Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Building from portage when there is no gentoo (SOLVED)
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Portage & Programming
View previous topic :: View next topic  
Author Message
LIsLinuxIsSogood
Veteran
Veteran


Joined: 13 Feb 2016
Posts: 1121

PostPosted: Sun Jun 21, 2020 8:31 am    Post subject: Building from portage when there is no gentoo (SOLVED) Reply with quote

I just bought a new laptop, with 12 core processor. I can't afford to install Gentoo because this laptop needs to remain production ready, and I am not apt to the challenge of keeping everything up to date myself, so I've decided to go with some Ubuntu derivative for this new laptop.
But, since I would like to make use of the processor speed and multiple cores, is there any way to use this new laptop to build packages for my desktop that runs gentoo.

If so, how would I go about doing that...maybe install portage on there first and then go from there? Or is there some other better way to proceed, maybe inside a virtual machine even that had gentoo installed and then I can build packages on the virtual environment in the laptop and then install them on my desktop.

Whatever is easier to setup is what I want to do.


Last edited by LIsLinuxIsSogood on Sun Jun 28, 2020 8:02 am; edited 1 time in total
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 45826
Location: 56N 3W

PostPosted: Sun Jun 21, 2020 9:44 am    Post subject: Reply with quote

LIsLinuxIsSogood,

In no particular order ...

Dual boot with Gentoo.

Run Gentoo as a Guest in a Virtual machine. It can have its own network connection.

Run a Gentoo chroot in Ubuntu

Set up distcc on Ubuntu. But you need to find the same gcc and binutils for Ubuntu as you want to use on Gentoo,

They all have their advantages and disadvantages. It depends how similar the build system is to the target system.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 15623

PostPosted: Sun Jun 21, 2020 3:30 pm    Post subject: Reply with quote

If I were to rank order Neddy's suggestions, I would order them as:
  • Tie between Gentoo-chroot and Ubuntu cross-distcc.
  • Gentoo virtual machine
  • Dual boot
I rank the first two as a tie because they are so different, and have very different advantages/limitations, so I cannot say that either is obviously better than the other. However, they share the property that you run the compiler as a native program on a Linux system, which is itself running natively on the hardware. That escapes the virtual machine related overhead from option #2, and avoids the need to shutdown/reboot the Ubuntu side just to have access to the Gentoo features that option #3 imposes. I like the Gentoo chroot option better, but I recognize that it has most of the same burden as just replacing Ubuntu with Gentoo, which you stated you do not want to do due to the maintenance burden. It's possible that if you were maintaining a Gentoo text-only chroot that the burden would be acceptable, since that means no X11, no Qt, no web browser, etc., all of which are big expensive packages.

Both the Gentoo VM and the dual boot will, to varying degrees, require you to maintain a functioning Gentoo system and keep it up to date. However, like the chroot option, you have the possibility of using a stripped down system that avoids some of the big and expensive packages.

You say you are not up to keeping everything up-to-date. What experiences have you had to date that you wish to avoid repeating? Is it purely a matter of compile time, or are you more concerned about the occasional complicated package blocks, which can require some time consuming manual intervention to resolve so that Portage can update @world?
Back to top
View user's profile Send private message
LIsLinuxIsSogood
Veteran
Veteran


Joined: 13 Feb 2016
Posts: 1121

PostPosted: Tue Jun 23, 2020 6:06 am    Post subject: Reply with quote

Hu, it is the package conflict resolving that presents the biggest challenges, which I have gotten better at just recognizing when removing old builds and rebuilding will sometimes do the trick, or working "out of order" and updating world instead of updating system, which seems to have resolved a bunch of conflicts in my most recent 500+ package upgrade.

Actually I like the two top options you mentioned too. Would the cross-distcc for Ubuntu require anything specific to make up for the fact that I will not have a minimal Gentoo system installed anywhere?

If that seems to complicated, then I would probably just install the minimal system. From there, one thing I am a bit confused about if I plan to build packages for my other machine that are graphical apps, e.g. Libreoffice, then I would probably wind up needing to have the chroot environment "fully loaded" so to speak so that it could build all those packages with package dependencies. Is that correct?
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 45826
Location: 56N 3W

PostPosted: Tue Jun 23, 2020 10:50 am    Post subject: Reply with quote

LIsLinuxIsSogood,

For distcc, cross or otherwise) the helper must have the same version of gcc as the system its helping.
Only C and C++ code is sent to the helper. Preprocessing and linking is kept on the system being helped.
The cross bit, say an AMD system helping a Raspberry Pi, (ARM) is transparent and you would not use that anyway.

