Jump to content
Read the Funtoo Newsletter: Summer 2023 ×

666threesixes666

Members
 View Profile  See their activity

  • Posts

    132

  • Joined

  • Last visited

  • Days Won

    16

 Content Type 

Posts posted by 666threesixes666

  2. Installation Tips?

    in Installation Help

    Posted

    some apps run python 2.x exclusively so you would limit those out....  as it's a laptop id rather make a slim install, no virtualization.  id push that responsibility to a desktop or server.  i use JFS & jfsutils which is like xfs in performance, its from ibm out of the 80s, requiring read only mount @ boot, fsck.jfs every boot, then remount rewrite...  or from live media fsck.jfs /dev/sda1 && mount /dev/sda1......  xfs doesn't have a mature fsck last i checked like 2 years ago or sooner.  again btrfs not being mature 2 years ago or sooner, i wouldn't trust either.  id trust satan with the jfs here....  (just make sure you run the computer a few times, like 10 power cycles before you put critical data on it.  forgetting installing the fsck.jfs will corrupt the drive within this time if you screwed up.)  i have ran jfs for years, my recent "ram problem" posts i've had at least 30 power downs (probably closer to 100) in the last 10 days outside of my control.  running 1 second, power supply off the next, no shutdown, no spin down.  fsck.jfs takes about 20 seconds for my 1tb drive compared to all night and day with ext3....

     

    lvm supports snapshots doesn't it?

     

    firefox-bin & google-chrome to avoid webkit?  im pretty sure my laptop doesn't have webkit under xfce4.  id drop the mate to ensure the machine runs as quickly as possible, and not pull in webkit.  rather than reinstalling, i would look for a way to avoid webkit.

  3. funtoo gentoo diffferences between

    in General Discussion

    Posted

    https://bugs.funtoo.org/browse/FL-2290

     

    tengine + passenger support...  good luck finding it anywhere else =D  as far as i know gentoo's stuck with nginx + passenger and that it must be overlayed in.  no overlays here you can 0 to passenger on a decent webserver in about 15 minutes of setup.  funtoo's webserver options are very flexible....  you can easily passenger > tengine > varnish > nginx/pound/stunnel for extreme performance ssl ruby on rails setups.

  4. prevent debian-sources from merged

    in Portage Help

    Posted

    "Important

    Right now, the -1 option is required to not add our @kernel set to world-sets. This allows you to emerge it independently from @world. If you forget to use this option, edit /var/lib/portage/world-sets and remove the @kernel line. This will prevent kernel updates from being included in @world updates."

    http://www.funtoo.org/Funtoo_Linux_Installation

     

     

    anyways /var/lib/portage/world needs any sys-kernel lines removed to not fetch kernels at world updates ;-)

  6. funtoo gentoo diffferences between

    in General Discussion

    Posted

    "In contrast to Gentoo Linux, we offer a number of innovations, including our extensive use of git, our profile system, boot-update boot management tool, our incredibly flexible template-based networking scripts, Metro distribution build system, support of Debian, RHEL and other kernels, enhanced Python support, Portage mini-manifests, user-centric distribution model, and a large number of community infrastructure improvements."

     

    yeah our profile system makes sense...  the ldap login system so your forums account can edit wiki, or post bugs also with out re-signing up.  cloud virtual machine containers are available directly from the distro leader.  by dictator he means the original author of portage leads this distro.

  7. laptop funtoo install notes

    in Installation Help

    Posted

    the desktops acting terrible right now, so here comes funtoo to the laptop =D  just some notes of some stuff....  (im going to give damex access so he can beatup tengine on my amd machine)

     

    im using jfs, its 4m blocksized.  im using 1 partition with a swap file.

     

    mkfs.jfs /dev/sda1

    mkdir /mnt/funtoo

    mount /dev/sda1 /mnt/funtoo

     

    dd if=/dev/zero of=/mnt/funtoo/swapfile bs=4096k count=512

     

    deploys a 2gb swapfile.

     

    chmod 600 /mnt/funtoo/swapfile

     

    makes the swapfile so its not globally readable for security purposes.

     

    mkswap /mnt/funtoo/swapfile

    swapon /mnt/funtoo/swapfile

     

    guess turion x2 is k8....  generic_64 subarch =D  (took a second to find that one on wikipedia.)

     

    ill drop in lilo and wifi and jfs utils, and try tengine + passenger on my own before i hand over the keys.  i guess this is all for now.  ill make a swapfile wiki page from these notes in a bit when im on more solid ground.

     

    looks like the stage3 untar commands too specific, instead:

     

    tar xpf stage3-*.tar*

     

    (whats up with some stage sha1 sha256 or md5s?)

     

    resolv.conf on my alternate media only has 127.0.1.1 listed, clearly this is bad, 8.8.8.8 is better.

