Goal for today is two things: First, adjust portage to our needs (i. e. tweak some of make.conf); and then, get syslog-ng and vixie cron up and running.
For make.conf, main thing is to add ELOG settings. It’s basically two lines. So, here is now the full /etc/make.conf, including the already promised USE flags:
CHOST="i686-pc-linux-gnu"
CFLAGS="-O2 -march=pentium4 -fomit-frame-pointer -pipe"
CXXFLAGS="${CFLAGS}"
MAKEOPTS="-j2"
PORTAGE_NICENESS=3
AUTOCLEAN="yes"
FEATURES="distlocks parallel-fetch"
PORTAGE_ELOG_CLASSES="warn error log"
PORTAGE_ELOG_SYSTEM="save"
GENTOO_MIRRORS="http://mirror.switch.ch/ftp/mirror/gentoo/ ftp://mirror.switch.ch/mirror/gentoo/ ftp://ftp.solnet.ch/mirror/Gentoo http://gentoo.mirror.solnet.ch"
SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage"
USE_GENERAL="nptl bash-completion spell unicode vim-syntax"
USE_LIBS="bzip2 curl curlwrappers gd gif graphviz iconv imagemagick imlib jpeg jpeg2k libwww mime mng ncurses pdf png readline slang svga tiff xpm zlib"
USE_HARDWARE="acpi apm cdr dvd dvdr dvdread foomaticdb gpm iee1394 lm_sensors mmx ppds sse"
USE_SERVER="apache apache2 cups ftp imap maildir -mbox mysql samba usb xinetd"
USE_SECURITY="clamav cracklib crypt sasl ssl"
USE_X="-gnome -kde -X"
USE_LANG="ocaml perl php python ruby tetex tidy xml xmlrpc xsl"
USE="${USE_GENERAL} ${USE_LIBS} ${USE_HARDWARE} ${USE_SERVER} ${USE_SECURITY} ${USE_X} ${USE_LANG}"
And now, we set the locale for the system – basically creating a file /etc/conf.d/02locale:
de_CH.utf8
With everything out of the way, we can start to configure syslog-ng. There is a part within the Gentoo Linux security guide about syslog-ng – which we use as a basis to create the syslog-ng.conf file, and we emerge logsentry (which includes altering something in /etc/cron.hourly, as suggested by portage).
Now, we configure cron. There is a good entry in the wiki about cron. So, we emerge logwatch and configure it as indicated; then, we emerge and configure logrotate, and we add a cronjob for portage. That’s it – cron is up and running and we have a feasible log maintenance!
Last daemon to configure is ntp – to keep the system’s time in sync. These servers are added to /etc/ntp.conf:
server bernina.ethz.ch
server ntp.univ-lyon1.fr
server tick.keso.fi
server fartein.ifi.uio.no
server ntp2a.mcc.ac.uk
server ntp2b.mcc.ac.uk
We also make sure that the time can be synced by uncommenting the very last line of ntp.conf. That’s it – we have configured the most important system tools!
Now, the only thing to find out is the funny drop-outs that I encounter when connected via ssh – the connection just drops from time to time…
One thing to do – passwordless login via ssh! There is a Gentoo wiki entry on this which we follow.