Not everything can use distcc either.

Gentoo will use gcc-9.3.0, if Ubuntu has gcc-9.3.0 too. You can test.
Mixing different gcc versions appears to work but often produces broken code.

Its become more difficult to update systems piecemeal over the years.
Go for @world --keep-going every time then pick up the pieces at the end.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
LIsLinuxIsSogood
Veteran
Veteran


Joined: 13 Feb 2016
Posts: 1121

PostPosted: Tue Jun 23, 2020 10:11 pm    Post subject: Reply with quote

Hey NeddySeagoon, how's it going.

This is my gcc --version output on the ubuntu-like system:

Code:
gcc (Ubuntu 9.3.0-10ubuntu2) 9.3.0
Copyright (C) 2019 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.  There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.


EDIT:
This is the list of gcc on my Gentoo box:
Code:
jonathanr@playboy ~ $ eselect gcc list
 [1] avr-9.2.0 *
 [2] avr-9.3.0

 [3] x86_64-pc-linux-gnu-7.3.0
 [4] x86_64-pc-linux-gnu-9.2.0
 [5] x86_64-pc-linux-gnu-10.1.0 *


I assume this means that I am good to go...

I have used the distcc setup before but found that it did not significantly improve times because so few sources were actually distributed to the helper machine. For that reason I want to clarify one more time...

For me to make the best use of the 12 core processor on my new machine to help build for my dual core Pentium chip on my Gentoo desktop, which method is going to succeed better 1) cross compiling (unfamiliar with this), 2) distcc (which I mentioned I have done with mixed results) or 3) install the gentoo chroot and go from there.

A follow up question in terms of next steps since the helper machine should be able to only buildpackages for the other machine, I should be able to do that without having to install them on the chroot or whatever. Then I could set up an nfs export to the desktop where I can install those built packages, and finally remove the builds from my laptop. Do I have that right?

The various uses of my desktop are that I game, perform backups to it, I occasionally do some productive work on it, such as respond to emails and I also occasionally develop software programs there.
The uses for my laptop are primarily for purposes of work, like email, office productivity software, and using the web browser, and more software development.
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 45826
Location: 56N 3W

PostPosted: Tue Jun 23, 2020 10:17 pm    Post subject: Reply with quote

LIsLinuxIsSogood,

cc (Ubuntu 9.3.0-10ubuntu2) 9.3.0 is basically 9.3.0.
You need to install and activate 9.3.0 on your Gentoo.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
LIsLinuxIsSogood
Veteran
Veteran


Joined: 13 Feb 2016
Posts: 1121

PostPosted: Wed Jun 24, 2020 7:38 am    Post subject: Reply with quote

Ok that is done, what would be the next efficient step to test the ability to build those packages. I am familiar with how distcc will work, what steps are involved in cross compiling on ubuntu? I am not even certain why it is called that because these machines are using similar architectures I thought the purpose of cross was when the cpu arch is different.

I just read this on another forum and was wondering if there’d be some viable way of doing this...

Quote:
The most efficient approach to this scenario was for me to export the weak machine's whole filesystem via NFS, mount it on the powerful one and then use a chroot (or better/easier: systemd-nspawn) to run all resource-heavy processes.


Does this mean I should chroot into existing system FROM the other system and work via nfs to compile, and install?
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 15623

PostPosted: Thu Jun 25, 2020 12:48 am    Post subject: Reply with quote

That is what the quoted poster advocated, yes. The slow system exports its filesystems over NFS. The fast system mounts them locally, then uses chroot to enter the exported filesystems. Processes then run using the filesystems of the slow system and the CPU of the fast system. This should work fine, though I would advise against using system administration tools (including emerge) on the slow system while the fast system is actively using the exported filesystems. Portage should handle concurrent instances fine, but I do not know if anyone has ever tested whether its locking works properly across NFS.
Back to top
View user's profile Send private message
LIsLinuxIsSogood
Veteran
Veteran


Joined: 13 Feb 2016
Posts: 1121

PostPosted: Thu Jun 25, 2020 2:43 am    Post subject: Reply with quote

Thanks Hu, I am actually thinking it might be too worrisome to do the system update over an nfs connection. If I did the chroot via nfs method I would probably want the footprint I leave behind to be minimal. So that would mean maybe just building the packages and then exiting, but certainly at that point installing them too does not really seem like it would do much to increase the risk of NFS somehow corrupting or otherwise damaging the operating system partition and other Linux filesystems around there.