     

    echo "nameserver 8.8.8.8" >> /mnt/funtoo/etc/resolv.conf

    the chroot command doesn't work for alternate live media, chroot /mnt/funtoo /bin/bash doesenv -i HOME=/root TERM=$TERM chroot . bash -l

    ==== maybe these are the droids? ====

    root@ubuntu:/mnt/funtoo# chroot /mnt/funtoo /bin/bash
    ubuntu / # env-update
    !!! Invalid PORTDIR_OVERLAY (not a dir): '/usr/portage'
    !!! main-repo not set in DEFAULT and PORTDIR is empty.
    !!! Unable to parse profile: '/etc/portage/make.profile'
    !!! ParseError: Parent 'gentoo:funtoo/1.0/linux-gnu/arch/x86-64bit' not found: '/etc/portage/make.profile/parent'
    >>> Regenerating /etc/ld.so.cache...
    ubuntu / # eselect profile list
    !!! Error: Can't find /usr/portage/profiles/profiles.eselect.desc
    exiting

     

     

    ==== before sync ====

    set the root password:

    passwd

     

    ==== ok now that im synced up ====

    /etc/fstab

    /swapfile none swap defaults 0 0

    ==== clock ====

    the clock on here is screwy, i dont like utc in the bios, localtime's where im at, if i set it in bios the os should comply.  (my clocks 4 hours off so ill try chrony for the first time)

     

     

     

    ==== Networkmanager ====

    im getting insufficient privileges, console kit's not running @ boot, possibly also need to add something like plugdev group to my unprivileged user?

  9. sd cards

    in Desktop Help

    Posted

    gentoo discourages sudo commands....  i think sudo should be emphasized because it helps security to disable root logins via password and only allow root logins via sudo su......  but certainly the kernel must support mmc devices...  for hardware problems i generally use live media which loads everything via modules & lsmod to gather clues as to how to configure my kernel to support random hardware im trying to configure under funtoo....  sd/mmc does have some quirks in the kernel stuff, i vaguely remember having to enable 3 kernel options before the mmc would work properly.  (they were right next to the mmc stuff, or one level above.)

  12. new ram, new problems

    in Desktop Help

    Posted

    https://vip.asus.com/forum/view.aspx?id=20150327084138908&board_id=1&model=M4N72-E&page=1&SLanguage=en-us

     

    i have a thread going over at asus's forum, if anyone else wants to chime in feel free.  this is more of a hardware issue than a funtoo issue.  im just posting links since people are talking to me about it, have a place to consolidate the suggestions of tests/work arounds.....

     

    memtest86+ 5.01 fails to restart upon pressing esc, it just hangs....

    when memtest 5.01 starts it has the failsafe regular mode by pressing f1 or to run in smp mode by pressing f2 and the messages go away quick so you gotta be ready to press f2.

     

    memtest86+ has sent me a few errors but its also given me several passes of clean runs of the entire memory set.

     

     

    im starting to wonder if the lack of heat spreaders causes the center chips to overheat...  the case has 1 120mm fan, and tons of holes...  its a horizontal rack mount case, i think im going to masking tape the holes up and get the flow going a bit better.  its totally warmer with the top on the way it is.  the case's fans also parallel to the ram so the wind only hits 1 outside chip.  i have spare fans i can rig to directly blow the ram so ill try this next shutdown.

     

    todays update:

    last night ram 1 in slot 1 power off ram 2 in slot 2 power off ram 3 in slot 3 power off.....  old known working ram in slot 1 and 2 power off....  i dorked the bios enough to require pulling the cmos battery, 667mhz = no video post....  forcing timings voltages and speeds = power off....  since resetting the cmos with the new firmware things look like they're running OK for the moment.  blew dust out of the power supply blew dust out of ram sockets blew dust out of vid card socket....  right now running ram3 slot 3, been using dune 1984 extended edition in vlc to send tons of bits through the ram.

     

    i found a duplicate error posts on tomshardware and gave it back links to this post, & the post at asus's forums from a differing yet similar motherboard, exact same ram.

     

    todays update:

    11+ hours of uptime from module3 slot3

     

     

    after a few days of not updating this thread, i think its under control....  i disabled bank & channel interleaving & ganging & then memtested....  16 gigs run fine under single core on memtest...  i fire up funtoo thinking its all good in the hood, doesn't finish booting, starts freaking out after a good memtest run...  16 gigs do not run fine under smp mode of memtest...  enabled ganging, now funtoo's booting, browsers working (not throwing errors) and the vlc testings going to come up in a second...  i haven't put it through memtest again because im sick of looking at it.  if i get crashy wonky behavior its getting another round of memtests.  i disabled quickboot so the mobo tests ram every boot now.

