[gentoo-server] eth0 startup

[gentoo-server] eth0 startup

[Ajai Khattri]

I have iptables and net.eth0 in my default runlevel - is it normal for 
iptables to start *before* eth0 is up? If not, then why is this happening?


-- 
A

Re: [gentoo-server] eth0 startup

[Leon Schoorl]

Ajai Khattri schreef:
>
> I have iptables and net.eth0 in my default runlevel - is it normal for 
> iptables to start *before* eth0 is up? If not, then why is this 
> happening?
I think it's for security reasons. If eth0 goes up first and the 
iptables some (short) time after that. Then in that (short) time some, 
perhaps malicious, could come in. Which should be blocked be some 
iptable rules, that still have to be loaded.
That time should be pretty short, but better safe then sorry, so 
iptables is started first.

Regards,
Leon

Re: [gentoo-server] eth0 startup

[Ramon van Alteren]

Ajai Khattri wrote:
> 
> I have iptables and net.eth0 in my default runlevel - is it normal for
> iptables to start *before* eth0 is up? If not, then why is this happening?
> 
> 
This is happening to make sure your firewall rules are in place *before*
you accept any traffic. So yes, it's normal

Ramon

RE: [gentoo-server] Questions about Server

[Spahn, Daniel]

Is this project about how to configure Gentoo as a server OS, or is it about creating a branch of Gentoo dedicated to being a server? In either case, I have some suggestions...

One of my pet peeves about emerging for a server-grade platform is that there is no way to truly separate the build/install process that is easy to track. I have read about the buildpkg and buildpkgonly options, but I don't like them because they are not geared toward a sys admin that has several machines that may need different packages emerged. In my ideal world, the emerge function could be run with a command switch, which would cause it to run the full emerge without installing, then with a simple command, list all the built packages that need to be 'installed'--- much like etc-update. Before I bring up any more suggestions, I would like to know more about the gentoo-server project's angle. Can someone point me in the right direction?

Thanks.

Dan

Computer Systems Manager

Re: [gentoo-server] Questions about Server

[Robert Bridge]

[-- Attachment #1: Type: text/plain, Size: 1142 bytes --]

On Mon, 29 Sep 2008 06:56:45 -0500
"Spahn, Daniel" <DSpahn@cuh2a.com> wrote:

> Is this project about how to configure Gentoo as a server OS, or is
> it about creating a branch of Gentoo dedicated to being a server? In
> either case, I have some suggestions...

The former.

> One of my pet peeves about emerging for a server-grade platform is
> that there is no way to truly separate the build/install process that
> is easy to track. I have read about the buildpkg and buildpkgonly
> options, but I don't like them because they are not geared toward a
> sys admin that has several machines that may need different packages
> emerged. In my ideal world, the emerge function could be run with a
> command switch, which would cause it to run the full emerge without
> installing, then with a simple command, list all the built packages
> that need to be 'installed'--- much like etc-update. Before I bring
> up any more suggestions, I would like to know more about the
> gentoo-server project's angle. Can someone point me in the right
> direction?

First pointer I would give is not to hijack threads, start a new one.

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 197 bytes --]

Re: [gentoo-server] Questions about Server

[Andrew Gaffney]

Robert Bridge wrote:
> On Mon, 29 Sep 2008 06:56:45 -0500
> "Spahn, Daniel" <DSpahn@cuh2a.com> wrote:
> 
>> Is this project about how to configure Gentoo as a server OS, or is
>> it about creating a branch of Gentoo dedicated to being a server? In
>> either case, I have some suggestions...
> 
> The former.

Actually, it was originally the latter, but that project failed long ago due to 
lack of time/interest on the part of the people working on it. It's basically 
become the former.

-- 
Andrew Gaffney                                 http://dev.gentoo.org/~agaffney/
Gentoo Linux Developer            Catalyst/Genkernel + Release Engineering Lead

RE: [gentoo-server] Emerging for servers

[Spahn, Daniel]

Is there an app or script that I can use to emerge up to the point of compiling, without installing or completing the merge, track the packages that were compiled, and run a batch install of the compiled packages, collecting the package-specific notices? If not, can someone point me to a good scripting resource? I don't know a lot of shell scripting yet, so I need a basic and intermediate tutorial... Thanks!

Dan

Re: [gentoo-server] Questions about Server

[Robert Bridge]

[-- Attachment #1: Type: text/plain, Size: 801 bytes --]

On Mon, 29 Sep 2008 07:22:54 -0500
Andrew Gaffney <agaffney@gentoo.org> wrote:

> Robert Bridge wrote:
> > On Mon, 29 Sep 2008 06:56:45 -0500
> > "Spahn, Daniel" <DSpahn@cuh2a.com> wrote:
> > 
> >> Is this project about how to configure Gentoo as a server OS, or is
> >> it about creating a branch of Gentoo dedicated to being a server?
> >> In either case, I have some suggestions...
> > 
> > The former.
> 
> Actually, it was originally the latter, but that project failed long
> ago due to lack of time/interest on the part of the people working on
> it. It's basically become the former.