Does NFS happen to be the ideal choice when working with Linux filesystems for accessing the full privileges or rights of all of what ext4 offers?

Is the idea of building and installing the packages using Portage from the chroot something that raises any major concerns about regarding the interaction of the NFS share?

Lucky for me this is not a production environment, I may just back up everything and then give it a try later. Thanks!
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 45826
Location: 56N 3W

PostPosted: Thu Jun 25, 2020 6:14 pm    Post subject: Reply with quote

LIsLinuxIsSogood,

There is a wart on the face of all chroot solutions.

Lets consider three cases.
a) The CPUs in both boxes are identical. That just works. This is actually the boundary case between b) and c)

b) The helper can execute all the instructions on the weaker system and more. This just works too.
In the chroot must be arranged so that the extra instructions on the helper are never used in code, or the code won't work on the weaker system.

c) The systems have different but overlapping instruction sets. This is tricky but can be managed.
You build packages to suit the weaker system but they may not run on the host. It all depends what gcc does.
Luckily, only a small subset of packages need to execute on the build box and they need to be protected from being built for the weaker system then installed in the chroot.
e.g. building glibc to get a binpackage is OK. Installing it may upset your chroot.
Compare that with Libreoffice. Building and installing it is OK. If it won't run in the chroot, it won't matter.
Portage can manage this for you.

Its only cross distcc if the systems have totally different CPUs.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 15623

PostPosted: Fri Jun 26, 2020 1:42 am    Post subject: Reply with quote

LIsLinuxIsSogood wrote:
Does NFS happen to be the ideal choice when working with Linux filesystems for accessing the full privileges or rights of all of what ext4 offers?
I would not call it ideal, but I am not aware of anything that would be better. There are things that NFS does not do optimally, but it is probably the best you will get.
Back to top
View user's profile Send private message
LIsLinuxIsSogood
Veteran
Veteran


Joined: 13 Feb 2016
Posts: 1121

PostPosted: Sat Jun 27, 2020 1:10 am    Post subject: Reply with quote

I am going a different direction, which is the Virtual Machine. My laptop has space on it to house it, and I see no reason to risk the stability of the system by trying to build from inside a chroot that is mounted over an NFS.

I will install the VM on my laptop, and give it maximum resources so that it can compile very fast (I hope at least). Then copying the world set over to the new minimal installation. Then I want to add the pkgbuild feature in make.conf, and set everything to the most generic/non-native processor to be sure. If all goes as planned I will have my virtual Gentoo build machine as a binary package host for my desktop and hopefully reduce the time it takes to update.
Back to top
View user's profile Send private message
LIsLinuxIsSogood
Veteran
Veteran


Joined: 13 Feb 2016
Posts: 1121

PostPosted: Sat Jun 27, 2020 3:04 am    Post subject: Reply with quote

I managed to get the minimal installation via VM, and then mount the nfs client from there with -o nolock.
Now I am just waiting for the partition to finish backing up and I will restore on the VM. Keeping fingers carefully linked, or even crossed.

UPDATE:
I had to make the changes to the Kernel described here, https://wiki.gentoo.org/wiki/QEMU/Linux_guest
So that the operating system would boot in a QEMU/KVM machine. I hope that doesn't really change anything, but I guess I could always re-do the kernel in both locations if it works better if they match exactly. I know it isn't a requirement, but the next step will be to try and boot the system without kernel panic that happened up until this point.
Back to top
View user's profile Send private message
LIsLinuxIsSogood
Veteran
Veteran


Joined: 13 Feb 2016
Posts: 1121

PostPosted: Sat Jun 27, 2020 9:38 pm    Post subject: Reply with quote

Marking as solved, the VM option looks good.

