分類: Gentoo

安裝 logwatch
# emerge –ask logwatch

These are the packages that would be merged, in order:

Calculating dependencies… done!
[ebuild  N     ] dev-perl/Carp-Clan-6.40.0-r1  USE=”{-test}”
[ebuild  N     ] dev-perl/Sys-CPU-0.540.0-r1
[ebuild  N     ] dev-perl/Sys-MemInfo-0.910.0-r1
[ebuild  N     ] virtual/mailx-1
[ebuild  N     ] virtual/cron-0
[ebuild  N     ] dev-perl/DateManip-6.410.0  USE=”{-test}”
[ebuild  N     ] dev-perl/Tie-IxHash-1.230.0  USE=”{-test}”
[ebuild  N     ] dev-perl/Bit-Vector-7.200.0-r1
[ebuild  N     ] dev-perl/Date-Calc-6.300.0-r1
[ebuild  N     ] sys-apps/logwatch-7.4.0_p170-r1

Would you like to merge these packages? [Yes/No]y[@more@]1. 備份原設定檔 /usr/share/logwatch/default.conf/logwatch.conf
# cp /usr/share/logwatch/default.conf/logwatch.conf /usr/share/logwatch/default.conf/logwatch.conf.$(date +%F)

2. 進行修改
# sed -i ‘s/MailTo = root/MailTo = xxxx@gmail.com/’ /usr/share/logwatch/default.conf/logwatch.conf
# sed -i ‘s/MailFrom = Logwatch/MailFrom = Logwatch@nxi.test.ilc.edu.tw/’ /usr/share/logwatch/default.conf/logwatch.conf
# sed -i ‘s/Output = stdout/Output = mail/’ /usr/share/logwatch/default.conf/logwatch.conf
# sed -i ‘s/Detail = Low/Detail = Med/’ /usr/share/logwatch/default.conf/logwatch.conf

3. 執行 logwatch 測試是否能收到信件
# /usr/sbin/logwatch.pl

列出系統可以升級的套件
# emerge -pv world | grep “[ebuild     U  ]” | awk ‘{print $4}’ | awk -F ‘/’ ‘{print $2}’
procps-3.3.9-r2

列出系統已安裝套件
# emerge -pv world | grep “[ebuild   R    ]” | awk ‘{print $4}’ | awk -F ‘/’ ‘{print $2}’ | head
xz-utils-5.0.8
bzip2-1.0.6-r6
gnuconfig-20140212
which-2.20-r1
baselayout-2.2
patch-2.6.1
os-headers-0
file-5.21
net-tools-1.60_p20130513023548
coreutils-8.21[@more@]利用 gmail 來寄信
1. 安裝 ssmtp 及 mailx
# emerge ssmtp mailx

2. 備份原設定檔 /etc/ssmtp/ssmtp.conf
# cp /etc/ssmtp/ssmtp.conf /etc/ssmtp/ssmtp.conf.$(date +%F)

3. 修改設定檔 /etc/ssmtp/ssmtp.conf
# vim /etc/ssmtp/ssmtp.conf
#root=postmaster
# The place where the mail goes. The actual machine name is required
# no MX records are consulted. Commonly mailhosts are named mail.domain.com
# The example will fit if you are in domain.com and you mailhub is so named.
mailhub=smtp.gmail.com:587
# Where will the mail seem to come from?
#rewriteDomain=y
# The full hostname
#hostname=root-chroot-copy
# 寄件者帳號
AuthUser=xxxx@gmail.com
# 寄件者密碼
AuthPass=xxxx
UseSTARTTLS=YES
FromLineOverride=yes #enables to use mail -r option

4. 更改檔案權限
# chmod 0600 /etc/ssmtp/ssmtp.conf

5. 建立 Script
# cat /usr/lcoal/bin/check-update
#!/bin/bash
emerge -pv world | grep “[ebuild     U  ]” | awk ‘{print $4}’ | awk -F ‘/’ ‘{print $2}’ > /tmp/$(date +%F)
if [ -s /tmp/$(date +%F) ] ;then
   mail -s “Gentoo Linux Updates Available” xxxx@gmail.com < /tmp/$(date +%F)
   rm -rf /tmp/$(date +%F)
else
   rm -rf /tmp/$(date +%F)
fi

