Google Groups

Aanmelden bij Gentoo-be


Archieven doorbladeren op

hacker emblem

Installing G e n t o o on x86-System using Knoppix


Document by Autie
Originally I have written this for myself, copy and modify freely!

        - #Gentoo channel activity on Undernet see: #Gentoo Undernet channel statistics

        - Gentoo docs see: All Gentoo documentation can be find here!

        - Usefull scripts see: Scripts!

        - Usefull docs see: My docs!

Section 1: booting, creating partitions and filesystems

Latest Knoppix-ISO see: Knoppix!
Latest Gentoo-ISO see: Gentoo!

1. boot the Knoppix CD and start a root-shell

2. do: usermod -d /root -m root and then: cd

3. do: cfdisk and make a primary linux partition

   set it bootable and write then quit

4. apply filesystem to bootable partition: mkreiserfs /dev/hda2 

   (here: first drive, second partition)

5. create mount-point: mkdir /mnt/gentoo

6. mount bootable partition: mount /dev/hda2 /mnt/gentoo

7. create the boot folder: mkdir /mnt/gentoo/boot

8. create kernel interface: mkdir /mnt/gentoo/proc 
   then: mount -o bind /proc /mnt/gentoo/proc

Section 2: installing gentoo files

1. enter mountpoint: cd /mnt/gentoo

2. download latest stage1-file from:
   located inside: /releases/x86/2005.x/stages/x86/

   (i recommend to copy the link and use: wget link in current directory)

3. move the stage1-file: mv stage1* /mnt/gentoo and decompress it
   with the command: tar -xvjpf stage1*

4. copy the DNS info: cp -L /etc/resolv.conf /mnt/gentoo/etc/

5. enter new environment: chroot /mnt/gentoo /bin/bash

   then: env-update && source /etc/profile

Section 3: compiler options and bootstrapping the system

1. use a template: cp /etc/make.conf.example /etc/make.conf then edit as follows:

        a) customize the USE line:
                         use option:  param
                   don't use option: -param

           exaple: USE=”X gtk2 alsa ssl -motif -gnome -kde -arts”
        - for a param-list see: USE Variables Index 

        b) customize the CHOST line:

           i386-pc-linux-gnu Intel 80386DX
           i486-pc-linux-gnu Intel 80486DX
           i586-pc-linux-gnu Intel PI, AMD K5/K6/K6-II/K6-III, VIA C3 , IDT Winchip 
           i686-pc-linux-gnu Intel PII/III/IV, AMD Duron/Sempron/Athlon-XP/MP
           x86_64-pc-linux-gnu AMD 64
        c) customize the CFLAGS line:
        - use the flags -O3, -pipe and -march= matching your architecture:

           i386 Intel 80386DX+
           i486 Intel 80486DX+
           i586 AMD K5
           i686 all equal to Intel Pentium Pro
           pentium Intel Pentium I without MMX
           pentium-mmx Intel Pentium I MMX
           pentiumpro Intel Pentium Pro
           pentium2 Intel Pentium II / Celeron 'Mendocino'
           pentium3 Intel Pentium III / Celeron 'Coppermine'
           pentium4 Intel Pentium IV / Celeron 'Willamette'
           prescott Intel Pentium IV / Celeron 'Prescott'
           nocona Intel Xeon 'Nocona'
           k6 AMD K6
           k6-2 AMD K6-II
           k6-3 AMD K6-III
           athlon AMD Athlon
           athlon-tbird AMD Athlon 'Thunderbird'
           athlon-4 AMD mobile-Athlon4
           athlon-xp AMD Sempron/Athlon XP
           athlon-mp AMD Athlon MP
           winchip-c6 IDT Winchip C6
           winchip2 IDT Winchip 2
           c3 VIA C3
        - add all extensions supported by your CPU:

           -mmmx MMX
           -msse SSE
           -msse2 SSE2
           -msse3 SSE3
           -m3dnow 3DNow!

         d) uncomment the CXXFLAGS

         e) set MAKEOPTS to -j2 (read comments above)

         f) set PORTAGE_NICENESS to 19 (so it does not slowdown other processes)

         g) set AUTOCLEAN to yes (remove old versions)