The only confusing thing at this point is when I run the command below, the configuration of ssh is requiring me to type my password in a bunch of times. So that could obviously be resolved with a key, but I would prefer to only have my regular user with a ssh key, and not root.

Is there a way to allow portage to somehow connect with my user ssh key instead of creating one for root user?


Other than that I was able to proceed with the HAndbook installation for just the disks, then used fsarchiver to move over the root filesystem, configure bootloader in Qemu, and go from there. The networking was a bit challenging and weird, with ssh from a separate physical machine, but now it is working...and build times are fast, so I have a virtual binary host for my packages


Code:
jonathanr@playboy ~ $ sudo emerge -DavuN @world
The authenticity of host '[192.168.2.205]:9001 ([192.168.2.205]:9001)' can't be established.
ECDSA key fingerprint is SHA256:2ZCEj+VXXsqtVZp2uSWOnF7RRR8NOWBliYJXeQKMXr8.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '[192.168.2.205]:9001' (ECDSA) to the list of known hosts.
root@192.168.2.205's password:

 * IMPORTANT: 1 news items need reading for repository 'gentoo'.
 * Use eselect news read to view new items.

root@192.168.2.205's password:

These are the packages that would be merged, in order:

Calculating dependencies... done!
[binary     U  ] sys-devel/gnuconfig-20200621::gentoo [20190912::gentoo] 64 KiB
[binary     U  ] dev-libs/nspr-4.26::gentoo [4.25::gentoo] USE="-debug" ABI_X86="32 (64) (-x32)" 357 KiB
[binary     U  ] sys-kernel/linux-firmware-20200619::gentoo [20200519::gentoo] USE="redistributable -initramfs -savedconfig (-unknown-license)" 217,287 KiB
[binary     U  ] sys-apps/file-5.39-r1::gentoo [5.39::gentoo] USE="bzip2 seccomp zlib -lzma -python -static-libs" ABI_X86="(64) -32 (-x32)" PYTHON_TARGETS="python3_6 python3_7 -python3_8 -python3_9" 686 KiB
[binary     U  ] dev-libs/popt-1.18::gentoo [1.16-r2::gentoo] USE="nls -static-libs" ABI_X86="(64) -32 (-x32)" 83 KiB
[binary     U  ] sys-devel/gcc-config-2.3.1::gentoo [2.3::gentoo] USE="(native-symlinks)" 30 KiB
[binary     U  ] sys-devel/binutils-config-5.3.2::gentoo [5.3.1::gentoo] USE="(native-symlinks)" 18 KiB
[binary     U  ] media-libs/libglvnd-1.3.2::gentoo [1.3.1::gentoo] USE="X -test" ABI_X86="32 (64) (-x32)" 888 KiB
[binary     U  ] dev-util/ccache-3.7.10::gentoo [3.7.9::gentoo] USE="-test" 130 KiB
[binary     U  ] net-misc/rsync-3.2.1::gentoo [3.2.0::gentoo] USE="acl iconv ipv6 ssl xattr -examples -libressl -lz4 -static -stunnel -system-zlib -xxhash -zstd" CPU_FLAGS_X86="sse2" 424 KiB
[binary     U  ] net-misc/curl-7.71.0::gentoo [7.70.0-r1::gentoo] USE="ftp imap ipv6 ldap pop3 progress-meter smtp ssl tftp -adns -alt-svc -brotli -gopher -http2 -idn -kerberos -metalink (-nghttp3) -quiche -rtmp -samba -ssh -static-libs -telnet -test -threads" ABI_X86="32 (64) (-x32)" CURL_SSL="openssl -gnutls -libressl -mbedtls -nss (-winssl)" 1,480 KiB
[binary     U  ] mail-client/mutt-1.14.5::gentoo [1.14.4::gentoo] USE="berkdb hcache imap lmdb nls sasl smtp ssl -autocrypt -debug -doc -gdbm -gnutls -gpgme -idn -kerberos -libressl -mbox -pgp-classic -pop (-prefix) -qdbm (-selinux) -slang -smime-classic -tokyocabinet -vanilla" 2,026 KiB
[binary     U  ] dev-util/desktop-file-utils-0.26::gentoo [0.24::gentoo] USE="-emacs" 122 KiB
