Conditional PAM modules

I spent some time trying to setup PAM so that I could authenticate (locally for now) using my Yubikey. There are several resources on how to do that out there, so I won’t discuss the Yubikey setup and all, but I thought I’d drop a note about how I ended up doing “conditional” PAM entries. […]

Debugging Ncurses to fix a Mutt segfault on Gentoo

This all started after a regular package upgrade on my Gentoo box: $ mutt Segmentation fault Meh, another breakage. This one already had a bug filed on the Gentoo bug tracker: #651552. However, there was no fix available yet. So time to rebuild with debug enabled (-ggdb3) and sources installed, disable PaX on the binary, […]

OpenSSL 1.1.0 and the plague of implicit function declarations

I’m currently rebuilding my Gentoo packages after switching to the (hard-masked) dev-libs/openssl-1.1.0g. The OpenSSL 1.1.0 branch has been available for a while now, and brings with it a lot of sane-looking changes to the OpenSSL API, like opaque structures that don’t let anyone go poking around their insides, and less kludgy handling of library initialization, […]

Restoring package.use from currently installed packages

So I screwed up while re-installing my Gentoo system. Backup was not set, and I had not been committing my /etc/portage in a while as it kept changing. I was in the process of migrating my single-file package.use to a directory, and I made a mistake: end result, my package.use was gone, and any backups […]

Unwrapping a LZ4-compressed kernel

So I’m reinstalling my Gentoo system from scratch, and I want it to boot with UEFI and Secure Boot. That means I want to embed the kernel’s initramfs into the kernel image, so that the signature-checking performed by the firmware covers both the kernel and the initramfs. Roughly following Sakaki’s awesome EFI install guide, I […]

Samba with LTO… not!

So my Gentoo now builds with LTO –mostly. A number of packages fail to compile properly with LTO, so I disable it on a per-package basis using portage.env. Samba (4.2.11) is one of those packages. I get the exact same failure as reported in this thread, which remains unanswered to date. So I disabled LTO […]

Leveraging Intel Ivy Bridge’s hardware RNG

Intel Ivy Bridge CPUs such as the i7-3770K that I own ship with a hardware random number generator that can be polled through the RdRand instruction. This feature is advertised in /proc/cpuinfo with the rdrand flag. This hardware RNG can be leveraged to increase the entropy bits available to Linux’s random character devices /dev/random and […]

Emerge blocker: =net-analyzer/openvas-7.0.6

After a Portage tree sync, OpenVAS was to be upgraded to version 7.0.6 (having ACCEPT_KEYWORDS ~amd64). Unfortunately, this somehow triggered Portage into belching out a lot of blocker errors. Even after unmerging all OpenVAS packages to start over from a clean state, Portage still wanted me to install the following: $ eix -e openvas * […]

WiFi on Gentoo using a RTL8192CU wireless adapter

I’m trying to set up a wifi network interface on my Gentoo box, using a Realtek RTL8192CU wireless adapter. After poking in the kernel configuration menu, I activated the following items: Networking support > Wireless (CONFIG_WIRELESS) Networking support > Wireless > cfg80211 – wireless configuration API (CONFIG_CFG80211) Networking support > Wireless > enable powersave by […]

GNU patch and end-of-file newline (or lack thereof)

So I was trying to version bump the ebuild for dev-tcltk/tcllib-1.15-r1 into dev-tcltk/tcllib-1.16 (I needed tcl::chan::string 1.0.2 instead of 1.0.1). tcllib comes with a cartload of man pages, some of which have names which conflict with Tcl ones. Thus, as is the case for dev-tcltk/tcllib-1.15-r1, I needed to remove/rename them in the ebuild. Those that […]