6. 更改檔案執行權限
# chmod 700  /usr/lcoal/bin/check-update

7. 排程(每 3 小時執行一次)
# crontab -l
0 3 * * * /usr/lcoal/bin/check-update

Gentoo Linux 提供許多個系統記錄器的選擇。分別為 sysklogd，它是一個傳統的系統記錄伺服器，syslog-ng ，是一個進階的系統記錄器。
# emerge -s syslog-ng
Searching…
[ Results for search key : syslog-ng ]
[ Applications found : 1 ]

*  app-admin/syslog-ng
      Latest version available: 3.4.8
      Latest version installed: [ Not Installed ]
      Size of files: 3,095 kB
      Homepage:      http://www.balabit.com/network-security/syslog-ng
      Description:   syslog replacement with advanced filtering features
      License:       GPL-2+ LGPL-2.1+

# emerge -s sysklogd
Searching…
[ Results for search key : sysklogd ]
[ Applications found : 1 ]

*  app-admin/sysklogd
      Latest version available: 1.5.1
      Latest version installed: [ Not Installed ]
      Size of files: 112 kB
      Homepage:      http://www.infodrom.org/projects/sysklogd/
      Description:   Standard log daemons
      License:       BSD
[@more@]
安裝系統紀錄器 sysklogd
# emerge sysklogd

啟動 sysklogd
# /etc/init.d/sysklogd start

開機時啟動
# rc-update add sysklogd default

或安裝 syslog-ng 系統紀錄器
# emerge syslog-ng

啟動 sysklogd
# /etc/init.d/syslog-ng start

開機時啟動
# rc-update add syslog-ng default

安裝紀錄檔置換程式
# emerge logrotate

在做套件更新或安裝時，有時會出現類似下面的訊息
* IMPORTANT: 8 news items need reading for repository ‘gentoo’.
 * Use eselect news to read news items.

在網路上搜尋了一下，在下面的網址找到了解答
Gentoo Taiwan 討論區 • 檢視主題 – 安裝PHP 問題[@more@]
列出這 8 項的項次
# eselect news list
News items:
  [1]      2012-05-21  Portage config-protect-if-modified default
  [2]      2012-11-06  PYTHON_TARGETS deployment
  [3]      2013-06-07  Portage preserve-libs default
  [4]      2013-08-23  Language of messages in emerge logs and output
  [5]      2013-09-27  Separate /usr on Linux requires initramfs
  [6]      2014-06-15  GCC 4.8.3 defaults to -fstack-protector
  [7]      2014-10-26  GCC 4.7 Introduced the New C++11 ABI
  [8]      2014-11-07  Upgrade to udev >= 217 or eudev >= 2.1

列出第一項
# eselect news read 1
2012-05-21-portage-config-protect-if-modified
  Title                     Portage config-protect-if-modified default
  Author                    Zac Medico <zmedico@gentoo.org>
  Posted                    2012-05-21
  Revision                  1

Beginning with sys-apps/portage-2.1.10.61, FEATURES=config-protect-if-modified
is enabled by default. This causes the CONFIG_PROTECT behavior to be skipped
for files that have not been modified since they were installed.

If you would like to disable this behavior by default, then set
FEATURES=”-config-protect-if-modified” in make.conf. See the make.conf(5) man
page for more information about this feature.

列出全部的前 15 行
# eselect news read new | head -15
2012-05-21-portage-config-protect-if-modified
  Title                     Portage config-protect-if-modified default
  Author                    Zac Medico <zmedico@gentoo.org>
  Posted                    2012-05-21
  Revision                  1

Beginning with sys-apps/portage-2.1.10.61, FEATURES=config-protect-if-modified
is enabled by default. This causes the CONFIG_PROTECT behavior to be skipped
for files that have not been modified since they were installed.

If you would like to disable this behavior by default, then set
FEATURES=”-config-protect-if-modified” in make.conf. See the make.conf(5) man
page for more information about this feature.