         (optional) edit the FEATURES line so ccache is enabled

2. do portage tree update: emerge sync  (do not update portage yet!)
3. start bootstrapping:

        a) do: cd /usr/portage/scripts/

        b) do: ./  (bootstrap must not be interrupted!)

        c) do: source /etc/profile

(optional) create swap:

        a) create a binary file: dd if=/dev/zero of=/swap bs=1M count=512 (in MB)

        b) initialize swap: mkswap /swap && sync

        c) create init-script: touch /etc/init.d/swap && chmod +x /etc/init.d/swap

           and edit it this way:

           start() {
               ebegin "Initializing Swap"
                   if [ -e /swap ]
                       swapon /swap
               eend $? "Failed to initialize Swap."
           stop() {
               ebegin "Suspending Swap"
                   sync && swapoff /swap
               eend $? "Failed to suspend Swap."

        d) register the script to a rc-level: rc-update add swap default

5. now do: emerge portage && etc-update

(optional) install ccache: emerge ccache && env-update (speeds up compilation a lot)

Section 4: making system and unmasking packages 

1. finally do: emerge system && etc-update

(optional) unmask soft-masked packages globaly (unstable packages)

        a) edit the /etc/make.conf and then

        b) set ACCEPT_KEYWORDS to ~x86 

(optional) unmask hard-masked packages (can break something)

        a) you have to edit a special file and maintain it: 

           echo category/package >> /etc/portage/package.unmask

           or for a specific version only do:

           echo =category/package-version >> /etc/portage/package.unmask 

Section 5: building the kernel

1. get the kernel sources: emerge development-sources (2.6.x kernel)

2. compile the kernel:

         a) do: cd /usr/src/linux and then: make menuconfig for kernel
            configuration and enable at least:

            File systems --->

               <*> Reiserfs support

               Pseudo filesystems --->
                  [*] /dev file system support
                  [*]     Automatically mount at boot

         b) compile the kernel: make && make modules_install

         c) copy the new kernel files into the boot directory:

                - copy the kernel: cp arch/i386/boot/bzImage /boot/kernel

                - backup the configuration file: cp .config /boot/config

Section 6: configuring the system

1. setting the timezone, clock and console-keymap :

        - do: ls /usr/share/zoneinfo/ and look after your timezone

        - do: ln -sf /usr/share/zoneinfo/myzone /etc/localtime

        - now edit the file: /etc/conf.d/clock 

             - set CLOCK to local 

             - set CLOCK_SYSTOHC to yes

         - edit the file: /etc/conf.d/keymaps

               - set KEYMAP to your country-code (e.g. de for german)

2. setting filesystem information:

        - edit the /etc/fstab as in this xample:

          #<fs>                <mountpoint>    <type>        <opts>           <d/p>

          /dev/hda2            /               reiserfs      noatime,notail   0 1
          /dev/hda1            /mnt/win        ntfs          noatime,ro       0 0
          /dev/cdroms/cdrom0   /mnt/cdrom      auto          noauto,user,ro   0 0
          /dev/cdroms/cdrom1   /mnt/cdrw       auto          noauto,user,ro   0 0

3. setting the networking information:

        a) set hostname of your machine, edit: /etc/conf.d/hostname

        (Optional) set your full qualified domainname

                   - edit: /etc/conf.d/domainname

                   - finally do: rc-update add domainname default

4. configuring network:
        a) do: cp /etc/conf.d/net.example /etc/conf.d/net and edit the config file

           i recommend using the ifconfig-style for now

        b) configure network to start at boottime: rc-update add net.eth0 default

           (here: first ethernet interface)

         c) do: emerge dhcpdc

Section 7: the bootloader

1. do: emerge grub then then: grub

        a) when the GRUB command line starts up type in:

        grub> root (hd0,1)       #Use information from the boot partition on hda2
        grub> setup (hd0)        #Install GRUB in the MBR of hda
              ==> alternatively:
              setup (hd0,1)      #Install GRUB on the boot-block of the partition hda2
        grub> quit               #Exit the GRUB shell

        b) go to the GRUB directory: cd /boot/grub/ and use template:
           cp grub.conf.sample grub.conf then edit menu.lst so it looks like this:

         # Boot automatically after 30 secs.
         timeout 10

         # By default, boot the first entry.
         default 0

        # Booting GNU/Linux
        title Gentoo Linux
        root (hd0,1)             #here hda2
        kernel /boot/kernel root=/dev/hda2

