Sep
09
2006

Patch-O-Matic & Portage

(Add / View Comments) (0)Saturday, September 9, 2006 - 11:53:17 am
(Posted Under: Gentoo Linux Gentoo Linux)
Up until now, I've manually applied and installed iptables modules via patch-o-matic. I've been thinking about finding out how to do it via portage for a little while not, for a couple of reasons - the first one being because I end up with userspace iptables in / (portage install) and /usr/local (manual iptables build), and more annoyingly, I always forget which patch-o-matic I've previously used. Installing to /usr/local worked okay, as long as I remembered to copy things from /usr/local/lib/iptabes to /lib/iptables, but it was time to change.

I looked into this last night, and found a howto on forums.gentoo.org, which mostly worked. With a couple of annoyances. The first one is that my kernel sources are already patched for the added modules I use (account, condition, time). But if I unpack the iptables userspace source, it's obviously not patched. Fine, except that running patch-o-matic will detect the patches as already applied, because of the kernel sources. Fine, just reverse the patches. Not rocket science, but kinda annoying, nether the less.

The other annoyance is that the unpacked sources' Makefile has PREFIX set to /usr/local. Installing via ebuild still installs to /, but the binary looks for modules in /usr/local/lib. I'm not entirely sure how emerge -v iptables differs from ebuild [ebuildfile] install, however it sets PREFIX correctly. In anycase, again, this just requires the Makefile to be modified between ebuild unpack and ebuild install. Again, kinda annoying, and moreso than the above issue.

The other annoyance is it doesn't change doing an emerge. Which I guess was part of my major desire, the half of it. Having one copy of iptables installed and tracked by portage is achieved, but still emerge iptables is still going to override the installed version with a vanilla copy. Being able to do emerge iptables and have the wanted patches installed would be nice.

Having patch-o-matic in portage, and a patch-o-matic USE flag, and then specifying which modules to add would be sweet. Using USE flags for a module list wouldn't really be appropriate, but being able to define a list somewhere, and have USE="patch-o-matic" emerge -v iptables install iptables with the required pom patches applied would be sweet.
Now Playing: Zubia Brothers - Angelina

Switch Styles

About Style Switching.

!Weblog Index

Aug September 2006 Oct
SU MO TU WE TH FR SA
1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30
31

Categories

RSS FeedRSS Feed