增加服務
語法：
# rc-update add scriptname runlevels
範例：
# rc-update add vixie-cron default
 * service vixie-cron added to runlevel default

刪除服務
語法：
# rc-update del scriptname runlevels
# rc-update del scriptname
範例：
# rc-update del dhcpd default
 * service dhcpd removed from runlevel default

runlevels 可以是 boot / default ….
[@more@]
列出可用的 Script 和運行層級
# rc-update show
             bootmisc | boot
                devfs |                       sysinit
                dmesg |                       sysinit
                 fsck | boot
             hostname | boot
              keymaps | boot
            killprocs |              shutdown
    kmod-static-nodes |                       sysinit
                local |      default
           localmount | boot
             loopback | boot
              modules | boot
             mount-ro |              shutdown
                 mtab | boot
             net.eth0 |      default
             netmount |      default
           ntp-client |      default
               procfs | boot
                 root | boot
            savecache |              shutdown
                 sshd |      default
                 swap | boot
            swapfiles | boot
              swclock | boot
               sysctl | boot
                sysfs |                       sysinit
         termencoding | boot
         tmpfiles.dev |                       sysinit
       tmpfiles.setup | boot
                 udev |                       sysinit
           udev-mount |                       sysinit
              urandom | boot

# rc-status
Runlevel: default
 net.eth0                                                                                             [  started  ]
 ntp-client                                                                                           [  started  ]
 sshd                                                                                                 [  started  ]
 netmount                                                                                             [  started  ]
 local                                                                                                [  started  ]
Dynamic Runlevel: hotplugged
Dynamic Runlevel: needed
Dynamic Runlevel: manual

一般在 Linux 中，都有一個可以在開機後執行一些程式的設定檔，一般來說都叫做 rc.local，可能是位在 /etc 或 /etc/rc.d 的目錄之下，但也有一些 Linux 在新的版本中，逐漸捨棄這項功能，如果要使用這樣的功能，還要特別去設定。
在 Gentoo Linux 中，這一個設定檔，叫 local.start，位在 /etc/local.d 目錄之下
# vim /etc/local.d/local.start
#!/bin/bash
if [ -e /etc/firewall.server ] ;then
echo “Starting Firewall…”
   sh /etc/firewall.server
fi

設定檔案執行權限
# chmod 700 /etc/local.d/local.start

cron 工作排程也不是內建就有安裝，須要另外安裝
# crontab -l
-bash: crontab: command not found

安裝
# emerge vixie-cron
或
# emerge fcron
或
# emerge cronie
[@more@]
列出工作排程
# crontab -l
# crontab -u bananapi -l

加入工作排程
# crontab -e
# crontab -u bananapi -e

移除工作排程
# crontab -r
# crontab -u bananapi -r

原本的使用狀況
# df -h
Filesystem      Size  Used Avail Use% Mounted on
/dev/root       3.4G  1.7G  1.5G  53% /
devtmpfs        438M     0  438M   0% /dev
tmpfs            88M  284K   88M   1% /run
shm             438M     0  438M   0% /dev/shm
cgroup_root      10M     0   10M   0% /sys/fs/cgroup

使用 fdisk 做磁碟分割
# fdisk /dev/mmcblk0
[@more@]刪除第二個分割區，並重建第二個分割區

重新啟動電腦
# reboot

使用 resize2fs 擴大分割區的大小
# resize2fs /dev/mmcblk0p2
resize2fs 1.42.10 (18-May-2014)
Filesystem at /dev/mmcblk0p2 is mounted on /; on-line resizing required
old_desc_blocks = 1, new_desc_blocks = 1
The filesystem on /dev/mmcblk0p2 is now 1923584 blocks long.

擴充之後的磁碟空間
# df -h
Filesystem      Size  Used Avail Use% Mounted on
/dev/root       7.2G  1.7G  5.2G  25% /
devtmpfs        438M     0  438M   0% /dev
tmpfs            88M  284K   88M   1% /run
shm             438M     0  438M   0% /dev/shm
cgroup_root      10M     0   10M   0% /sys/fs/cgroup

Gentoo Linux 果然非常精簡，連 iptables 都沒有內建安裝
# iptables -L -n
-bash: iptables: command not found

安裝 iptables
# emerge iptables

設定開機時啟動
# rc-update add iptables default
 * service iptables added to runlevel default[@more@]
將目前的防火牆規則儲存起來
# /sbin/iptables-save > /var/lib/iptables/rules-save
或
# rc-service iptables save