        # The next lines are only needed if you do dualboot with Windows
        title MS Windows
        rootnoverify (hd0,0)     #here hda1
        chainloader +1

(optional) making a framebuffer console:

        a) recompile kernel with these options:
           Device Drivers --->
              Graphics Support --->
                 [*] Support for frame buffer devices
                 [*]   VESA VGA graphics support 
                  Console display driver support  --->
                     --- VGA text console
                     [*]   Video mode selection support
                     <*> Framebuffer Console support

        b) edit /boot/grub/menu.lst similar to:

                kernel /boot/kernel root=/dev/hda2 video=vesa vga=0x318

                ==> the vga option can be chosen out of these values:

                    | 640x480  800x600  1024x768  1280x1024
                256 |  0x301    0x303     0x305     0x307   
                32k |  0x310    0x313     0x316     0x319   
                64k |  0x311    0x314     0x317     0x31A  
                16M |  0x312    0x315     0x318     0x31B

Section 8: finishing configuration

1. install filesystem tools: emerge reiserfsprogs

2. managing users:

        a) set a root password: passwd

        b) add a normal user, here an example:

           useradd myuser -m -G users,wheel,audio,games -s /bin/bash

        c) set password for the new user: passwd myuser

3. make a nice bash: emerge bash-completion  

        a) edit /home/myuser/.bashrc uncomment last line

        b) activate it for root too: cp /home/myuser/.bash* ~

4. edit /etc/rc.conf and set some configuration variables:

        a) you can change the KEYMAP to your country code (e.g. de)

(optional) synchronization with time-servers:

        - do: emerge rdate then you can set time using: rdate -s mytimeserver

(optional) accelerated graphics drivers:

           (nvidia chips: you do not need agpart and DRI support in Kernel)
        - do: emerge nvidia-settings (should build also nv-kernel/glx)

        - edit /etc/modules.d/nvidia and uncomment the last options line

        - do: modules-update

        - to oveclock do: emerge nvclock and edit /etc/conf.d/nvclock set
          your speeds there, then: rc-update add nvclock default 

Section 9: managing portage

(optional) update system: emerge sync && emerge -Dpv world (remove p to make it real,

           it is useful to check which USE-flags are supported using v, D checks for deep


           You can apply USE-flags which are not in /etc/make.conf with the prefix

           USE=”...” before the emerge command

(optional) checking reverse dependencies: revdep-rebuild

(optional) completing Portage world-file:

        - do: emerge gentoolkit and then: emerge -up `qpkg -nc -I` to

           see all installed packages which may be updated

(optional) perform global updates for portage, do: fixpackages

Section 10: making a desktop system

1. build X11: emerge xorg-x11 && etc-update

        a) enable opengl-rendering: opengl-update xorg-x11 (when using

           accelerated graphics drivers do instead: opengl-update nvidia)

        b) configure X11: /usr/X11R6/bin/xorgconfig

        c) edit the created /etc/X11/xorg.conf

           - uncomment the following lines:
             Load    “glx”
             FontPath for both TrueType and FreeFont 

           - inside the section ServerFlags you can set the screensaver:

             Option    ”blank time”   “3 # set screensaver to 3 minutes

           - inside the section InputDevice set the line if you have got
             a wheel-mouse:

             Option    “ZAxisMapping”   “4 5” # use mouse wheel

           - if using accelerated graphics drivers change in section Device
             (here: nvidia)

             Driver    “nvidia”
             Option    “NvAGP” “1”
             Option    “RenderAccel” “1”

        (optional) use or not use TV-Out:
           - to not use TV-out just do:

             Option    “IgnoreDisplayDevices” “TV” # fixes reported problems 

           - else activate TV-Out:

             Option    “TwinView” “true”
             Option    “TwinViewOrientation” “clone”
             Option    “SecondMonitorHorizSync” “30-50
             Option    “SecondMonitorVertRefresh” “60
             Option    “TVStandard” “PAL-G # you may need other format here
             Option    “MetaModes” “1024x768, 1024x768;” # use fullscreen
             #Option   “TVOutFormat” “COMPOSITE” # when you get BW picture

         (optional) if you want fancy shadows and transparency: 