  13. Any advantage using 'hardened' for the desktop user?

    in General Discussion

    Posted

    the problem with naming such an idea is that its hierarchical security.  draw bridges moats gators high stone walls soldiers and all....  i'm kinda flustered with topics this big...  its too much to address at once....  but yeah, to me, it makes more sense to run hardened kernels, and profiles on web pointing servers not desktops.

     

    desktops to me make more sense to run iptables, a moderately strong passworded user, disabled root password access (sudo only), no hard disk encryption, and nothing worth getting once in....  if you need sensitive data luks encryption requires partitions.  the only non encrypted to encrypted directory or files system i know of is insecure.  so at that point you may as well use the computer as a dumb terminal to an encrypted external hard drive/thumb drive...  i think luks would require you to enter your password every boot, and build an initramfs every kernel rebuild if you were planning on running that on /...  hardened may also require the initramfs, which i try to avoid like the plague...

     

    the cost to run the security procedures, extra system load, loss of usability etc vs benefits gained is another good point.  Jwjones you could just do it, and document how you work through your new problems brought on by tighter security, costs, advantages, etc....  grsecurity, and pax sound nice.  selinux sounds like a nightmare....  i might give a hardened kernel a whirl....  why not (id probably avoid selinux like the plague) =D

  15. Any advantage using 'hardened' for the desktop user?

    in General Discussion

    Posted

    sshguard yes...  the others not so much because they are general infra deployment techniques.  i imagine hardened is for shared webserver systems that have tons of users, as far as i know its just more granular permission settings.  i guess it should go to a securing a funtoo install wiki page that would outline several packages/tutorials.

     

    LPS "lightweight portable security" is the DOD linux distro, not cia.  what should the page be named, security tips below hardened...  security blueprints?  i like security blueprints for the title of a page of security tips / links to security articles / tutorials.

  18. Any advantage using 'hardened' for the desktop user?

    in General Discussion

    Posted

    ive never used it.  im in a fairly good situation with security in the first place though by omitting sensitive data.  a good firewall stops bogus traffic, a fairly long password with caps numbers and symbols.  disable ssh access, or run sshguard.  close all unused ports.  security problems then start flowing from individual programs bugs, but i have a separate $HOME, so / is a throw away os install.  i can format and be up and funtooing in 12 hours or less.

     

    the cia has a live usb distro so you can boot to a secure environment. id use that to then access more hardened servers with sensitive content in the background of the datacenter.  as in use a live distro to turn the computer accessing sensitive content into a dumb terminal...

     

    security is a strange beast, there are many angles you can take with security.

  20. /etc/hosts is overwritten

    in Server Help

    Posted

    i wonder how this is going to clash with dnsmasq....  dnsmasq can serve aliases though i have not gone through the program enough to know exactly how to do that.  i haven't had the opportunity to work with a network large enough to warrant learning these things.  i just use it for localhost cache only dns server end point for dnscrypt. my encrypted dns is much slower than 8.8.8.8 && 8.8.4.4.  i wonder what's automatically generating that file?  i kind of like the idea of the aliases in conf.d hostname though....

     

    "aliases" floods my hosts files with duplicate entries if i restart /etc/init.d/hostname  its also inserting the 127.0.0.1 alias wonky stacked on top of the hostname line, its appending the first alias to the loopback hostname statement possibly a blank line then aliases would work

  22. Samba crashes on boot, works if restarted

    in Server Help

    Posted

    i hate to say this but when i have samba problems, its been from stale configs clashing with new versions....  so i completely remove everything that has anything to do with samba in the configs and so forth then emerge the exact version and let it populate the new configs.  i then merge in backed up configurations for directories and share names etc....  i don't have any samba documentation @ funtoo yet...  i've been busy taking a relaxed pace at doing these things....

     

    there is some good information from https://wiki.gentoo.org/wiki/Sambahttps://wiki.gentoo.org/wiki/Samba/Configuration  

     

    however that documentation's a mess that needs to be sorted down, and processed.  we should start rolling a samba page.  i need to note how to track wiki changes via watch feature.  it will make it so people that use and are interested in the package can keep the documentation for it high quality.

     

     

    the symptoms your describing i have seen and resolved using the scorched earth method a few times when i was building documentation for gentoo.  mysql also leaves some stale files that can funk and fight new installs under gentoo/funtoo and requires scorched earth to start from square 1.

  25. Which optimized stage3 should i use?

    in Installation Help

    Posted

    change the title to "which optimized stage3 should i use"

     

    funtoo is a boot loader, a stage3, & a kernel.

     

    i know there is a little bit of guesswork in this part of the documentation, ive looked at resolving it and dont see an easy way to do so.

     

    i would go with pentium 4 64bit....  it looks like your system supports that.

×
×
  • Create New...