What combination of USE flags work for you ?

[i92guboj]

Btw, why the make.conf is readable only by root? Whats so secretive about it? Infact, even 'sudo' didnot have permission, had to use 'su'.

There's nothing that a casual attacker with a shell account on our box could use to do any real harm into our system. At least, not directly. However, it's possible to see what support is there in -let's say- php, so you can plan a better attack against the web server. But by the time someone has a shell account I think that's the lesser of your problems.

Mine has 644 permissions, so it's world readable. Note that lots of programs that can be run as a regular user will need to read it (porthole and similar portage managers, for example, besides other userland tools like equery).

I don't remember if these permissions were there on the stage file, or if I set them manually, to be sincere. But there's no problem in setting them if they are not there.

[saivin]

Ok, your explanation makes things little clearer. But I have doubt regarding different behaviour by 'sudo' and 'su'. Will open a new thread if google does not help

[i92guboj]

Ok, your explanation makes things little clearer. But I have doubt regarding different behaviour by 'sudo' and 'su'. Will open a new thread if google does not help

I can't help with that. I know how to configure and use sudo at a basic level, but I never liked it and know very little about its inner working, and less about its difference with su.

[Jonathan183]

I must confess I'm a bit of a sudo fan ... the reason - I have control over access by all users, by application ... my regular user accounts don't need root rights so they don't have them. My regular admin user only needs to be able to run emerge ... actually if I needed I could restrict this to

Code:

sudo emerge --sync
sudo emerge -avuDN world

if I wanted to ... it's not that I don't trust the admin - well maybe since it's me ... but the point is I don't need to run everything as root.

The default sudo allow everything just enter a password does not give anything more than su - but using it properly gives fine control over access.

... I use conky and want to know latest sync so I give regular user ability to

Code:

sudo cat /var/log/emerge.log

and thats it ... can pick everything I need for display but much better control than su seems to give

I have adopted to approach of lock everything and just unlock what is needed rather than the allow everything ... sudo lets me do that

btw I think by default /etc/make.conf is world readable ... check tarball (I'll check next time I boot Gentoo).
Ed: for ls /etc/make.conf I get ...

Code:

-rw-r--r-- 1 root root 1121 Jun  7 22:29 /etc/make.conf

[Jonathan183]

I like to customize my builds as I see fit, and I have some in /etc/portage/package.use/files.

I also like to specify different directories for my distfiles, packages, etc... because I can switch between funtoo and portage easily as my mind sees fit (not just switch branches, but remove /usr/portage and download a new tarball and not lose anything.

I have been using Gentoo for quite a few years now, and I can handle the instability in funtoo, although it is actually quite stable.

curiosity got the better of me so I installed Funtoo to a spare partition using my existing Gentoo install. Actually running them on separate partitions at the moment ...

couldn't get emerge --sync to work until I compiled the kernel and booted into funtoo ... anyway I have it working for the moment . Pinched a few entries from your previous post ... anyway at the moment running with ...

Code:

# These settings were set by the metro build script that automatically built this stage.
# Please consult /etc/make.conf.example for a more detailed example.

ACCEPT_KEYWORDS="~x86"
CHOST="i686-pc-linux-gnu"
CFLAGS="-O2 -march=athlon-xp -pipe"

# info below originally from gentoo make.conf
#CFLAGS="-O2 -march=i686 -pipe"
#CXXFLAGS="-O2 -march=i686 -pipe"
#CHOST="i686-pc-linux-gnu"

### wanted flags
USE="alsa audio branding cairo cdr clamav dbus
dvd dvdr fam firefox flac gif gtk hal ieee1394 imlib jpeg 
mp3 mad nls ogg opengl pdf png qt4 qt3 raw svg ssl trash-plugin
spell spl symlink tiff truetype usb vorbis 
X xine"

### unwanted flags
USE="$USE -esd -gnome -msn -pcmcia -xinerama -yahoo -kde"

INPUT_DEVICES="evdev keyboard mouse"
VIDEO_CARDS="nvidia"
LINGUAS="en_GB"

GENTOO_MIRRORS="ftp://gentoo.virginmedia.com/sites/gentoo http://www.mirrorservice.org/sites/www.ibiblio.org/gentoo"
SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage"

# added gtk for thunar plugins
# added dbus and trash-plugin for thunar

# configure features 25 Aug 09 added parallel-fetch userfetch
FEATURES="parallel-fetch userfetch"
# increase clean delay from default 5 seconds to 30 seconds
CLEAN_DELAY="30"
# resync show progress of bar for each file
PORTAGE_RSYNC_EXTRA_OPTS="--progress"

###############################################
##### info below for distcc only
# temp addition for distcc
#MAKEOPTS="-j2"
#add to FEATURES="distcc" for distcc compiles
###############################################

... not sure I'll be sticking with the 30 second countdown when running emerge --depclean I set though

[ursusca]

I found benefits to use a profile. The server and desktop profiles intended to provide an easy starting point for server or desktop installs. It have the USE flags preset that you need for a server or a desktop.

[Jonathan183]

I found benefits to use a profile. The server and desktop profiles intended to provide an easy starting point for server or desktop installs. It have the USE flags preset that you need for a server or a desktop.

I started using the desktop profile quite recently, set using eselect after an update complained about USE flag settings and suggested setting the profile to desktop to cure the issue. I don't intend doing a re-install ... but if I do at some point in future and I remember I will try setup with defaults and setting profile to desktop just to see how I get on. Having tried that I will still probably set things to match one of my existing setups ... because there are some things I want to work and others I want to leave out - Gentoo have no way of knowing I use fluxbox or icewm rather than gnome or kde.

Have you tried the default make.conf USE settings, setting the profile to desktop and installing a full system? did it work first time and you could run a depclean and revdep-rebuild without changing USE flags?

[MikeTbob]

I've always used a Desktop profile, then add or remove flags as I needed them. I don't hardly even bother with package use flags, I just pile them all into make.conf.

[ursusca]

...Have you tried the default make.conf USE settings, setting the profile to desktop and installing a full system? did it work first time and you could run a depclean and revdep-rebuild without changing USE flags?

Hi,

Unfortunately it didn't .

[darkrose0510]

Well this thread just proved useful, reinstalling gentoo on my desktop after running slackware for a while, I just had to copy/paste the use flags from my post here.

A bit different to last time though, so here they are:

Code:

USE="mmx sse sse2 X gtk -gnome -qt3 -qt4 -kde alsa opengl sdl png jpeg gif dvd cdr ogg x264 truetype vim-syntax xinerama"