[binary     U  ] sys-apps/portage-2.3.103::gentoo [2.3.101-r2::gentoo] USE="(ipc) native-extensions xattr -apidoc -build -doc -gentoo-dev -rsync-verify (-selinux)" PYTHON_TARGETS="pypy3 python3_6 python3_7 python3_8 python3_9" 14,047 KiB
[binary     U  ] net-fs/nfs-utils-2.5.1::gentoo [2.4.3::gentoo] USE="ipv6 ldap libmount nfsidmap nfsv4 tcpd uuid -caps -junction -kerberos -nfsdcld -nfsv41 (-selinux)" 493 KiB
[binary     U  ] dev-java/java-config-2.3.1:2::gentoo [2.3:2::gentoo] USE="-test" PYTHON_TARGETS="python3_6 python3_7 -python3_8" 74 KiB
[binary     U  ] sys-apps/man-db-2.9.3::gentoo [2.9.2::gentoo] USE="berkdb gdbm manpager nls seccomp zlib (-selinux) -static-libs" 1,177 KiB
[binary     U  ] app-portage/repoman-2.3.23::gentoo [2.3.22::gentoo] PYTHON_TARGETS="python3_6 python3_7 -python3_8" 488 KiB
[binary     U  ] x11-base/xorg-server-1.20.8-r1:0/1.20.8::gentoo [1.20.8:0/1.20.8::gentoo] USE="ipv6 libglvnd udev xorg xvfb -debug -dmx -doc -elogind -kdrive -libressl -minimal (-selinux) -static-libs -suid* -systemd -unwind -wayland -xcsecurity -xephyr -xnest" 2,585 KiB
[binary     U  ] media-libs/harfbuzz-2.6.8:0/0.9.18::gentoo [2.6.7:0/0.9.18::gentoo] USE="cairo glib graphite icu introspection truetype -debug -static-libs -test" ABI_X86="32 (64) (-x32)" 2,686 KiB
[binary     U  ] dev-python/pycryptodome-3.9.8::gentoo [3.9.7::gentoo] USE="-test" PYTHON_TARGETS="python2_7 python3_6 python3_7 -pypy3 -python3_8 -python3_9" 35,116 KiB
[binary     U  ] www-client/opera-69.0.3686.36::gentoo [68.0.3618.173::gentoo] L10N="be bg bn ca cs da de el en-GB en-US es es-419 fi fil fr fr-CA hi hr hu id it ja ko lt lv ms nb nl pl pt-BR pt-PT ro ru sk sr sv sw ta te th tr uk vi zh-CN zh-TW" 77,914 KiB
[binary     U  ] x11-drivers/nvidia-drivers-450.51:0/450::gentoo [440.82-r3:0/440::gentoo] USE="X driver kms libglvnd multilib tools -compat -gtk3 -static-libs -uvm -wayland" ABI_X86="(64) -32 (-x32)" 181,738 KiB
[binary     U  ] net-misc/freerdp-2.1.2:0/2::gentoo [2.1.1-r1:0/2::gentoo] USE="X alsa cups ffmpeg jpeg usb xv -debug -doc -gstreamer -libressl -openh264 -pulseaudio -server -smartcard -systemd -test -wayland -xinerama" 1,645 KiB

Total: 24 packages (24 upgrades, 24 binaries), Size of downloads: 541,546 KiB

Would you like to merge these packages? [Yes/No] yes
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 15623

PostPosted: Sat Jun 27, 2020 11:10 pm    Post subject: Reply with quote

LIsLinuxIsSogood wrote:
The only confusing thing at this point is when I run the command below, the configuration of ssh is requiring me to type my password in a bunch of times. So that could obviously be resolved with a key, but I would prefer to only have my regular user with a ssh key, and not root.
I think this indicates a configuration problem on your server. Your sshd_config seems to have PermitRootLogin yes, so it's allowing you to use a password for root. That is bad. :) You should use any of the other settings for PermitRootLogin.
LIsLinuxIsSogood wrote:
Is there a way to allow portage to somehow connect with my user ssh key instead of creating one for root user?
Are you asking to let Portage read your user's ssh private key on the client, or are you wanting Portage to log in as your user account on the server? Both are possible, but I would discourage letting Portage read the private key on the client. Portage should have its own ssh key, or better yet, it should use an ssh-agent that is preloaded with a key that the user portage cannot read.

