Oleg Vinichenko

ebuilds now unmasked

this makes perfect sense. I will prepare a default configuration for faillock that is working for most.

pam-1.3.0-r3 ebuild introducing the faillock capability from Red Hat. This will allow locking of user account after a consequent login failure attempts. After a number of attempts (can be configured) the account will be locked for a certain time (can be configured). Testing can be performed by following. Set the keywords for sys-libs/pam ebuild and install new version. echo "=sys-libs/pam-1.3.0-r3 **" >> /etc/portage/package.accept_keywords emerge -1u pam After installation, edit /etc/pam.d/system-auth with editor and put the lines pointed auth required pam_env.so auth required pam_faillock.so preauth audit deny=3 unlock_time=60 auth required pam_unix.so try_first_pass likeauth nullok auth required pam_faillock.so authfail audit deny=3 fail_interval=60 unlock_time=60 auth optional pam_permit.so account required pam_faillock.so account required pam_unix.so account optional pam_permit.so password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3 password required pam_unix.so try_first_pass use_authtok nullok sha512 shadow password optional pam_permit.so session required pam_limits.so session required pam_env.so session required pam_unix.so session optional pam_permit.so Notice the lines in bold red. This is very important that first line in auth part is before pam_unix module. The second line must be after pam_unix module. In account part, pam_faillock module needed before pam_unix module. In example, 3 attempts are set for the locking. After that, account will be locked and in console you will see a message that account is locked for 60 seconds, in example. After that period of time, the account will be released. To review the state , you can use faillock utility installed by pam. For more advanced options, follow faillock and pam_faillock manual pages. If some mistakes possibly made with configuration, please, have a live cd to boot from to alter the changes in /etc/pam.d/system-auth. It is wise decision to have a copy of it somewhere before the tests.

Following version of nginx available to test: =www-servers/nginx-1.14.0 the stable release =www-server/nginx-1.15.2 the mainline release To test either one or both, add following to /etc/portage/package.accept_keywords, example with 1.14.0 is shown below =www-servers/nginx-1.14.0 ** Testing feedback is very much appreciated.

Main reason is to have users who are experienced KDE users and understand about possible quirks during updates. This does no necessarily means that its needed to be good at writing ebuilds, but it' s of course much better if you can. The way it can be tested is using the generation of a tree that will contain the updated stack of what is forming the KDE. How to perform this is described in: https://www.funtoo.org/Local_Development_Setup Assuming that you have KDE of older kit branch installed, then, you can generate a new tree that track gentoo master ebuilds for KDE. Or LXQT. Then, you can try updating and hunting for update troubles that can be faced during this step. There could be quite a list of inter-connected issues, considering that KDE and QT are big projects. Eliminating and fixing such pitfalls and also documenting about upgrade steps are the basics. When it's known to be reliable, then, the kit can be locked down and released. Next releases can be then considered to work on. It very much looking as semi-rolling. It can be helped and supported by us with technical difficulties and questions.

do following: cd /var/tmp git clone https://github.com/funtoo/ego.git cd ego ./ego sync ./ego sync --config-only Then, if you have broken portage, follow here (fixing broken portage part) https://www.funtoo.org/System_resurrection

please, report this on bugs.funtoo.org

this ebuild should not be added and it was due to some reasons. Please, sync your meta-repo and you will get back to a good versions of mesa.

this is due to mesa update accident. Please, sync your meta-repo and you will get back to good version of media-libs/mesa

please, do not update and wait for resolution.

paste output of grep -r openssl /etc/portage

run epro build current

Hi! Following ebuilds now added to testing nvidia-drivers-390.77-r1 and nvidia-drivers-396.45-r1 Both including patch to resolve a blank screen issue, when kernel-4.16 or newer used.. This patch will not be applied, if older kernel version installed or/and set as default kernel. To test, assuming kernel-4.16 or newer used and video card is supported by LTS release of nvidia-drivers, proceed with following steps echo "=x11-drivers/nvidia-drivers-390.77-r1 **" >> /etc/portage/package.keywords emerge nvidia-drivers debian-sources-4.17.8 added, also with no keywords, for testing, use: echo "=sys-kernel/debian-sources-4.17.8 **" >> /etc/portage/package.keywords emerge debian-sources boot-update Testing is very much appreciated. As usual, bugs.funtoo.org is your friend for any problems encountered. Regards, Oleg.

Following ebuilds now available for testing in Funtoo/Linux sys-fs/zfs-0.7.9 sys-fs/zfs-kmod-0.7.9 sys-kernel/spl-0.7.9 These versions have a portion of upstream fixes and also support for newer kernels. Ebuilds added without keywords and do require manual setting of /etc/portage/package.keywords before update. https://github.com/zfsonlinux/zfs/releases

is "cat" literally used in overlay setup. It's not a valid category name for the autossh ebuild. Have to be something like net-misc/autossh

thank you, this would be emerge --info. please, provide emerge output where this conflict occurs

please, provide full emerge ouput

remove all of ruby* instances from package.use and make.conf and you will be good.

paste output of grep -ri ruby_targets /etc/portage

show output of emerge -pvt rdoc

i believe this is now fixed in Funtoo and removing rdoc USE is no longer necessary

working on this problem

Please, report this on bugs.funtoo.org

the steps would be the same as with major gcc version update, they are pointed in so, basically the same regarding gcc.

the mask should disappear with next sync.