system the partitions for my first SATA device can be listed as follows ls l dev sda brw r 1 root disk 8 0 Sep 30 18 11 dev sda brw r 1 root disk 8 1 Sep 30 18 11 dev sda1 brw r 1 root disk 8 2 Sep 30 18 11 dev sda2 brw r 1 root disk 8 5 Sep 30 18 11 dev sda5 brw r 1 root disk 8 6 Sep 30 18 11 dev sda6 brw r 1 root disk 8 7 Sep 30 18 11 dev sda7 brw r 1 root disk 8 8 Sep 30 18 11 dev sda8 Inside the dev location there are also symbolic links pointers towards those device files which can be used to identify the partitions or disks by other means For instance to list the disk devices by their UUID Universally Unique IDentifier ls l dev disk by uuid total 0 lrwxrwxrwx 1 root root 10 Dec 16 20 01 1628b93d 3448 4b8c b72b 1d68e89bd2fa sda2 lrwxrwxrwx 1 root root 10 Dec 16 20 01 5550c45f 9660 44f2 8e86 05a612d028a3 dm 2 lrwxrwxrwx 1 root root 10 Dec 16 20 01 77eb40be f571 49c6 bbb0 a12677615fe3 dm 5 lrwxrwxrwx 1 root root 10 Dec 16 20 01 9644f675 6eaf 4974 9e1a 0b8eafa931ae sdb2 lrwxrwxrwx 1 root root 10 Dec 16 20 01 9beda062 6e15 4323 9ad1 53b6a9e39676 dm 0 lrwxrwxrwx 1 root root 10 Dec 16 20 01 9e7a1178 b0ad 4cd8 8977 a471a5d2b797 dm 4 lrwxrwxrwx 1 root root 9 Dec 16 20 01 b06fa545 0d5a 4c9a 97cb 83b4e1799f9a md3 lrwxrwxrwx 1 root root 10 Dec 16 20 01 b80c76a3 d52f 4006 9bf5 62f4d7edc791 dm 3 lrwxrwxrwx 1 root root 10 Dec 16 20 01 bdb15de1 3430 47b4 9e63 ee58557f1d17 dm 1 lrwxrwxrwx 1 root root 9 Dec 16 20 01 c44503ce e52e 452c b4bc 767ddd1d3b27 md1 lrwxrwxrwx 1 root root 9 Dec 16 20 01 d8a2bb27 15da 49bb b205 3160c307835c md4 The advantage of using UUIDs is that they uniquely identify a partition or disk If the disks in the system are later juggled around or we are talking about removable devices then by using the UUID we know for sure that we are looking at the right partition and not another disk that got named dev sda2 for instance The mount Command and the fstab file The act of mounting a medium to the file system is performed by the mount command To be able to perform its duty well it requires some information such as the mount point the file system type the device and optionally some mounting options For instance the mount command to mount dev sda7 housing an ext3 file system to home would be mount t ext3 dev sda7 home One can also see the act of mounting a file system as attaching a certain storage somewhere on the file system effectively expanding the file system with more files directories and information However if your system has several different partitions it would be a joke to have to enter the commands every time over and over again This is one of the reasons why Linux has a file system definition file called etc fstab The fstab file contains all the information mount could need in order to successfully mount a device An example fstab is shown below dev sda8 ext4 defaults noatime 0 0 dev sda5 none swap sw 0 0 dev sda6 boot ext4 noauto noatime 0 0 dev sda7 home ext4 defaults noatime 0 0 dev sdb1 media usb auto user noauto gid users 0 0 The file is structured as follows The device to mount also supports labels we ll discuss that later The location to mount the device to mount point The file system type or auto if you want Linux to automatically detect the file system Additional options use defaults if you don t want any specific option such as noatime don t register access times to the file system to improve performance and users allow regular users to mount umount the device Dump number you can leave this at 0 File check order you can leave this at 0 as well Thanks to this file the previous mount command example is not necessary any more as the mount is performed automatically but in case the mount has not been done already the command is simplified to mount home If you ever need to remove a medium from the file system use the umount command umount home This is of particular interest for removable media if you want to access a CD or DVD or even USB stick you need to mount the media on the file system first before you can access it Likewise before you can remove the media from your system you first need to unmount it mount media dvd The DVD is now mounted and accessible umount media dvd The DVD is now not available on the file system any more and can be removed from the tray Of course modern Linux operating systems have tools in place which automatically mount removable media on the file system and unmount it when they are removed Gentoo Linux does not offer such tool by default you need to install it though Swap location You can and probably will have a partition dedicated for paging this partition will be used by Linux when there is insufficient physical memory to keep all information about running processes and their resources When this is the case the operating system will start putting information which it hopes will not be used soon on the disk freeing up physical memory This swap partition is a partition like any other but instead of a file system usable by end users it holds a specific file system for memory purposes and is identified as a swap partition in the partition table fdisk l dev sda Disk dev sda 60 0 GB 60011642880 bytes 255 heads 63 sectors track 7296 cylinders Units cylinders of 16065 512 8225280 bytes Disk identifier 0x8504eb57 Device Boot Start End Blocks Id System dev sda1 1 1275 10241406 83 Linux dev sda2 1276 7296 48363682 5 Extended dev sda5 1276 1525 2008093 82 Linux swap Solaris dev sda6 1526 1532 56196 83 Linux dev sda7 1533 2778 10008463 83 Linux dev sda8 2779 7296 36290803 83 Linux The swap partition is pointed by through the etc fstab file and enabled at boot up To view the currently active swap partitions or files as swap files are supported as well view the content of the proc swaps file or run the swapon s command cat proc swaps Filename Type Size Used Priority dev sda5 partition 2008084 0 1 The Linux File System Locations As said before every location on the Linux file system has its specific meaning We ve already covered a few of them without explicitly telling that those are standard locations such as home which houses the local users home directories The Linux File system Standard covers all these standard locations but this chapter would be very incomplete if it didn t talk about these as well System Required Locations The system required locations are locations you cannot place on another file system medium because those locations are required by the mount command itself to function properly bin usually contains executable programs needed to bring the system up and running Recently however more and more distributions are moving all applications towards usr bin and are using symbolic links to transition towards this new structure etc contains all the configuration files for the system not the user specific configurations lib usually contains the system libraries necessary to successfully boot the system and run the commands which are located inside bin Recently however these files are also being migrated towards usr lib sbin just like bin contains executable programs However whereas bin has programs which users can use as well sbin contains programs solely for system administrative purposes Userland Locations Userland locations are the locations which contain the files for the regular operation of a system such as application data and the applications themselves These can be stored on separate media if you want but if you do you will need to setup an initial ram disk to boot your system with More about initial ram file systems later The location for the userland locations is usr which comes from Unix System Resources usr is the root of the userland locations and usually the mount point of the separate medium usr X11R6 contains all the files necessary for the graphical window server X11 they are subdivided in binaries bin libraries lib and header definitions include for programs relying on the X11 system usr bin contains all the executable programs usr lib contains all the libraries for the above mentioned programs usr share contains all the application data for the various applications such as graphical elements documentation usr local is often a separate mount as well containing programs specific to the local system the usr might be shared across different systems in large environments usr sbin is like usr bin a location for executable programs but just like bin and sbin usr sbin contains programs for system administrative purposes only General Locations General locations are well everything else which might be placed on a separate medium home contains the home directories of all the local users boot contains the static boot related files not actually necessary once the system is booted for instance it includes the bootloader configuration and kernel image media contains the mount points for the various detachable storage like USB disks DVDs mnt is a location for temporarily mounted media read not worth the trouble of defining them in fstab opt contains add on packages and is usually used to install applications into which are not provided by your package manager natively as those should reside in usr or build specific to the local system usr local tmp contains temporary files for the system tools The location can be cleansed at boot up var contains data that changes in size such as log files caches etc Special Kernel provided File Systems Some locations on the file system are not actually stored on a disk or partition but are created and managed on the fly by the Linux kernel proc contains information about the running system kernel and processes sys contains information about the available hardware and kernel tasks dev contains device files These locations will often also have other pseudo file systems mounted underneath The Root File System As said before the root file system is the parent of the entire file system It is the first file system that is mounted when the kernel boots unless you use an initial ramdisk and your system will not function properly if the kernel detects corruption on this file system Also due to the nature of the boot process this file system will eventually become writable as the boot process needs to store its state information etc Some locations on the root file system are strongly advised to remain on the root file system i e you should never ever mount another file system on top of that location These locations are bin and sbin as these contain the binaries commands or links to binaries that are needed to get a system up to the point it can mount other file systems Although this functionality is gradually becoming less and less so it would still break systems if you make separate mounts for these small locations lib as this contains the libraries that are needed by the commands in bin etc as this contains the systems configuration files including those that are needed during the boot up of the system A prime example of a configuration file inside etc is fstab which contains information about the other file systems to mount at boot time The Variable Data Location var The var location contains variable data You should expect this location to be used frequently during the life time of your installation It contains log files cache data temporary files etc For many this alone is a reason to give var its own separate file system by using a dedicated file system you ensure that flooding the var location doesn t harm the root file system as it is on a different file system The Userland Location usr The usr location contains the systems day to day application files A specific property of the location is that if you are not updating your system it could be left unmodified In other words you should be able to have only read only access to the usr location Most distributions however do not support this feature anymore and assume that the usr location is writable by the administrator at all times Having