Regardless of exactly how you choose to authenticate, you should also read about the OpenSSH options ControlMaster and ControlPersist, which together would let you authenticate once, and leave the connection open in the background for a time, so that subsequent commands can reuse it.
Back to top
View user's profile Send private message
LIsLinuxIsSogood
Veteran
Veteran


Joined: 13 Feb 2016
Posts: 1121

PostPosted: Sun Jun 28, 2020 7:02 am    Post subject: Reply with quote

Thanks Hu,

EDITED: The OpenSSH options for ControlMaster and ControlPersist are not working for the purpose that you described. I set it up for the host...this shows an active connection that is already running

Here is the config file I added
Code:
jonathanr@playboy ~/.ssh $ cat config
Host 192.168.2.205
   controlmaster auto
   controlpath ~/.ssh/ssh-%r@%h:%p


After starting a ssh connection in a screen session, I detached from it and verified the running SSH connection...
Code:
jonathanr@playboy ~/.ssh $ ssh -O check -p 9001 jonathanr@192.168.2.205
Master running (pid=14317)


But when I try the emerge command, again I get....
Code:
jonathanr@playboy ~/.ssh $ sudo emerge -1 xeyes
jonathanr@192.168.2.205's password:


I am perplexed. In make.conf I've added the following for my regular user account,
Code:
PORTAGE_BINHOST="ssh://jonathanr@192.168.2.205:9001/var/cache/binpkgs"



PermitRootLogin, has been turned off.
What is causing this to ask for the password? Maybe some other SSH setting that is particular to either session related or else file access control? PLEASE Help
Back to top
View user's profile Send private message
LIsLinuxIsSogood
Veteran
Veteran


Joined: 13 Feb 2016
Posts: 1121

PostPosted: Sun Jun 28, 2020 8:02 am    Post subject: Reply with quote

Finally marking as solved...I switched from ssh to rsync based on another older post I saw that made a lot of sense.

Here is what my rsyncd.conf looks like on my new virtualized build machine:

Code:
# /etc/rsyncd.conf
pid file = /run/rsyncd.pid
use chroot = yes
read only = yes

[portage]
path = /var/cache/binpkgs
comment = build machine



Here is the value of PORTAGE_BINHOST in make.conf:
rsync://jonathanr@192.168.2.205:9002/portage

It required me to add another port forward to the configuration of my virtual host machine, and it is looking done!

Marking as solved thanks for the assistance...
I will continue to read about ssh, before moving onto more virtual networking setups.
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 15623

PostPosted: Sun Jun 28, 2020 4:36 pm    Post subject: Reply with quote

You configured ControlMaster in your personal ssh configuration file. Portage does not read your file. It reads a file specific to the Linux user it runs as, typically the user named portage.

You may find it useful to add PasswordAuthentication no to the client and/or server global configuration files, so that the system automatically skips that and fails if no key authentication is available.
Back to top
View user's profile Send private message
LIsLinuxIsSogood
Veteran
Veteran


Joined: 13 Feb 2016
Posts: 1121

PostPosted: Sun Jun 28, 2020 8:03 pm    Post subject: Reply with quote

Do I need a shell for portage to be useful here or no?
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 15623

PostPosted: Sun Jun 28, 2020 8:34 pm    Post subject: Reply with quote

No, but the ssh key and/or configuration file for Portage would be placed relative to the home directory of the user portage, which may not be a reasonable place with the default values in /etc/passwd. Normally those values do not need to have reasonable values.
Back to top
View user's profile Send private message
LIsLinuxIsSogood
Veteran
Veteran


Joined: 13 Feb 2016
Posts: 1121

PostPosted: Sun Jun 28, 2020 9:25 pm    Post subject: Reply with quote

So, no to shell but yes to home directory for portage user? I could alternatively consider adding rsh to the portage user? Your recommendation here is which one?
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 15623

PostPosted: Sun Jun 28, 2020 10:36 pm    Post subject: Reply with quote

Correct: a valid home directory, preferably not writable by the portage user so that builds cannot manipulate it. No valid shell. Configure the server to restrict how the portage ssh key can be used, so that it cannot get a shell on the server.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Portage & Programming All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum