Gentoo: System update
From Luky-Wiki
Warning! Warning! Warning! ... This article is my cookbook. It is designed for binary type update (two stages deployment) and only as reference. You can use it but it may not be suitable for all configurations. Use common sense and add / modify / repeat commands if necessary. I am doing same during update. Some of commands have --pretend just to see actions before they are applied. I normally review them and rerun without --pretend option.
Contents
- 1 System Update
- 1.1 Update local repository
- 1.2 Clean logs from previous update
- 1.3 Clean distfiles and package directory
- 1.4 Update system including build dependencies
- 1.5 Commit or reject configuration changes in "/etc"
- 1.6 Review messages from packages
- 1.7 Clean packages with no dependency on "world" package set
- 1.8 Scan for broken dependencies
- 1.9 If previous commands result in package rebuild then review again logs and possible configuration changes
- 1.10 Verify / validate dependency starting from "world" fileset
- 1.11 Check for possible updates by each package separately (watch versions in slots)
- 1.12 Search for possible obsolete portage configuration and installed packages
- 1.13 Check installed packages agains GLSA (Gentoo Linux Security Advisories)
- 1.14 Rebuild X11 drivers and linked packages (hekate-x11 and phoebe / piper)
- 2 Binhost only
- 3 Known problems
System Update
Update local repository
eix-sync
or
emerge --sync
or (if repository is already synced)
eix-update
Clean logs from previous update
find /var/log/portage -maxdepth 1 -type f -ls -delete
Clean distfiles and package directory
eclean-dist --deep ; eclean-pkg --deep
Update system including build dependencies
on "build" system
emerge --fetchonly --ask --update --deep --newuse --with-bdeps=y @world
emerge --quiet-build --ask --update --deep --newuse --with-bdeps=y @world
on "prod" system
emerge --fetchonly --ask --update --deep --newuse --with-bdeps=y --binpkg-changed-deps=n @world
emerge --ask --update --deep --newuse --with-bdeps=y --binpkg-changed-deps=n @world
Commit or reject configuration changes in "/etc"
etc-update
Review messages from packages
elogv
Clean packages with no dependency on "world" package set
emerge --ask --depclean
Scan for broken dependencies
- perl:
perl-cleaner --all --pretend
- libraries detected by system:
emerge --ask @preserved-rebuild
- libraries not detected by portage:
revdep-rebuild --ignore --pretend
revdep-rebuild.sh --ignore --pretend
If previous commands result in package rebuild then review again logs and possible configuration changes
elogv
etc-update
Verify / validate dependency starting from "world" fileset
emerge --pretend --verbose --update --deep --newuse --with-bdeps=y @world
Check for possible updates by each package separately (watch versions in slots)
eix --upgrade
Search for possible obsolete portage configuration and installed packages
eix-test-obsolete
Check installed packages agains GLSA (Gentoo Linux Security Advisories)
glsa-check --test --nocolor --verbose all
Rebuild X11 drivers and linked packages (hekate-x11 and phoebe / piper)
emerge --ask @x11-module-rebuild
emerge --ask --oneshot app-crypt/hashcat app-crypt/johntheripper
Note: binary packages needs to be disabled on prod system:
export FEATURES="-buildpkg -getbinpkg" export CFLAGS="-O2 -march=native -mfpmath=sse -fomit-frame-pointer -pipe"
Binhost only
(optional) validate installed files against database
for a in $( qcheck --badonly ) do clear; ( echo $a; qcheck $a ) | less done
Check integrity of local repository
cd /opt/local/portage/ repoman
Validate binhost list
emaint --check binhost
Verify binary package tree
emerge --pretend --emptytree --usepkgonly @world
Synchronize binary packages to web server
sync/binhost-sync.sh
Known problems
Perl slot change
emerge --ask --update --deep --newuse --with-bdeps y --backtrack 100 @world
perl-cleaner --all