同步套件資訊
# emerge –sync

檢查需要更新的套件
[ebuild   R    ]：代表已安裝
[ebuild  N     ]：尚未安裝
[ebuild     U  ] ：可以升級的套件
# emerge -pv world

These are the packages that would be merged, in order:

Calculating dependencies… done!
[ebuild   R    ] app-arch/xz-utils-5.0.5-r1  USE=”nls threads -static-libs” 1,276 kB
[ebuild   R    ] app-arch/bzip2-1.0.6-r6  USE=”-static -static-libs” 764 kB
[ebuild   R    ] sys-devel/gnuconfig-20140212  44 kB
[ebuild   R    ] sys-apps/which-2.20-r1  133 kB
[ebuild   R    ] sys-apps/baselayout-2.2  USE=”-build” 40 kB
[ebuild   R    ] sys-devel/patch-2.6.1  USE=”-static {-test}” 248 kB
[ebuild   R    ] virtual/os-headers-0  0 kB
[ebuild     U  ] sys-apps/file-5.21 [5.19] USE=”zlib -python -static-libs” PYTHON_TARGETS=”python2_7 python3_3 -python3_4 (-python3_2%)” 715 kB
[ebuild   R    ] sys-apps/net-tools-1.60_p20130513023548  USE=”nls -old-output (-selinux) -static” 196 kB
[ebuild   R    ] sys-apps/coreutils-8.21  USE=”acl nls -caps -gmp (-selinux) -static -vanilla -xattr” 5,281 kB
[ebuild   R    ] virtual/modutils-0  0 kB
[ebuild   R    ] virtual/libc-0  0 kB
[ebuild   R    ] app-shells/bash-4.2_p53  USE=”net nls (readline) (-afs) -bashlogger -examples -mem-scramble -plugins -vanilla” 6,977 kB
[ebuild   R    ] sys-apps/less-458  USE=”pcre unicode” 500 kB
[ebuild   R    ] sys-apps/sed-4.2.1-r1  USE=”acl nls (-selinux) -static” 879 kB
[ebuild   R    ] virtual/man-0-r1  0 kB
[ebuild   R    ] sys-devel/binutils-2.24-r3  USE=”cxx nls zlib (-multislot) -multitarget -static-libs {-test} -vanilla” 22,202 kB
[ebuild     U  ] sys-process/psmisc-22.21 [22.20] USE=”ipv6 nls -X (-selinux)” 442 kB
[ebuild   R    ] sys-apps/gawk-4.0.2  USE=”nls readline” 1,589 kB
[ebuild   R    ] app-arch/tar-1.27.1-r2  USE=”acl nls -minimal (-selinux) -static -xattr” 2,513 kB
[ebuild   R    ] sys-devel/make-4.0-r1  USE=”nls -guile -static” 1,311 kB
[ebuild   R    ] sys-apps/findutils-4.4.2-r1  USE=”nls (-selinux) -static” 2,100 kB
[ebuild   R    ] app-arch/gzip-1.5  USE=”nls -pic -static” 705 kB
[ebuild   R    ] virtual/pager-0  0 kB
[ebuild   R    ] sys-apps/diffutils-3.3  USE=”nls -static” 1,170 kB
[ebuild   R    ] sys-apps/mlocate-0.26-r1  USE=”nls (-selinux)” 0 kB
[ebuild   R    ] sys-devel/gcc-4.8.3:4.8  USE=”cxx fortran nls nptl openmp (-altivec) -awt -doc (-fixed-point) -gcj -go -graphite (-hardened) (-libssp) -mudflap (-multilib) (-multislot) -nopie -nossp -objc -objc++ -objc-gc -regression-test (-sanitize) -vanilla” 84,146 kB
[ebuild   R    ] sys-apps/man-pages-3.72  USE=”nls” LINGUAS=”-da -de -fr -it -ja -nl -pl -ro -ru -zh_CN” 1,251 kB
[ebuild  N     ] dev-libs/libevent-2.0.21-r1  USE=”ssl threads -static-libs {-test}” 831 kB
[ebuild   R    ] sys-apps/busybox-1.21.0  USE=”ipv6 pam static -livecd -make-symlinks -math -mdev -savedconfig (-selinux) -sep-usr -syslog -systemd” 2,150 kB