usr on a separate file system also has other advantages although some might be quite far fetched If you are performing system administration tasks you could unmount usr so that end users don t run any programs they shouldn t during the administrative window By placing usr and some other locations on separate media you keep your root file system small which lowers the chance of having a root file system corruption that will make booting impossible You can use a file system that is optimized for fast reading writing doesn t require specific response times The advantages however are becoming less and less relevant nowadays Instead distributions are focusing more towards initial ram file systems a small in memory file system used to boot the system which will be discussed later in this book The Home Location home Finally the home location This location contains the end users home directories Inside these directories these users have full write access Outside these directories users usually have read only rights or even no rights at all The structure inside a home directory is also not bound to specific rules In effect the users home directory is the users sole responsibility However that also means that users have the means of filling up their home location as they see fit possibly flooding the root file system if home isn t on a separate partition For this reason using a separate file system for home is a good thing Another advantage of using a separate file system for home is when you would decide to switch distributions you can reuse your home file system for other Linux distributions or after a re installation of your Linux distribution Permissions and Attributes By default Linux supports what is called a discretionary access control DAC permission system where privileges are based on the file ownership and user identity However projects exist that enable mandatory access control MAC on Linux which bases privileges on roles and where the administrator can force security policies on files and processes As most MAC based security projects such as RSBAC LIDS and grSecurity are not part of the default Linux kernel yet I will talk about the standard discretionary access control mechanism used by almost all Linux distributions SELinux which is part of the default Linux kernel will also not be discussed If you are interested in running a SELinux powered system I recommend to use Gentoo Hardened which supports SELinux There is also a Gentoo Hardened SELinux Handbook which is worth reading through Read Write and Execute The Linux file system supports various permission flags for each file or directory You should see a flag as a feature or privilege that is either enabled or disabled and is set independently of the other flags The most used flags on a file system are the read r write w and execute x flags Their meaning differs a bit based on the target However supporting these flags wouldn t make a system secure you want to mix these privileges based on who works with the file For instance the system configuration files should only be writable by the administrator s some might not even be readable by the users like the file containing the user passwords To enable this Linux supports three kinds of privilege destinations the owner of the file 1st group of privileges the group owner of the file 2nd group of privileges

    Original URL path: http://swift.siphos.be/linux_sea/linuxfs.html (2016-05-01)
    Open archived version from archive

  • Chapter 6. Working with Processes
    S 0 0 0 0 0 01 13 kswapd0 197 root 20 5 0 0 0 S 0 0 0 0 0 00 00 aio 0 There is plenty of information in the top screen top 10 19 47 up 6 days 6 41 5 users load average 1 00 1 27 0 92 The first line shows you the uptime of the system this system is running for 6 days 6 hours and 41 minutes the number of logged on users beware this is not the number of different users if a user launches 3 xterms inside a graphical session he will be shown as four logged on users and the load average The load average is something many people misinterpret The load average shows the number of processes that were running or asking for CPU time during the given interval In the above example this means that in the last minute an average of 1 process was asking for or using CPU time in the last 5 minutes an average of 1 27 processes were asking for or using CPU time in the last 15 minutes an average of 0 92 processes were asking for or using CPU time For a single CPU system you most likely don t want a number higher than 1 in the long run for instance the 15 minute span The more CPUs the higher the load average can become Tasks 120 total 1 running 119 sleeping 0 stopped 0 zombie The number of processes running on this system 120 of which 119 are sleeping not performing any duties 1 running the top command itself 0 stopped a process in the stopped state can still be revived but is at this moment not accepting input or performing any tasks and 0 zombie A zombie process is not really a real process the process itself has already finished but its parent process doesn t know this yet so the kernel is keeping some process information until the parent process asks for the child process state Cpu s 3 2 us 0 7 sy 0 0 ni 95 6 id 0 3 wa 0 1 hi 0 0 si 0 0 st CPU state information showing the CPU usage percentages user processes us system kernel CPU usage sy niced processes ni idle CPU id waiting for I O wa hardware interrupts hi software interrupts si and virtual cpu stealing st Most of the states are self explanatory The niced processes is for processes the user reniced and is a subset of the user processes percentage The virtual CPU stealing is the percentage of time a virtual CPU waits for a real CPU and is not interesting for regular Linux Unix users as they don t work with virtualization Mem 1545408k total 1490968k used 54440k free 177060k buffers Swap 2008084k total 132k used 2007952k free 776060k cached Memory usage of the 1 5 Gbyte of memory available 1 45Gbyte is in use and 54Mbyte is free Of the used memory 177 Mbyte is used by the kernel for internal buffers Also 776 Mbyte of the used memory actually consists out of cached data which can potentially be cleared if a process would require more memory than currently available The swap space itself is hardly used of the 2Gbyte of swap space defined only 132 kbyte is in use PID USER PR NI VIRT RES SHR S CPU MEM TIME COMMAND 4458 haldaemo 16 0 5488 3772 2388 S 2 0 0 2 4 23 69 hald The rest of the screen gives the process listing itself The columns shown are Process ID PID of the process Username USER showing the owner of the process Priority value PR of the process the higher the value the higher the priority Priorities are exclusively determined by the Linux kernel Nice value NI of the process is a user sets a nice value or renices a tool it tells the Linux kernel how nice the program is the higher the nice value the nicer it is so generally the lower the priority should be The virtual memory VIRT the process is occupying This includes the memory it is actually using mapped memory from devices files mapped into memory and shared memory The resident really used memory RES the process is using The amount of possibly shared memory SHR It is possibly because the memory is shareable but not automatically used by others already Process state S which can be any of S sleeping R running D uninterruptible sleep T traced or stopped or Z zombie CPU usage CPU Memory usage MEM based on RES Runtime TIME Command COMMAND Process Information You can also be interested in more detailed process information such as the files or connections the process has currently open With lsof you can view this information Just give the process id with it lsof p PID and you get all this information However lsof can do much more For instance with lsof you can see what process is listening on a particular port lsof i 443 COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME apache2 4346 root 3u IPv4 11484 TCP https LISTEN Another tool that can do the same is fuser fuser v 443 tcp USER PID ACCESS COMMAND 443 tcp root 4346 F apache2 The same can be accomplished with files For instance to see what processes are using a particular file with fuser just give the file name fuser v path to file Backgrounding Processes Processes can be started in the background either because the process immediately detaches it from the running session daemons or because the user asks to run it in the background Daemons are processes that do not stay in the running session The moment you launch a daemon process you immediately get your prompt back as if the process has finished However this isn t true the process is still running but it is running in the background Most daemons

    Original URL path: http://swift.siphos.be/linux_sea/processes.html (2016-05-01)
    Open archived version from archive

  • Chapter 7. Configuring a Linux Kernel
    that your current Linux kernel the one you re booted with is stored elsewhere in the system probably in boot and that this kernel doesn t need to know its configuration file any more it has been built using a particular configuration and will remain as is Configuring your own kernel is most likely a trial and error process you configure a new kernel boot it play around and if you re not satisfied or it doesn t boot at all just reboot with the old kernel having several kernels next to each other is not a problem The menuconfig utility has an extensive help system built in For instance select Enable loadable module support and select Help or press Enable loadable module support CONFIG MODULES Kernel modules are small pieces of compiled code which can be inserted in the running kernel rather than being permanently built into the kernel You use the modprobe tool to add and sometimes remove them If you say Y here many parts of the kenel can be built as modules by answering M instead of Y where indicated this is most useful for infrequently used options which are not required for booting For more information see the man pages for modprobe lsmod modinfo insmod and rmmod If you say Y here you will need to run make modules install to put the modules under lib modules where modprobe can find them you may need to be root to do this If unsure say Y Symbol MODULES y Prompt Enable loadable module support Defined at init Kconfig 607 Location Loadable module support As you can see the system gives information about the selected option as well as an indication whether or not you should select this If unsure say Y The system also has a search system Press and type in initrd to look for the configuration entry where you can enable initrd support inside the kernel Search Results Symbol BLK DEV INITRD n Prompt Initial RAM filesystem and RAM disk initramfs initrd support Defined at init Kconfig 326 Depends on BROKEN FRV Location General setup The search results give you a one liner explanation of the found results as well as where you can find the option here in the General setup tab It also shows you when the option is selectable when the configuration BROKEN is set or when FRV is not selected FRV is an architecture just as x86 and SPARC are so for a non FRV architecture it is always selectable In certain cases it can also tell you what new options it will allow once selected Recommended Linux Kernel Configurations Although this might be a bit boring for some people I ll discuss what I see as recommended Linux kernel configurations regardless of the hardware support you add on later General Setup In General Setup miscellaneous configurations for the Linux kernel can be found Prompt for development and or incomplete code drivers Local version append to kernel release Automatically append version information to the version string Kernel compression mode Gzip Support for paging of anonymous memory swap System V IPC BSD Process