         (xorg-x11 6.8 only)

           - do: emerge xcompmgr transset

           - edit your /etx/X11/xorg.conf and add these lines to it:

                  Section “Extensions”
                      Option  “Composite”   “Enable”

           - now you can set shadows: xcompmgr -c & and set transparency 

             levels e.g. with: transset .6 (equal to 60% of normal level)

         d) now exit Knoppix and reboot your box, on startup logon as root

         e) start X: startx

           - do: xvinfo it should show some overlay information (DRI)

           - do: glxgears it should show you a OpenGL demo (GLX) 

           - if you installed accelerated graphics drivers do: nvidia-settings
             (here you can adjust vsync, FSAA, A-Filtering and more)

2. build a window manager: emerge xfce4 which you can start with: startxfce4 

   (here: XFCE a modern and lightweight desktop environment)

(optional) set nicer gentoo-cursors for X:

          a) edit /usr/share/cursors/xorg-x11/default/index.theme

             - replace core with one of the following:

               gentoo          # default gentoo cursor
               gentoo-blue     # same as gentoo but blue
               gentoo-silver   # same as gentoo but silver
               whiteglass      # bigger then gentoo, transparent white
               redglass        # like the above but red (my favorite) 
               handhelds       # small cursor for low resolutions

(optional) install a logon manager with user-switching support: emerge qingy

         a) edit the /etc/inittab this way:

            # TERMINALS
            c1:12345:respawn:/sbin/qingy tty1
            c2:12345:respawn:/sbin/qingy tty2
            c3:12345:respawn:/sbin/qingy tty3
            c4:12345:respawn:/sbin/qingy tty4
            c5:12345:respawn:/sbin/qingy tty5
            c6:12345:respawn:/sbin/agetty 38400 tty6 linux # leave it as fallback

         b) you can set some options to: /sbin/qingy tty# options 

            useful Options: 

            -l   Do not display last user name
            -d   Do not remember last user name
            -n   Close before shutting down to see system shutdown messages
            -s timeout   screensaver timeout in minutes
                (5 is default, 0 turns screensaver off)

            - see configuration file: /etc/qingy/settings (tweak as you need)

            - themes: /usr/share/qingy/themes (if you want set own graphics)

            - screensavers: /usr/lib/qingy/screensavers

(optional) install a screen-lock utility: emerge xtrlock everytime you start it

           you will be promped for your password, else keyboard/mouse stay locked

Section A1: setting up the ALSA sound

1. ALSA interface should be installed already with kernel, do: emerge alsa-utils

2. for OSS compatibility do: emerge alsa-oss

(optional) if unshure which soundcard you have try: emerge pciutils

           then: lspci | grep audio 

(optional) use the utility alsaconf to make some settings for you

3. edit /etc/modules.d/alsa uncomment and specify the driver ALSA should use like this:

                   alias snd-card-0 snd-emu10k1  # SB Live cards
                                ... snd-intel8x0   # nForce2 audio
                                ... snd-maestro3 # ESS Maestro3/Allergo cards
   (for a full list of supported interfaces refer to: ALSA Compatibility List) 

   - also uncomment alias sound-slot-0 snd-card-0 (for OSS compatibility)

4. do: modules-update && rc-update add alsasound boot

5. start ALSA now: /etc/init.d/alsasound start

6. start: alsamixer
   where you can unmute some channels (by pressing M) and setting initial volume

   (important channels are: Master / PCM and on 5.1 cards additionaly: Center / Surround)

Section A2: setting up printing over LPT with CUPS

Read the docs on first!!!

1. edit /etc/make.conf and add the following USE variables: cups ppds foomaticdb

2. do: emerge cups foomatic

3. be shure to have this compiled into kernel:
Device Drivers  --->
   Parallel port support  --->
      <*> Parallel port support
      <*>   PC-style hardware
      [*]     Use FIFO/DMA if available
      [*] IEEE 1284 transfer modes    # EPP & ECP support   
   Character devices  --->
      <*> Parallel printer support

4. Download a PPD-File (PostScript Priter Description) for your printer at: 

   and place it inside the /usr/share/cups/model/ directory

5. enable the printing daemon: rc-update add cupsd default and

   start it: /etc/init.d/cupsd start

6. configure CUPS with the user friendly web-frontend (when asked, login with root account)

   and then do first Manage Printers then Add Printer
   a) first step:

      - Name: best set to Manufacturer_MODEL 

      - Location: /usr/share/cups/model/myppdfile.ppd

      - Description: what you want

   b) second step:

      - Device: choose interface Parallel Port #1
      - Make: choose your Manufacturer

      - Model: choose your Model

   c) finally you probably want to print a test-page

Section A3: setting up a parallel-port scanner with XSANE

1. fist check out (section 10 point 3) how to activate parallel-port in general

2. there is still a setting to enable inside the Kernel: (/dev/parport0)

   Character devices ---> 
           <*> Support for user-space parallel port device drivers

3. do emerge xsane 

   (here: "Plustek OpticPro P12")

4. configure the sane-beckend, edit: /etc/sane.d/dll.conf 

   enable plustek_pp and disable all others

5. configure your printer, edit: /etc/sane.d/plustek_pp.conf

   set only these settings:

   device parport0

6. now the command scanimage -L should give us something like this:

   device `plustek_pp:parport0' is a Plustek P12 parallel port flatbed scanner

7. the command xsane will start the scanning-frontend, probably you have to do it as root

Section A4: setting up internet (DSL with PPPoE)

(do not assign IP or start up this interface automatically)

1. install PPPoE client first: emerge rp-pppoe

2. do: adsl-setup and answer the questions,

  then do: adsl-start, to disconnect do: adsl-stop 

Section A5: setting up a SSH server

1. do: emerge openssh 

   - for custom configurations check out the *.config files stored inside /etc/ssh/

2. finally do: rc-update add sshd default, and /etc/init.d/sshd start to start

   (all users should be able to connect with PAM authentication by default)

Section A6: setting up a LAN router

(Here: internet is connected through eth1, the eth0 interface goes to LAN)

1. fist setup a DHCP server, edit /etc/hosts and add the line all-ones

   then do: route add -host all-ones dev eth0

     a) do: emerge dhcp

     b) do: cp /etc/dhcp/dhcpd.conf.sample /etc/dhcp/dhcpd.conf
     c) edit /etc/dhcpd.conf

        - set your domainname and domain-name-servers

        - uncomment the authoritative line
     d) comment out all lines below the first subnet block
     e) modify the first subnet block as follows:

        subnet netmask  
           range; # add other ranges as new line 
           option routers;
           option broadcast-address; 
           option subnet-mask;       
        ddns-update-style ad-hoc; # set the default dynamic DNS update behaviour
     f) do: rc-update add dhcp default

2. setting up NAT (iptables must be activated in kernel)

     a) install firewall: emerge iptables and then execute this command:
        iptables -A POSTROUTING -t nat -o ppp0 –j MASQUERADE

        then do /etc/init.d/iptables save and rc-update add iptables default

     b) now enable IP-forwarding, edit /etc/conf.d/local.start, add this line:

        echo 1 > /proc/sys/net/ipv4/ip_forward

3. install your own DNS Server emerge dnsmasq

     a) edit /etc/conf.d/dnsmasq so you have DNSMASQ_OPTS set to –i eth0

     b) do: rc-update add dnsmasq default

(optional) when you are a member on DynDNS you can update your current ip:

     a) do: emerge dyndnsupdate

     b) edit /etc/ppp/ip-up and add this line before all:

        dyndnsupdate –u user:pass –h myfulldyndns –i ppp0 # update your ip

Section A7: setting up remote-desktop via VNC

1. do: emerge tightvnc and close all X-sessions

2. select the default Window Manager so edit ~/.vnc/xstartup like this:

        startxfce4 &

3. you can start the vnc-server by typing:

   vncserver –geometry 1024x768 –depth 24 :0

4. you can start the vnc-viewer by typing:

   vncviewer –fullscreen –x11cursor

Section A8: setting up PCMCIA WLAN-interface

(here: Prism 2 Chipset as eth1)

1. compile kernel with these options:
     Bus options (PCI, PCMCIA, EISA, MCA, ISA)  ---> 
        [*] ISA support
            PPCCARD (PCMCIA/CardBus) support  --->
               <*> PCCard (PCMCIA/CardBus) support
                 <*>   16-bit PCMCIA support
               [*]   32-bit CardBus support
               <*> CardBus yenta-compatible bridge support

     Device Drivers --->
        Networking support --->
           iWireless LAN (non-hamradio)  --->
               [*] Wireless LAN drivers (non-hamradio) & Wireless Extensions
               <M> Hermes chipset 802.11b support (Orinoco/Prism2/Symbol)
               <M> Hermes PCMCIA card supporth

2. do: emerge pcmcia-cs and emerge wireless-tools

     a) edit /etc/conf.d/net and setup the new interface

     b) edit /etc/conf.d/wireless and setup wireless options

     c) do: ln -s /etc/init.d/net.eth0 /etc/init.d/net.eth1
     d) do: rc-update add pcmcia boot

        ==> check out the command iwconfig eth1

Section A9: setting up a caching HTTP/FTP-proxy

1. do: emerge squid and edit the /etc/squid/squid.conf

     a) make parts of your config file look like this:
        http_port           # this is the proxy's address & port
        icp_port 0                               # disable use of neighbor caches
        cache_mem 32 MB                                         # cache in memory
        cache_dir ufs /var/cache/squid 512 16 256            # 512MB cache on HDD
        #http_access deny CONNECT !SSL_ports     # also allow non-SSL connections
        acl our_networks src          # subnet which may use proxy
        http_access allow our_networks

     b) let Squid create its directories: squid -z

2. finally do: rc-update add squid default and configure your clients to use proxy

Section A10: setting up a local RSYNC-server

1. edit this file /etc/rsync/rsyncd.conf and add this lines:

       # Limit access
       hosts allow = # your LAN goes here
       hosts deny = *
       max connections = 3
       read only = true 

       # Message of the day
       motd file = /etc/rsync/rsync.motd

       path = /usr/portage
       comment = Gentoo Linux Portage Tree Mirror
       exclude = distfiles/

2. do: echo 'Welcome to mynick Rsync mirror!' > /etc/rsync/rsyncd.motd

3. now edit /etc/conf.d/rsyncd and add to the RSYNC_OPTS these options:

   --safe-links –timeout 60

4. finally do: rc-update add rsyncd default

5. set up all clients to use your Rsync, edit their /etc/make.conf so

   the SYNC line says rsync://myadress/gentoo-portage

Section A11: setting up a Samba-server for file sharing

1. do: emerge samba then edit /etc/samba/smb.conf this way:

   workgroup = WORKGROUP
   netbios name = mymachine
   server string = Samba Server %v                       # shows version
   hosts allow = 192.168.0.                          # only local access
   security = user
   encrypt passwords = yes
   smb passwd file = /etc/samba/private/smbpasswd
   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192  # buffers
   preserve case = yes                        # case sensitive filenames

   comment = Home Directories
   writable = yes

# optional

   comment = Temporary Space
   path = /tmp
   read only = no
   public = yes

# optional (here: non-redundant distfiles-directory on server for our LAN)

   comment = Portage Distfiles
   path = /usr/portage/distfiles
   valid users = root
   public = no
   writable = yes
   printable = no
   force group = portage

2. do: rc-update add samba default to enable samba on the server

3. add users to the samba user-list: smbpasswd -a myuser

(optional) if you want to share your distfiles directory do this also for root

4. to mount samba share of distfiles on clients you can make an smbmnt script:

   mount -t smbfs \
   -o username=root \ 
   -o gid=portage \
   -o passwd=mysmbpw \ 
   // \
   /usr/portage/distfiles/ \

    - do: chmod +x smbmnt and purge all files inside /usr/portage/distfiles/

   - now just execute: ./smbmnt 

Section A12: setting up a webserver with SSL/PHP support

1. do: emerge openssl apache mod_php

2. then edit /etc/conf.d/apache2 and uncomment the following lines:

     APACHE2_OPTS and add -D PHP5 (-D SSL should be already there)

3. go to /etc/apache2/conf/ (use documentation for details)

   - edit the commonapache2.conf and adjust common server configuration here

     ... usefull <Directory /> options are: Indexes FollowSymLinks MultiViews

   - edit the apache2.conf and make some other settings

4. fine tune your modules go to: /etc/apache2/conf/modules.d/

   - edit the 40_mod_ssl.conf (standard SSL settings)

     and 41_mod_ssl.default-vhost.conf (set SSL doc-root and .crt/.key locations) 

     and 70_mod_php5.conf (set PHP settings)