[ebuild   R    ] sys-apps/kbd-1.15.5-r1  USE=”nls pam” 1,691 kB
[ebuild   R    ] virtual/shadow-0  0 kB
[ebuild     U  ] net-misc/iputils-20121221-r1 [20121221] USE=”filecaps%* ipv6 ssl -SECURITY_HAZARD -caps -doc -gnutls -idn -static” 175 kB
[ebuild   R    ] virtual/ssh-0  USE=”-minimal” 0 kB
[ebuild   R    ] virtual/package-manager-0  0 kB
[ebuild   R    ] app-editors/vim-7.4.273  USE=”acl nls -X -cscope -debug -gpm -lua (-luajit) -minimal -perl -python (-racket) -ruby (-selinux) -tcl -vim-pager” PYTHON_SINGLE_TARGET=”python2_7 -python3_3 -python3_4″ PYTHON_TARGETS=”python2_7 python3_3 -python3_4″ 10,108 kB
[ebuild   R    ] virtual/editor-0  0 kB
[ebuild   R    ] net-dns/bind-tools-9.9.5  USE=”ipv6 readline ssl -doc -gost -gssapi -idn -urandom -xml” 0 kB
[ebuild   R    ] app-admin/sudo-1.8.11_p1  USE=”nls pam sendmail -ldap -offensive (-selinux) -skey” 2,346 kB
[ebuild   R    ] sys-apps/util-linux-2.24.1-r3  USE=”cramfs ncurses nls pam suid unicode -bash-completion -caps -cytune -fdformat -python (-selinux) -slang -static-libs {-test} -tty-helpers -udev” PYTHON_SINGLE_TARGET=”python2_7 -python3_3 -python3_4 (-python3_2%)” PYTHON_TARGETS=”python2_7 python3_3 -python3_4 (-python3_2%)” 3,461 kB
[ebuild   R    ] net-misc/rsync-3.0.9-r3  USE=”acl iconv ipv6 -static -xattr” 775 kB
[ebuild   R    ] sys-apps/grep-2.16  USE=”nls pcre -static” 1,182 kB
[ebuild   R    ] sys-process/procps-3.3.9  USE=”ncurses nls unicode -static-libs {-test}” 548 kB
[ebuild     U  ] net-misc/wget-1.16 [1.14] USE=”ipv6 nls pcre ssl zlib -debug -gnutls -idn -ntlm -static {-test%} -uuid” 1,658 kB
[ebuild     U  ] net-misc/ntp-4.2.8-r1 [4.2.6_p5-r10] USE=”ipv6 ssl -caps -debug -openntpd (-parse-clocks) -samba (-selinux) -snmp -vim-syntax -zeroconf” 6,638 kB
[ebuild   R    ] sys-process/vixie-cron-4.1-r14  USE=”pam -debug (-selinux)” 0 kB
[ebuild   R    ] sys-fs/e2fsprogs-1.42.10  USE=”nls -static-libs” 5,983 kB
[ebuild   R    ] sys-apps/openrc-0.12.4  USE=”ncurses netifrc pam unicode -debug -newnet (-prefix) (-selinux) -static-libs -tools” 129 kB
[ebuild   R    ] virtual/service-manager-0  USE=”(-prefix)” 0 kB
[ebuild   R    ] virtual/dev-manager-0  0 kB

Total: 50 packages (5 upgrades, 1 new, 44 reinstalls), Size of downloads: 172,141 kB[@more@]上面的資訊實在太複雜了，稍微精簡一下
# emerge -pv world | grep ‘[ebuild     U  ]’ | awk ‘{print $4}’
sys-apps/file-5.21
sys-process/psmisc-22.21
net-misc/iputils-20121221-r1
net-misc/wget-1.16
net-misc/ntp-4.2.8-r1

更新個別套件，以 wget 為例
系統安裝版本 1.14，新的版本是 1.16
# emerge -pv wget

These are the packages that would be merged, in order:

Calculating dependencies… done!
[ebuild     U  ] net-misc/wget-1.16 [1.14] USE=”ipv6 nls pcre ssl zlib -debug -gnutls -idn -ntlm -static {-test%} -uuid” 1,658 kB

Total: 1 package (1 upgrade), Size of downloads: 1,658 kB

進行更新
# emerge -u wget

更新整個系統
# emerge -u world