Accounting Auditing Support RCU Subsystem Kernel config support Enable access to config through proc config gz 16 Kernel log buffer size 16 64KB 17 128 KB Control Group support enable deprecated sysfs features to support old userspace tools Kernel user space relay support formerly relayfs Namespaces support UTS namespace IPC namespace Initial RAM filesystem and RAM disk initramfs initrd support Optimize for size Configure standard kernel features for small systems Kernel Performance Events And Counters Disable heap randomization Choose SLAB allocator SLUB Unqueued Allocator Profiling support Kprobes GCOV based kernel profiling Slow work debugging through debugfs The following configurations are recommended to be enabled in this section Support for paging of anonymous memory swap You will need this enabled if you want to enable swap space on your system You generally want this unless you re confident that you have enough memory RAM in your system for every possible situation Swap space is used when free memory is needed but not available In that case the Linux kernel will move out old pages of memory which are most likely not going to be used in the near future to the swap space System V IPC IPC Inter Process Communication allows programs to share and exchange information between them Many programs on a Linux system will not start if System V IPC support isn t enabled in the kernel System V IPC allows programs to use message queues semaphores and shared memory segments RCU Subsystem RCU Read Copy Update is a synchronisation primitive supported by the Linux kernel which offers fast access to shared resources programming terms in case of a many read and infrequent write access behaviour That might sound terribly geekish and programmer specific and it is but if you have multiple cores or processors in your system it is wise to enable it Otherwise set it to UP kernel UniProcessor RCU Implementation Tree based hierarchical RCU Enable tracing for RCU 32 Tree based hierarchical RCU fanout value Disable tree based hierarchical RCU auto balancing Kernel config support Although definitely not mandatory for a kernel building in config support allows you to obtain the configuration for a running kernel from the kernel itself This can come in handy if you don t keep track of the configurations you use d for kernels You can for instance base a new kernel configuration on this configuration to get a good start The subselection to support proc config gz is an easy to use interface to the kernel configuration of a running kernel extract proc config gz for instance zcat proc config gz usr src linux config and you have this kernel s configuration at hand You also notice that initramfs support is not enabled I m no proponent of initrd s it is in my opinion better that a user configures his kernel to his system rather than hoping that an initrd will help with configuration failures Enable Loadable Module Support I recommend enabling loadable module support if you use or will use detachable devices such as USB devices Enable loadable module support Forced module loading Module unloading Module versioning support Source checksum for all modules The following settings are recommended Module unloading You will probably want to unload kernel modules if you don t need them any more Enable the Block Layer I recommend enabling the block layer as you ll most likely want to use block devices or Linux kernel components that use functions from the block layer such as SCSI or SCSI emulating devices the ext3 file system or USB storage Enable the block layer Block layer SG support v4 Block layer data integrity support IO Schedulers IO Schedulers Deadline I O scheduler CFQ I O scheduler Default I O scheduler CFQ The important setting here are the IO schedulers These control how and when the Linux kernel writes or reads data to from disks There are different IO schedulers available because depending on the system s use a specific implementation can give a nice performance boost The CFQ scheduler is a good implementation for desktop systems Processor Type and Features The following settings are the recommended settings However these settings depend heavily on the system you have as your CPU is most likely different from the one I use Tickless System Dynamic Ticks High Resolution Timer Support Symmetric multi processing support Support sparse irq numbering Enable MPS table Support for extended non PC x86 platforms Single depth WCHAN output Paravirtualized guest support Disable bootmem code Memtest Processor family Core 2 newer Xeon AMD IOMMU support 8 Maximum number of CPUs SMT Hyperthreading scheduler support Multi core scheduler support Preemption Model Preemptible Kernel Low Latency Desktop Reroute for broken boot IRQs Machine Check overheating reporting Intel MCE features AMD MCE features Machine check injector support Dell laptop support Enable X86 board specific fixups for reboot dev cpu microcode Intel IA32 CPU microcode support dev cpu msr Model specific register support dev cpu cpuid CPU information support Numa Memory Allocation and Scheduler Support Memory model Sparse Memory Sparse Memory virtual memmap Allow for memory hot add Enable KSM for page merging 65536 Low address space to protect from user allocation Enable recovery from hardware memory errors Check for low memory corruption Reserve low 64K of RAM on AMI Phoenix BIOSen MTRR Memory Type Range Register MTRR cleanup support EFI runtime service support Enable seccomp to safely compute untrusted bytecode Timer frequency 1000 HZ kexec system call kernel crash dumps Build a relocatable kernel Support for hot pluggable CPUs Compat VDSO support Built in kernel command line The following settings are recommended Tickless System Dynamic Ticks Unless you need the shortest latency possible using dynamic ticks will ensure that timer interrupts only fire when needed High Resolution Timer Support Most relatively modern systems Pentium III and higher have high resolution timers allowing for more precise timing Not really mandatory but some applications like mplayer can benefit from using hi res timers Symmetric multi processing support If you have multiple identical CPUs or your CPU has multiple cores enable this Single depth WCHAN output WCHAN is the abbreviation for waiting channel and identifies where tasks are currently waiting for With this enabled the calculation for the waiting channel is simplified at the expense of accuracy Most users don t need this level of accuracy and the simplifications means less scheduling overhead Disable bootmem code This optimizes some complex initial memory allocation fragments within the Linux kernel Processor family Pentium M I have selected Pentium M here as this is my CPU type see the proc cpuinfo information You should select the processor family of your CPU here SMT Hyperthreading scheduler support This should be selected if you have a modern Pentium chip with hyperthreading support It is not mandatory though the kernel will run fine without it but might improve scheduling decisions made by the kernel HPET Timer Support This enables support for the High Precision Event Timer which can be seen as a time source resource on somewhat more modern systems Especially if you have more than 1 core CPU enabling this offers cheaper time access than without HPET Timer support Multi core scheduler support Enable this if you have a CPU with multiple cores inside it will improve the CPU scheduler performance Preemption Model Preemptible Kernel Low Latency Desktop Preemption means that a priority process even when currently in kernel mode executing a system call can yield his CPU time to another process The user will notice this as if his system is running somewhat more smoothly as applications might react faster to user input There are three models available No Forced Preemption or Voluntary Kernel Preemption where low priority processes can voluntarily yield CPU time or Preemptible Kernel where all processes can yield CPU time as long as they re not in a critical kernel region at that moment Machine Check overheating reporting MCE allows the processor to notify the kernel when problems are detected like overheating based on its severity the Linux kernel can report the issue or take immediate action Intel MCE features This is part of the Machine Check overheating reporting section and enables Intel specific MCE features I enable this as I have an Intel based system Memory Model Sparse Memory If you have a 32 bit processor selecting Flat Memory is what you need CPUs with a larger address space support like 64 bit CPUs most likely only allow you to select Sparse Memory as you are not likely to have more than a few thousand terabytes of RAM When Sparse Memory is selected Sparse Memory virtual memmap should be selected as well MTRR Memory Type Range Register support With MTRR support applications such as the X server can control how the processor caches memory accesses boosting performance for reads writes to certain memory ranges Enable seccomp to safely compute untrusted bytecode As recommended by its help description we enable this in case an application might want to use it It has no impact if no such applications exist on your system and if they do you most likely want the added security measures this provides Power Management and ACPI Options The power management options provide power saving features for Linux not only the APM ACPI support but also suspend to ram and standby support Power Management support Power Management Debug Support Suspend to RAM and standby Hibernation aka suspend to disk dev sda5 Default resume partition Run time PM core functionality ACPI Advanced Configuration and Power Interface Support SFI Simple Firmware Interface Support CPU Frequency Scaling CPU idle PM support Memory power savings The following options are of particular interest Power Management Support Enable this to be able to select one or more of the other power management options Suspend to RAM and standby If you will have moments where you temporarily leave your system but don t want to shut it down and boot it back later you can opt to have the system suspend itself into memory in this case many powerconsuming devices are shut down but you don t lose any information as everything remains in memory and memory remains powered up Hibernation aka suspend to disk In hibernation all devices shut down The current state of your system such as your memory content is saved into your swap space When you boot your system back the Linux kernel will detect this in the swap space and load all information back into memory so you can continue where you left off With suspend to disk enabled set the default resume partition to your swap partition ACPI Advanced Configuration and Power Interface Support Within this section you can configure several aspects of the ACPI support Enabling ACPI can be of great help to reduce power consumption as it is a powerful technology Sadly not every device follows the ACPI guidelines strictly You will find topics on the internet where boot failures or network irregularities can be solved by disabling a part of the ACPI support inside Linux ACPI Advanced Configuration and Power Interface Support Deprecated proc acpi files Deprecated power proc acpi directories ACPI 4 0 power meter Future power sys interface Deprecated proc acpi event support AC Adapter Battery Button Video Fan Processor Thermal Zone Debug Statements PCI slot detection driver Smart Battery System Within the ACPI configuration you should select the components for which you want support On regular desktops you most likely don t have a battery so support for that and AC Adapters won t be necessary I select a few deprecated settings as I know the reporting tools I use for battery status etc still rely on these files directories and events to function correctly CPU