5. generate your SSL certificate (look inside section A13)

   - place your server.crt and server.key inside /etc/apache2/conf/ssl/

6. start your server with /etc/init.d/apache2 start you may enable it at boot:

   rc-update add apache2 default

Section A13: setting up a CVS-server

1. do: emerge cvsd

     a) initialize CVS root: cvs -d /var/lib/cvsd/root init

     b) build chrooted structure: cvsd-buildroot /var/lib/cvsd/

     c) create lock directory: mkdir -p /var/lib/cvsd/var/lock

2. configure CVS daemon, edit /etc/cvsd/cvsd.conf such way:

     a) uncomment line: Listen * 2401 # your CVS listening port

     b) uncomment and edit your repository root: Repos /myroot

3. create CVS users:

      - do for each user: cvsd-passwd /var/lib/cvsd/myroot myuser and set password

4. finish setup:
     a) do: chown -R cvsd\: /var/lib/cvsd/ and chmod -R g+w /var/lib/cvsd/var/

     b) finally do: rc-update add cvsd default

Section A14: setting up a virtual-PC with QEMU

1. do: USE=”softmmu” emerge qemu 

2. create an image file: dd if=/dev/zero of=./guestos.img bs=1M count=4096 (in MB)

3. examples how to start:

# boot from CDROM
qemu -m 512 -enable-audio -user-net -localtime -boot d -cdrom /dev/cdrom -hda ./cdos.img

# boot from FDD-image
qemu -m 512 -enable-audio -user-net -localtime -fda ./fddos.img

# boot from ISO-image
qemu -m 512 -enable-audio -user-net -localtime -boot d -cdrom win2000.iso -hda ./win.img

# run Windows
qemu -m 512 -enable-audio -user-net -localtime -hda ./win.img

Section A15: setting up a secure FTP server 

(here: using PAM authentication for existing system users)

1. do: emerge vsftpd

2. you may use the /etc/vsftpd/vsftpd.conf.sample or

   make your own vsftpd.conf there which should look like this:

   ftpd_banner="Welcome to yournick's FTP server!"

   - use man vsftpd to find out other usefull settings

(optional) enable SSL/TLS-support for secure control-communication:

   - generate your SSL certificate like inside section A13, but instead of

     seperate files for mysite.crt certificate and mysite.key private-key

     just use vsftpd.pem for both. (crt & key together inside one file)

   - place your vsftpd.pem inside /etc/vsftpd/

   - edit your vsftpd.conf and add:


3. making the FTP server to startup on boot: rc-updte add vsftpd default

   or start it directly with: /etc/init.d/vsftpd start

Section A16: generating (self signed) SSL certificates

(OpenSSL should be already installed, else do: emerge openssl)

1. Create a self signed certificate & private-key:
   (note: some clients discard self-signed certificates by default)

   openssl req -new -x509 -nodes -days 365 -out mysite.crt -keyout mysite.key

2. Create an own CA for signing keys: OpenSSL Certificate Authority Setup

Appendix: useful (unbloated) apps

APP                EBUILD                           HINTS

Terminal:          x11-terms/xterm                  (xterm -bc -fn 8x13 -bg black -fg grey)
Virtual Terminal   app-misc/screen
Text Editor:       app-editors/leafpad
HTML/PHP Editor:   app-editors/bluefish
Image Editor:      media-gfx/gimp
Vector Graphics:   media-gfx/inkscape
Diagram Editor:    app-office/dia
Desktop Publish:   app-office/scribus
PDF Reader:        app-text/acroread
Web Browser:       net-www/mozilla-firefox
Mail Client:       mail-client/mozilla-thunderbird
IRC Client:        net-irc/xchat
Instant Messanger: net-im/sim
FTP Client:        net-ftp/gftp
P2P Client:        net-p2p/amule
Movie Player:      media-video/mplayer
Audio Player:      media-sound/xmms
Office:            app-office/openoffice
CD Mastering:      app-cdr/xcdroast
Coding IDE:        dev-util/eclipse-sdk
SCP Client:        net-misc/secpanel
PC Emulator:       app-emulation/qemu

You are visitor