My apologies. I had not realised that, as that would be a project I
would be interested in. 

I had been considering an overlay based structure, but never got very
far with my thinking.

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 197 bytes --]

Re: [gentoo-server] Emerging for servers

[Alex Efros]

Hi!

On Mon, Sep 29, 2008 at 07:32:31AM -0500, Spahn, Daniel wrote:
> Is there an app or script that I can use to emerge up to the point of
> compiling, without installing or completing the merge, track the
> packages that were compiled, and run a batch install of the compiled
> packages, collecting the package-specific notices? If not, can someone
> point me to a good scripting resource? I don't know a lot of shell
> scripting yet, so I need a basic and intermediate tutorial... Thanks!

step1: emerge -B pkg1 pkg2 pkg3
step2: emerge -K pkg1 pkg2 pkg3

But there problem with this: if pkg2 DEPEND on pkg1, then it either will
not compile at all (without installing pkg1 first), or, worse, it will
compile using older, currently installed version of pkg1, and after
installing at step2 pkg2 become broken (because pkg1 was replaced by newer
version without recompiling pkg2).

-- 
			WBR, Alex.

RE: [gentoo-server] Questions about Server

[Spahn, Daniel]

-----Original Message-----
From: Robert Bridge [mailto:robert@robbieab.com]
Sent: Monday, September 29, 2008 8:56 AM
To: gentoo-server@lists.gentoo.org
Subject: Re: [gentoo-server] Questions about Server

On Mon, 29 Sep 2008 07:22:54 -0500
Andrew Gaffney <agaffney@gentoo.org> wrote:

> > Robert Bridge wrote:
> > > On Mon, 29 Sep 2008 06:56:45 -0500
> > > "Spahn, Daniel" <DSpahn@cuh2a.com> wrote:
> > >
> > >> Is this project about how to configure Gentoo as a server OS, or is
> > >> it about creating a branch of Gentoo dedicated to being a server?
> > >> In either case, I have some suggestions...
> > >
> > > The former.
> >
> > Actually, it was originally the latter, but that project failed long
> > ago due to lack of time/interest on the part of the people working on
> > it. It's basically become the former.
>
> My apologies. I had not realised that, as that would be a project I
> would be interested in.
>
> I had been considering an overlay based structure, but never got very
> far with my thinking.

I'm not much of a coder, but I'll help how I can. I have a couple of servers running Gentoo, and plenty of ideas.

Dan

Re: [gentoo-server] Questions about Server

[Marius Mauch]

On Mon, 29 Sep 2008 08:00:22 -0500
"Spahn, Daniel" <DSpahn@cuh2a.com> wrote:

> I'm not much of a coder, but I'll help how I can. I have a couple of
> servers running Gentoo, and plenty of ideas.

Well, there generally isn't a shortage of ideas, but of people actually
implementing them (as that's the boring and time-consuming part).

Marius

Re: [gentoo-server] Emerging for servers

[Edward Muller]

ROOT=/tmp/someplace emerge pkgfoo

You would of course want:

FEATURES="buildpkg"

in your make.conf

On Sep 29, 2008, at 5:32 AM, Spahn, Daniel wrote:

> Is there an app or script that I can use to emerge up to the point  
> of compiling, without installing or completing the merge, track the  
> packages that were compiled, and run a batch install of the compiled  
> packages, collecting the package-specific notices? If not, can  
> someone point me to a good scripting resource? I don't know a lot of  
> shell scripting yet, so I need a basic and intermediate tutorial...  
> Thanks!
>
> Dan
>

--
Edward Muller, Manager, Systems Engineering
Engine Yard Inc. : Support, Scalability, Reliability
+1.866.518.9273 x209  - Mobile: +1.417.844.2435
IRC: edwardam - XMPP/GTalk: emuller@engineyard.com
Pacific/US

RE: [gentoo-server] Emerging for servers

[Spahn, Daniel]

Thank you- that's very helpful. Is there a way I could track the packages, or would the list simply bee the tree structure of ROOT (below)? Thanks!

Dan

Computer Systems Manager



-----Original Message-----
From: Edward Muller [mailto:emuller@engineyard.com]
Sent: Monday, September 29, 2008 1:25 PM
To: gentoo-server@lists.gentoo.org
Subject: Re: [gentoo-server] Emerging for servers

ROOT=/tmp/someplace emerge pkgfoo

You would of course want:

FEATURES="buildpkg"

in your make.conf

On Sep 29, 2008, at 5:32 AM, Spahn, Daniel wrote:

> Is there an app or script that I can use to emerge up to the point
> of compiling, without installing or completing the merge, track the
> packages that were compiled, and run a batch install of the compiled
> packages, collecting the package-specific notices? If not, can
> someone point me to a good scripting resource? I don't know a lot of
> shell scripting yet, so I need a basic and intermediate tutorial...
> Thanks!
>
> Dan
>

--
Edward Muller, Manager, Systems Engineering
Engine Yard Inc. : Support, Scalability, Reliability
+1.866.518.9273 x209  - Mobile: +1.417.844.2435
IRC: edwardam - XMPP/GTalk: emuller@engineyard.com
Pacific/US

RE: [gentoo-server] Questions about Server

[Spahn, Daniel]

I'm not very good at raw coding, but I am good at picking up something pre-existent and modifying it to suit my purposes. I'm still trying to get the hang of overlays, though.
Dan

Computer Systems Manager


-----Original Message-----
From: Marius Mauch [mailto:genone@gentoo.org]
Sent: Monday, September 29, 2008 1:07 PM
To: gentoo-server@lists.gentoo.org
Subject: Re: [gentoo-server] Questions about Server

On Mon, 29 Sep 2008 08:00:22 -0500
"Spahn, Daniel" <DSpahn@cuh2a.com> wrote:

> I'm not much of a coder, but I'll help how I can. I have a couple of
> servers running Gentoo, and plenty of ideas.

Well, there generally isn't a shortage of ideas, but of people actually
implementing them (as that's the boring and time-consuming part).

Marius

Re: [gentoo-server] Emerging for servers

[Edward Muller]

On Sep 29, 2008, at 10:38 AM, Spahn, Daniel wrote:

> Thank you- that's very helpful. Is there a way I could track the  
> packages, or would the list simply bee the tree structure of ROOT  
> (below)? Thanks!

ls $PKGDIR outside of the chroot.

If you don't want the resultant $ROOT you can just blow it away.

>
>
> Dan
>
> Computer Systems Manager
>
>
>
> -----Original Message-----
> From: Edward Muller [mailto:emuller@engineyard.com]
> Sent: Monday, September 29, 2008 1:25 PM
> To: gentoo-server@lists.gentoo.org
> Subject: Re: [gentoo-server] Emerging for servers
>
> ROOT=/tmp/someplace emerge pkgfoo
>
> You would of course want:
>
> FEATURES="buildpkg"
>
> in your make.conf
>
> On Sep 29, 2008, at 5:32 AM, Spahn, Daniel wrote:
>
>> Is there an app or script that I can use to emerge up to the point
>> of compiling, without installing or completing the merge, track the
>> packages that were compiled, and run a batch install of the compiled
>> packages, collecting the package-specific notices? If not, can
>> someone point me to a good scripting resource? I don't know a lot of
>> shell scripting yet, so I need a basic and intermediate tutorial...
>> Thanks!
>>
>> Dan
>>
>
> --
> Edward Muller, Manager, Systems Engineering
> Engine Yard Inc. : Support, Scalability, Reliability
> +1.866.518.9273 x209  - Mobile: +1.417.844.2435
> IRC: edwardam - XMPP/GTalk: emuller@engineyard.com
> Pacific/US
>
>
>
>

--
Edward Muller, Manager, Systems Engineering
Engine Yard Inc. : Support, Scalability, Reliability
+1.866.518.9273 x209  - Mobile: +1.417.844.2435
IRC: edwardam - XMPP/GTalk: emuller@engineyard.com
Pacific/US

Re: [gentoo-server] Emerging for servers

[Sven Vermeulen]

On Mon, Sep 29, 2008 at 7:25 PM, Edward Muller <emuller@engineyard.com> wrote:
> You would of course want:
>
> FEATURES="buildpkg"
>
> in your make.conf

A possible architecture would be to have a development server (where
Gentoo is used as it is used mostly, i.e. source-builds, but with a
somewhat static portage tree), then a staging server with
FEATURES=buildpkg, then a testing server where you only install the
binaries (which were created on the staging server) and if the testing
is succesfull, proceed with the production server.

Of course, that would require some resources although virtualization
can help you a great deal.

Wkr,
  Sven Vermeulen

Re: [gentoo-server] Emerging for servers

[Edward Muller]

--
Edward Muller

On Sep 29, 2008, at 11:18 AM, "Sven Vermeulen" <swift@gentoo.org> wrote:

> On Mon, Sep 29, 2008 at 7:25 PM, Edward Muller  
> <emuller@engineyard.com> wrote:
>> You would of course want:
>>
>> FEATURES="buildpkg"
>>
>> in your make.conf
>
> A possible architecture would be to have a development server (where
> Gentoo is used as it is used mostly, i.e. source-builds, but with a
> somewhat static portage tree), then a staging server with
> FEATURES=buildpkg, then a testing server where you only install the
> binaries (which were created on the staging server) and if the testing
> is succesfull, proceed with the production server.

We actually pull upstream portage into a git repository and merge only  
the packages that we need to merge into our production branch. This  
also allows us to test incoming packages for various levels of breakage.

We use a dedicated build system to compile the binaries used by our  
systems.
>
>
> Of course, that would require some resources although virtualization
> can help you a great deal.
>
> Wkr,
>  Sven Vermeulen
>