Frequency Scaling If you own a laptop you ll most likely want to enable CPU Frequency scaling as it will slow down the CPU speed and the power consumption with it when the CPU isn t used CPU Frequency scaling Enable CPUfreq debugging CPU frequency translation statistics CPU frequency translation statistics details Default CPUFreq governor performance performance governor powersave governor userspace governor for userspace frequency scaling ondemand cpufreq policy governor conservative cpufreq governor CPUFreq processor drivers Processor Clocking Control interface driver ACPI Processor P States driver AMD Opteron Athlon64 PowerNow Intel Enhanced SpeedStep deprecated Intel Pentium 4 clock modulation In the above only the performance governor is selected as the laptop will always be used as a workstation However you definitely want to enable additional governors for other purposes as well A governor can be seen as a policy when and how the CPU frequency needs to be changed Bus options PCI etc A bus is a physical connection between several devices The most popular bus technology within a computer nowadays is PCI or PCI Express but a few other bus technologies exist for instance PCMCIA PCI Support Support mmconfig PCI config space access PCI access mode Any PCI Express support Root Port Advanced Error Reporting support Message Signaled Interrupts MSI and MSI X PCI Debugging PCI Stub driver Interrupts on hypertransport devices PCI IOV support PCCard PCMCIA CardBus support Support for PCI Hotplug In the above example I only selected PCI mmconfig PCI config space access and PCI X support laptop users will most likely enable PCCard support as well Within the submenu of the PCCard configuration you will be asked to select the supporting bridge A bridge is a component that links one bus technology with another A PCMCIA bridge allows PCMCIA devices to connect to your system Most systems with PCMCIA support have a CardBus yenta compatible bridge Although I own a laptop I have no PC cards of any kind nor do I suspect I will need them quickly so I leave out support for that Executable File Formats Emulations Within this section you can select what binaries format for executable files with machine instructions inside Linux should support Kernel support for ELF binaries Write ELF core dumps with partial segments Kernel support for MISC binaries IA32 Emulation IA32 a out support The binary format used by Linux is ELF Very old Linux systems and a couple of BSD operating systems use a out binaries but it isn t necessary to include support for those any more If you are configuring for a 64 bit system definitely enable IA32 Emulation You ll need it Trust me Networking Inside the networking configuration tab you configure the various aspects related to your network Networking support Networking options Amateur Radio support CAN bus subsystem support IrDA infrared subsystem support Bluetooth subsystem support Wireless WiMAX Wireless Broadband support RF switch subsystem support Within the Networking options you will need to enable support for the networking technologies not hardware you want to support Networking Options Packet socket Unix domain sockets PF KEY sockets TCP IP networking IP multicasting Security Marking Network packet filtering framework Netfilter Asynchronous Transfer Mode ATM 802 1d Ethernet Bridging Distributed Switch Architecture support 802 1Q VLAN Support DECnet Support ANSI IEEE 802 2 LLC type 2 Support The IPX protocol Appletalk protocol support Phonet protocols family QoS and or fair queuing Data Center Bridging support Network testing The most notable options here are Packet socket This allows programs to interface with the network devices immediately without going through the network protocol implementation on the Linux kernel It is required by tools such as tcpdump wireshark popular network analysing tools You don t need to enable this but I often perform network analysis myself so I need to have this enabled Unix domain sockets Sockets are a standard mechanism in Unix for processes to communicate with each other This is an important setting that you must leave on TCP IP networking Although you don t have to select any of the subfeatures that are shown when you enable this TCP IP networking support is definitely a must have Network packet filtering framework Netfilter Enable this if you are planning on configuring a firewall on your system or have your system act as a gateway for others Enable the IP tables support found under IP Netfilter Configuration and select IPv4 connection tracking support required for NAT proc sysctl compatibility with old connection tracking IP tables support required for filtering masq NAT Packet filtering REJET target support LOG target support ULOG target support Full NAT MASQUERADE target support Packet mangling Users of a wireless network card will under Networking also select the Wireless configuration Wireless cfg80211 wireless configuration API nl80211 testmode command enable developer warnings cfg80211 regulatory debugging enable powersave by default cfg80211 DebugFS entries cfg80211 wireless extensions compatibility Wireless extensions sysfs files Common routines for IEEE802 11 drivers lib80211 debugging messages Generic IEEE 802 11 Networking Stack mac80211 I ve selected these options because IEEE 802 11 is the standard for wireless networking cfg80211 wireless configuration API You need to enable this if you have a wireless card enable powersave by default Enables powersaving features of the wireless cards definitely a must have if you have wireless on a laptop as this reduces power consumption dramatically Device Drivers Within this section you can configure support for the various devices in your system It is with this configuration that the output of the lspci command and other system information is needed The next example is merely that an example As this is very specific to your system it is not possible to provide a general example that suits everybody For completeness sake I ll give the configuration for my own system with the motivation of the selection of each item Generic Driver Options Connector unified userspace kernelspace linker Memory Technology Device MTD support Parallel port support Plug and Play support Block devices Misc devices ATA ATAPI MFM RLL support DEPREACATED SCSI device support Serial ATA and Parallel ATA drivers Multiple devices driver support RAID and LVM Fusion MPT device support IEEE 1394 FireWire support I2O device support Macintosh device drivers Network device support ISDN support Telephony support Input device support Character devices I2C support SPI support PPS support GPIO support Dallas s 1 wire support Power supply class support Hardware Monitoring support Generic Thermal sysfs driver Watchdog Timer Support Sonics Silicon Backplane Multifunction device drivers Voltage and Current Regulator Support Multimedia support Graphics support Sound card support HID Devices USB support M MMC SD SDIO card support LED Support Accessibility support InfiniBand support EDAC Error Detection And Correction reporting Real Time Clock DMA Engine support Auxiliary Display support Userspace I O drivers TI VLYNQ Staging drivers X86 Platform Specific Device Drivers As you can see most of the options are not selected and almost all of them provide subsections This is of course expected as device driver support is a huge part of the Linux source code and the end user will only select a very small part of it Block devices Block devices are devices where you can access data in blocks as opposed to characters Not all block devices are configurable through this menu a well known block device type hard disk is configured elsewhere as you notice from the available configuration options Block devices Normal floppy disk support Compaq SMART2 support Compaq SMart Array 5xxx support Mylex DAC960 DAC1100 PCI RAID Controller support Loopback device support Cryptoloop Support DRBD Distributed Replicated Block Device support Network block device support Promise SATA SX8 support Low Performance USB Block driver RAM block device support Packet writing on CD DVD media ATA over Ethernet support Very old hard disk MFM RLL IDE driver Loopback device support The only block device I enable is loopback support This allows me to mount images files just like they were devices SCSI device support Although my system doesn t have SCSI it has Serial ATA SATA with disks attached to it SATA support in Linux is brought through the SCSI subsystem so I need to configure SCSI device support RAID Transport Class SCSI device support SCSI target support legacy proc scsi support SCSI support type disk tape CD ROM SCSI disk support SCSI tape support SCSI OnStream SC x0 tape support SCSI CDROM support SCSI generic support SCSI media changer support Some SCSI devices e g CD jukebox support multiple LUNs Probe all LUNs on each SCSI device Verbose SCSI error reporting kernel size 12K SCSI logging facility Asynchronous SCSI scanning SCSI Transports SCSI low level drivers SCSI Device Handlers OSD Initiator library SCSI disk support SCSI disk support is needed for the SATA disks Serial ATA and Parallel ATA drivers Serial ATA support is needed to be able to access my disks Serial ATA and Parallel ATA drivers Verbose ATA error reporting ATA ACPI Support SATA Port Multiplier support AHCI SATA support Silicon Image 3124 3132 SATA support ATA SFF support ServerWorks Frodo Apple K2 SATA support Intel ESB ICH PIIX3 PIIX4 PATA SATA support Marvell SATA support ATA ACPI Support Enables retrieving ACPI related files performance security power management from the ACPI BIOS and save them on the disk controller Intel ESB ICH PIIX3 PIIX4 PATA SATA support The only selection made in this configuration is the support for my SATA chip set of which lspci told me it was an Intel ICH6 chip set lspci grep SATA 00 1f 2 SATA controller Intel Corporation 82801FBM ICH6M SATA Controller rev 04 All the other options are drivers for other chip sets Network device support Inside network device support we configure the drivers for the networkcards Network device support Dummy net driver support Bonding driver support EQL serial line load balancing support Universal TUN TAP device driver support Virtual ethernet pair device General Instruments Surfboard 1000 ARCnet support Ethernet 10 or 100Mbit Ethernet 1000 Mbit Ethernet 10000 Mbit Token Ring driver support Wireless LAN USB Network Adapters Wan interfaces support FDDI driver support PPP point to point protocol support SLIP serial line support Fibre Channel driver support VMWare VMXNET3 ethernet driver Dummy net driver support This driver allows me to create an interface which takes on all packets and just ignores them This seems to be a weird driver but it can come in handy from time to time Also this has no impact on my kernel size so I don t mind enabling this for the few times I actually use it Ethernet 1000 Mbit I have a Realtek 8169 ethernet card which is a 1Gbit network card as mentioned by lspci lspci grep Ethernet 06 00 0 Ethernet controller Realtek Semiconductor Co Ltd RTL 8169 Gigabit Ethernet rev 10 As such I select the Realtek 8169 gigabit ethernet support option in the configuration screen Wireless LAN As my system is a laptop with onboard wireless network card I need to enable WLAN support as well Wireless LAN Cisco Airnet 34X 35X 4500 4800 ISA and PCI cards M Intel PRO Wireless 2200BG and 2915ABG Network Connection Enable promiscuous mode Enable radiotap format 802 11 raw packet support Enable creation of a RF radiotap promiscuous interface Enable QoS support Wireless LAN IEEE 802 11 The network card I have is an 802 11 something so I need to enable this Intel PRO Wireless 2200BG and 2915ABG Network Connection lspci says that my wireless card is an Intel PRO Wireless 2200BG one so I need to enable support for it lspci grep Wireless 06 04 0 Network controller Intel Corporation PRO Wireless 2200BG Network Connection rev 05 Enable promiscuous mode I need promiscuous mode when I want to analyse the wireless network I work on Input device support Input devices are the devices you know to interact with your system such as a keyboard and a mouse Generic input layer needed for keyboard mouse Support for memoryless force feedback devices Polled input device skeleton Sparse keymap support library Userland interfaces Mouse interface Provide legacy dev psaux device 1024 Horizontal screen resolution 768 Vertical screen resolution Joystick interface Event interface Event debugging Input Device Drivers Keyboards Mice Joysticks Gamepads Tables Touchscreens Miscellaneous devices Hardware I O ports Generic input layer needed for keyboard mouse As the title says already I need this for keyboard mouse support Mouse interface Enable mouse support Horizontal screen resolution Vertical screen resolution Actually this setting is ignored as it is only really used if your pointing device is a digitizer or tablet rather than a simple mouse Event interface This enables evdev support which is somewhat mandatory if you want to work with graphical interfaces for instance the xorg configuration requires this Keyboards Keyboard support is automatically selected but in the subconfiguration you don t need to select anything unless you have a very special keyboard Mice Within the mouse configuration I enable PS 2 mouse as my mouse is a PS 2 one Hardware I O ports Inside this configuration section Serial I O support should be automatically selected as it is used by the keyboard mice support Character devices Character devices are devices that are accessed character per character An example of a character device is a terminal Virtual terminal Support for binding and unbinding console drivers dev kmem virtual device support Non standard serial port support HSDPA Broadband Wireless Data Card Globe Trotter Serial drivers Unix98 PTY support Support multiple instances of devpts Legacy BSD PTY support 256 Maximum number of legacy PTY in use IPMI top level message handler Hardware Random Number Generator Core support Timer IOMEM HW Random Number Generator support Intel HW Random Number Generator support AMD HW Random Number Generator support AMD Geode HW Random Number Generator support VIA HW Random Number Generator support dev nvram support Enhanced Real Time Clock Support Legacy PC RTC driver Generic dev rtc emulation Siemens R3964 line discipline Applicom intelligent fieldbus card support ACP Modem Mwave support NatSemi PC8736x GPIO Support NatSemi Base GPIO Support AMD CS5535 CS5536 GPIO Geode Companion Device RAW driver dev raw rawN HPET High Precision Event Timer Hangcheck timer TPM Hardware Support Telecom clock driver for ATCA SBC Virtual terminal Support for virtual terminals is automatically selected You need it as you ll work with virtual consoles all the time in Linux if you re opening a terminal window you re working in a virtual console Unix98 PTY Support This should be automatically selected it is the support for virtual PTYs which you definitely need Legacy BSD PTY support Enables support for virtual PTYs but then a different kind Although not selecting this option won t break your kernel you ll most likely get a few cosmetic errors every time you open a terminal So better enable this Hardware Random Number Generator Core support To have support for the hardware random number generator select this and the specific generator in the next list Intel HW Random Number Generator support My generator provider is an Intel one as my CPU is an Intel CPU Graphics support Graphical card support is configured here as well as framebuffer support allowing applications to access the graphics hardware through a well defined interface dev agpgart AGP Support VGA Arbitration 2 Maximum number of GPUs Laptop Hybrid Graphics GPU switching support M Direct Rendering Manager XFree86 4 1 0 and higher DRI support M Lowlevel video output switch controls Support for frame buffer devices CyberPro 2000 2010 5000 support Arc Monochrome LCD board support Asiliant Chips 6900 display support IMS Twin Turbo display support VGA 16 color graphics support VESA VGA graphics support N411 Apollo Hecuba devkit support Hercules mono graphics support Backlight LCD device support Display device support Console display driver support Bootup logo dev agpgart AGP Support I know my laptop has an on board AGP card lspci tells me what card it is lspci grep VGA 00 02 0 VGA compatible controller Intel Corporation Mobile 915GM GMS 910GML Express Graphics Controller rev 03 As such I also enable Intel 440LX BX GX I8xx and E7x05 chip set support You might believe that I am in error because the title doesn t mention 915GM as shown in lspci s output but if I read the help for the option I read that I915 is supported through this driver as well Direct Rendering Manager XFree86 4 1 0 and higer DRI support DRM is needed by XFree86 to improve graphic performance including 3D support Within the subconfiguration I enable drivers for my Intel graphical card Direct Rendering Manager XFree86 4 1 0 and higher DRI support 3dfx Banshee Voodoo3 M Intel 830M 845G 852GM 855GM 865G i830 driver M i915 driver Matrox g200 g400 Support for frame buffer devices I want frame buffer support because that allows me to display more characters than just 80x25 when working in the command line mode console In the subconfiguration I enable VESA VGA graphics support which enables standard VESA support for framebuffer access Console display driver support Within the console display driver support I enable framebuffer support for the console VGA test console Enable Scrollback Buffer in System RAM Framebuffer Console support Map the console to the primary display device Framebuffer Console Rotation Select compiled in fonts Sound To support my sound card I enable sound card support and the sound system I want to use Sound card support Preclaim OSS device numbers Advanced Linux Sound Architecture Open Sound System DEPRECATED ALSA Advanced Linux Sound Architecture is the latest sound system supported by Linux OSS is deprecated and ALSA provides OSS compatibility for those applications that still require OSS Advanced Linux Sound Architecture Sequencer support Sequencer dummy client OSS Mixer API OSS PCM digital audio API OSS Sequencer API Dynamic device file minor numbers Support old ALSA API Verbose procfs contents Verbose printk Debug Generic sound devices PCI sound devices USB devices ALSA for SoC audio support PCI sound devices Under the PCI devices select the audio card you have Again lspci can show you what device you have lspci grep Audio 00 1e 2 Multimedia audio controller Intel Corporation 82801FB FBM FR FW FRW ICH6 Family AC 97 Audio Controller rev 04 With this information I know that I need to select Intel SiS nVidia AMD ALi AC97 Controller HID Devices A HID device Human Interface Device is a device that takes input from the user An important class of devices that use the HID interface are USB keyboards and mice HID Devices Generic HID support dev hidraw raw HID device support USB Input Devices USB Human Interface Device full HID support PID device support dev hiddev raw HID device support Special HID drivers USB Human Interface Device full HID support I select this as I often use a USB mouse on my laptop USB support USB devices come in various types and classes the USB support screen is therefore quite a large device driver configuration screen with many options USB support Support for Host side USB USB verbose debug messages USB announce new devices Miscellaneous USB options USB device filesystem DEPRECATED USB device class devices DEPRECATED USB Host Controller Drivers Cypress C67x00 HCD support EHCI HCD USB 2 0 support ISP116X HCD support OHCI HCD support UHCI HCD most Intel and VIA support SL811HS HCD support R8A66597 HCD support USB Device Class drivers USB Modem CDC ACM support USB Printer support NOTE USB STORAGE enables SCSI and SCSI disk support may also be needed see USB STORAGE Help for more information USB Mass Storage support USB Mass Storage verbose debug The shared table of common or usual storage devices USB Imaging devices Microtek X6USB scanner support USB Monitor USB port drivers USB Serial Converter support USB Miscellaneous drivers EMI 6 2m USB Audio interface support Support for Host side USB This enables general USB support technology wise USB device filesystem With this enabled the Linux kernel will create information files inside proc bus usb about each device This information can come in handy to debug USB device support but is also used by tools to provide more information about a USB device EHCI HCD USB 2 0 support There are a few standards for USB controllers For USB 2 0 support you need to enable EHCI HCD support UHCI HCD most Intel and VIA support UHCI is Intels interface for USB 1 0 and 1 1 support USB Printer support As I do want to print occasionally I need to enable USB printer support as my printer is a USB printer USB Mass Storage support USB Mass Storage support is needed to be able to access USB sticks USB disks and other USB media that I want to be able to access as a remote disk This includes most digital cameras MMC SD card support My laptop supports MMC SD cards so I want to support this in my kernel as well MMC debugging Assume MMC SD cards are non removable DANGEROUS MMC SD Card Drivers M MMC block device driver Use bounce buffer for simple hosts SDIO UART GPS class support MMC host test driver MMC SD HOst Controller Drivers M Secure Digital Host Controller Interface support M SDHCI support on PCI bus Winbond

    Original URL path: http://swift.siphos.be/linux_sea/kernelbuilding.html (2016-05-01)
    Open archived version from archive

  • Chapter 8. Hardware Support
    alsa utilities like so alsamixer c 0 Keeping your Changes When you booted your system you unmuted the channels and set the mixer channels according to your likings However if you do nothing more now you ll have to redo all this again after every boot To solve this you need to store the current settings in a state file yes using alsactl and automatically read those in at boot time This is exactly what the alsasound init script does as provided by Gentoo s alsa utils package So add alsasound to your boot runlevel save your current settings and then start the initialization script rc update add alsasound boot alsactl f var lib alsa asound state store etc init d alsasound start Using Sound Servers I mentioned before that ALSA supports multiple software access to a single device With the above configuration you re still not able to do so To provide such multiplexing capabilities you can create a new audio device some sort of mixer which aggregates information to from the device and sends reads it from as many software processes as you like This is one of the tasks that sound servers do these programs manage access to the sound card interfaces and allow multiple software processes to use the sound facilities of your system Some well known sound servers are esd aRTs deprecated JACK and PulseAudio esd Enlightenment Sound Daemon is GNOME s sound management daemon esd also known as ESounD not only supports the previously mentioned mixing but can also manage network transparent audio audio played on one system can be heard on another To this end any application supporting esd can stream its audio to any system running esd on the network aRTs Analog RealTime Synthesizer is KDE s former sound daemon Although development has been abandoned you will still find references to aRTs here and there on the Internet Its main power was its real time audio streaming capabilities JACK JACK Audio Connection Kit is a real time sound server which supports various operating systems including GNU Linux and Apple s OS X It also supports network transparent audio real time mixing etc PulseAudio PulseAudio is another sound daemon It is meant to be a replacement for esd but with a wider support field including Microsoft Windows and POSIX compliant operating systems If you d like to use one of these sound servers you do need to pick one if you don t want to get confused install one of the following packages esd can be installed from media sound esound although most people will already have it installed if they are running GNOME it is a dependency of the GNOME installation JACK can be installed with media sound jack PulseAudio can be installed from media sound pulseaudio Enable the corresponding USE flag esd jack or pulseaudio and update your system Portage will automatically rebuild those packages that are influenced by the USE flag change and incorporate support for the selected sound daemon

    Original URL path: http://swift.siphos.be/linux_sea/hardwaremanagement.html (2016-05-01)
    Open archived version from archive

  • Chapter 9. Software Management
    to speed up searches Searching for Software Using eix The eix tool not available by default you will need to install it emerge ask eix indexes the searchable application information to allow you to quickly search through the portage tree Once installed you will need to run update eix which will index all the information after every emerge sync as this pulls in new packages which you want to index You can also use eix sync which will synchronise portage first and then update its indexing tables immediately afterwards Once the index is built you can quickly search through the Portage tree using eix I frequently use HAS homepage category name description as this also matches the homepage URI next to the application name and description eix HAS acrobat Searching Installed Software Based on File s The qfile tool part of app portage portage utils allows you to find out which package has delivered a certain file That can be interesting if someone is asking you which package provided that particular file at your system qfile usr bin qfile app portage portage utils usr bin qfile Searching Software Installed or Not Based on File s A Gentoo community project called PortageFileList is attempting to store information about files provided by all packages This isn t as simple as it sounds since the files in a package depend heavily on the user his system USE flags other installed packages etc The project asks users to run one of their tools to upload the local file information file package USE flags to the server Other users can then use the tool e file part of app portage pfl to query for packages The command supports SQL like wildcards For instance bin xdm matches usr sbin xdm and bin xdm e file bin xdm x11 apps xdm Available versions 1 1 8 1 1 9 r0 Description X Org xdm application Matched files usr bin xdm Okay this one was an easy guess as well Listing Installed Files To list which files are provided by a package you can use qlist also part of app portage portage utils qlist portage utils usr bin q usr bin qatom usr share doc portage utils 0 2 1 qsync Enabling Installation Logs When a Gentoo developer wants to inform a package user about certain changes or things to look out for he often puts informational messages in the package itself which are displayed the moment you ve finished the installation of the package However for lengthy updates or installations you often overlook these messages For this purpose Gentoo Portage allows you to store these messages in separate log files By default Portage only sets up a summary log for the installation You can stick with those defaults or set up a more verbose logging nano etc portage make conf PORT LOGDIR var log portage PORTAGE ELOG SYSTEM save PORTAGE ELOG CLASSES info warn error log With this defined you ll find per package logs in var log portage elog You can then read those log files with your favorite text reader like less or view or using elog specific tools like elogv console or elogviewer graphical Installing New Software You ve seen already that emerge is Gentoo s main tool to work with Portage and that it can be used to search for software The same tool is used to install or remove software To help users install software it has a few options that allow you to make better informed decisions on which software to install and what the effects will be For instance the pretend option lets emerge show you what it would do without actually modifying anything You can even add the verbose flag so that emerge tells you what additional settings the package supports It also supports the ask option which first behaves like pretend and then asks for confirmation to continue or not For instance to install Adobe s Acrobat Reader on your system emerge ask verbose acroread These are the packages that would be merged in order Calculating dependencies done ebuild N app text acroread 8 1 2 USE cups ldap nsplugin LINGUAS de en fr nl da es fi it ja ko nb pt sv zh CN zh TW Would you like to merge these packages Yes No Note Sometimes it might be necessary to use the category package name syntax in this case emerge ask verbose app text acroread This could happen when two packages share the same name but are part of different categories In this example emerge tells you that it will install Adobe Acrobat Reader version 8 1 2 and that it doesn t need any other dependencies otherwise you ll have more lines in the same line as the one you see Emerge also tells you that the acroread package supports three USE flags cups support for the Common Unix Printing System ldap support for the Lightweight Directory Access Protocol and nsplugin creating Acrobat Reader plugins for the Mozilla based browsers All three flags are in this case enabled on this system Also the acroread package supports various languages de German en English fr French nl Dutch da Danish es Spanish fi Finnish it Italian ja Japanese ko Korean nb Norwegian Bokmal pt Portugese sv Swedish zh CN Simplified Chinese and zn TW Taiwanese Mandarin Of all these languages Portage will only include support for German English French and Dutch the languages I want supported on my system To install the software accept the merge This will for every package download the source code from the Internet verify the source code with the checksum stored in the Portage tree to ensure that the downloaded file isn t corrupt extract the source code to a temporary location on the system var tmp portage patch the source code with Gentoo specific patches configure the source code based on the USE flags you use build the source code into a temporary location register the files it has created in this location and finally move the files to the system making the application available to the end user This installation process will take some time compared to distributions who use prebuilt packages mainly because of the build step There are tools that show the user how long the emerge phase of a package took in average but these are only for informational purposes and give no guarantee whatsoever about future emerge phase durations as this depends on USE flags source code size CPU speed system resource availability qlop part of the portage utils package is such a tool In the next example it shows the build duration averaged over 27 merges qlop time human mozilla firefox mozilla firefox 1 hour 15 minutes 22 seconds for 27 merges Updating your System When you are booted inside a Gentoo Linux system many packages will already be installed It is wise to regularly update your system by pulling in the latest updates bugfixes and security fixes Updating All Installed Packages If you want to update all installed packages to their latest stable version first update your Portage tree as mentioned before Then run the following command to see what packages will be updated installed or removed emerge update deep newuse world pretend The options you pass on to emerge are update or u asking emerge to update software deep or D asking emerge to select not only the software selected but also all of its dependencies newuse or N asking emerge to update software when new dynamic switches are used USE flags world asking emerge to select all software that the user has installed and pretend or p asking emerge to display what it would install update or remove To really perform the update use the same command without pretend The next example does this using the single letter arguments emerge uDN world Now if you re tired of continuously running a command with pretend only to remove the pretend after verifying the output use ask instead as we discussed before From now onwards I will be using the ask argument where appropriate You might have noticed that the world argument is prefixed with the at sign This is not mandatory in the past it was without but a while ago Portage started supporting what we call sets of packages The world target is one of such sets and sets are prefixed with an at sign to distinguish them from regular packages Updating All User Installed Packages If you don t want to upgrade every single package on your system but only the packages you ve selected to install previously don t use the deep argument User installed packages are the packages you ve asked to install excluding the dependencies that were pulled in to satisfy the application requirements The end result is that only a small amount of updates is installed However this doesn t mean that you will quickly have outdated dependencies every time an update is pulled in this update might instruct Portage that it can only work with a higher version of a particular dependency causing Portage to update that dependency as well emerge update newuse ask world Do not Stop Installing after Build Failures By default Gentoo Portage stops the installation upgrade process when one package fails to build properly Although this definitely needs some attention you can ask Gentoo Portage to resume building the other packages first At the end of the final build process you will be greeted with a small report informing you which packages have failed and why To ask Portage to keep going after failure use keep going emerge uDN keep going world Pulling Security Fixes Gentoo also supports building the software affected by security issues alone In this case none of your unaffected software is upgraded unless requires as a dependency of a security upgrade Gentoo provides GLSA Gentoo Linux Security Advisory documents to inform its users about possible security issues except kernel issues These GLSA documents are parsed by the glsa check command which can apply the necessary fixes To verify if your system is affected by one or more security advisories first update your Portage tree and then run glsa check test all glsa check test all This system is affected by the following GLSAs 200711 10 In the example one security advisory matches my system I can obtain more information about the advisory using glsa check dump 200711 10 To fix the system I can run glsa check s fix glsa check fix all This will iterate over all GLSAs including the matching one s Switching between software versions Gentoo supports having multiple versions of the same software on the system Notable examples are gcc python and java but many more exist Administrators are able to switch between these installed versions using eselect We have seen this tool already previously for switching between profiles For instance to display the installed Python versions eselect python list Available Python interpreters 1 python2 7 2 python3 1 In the above example Python 3 1 is the system default You can switch the system to 2 7 then using eselect python set 1 To get an overview of the supported modules in eselect run eselect help Uninstalling Software Now suppose you ve found some software installed on your system that you want to remove With emerge unmerge C in short you can remove installed software from your system emerge unmerge acroread ask However if this software is a dependency of an installed software title your next system update will pull the software back in Even worse software that depends on it that is still being used running might even stop functioning properly or crash A safer way of pursuing the de installation of a package is by asking Portage to delete the package but only if no other dependencies point to it To do so use emerge depclean or in short emerge c emerge depclean acroread With this command Portage will remove the package if it is no longer in use otherwise In other words if no other package depends upon acroread it will remove acroread However if some package still depends upon acroread Portage will let acroread remain on your system and inform you of the dependencies towards it Advanced Software Management Of course Gentoo allows for much more advanced software management aspects than described before If you search the available documentation you ll quickly notice that Gentoo Portage supports the notion of stable versus unstable packages the so called arch states supports third party repositories and more Package States Gentoo packages which are called ebuilds are always in a certain state Although this state is never explicitly defined in the package it is a result of a set of rules set forth by developers to keep track of a package s stability security license rules When you install packages those rules are checked to make sure you are not installing a package that shouldn t be installed on your system These various rules can trigger installation errors most of the time described as being a package mask Whenever an installation is triggered Gentoo Portage tries to install the highest version of a package which matches all possible validity rules Only when no such version exists or when you explicitly asked to install a certain version Gentoo aborts the installation with a failure message The following sections describe the various states rules that are checked when an installation is triggered If you want to work around such a rule see the section on Unmasking Packages Architecture Availability Gentoo is a multi architecture operating system Packages available within Gentoo can be installed on several architectures ranging from the popular x86 amd64 onto sparc mips powerpc But of course most packages can t be installed on any platform Some tools are only supported on the Intel like platforms x86 amd64 or on a specific platform like the silo boot loader which is explicitly made for the sparc platform Packages are marked as being available for a particular platform using their KEYWORDS variable An example taken from sys apps iproute2 version 2 6 29 r1 KEYWORDS alpha amd64 arm hppa ia64 m68k mips ppc ppc64 s390 sh sparc x86 When you install a package its platform keywords are checked against the keywords that your system accepts These keywords are defined in the ACCEPT KEYWORDS variable which you can query with emerge info emerge info grep ACCEPT KEYWORDS ACCEPT KEYWORDS amd64 Whenever a mismatch occurs the package doesn t have the keyword that you have defined in ACCEPT KEYWORDS you get an error message like so All ebuilds that could satisfy sys boot silo have been masked One of the following masked packages is required to complete your request sys boot silo 1 4 14 masked by missing keyword Having an error due to an unsupported architecture it is not advisable to try and work around this forcing the package to be installable It will most likely not work anyhow Other related error messages that you might receive are lm sensors lm sensors 2 8 7 masked by sparc keyword sys libs glibc 2 3 4 20040808 masked by keyword These error messages are similar to the one above missing keyword The differences are missing keyword means that the architecture isn t set in the KEYWORDS variable The architecture might be supported by the package but no developer has tried to install it on this platform yet sparc keyword or other architecture means that that particular architecture is explicitly denied in the KEYWORDS variable In this case the developer has either tried to install it but it destroyed its system or the package itself is known not to work on the mentioned platform keyword means that all architectures are explicitly denied in the KEYWORDS variable except a few This case is mostly used for packages that are meant to be available on a single platform only The developer marks the package as unavailable for any other architecture hence the Stabilization of Gentoo Packages When a developer creates or edits a Gentoo package the software isn t immediately available for the general public First it is put through a sort of staging period During this time testers try out the package finding possible package definition bugs like wrong dependencies and helping the further development until the package is deemed stable There is an unwritten rule that says that packages should linger in the staging period for 30 bug free days no additional bugs found by the architecture testers before it is released to the general public Within Gentoo this staging period is described by prepending the tilde sign in front of the architecture in the KEYWORDS variable In the KEYWORDS example above of the iproute2 package you notice that this is done for the mips architecture In other words the package most likely is supported on the MIPS architecture but it is currently under review in staging period It is well possible that within a month the package is made available for the general MIPS public as well Whenever you try to install a package that is in the staging period you get an error message as follows All ebuilds that could satisfy sys apps portage 2 1 8 have been masked One of the following masked packages is required to complete your request sys apps portage 2 2 rc62 masked by amd64 keyword If you get such an error message I recommend to wait until the package is generally available and let the architecture testers bring out most of the bugs for you Critical Bugs or Security Issues Whenever a package has a critical bug critical breaks your system severely a security issue like having an exploitable vulnerability that might grant malicious users access to your system or just isn t maintained any more the Gentoo developer might mask the package explicitly Explicit masks do not only disallow the installation of the software they usually also contain a comment as to why the installation is prohibited These explicit masks and their comments are stored in a file called package mask By default this file is available in usr portage profiles An example would be All ebuilds that could satisfy games roguelike slashem have been masked One of the following masked packages is required to complete your request games roguelike slashem 0 0 772 masked by package mask usr portage profiles package mask Tavis Ormandy taviso gentoo org 21 Mar 2006 masked pending unresolved security issues 127167 In this example you find out who masked the package when the mask occurs and why including a bug number which can be checked at https bugs gentoo org License Approval Gentoo packages always keep track of the license under which the software is distributed allowed to be used Like the architecture available cases this is done through a variable called LICENSE For instance for the net im skype package LICENSE skype eula And just like the KEYWORDS case your system has a variable called ACCEPT LICENSE in which you set which software licenses you want on your system The default setting on Gentoo systems is quite liberal but you can set it to your liking For instance you can accept only FSF approved licenses emerge info grep ACCEPT LICENSE ACCEPT LICENSE FSF APPROVED The use of the sign allows Gentoo to group similar licenses together The list of license groups can be obtained from usr portage profiles license groups If you ever want to install a software which doesn t match the license s you allow you will get an error like so All ebuilds that could satisfy net im skype have been masked One of the following masked packages is required to complete your request net im skype 2 0 0 72 masked by skype eula license In this example the package I want to install uses the skype eula license which doesn t match the licenses I allow which are only the FSF APPROVED ones Profile Supported Software Gentoo supports several profiles A profile should be seen as a collection of predefined settings for your Gentoo Linux environment These settings include default USE flags default license acceptance default package choices etc Such profiles can also have masks against certain packages because they don t fit in the spirit of the profile An example is the selinux v2refpolicy x86 hardened profile which masks out glibc 2 4 as it doesn t match the security measures that the profile wants to enforce Whenever you try to install a package that isn t allowed due to your profile you get a message like so All ebuilds that could satisfy sys libs glibc 2 4 have been masked One of the following masked packages is required to complete your request sys libs glibc 2 4 r2 masked by profile Unmasking Packages When you get an installation failure because the package you want to install is considered masked you can opt to install it anyway I recommend that you consider this step carefully masking of packages is done with a reason If it is because of a critical bug or security issue I seriously discourage you to install it for obvious reasons If the package is masked due to the stabilization track I urge you to wait until it is generally available If the package is masked due to architecture unavailability I suggest that you investigate if the package supports your architecture If it doesn t there s no point in trying to install it anyway If it does you might want to ask the architecture testing team of Gentoo to investigate the package If the package is masked due to profile mismatch you re either running the wrong profile or have made a mistake in trying to install the package and will now continue with your life as it is If the package is masked due to license mismatch then your license setting is incorrect Now the last reason license settings is in my opinion the only one that warrants a change in the configuration but the way on dealing with these blocks is similar System wide or Package Specific Whenever you want to resolve a masking issue you need to ask yourself if you want to resolve this for this particular package only or a set of packages or if you want to alter the settings for the entire system In the majority of cases except for licenses it is for a particular package or set of packages Portage has a specific configuration directory etc portage in which deviation settings can be stored Each type of deviation has its own file or directory etc portage package license allows you to set license deviations approve or deny a license on a per package basis etc portage package mask allows you to mask packages deny packages on a per package basis etc portage package unmask allows you to unmask packages allow packages that are disapproved due to critical bugs security issues or profile mismatches on a per package basis etc portage package accept keywords allows you to set keyword deviations inform Portage that for this package other keywords are accepted as well Note Previous versions of Portage use package keywords instead of package accept keywords Recent Portage versions still support this old location but it is recommended to rename them to package accept keywords to remain functional in the future Now I did say file or directory in the previous paragraph That s right Portage allows you to either put the information in files that are called as mentioned above or