From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1PtJ8y-0005PA-7s for garchives@archives.gentoo.org; Sat, 26 Feb 2011 12:21:04 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 3D55CE06EC for ; Sat, 26 Feb 2011 12:21:03 +0000 (UTC) Received: from mail1.nippynetworks.com (mail1.nippynetworks.com [91.220.24.129]) by pigeon.gentoo.org (Postfix) with ESMTP id B9CBE1C06C for ; Sat, 26 Feb 2011 11:58:04 +0000 (UTC) Received: from localhost (mail1.nippynetworks.com [127.0.0.1]) by mail1.nippynetworks.com (Postfix) with ESMTP id 4158834030C; Sat, 26 Feb 2011 11:58:04 +0000 (GMT) X-Virus-Scanned: amavisd-new at nippynetworks.com Received: from mail1.nippynetworks.com ([127.0.0.1]) by localhost (mail1.nippynetworks.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id hdpQ8suYvHR1; Sat, 26 Feb 2011 11:58:04 +0000 (GMT) Received: from Ed-Wildgooses-MacBook-Pro.local (office.nippynetworks.com [212.69.49.94]) (Authenticated sender: edward@wildgooses.com) by mail1.nippynetworks.com (Postfix) with ESMTPSA id DCC1934030B; Sat, 26 Feb 2011 11:58:03 +0000 (GMT) Message-ID: <4D68EACB.8030204@wildgooses.com> Date: Sat, 26 Feb 2011 11:58:03 +0000 From: Ed W User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.13) Gecko/20101207 Lightning/1.0b2 Thunderbird/3.1.7 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-embedded@lists.gentoo.org Reply-to: gentoo-embedded@lists.gentoo.org MIME-Version: 1.0 To: gentoo-embedded@lists.gentoo.org CC: arkadi.shishlov@gmail.com Subject: Re: [gentoo-embedded] virtual server profile References: <4D10C0B0.8010602@wildgooses.com> <4D132FBE.6080508@gmail.com> In-Reply-To: <4D132FBE.6080508@gmail.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Archives-Salt: X-Archives-Hash: bcff967299b669198c4266de665870b5 On 23/12/2010 11:17, Arkadi Shishlov wrote: > On 12/21/10 16:58, Ed W wrote: >> However, if that developer/administrator is available, then Gentoo is a >> marvellous solution for quickly building few MB custom solution, or a 60MB >> virtual server base installation, or whatever other customised environment you >> desire? > Do you have such a setup for virtual server or, maybe, openvpz/vserver? ie. > profile/make.conf/install masks/whatever ready for public consumption you can share? Sorry, missed your email OK, I create /usr/local/portage/profiles/my-hardened/ this has a file "parent" which contains: ../../../../portage/profiles/hardened/linux/amd64/10.0 Then simply create any overrides for completely global defaults and keywords I then create various subdirectories: vserver-host: this holds the generic host config vserver-guest: this is the base for the various guest configs (over-rides for all guests go here) In the vserver-guest I create more directories per vserver type, eg: vserver-guest/ vserver-guest/proxy vserver-guest/no-multilib vserver-guest/www vserver-guest/www/apache2 vserver-guest/www/nginx vserver-guest/mysql vserver-guest/fs vserver-guest/dns vserver-guest/glusterfs vserver-guest/mail The main thing to remember is that you need a "parent" file containing ".." in each and every directory or else you just failed to inherit from the top level profile. However, after that just customise what you need for each guest type! Oh, further, in my host I have several package directories: /usr/portage/packages/ /usr/portage/packages/local /usr/portage/packages/uclibc.host /usr/portage/packages/uclibc /usr/portage/packages/guest32 /usr/portage/packages/guest64 The "local" one is for the host and the others are mounted to the appropriate class of guest. Note this isn't as granular as you desire, eg the PHP package will normally have different use flags between apache and nginx guests. However, portage simply uses or rebuilds the php package as it finds it previously built. This is satisfactory for me. Mysql is another example where most guests build with "-minimal", but the servers build the full server. Again handled automatically with a slight slowdown occasionally Good luck Ed W