in files that reside in a directory called as mentioned above The most proper way in my opinion is to create directories Within each directory you can then group deviations based on the reason If you want to make a system wide deviation you need to edit the etc portage make conf file Example Allow the Skype EULA License for the net im skype package As an example let s allow the skype EULA license for the skype package and only for the skype package Create a directory called package license within etc portage mkdir p etc portage package license Create a file called skype inside this directory and enter net im skype skype eula nano w etc portage package license skype net im skype skype eula That s it If you now would launch the installation of the skype package it will not abort saying that the license is masked because you explicitly allowed the license on this package However if for some reason another package uses the same license it will still fail installing because that particular package isn t mentioned as a valid deviation Example Allow the Skype EULA License System wide The other way is to allow the skype EULA system wide Find out what your current license acceptance rule is emerge info grep ACCEPT LICENSE ACCEPT LICENSE FSF APPROVED Open etc portage make conf in your favourite text editor nano w etc portage make conf Navigate to the place where ACCEPT LICENSE is defined or if it isn t defined create a new line and make it so that it looks like the current setting as obtained from the first step ACCEPT LICENSE FSF APPROVED Now add the skype eula license ACCEPT LICENSE FSF APPROVED skype eula Save the file and exit If you now install the skype package it will not fail due to the license as you now state that you accept this license If any other package also works with the skype EULA license it will also be installable now Example Allow bonnie Version 1 96 Staging State to be Installable If you want to install app benchmarks bonnie 1 96 but find out that the package is masked say x86 keyword mask you can inform Portage to allow the installation of this particular package regardless of it being in the staging state or not Create the etc portage package accept keywords directory mkdir p etc portage package accept keywords Create a file say benchmarks and add app benchmarks bonnie to it nano w etc portage package accept keywords benchmarks app benchmarks bonnie With this setting in place Portage will allow you to install bonnie any version regardless if it is still in the staging state or not If you only want to allow this for the 1 96 version use the following line instead app benchmarks bonnie 1 96 Example Allow All Staging State Packages to be Installable Warning Setting this is greatly discouraged You do not get support from Gentoo developers if you do this Oh and if you do it your next system update will pull in a lot of packages and chances are slim that you can safely downgrade so this step is difficult to undo To allow the staging packages to be installable on your system any package in the staging state edit etc portage make conf accordingly Find out your current ACCEPT KEYWORDS value emerge info grep ACCEPT KEYWORDS ACCEPT KEYWORDS x86 Open etc portage make conf in your favourite editor nano w etc portage make conf Navigate to the ACCEPT KEYWORDS variable or if it doesn t exist create it with the value obtained in the first step ACCEPT KEYWORDS x86 Now add the staging sign to it ACCEPT KEYWORDS x86 Save the file and exit From this point onwards Portage will install the highest available version of a package regardless of it being in the staging state or not Other Examples From the previous examples you should get a grip on how to handle masked packages either create a file in a etc portage subdirectory or edit the make conf file to make things globally You can find more information on the syntax used within the etc portage subdirectories through the portage manpage man portage Type in followed by the file name you want to know more about package mask Type n next until you get the section information package mask A list of package atoms to mask Useful if specific ver sions of packages do not work well for you For example if you swear Automatically unmasking packages More than often a staging state masked package has dependencies upon other masked packages who have dependencies upon other masked packages etc To manually enter these dependencies in etc portage package accept keywords and more importantly finding out about these packages you would need to retry installing over and over again until you have met and resolved all errors A more automated way of dealing with this is to use autounmask autounmask allows you to select the main package you want and it will automatically create a file inside etc portage package accept keywords that unmasks all depending packages as well emerge autounmask autounmask x11 misc googleearth Switching System Profiles Gentoo Linux uses profiles to define defaults for your system environment You should have gotten a first glance at profiles while installing Gentoo if you didn t that s okay As a quick recap profiles are a set of predefined default values made by the Gentoo project to distinguish between particular uses of the distribution Whereas other distributions ask you to select a particular type of deployment say desktop or server in the beginning of or during the initial installation Gentoo allows you to switch profiles whenever you like The profile a system uses is defined by the etc make profile symbolic link ls l etc make profile lrwxrwxrwx 1 root root 57 Dec 2007 make profile usr portage profiles default linux x86 20O7 0 desktop A Gentoo profile defines amongst other things what USE flags are activated by default what applications get installed by default when you select a virtual 2 what packages are not available for the profile for instance a uclibc profile doesn t support glibc or should have a certain version for instance glibc higher than or equal to 2 4 Users can easily switch between profiles A useful tool for this is eselect eselect profile list Available profile symlink targets 1 default linux amd64 13 0 2 default linux amd64 13 0 selinux 3 default linux amd64 13 0 desktop 4 default linux amd64 13 0 desktop gnome 5 default linux amd64 13 0 desktop kde 6 default linux amd64 13 0 developer 7 default linux amd64 13 0 no multilib 8 default linux amd64 13 0 x32 9 hardened linux amd64 10 hardened linux amd64 selinux 11 hardened linux amd64 no multilib 12 hardened linux amd64 no multilib selinux 13 hardened linux uclibc amd64 eselect profile set 10 As you can see from the profile names one profile can be a child of another if this is the case for instance profile number 4 from the above list has profile number 3 as parent the profile inherits the settings from its parent and may extend or override particular settings itself Using Third Party Software Repositories Next to Gentoo s main Portage tree you can also select third party software repositories Those are trees of developers users and organisations that offer ebuilds for you to use which aren t available in Gentoo s Portage tree yet A great tool for managing third party software repositories is layman Install layman and then see what repositories layman supports layman L xen Subversion source http overlays The output of this layman command shows you what third party repositories are configured for use with layman If you want to select one add it to your system layman a xen Likewise to stop using a repository remove it with layman d If you want to see what repositories you are currently using use layman l When Things Go Wrong Of course both Gentoo and the upstream projects that Gentoo relies on are still ran and developed by humans and humans are programmed to make occasional mistakes so things can go wrong If you have installation or build failures the following sections might help you troubleshoot it Portage Refuses To Install A Package During package installation analysis a few issues can occur which need intervention Those are Blocked packages a package that needs to be installed is blocked by an already installed package or another package on the installation list Masked packages a package is not available for your profile or environment Download failures one or more files needed to install the software aren t available or might be corrupt Kernel configuration mismatch the package requires particular kernel configuration directives to be set Other issues catch all Blocked Packages Sometimes a package offers a functionality that another package also offers and where the two packages cannot coexist with each other When this occurs you get the following two error blocks B mail mta ssmtp is blocking mail mta postfix 2 2 2 r1 In this example the postfix package is on the installation list but cannot coexist with ssmtp which is already installed As a result the installation fails To resolve this the easiest approach is to unmerge remove the ssmtp package from the system and retry Masked Packages A package can fail to install if it is masked A mask on a package means that the package is in a state that it shouldn t be installed on your system Package states are described earlier in this chapter Package masks are one of the more common causes of installation failures There can be plenty of reasons why a package mask is interfering with an installation cycle the end user was instructed through a document or another user to unmask one package causing a possible failure on the dependency integrity a developer wrongfully made a package available which has dependencies on packages that aren t available in this particular state the package just doesn t fit the profile that the users system requires the end user was instructed to install a particular package which isn t available for general consumption yet If you have a masked package read Package States carefully and if necessary Unmasking Packages earlier in this chapter Verification of download results in failure When Gentoo Portage attempts to install software it will verify the downloaded files with the checksums and file sizes that the Gentoo developer has recorded when he added the software package to the Portage tree When the downloaded file and the checksum file size doesn t match an error is shown Filesize does not match recorded size 97003L 952 Fetched file genpatches 2 6 33 1 base tar bz2 VERIFY FAILED Reason Filesize does not match recorded size Got 97003 Expected 952 Failed to emerge sys kernel gentoo sources 2 6 33 Log file var tmp portage sys kernel gentoo sources 2 6 33 temp build log In the above example the file size as recorded by the developer 952 bytes is different from the file size of the downloaded file 97003 bytes As a result Gentoo Portage refuses to install the software as it might be corrupted contain malicious code etc Most of the time this occurs when the developer has made a honest mistake he uploaded a file found an issue resolved it in Portage but forgot to upload the modified file In this case the problem will most likely be reported to https bugs gentoo org and quickly resolved Try synchronising the Portage tree after a few hours and retry If it isn t check if the problem has been reported or not You can also try synchronising the Portage tree from a different Gentoo mirror change the value of the sync uri variable in etc portage repos conf gentoo org as it might be possible that the rsync server you are synchronising with is corrupt Another occurring problem can be that a particular file is missing Fetch failed for sys libs ncurses 5 4 r5 continuing Some fetch errors were encountered Please see above for details If your network connection is up and running it

    Original URL path: http://swift.siphos.be/linux_sea/softwaremanagement.html (2016-05-01)
    Open archived version from archive