Take a Ride on the Gentoo Train
I can't think of a better way to start a religious war in the Linux community than to compare Linux distributions. I don't intend to try to say that my favorite distribution is best; I just want to point out some of the features of Gentoo Linux that make it stand out in the context of some of the other more popular distributions.
Over the years, I've used many different Linux distributions, including Slackware, Red Hat, Mandrake, Yellow Dog, SUSE, Knoppix, Caldera and finally, Gentoo. When I first started using Linux, I used Slackware—back when it fit on 14 3.5" floppy disks, including the X Window System. I moved to Red Hat when I realized how convenient package management could be. Switching to Mandrake was a simple move, because it also was RPM-based and featured Pentium-optimized packages, which was nice at the time, as Red Hat still was compiling for i386. Finally, a coworker introduced me to Gentoo, and I've never looked back.
Gentoo is a completely source-based distribution, which means you don't install software by installing precompiled binaries using a package manager. With Gentoo, you compile almost everything from scratch, under the control of the Gentoo package manager, known as emerge (more on emerge later).
For this article, I'm revisiting using a binary-package-based distribution. In this arena, I felt that Ubuntu and Fedora were the leading contenders.
For my tour of the Ubuntu system, I downloaded Ubuntu 8.04 Desktop edition from the Ubuntu Web site. After booting the CD image under VirtualBox, I was able to play around with the live CD. The live CD also offered me the opportunity to install the system onto my hard drive, which I did. I have to say, I was very impressed with how easy it all was. The system booted directly into the desktop environment without displaying a single kernel message. From there, I was able to access the local Windows network neighborhood and a full OpenOffice.org suite. Everything seemed to work “right out of the box”. Within a minute of using the new system, I received a pop-up message indicating that new updates were available for installation. I opted to let the system perform the update, and the update was completely uneventful—the way I like updates to be.
At first, I was a bit perplexed, because the system never asked me for a root password, even though I was performing actions that usually required root privileges. It turns out that Ubuntu has a mechanism allowing a system user to perform many privileged functions, such as mounting media, installing software and restarting the machine, without ever needing to know the root password. Of course, I've used su and sudo before, but Ubuntu's system seems to be broader and much more granular—and wrapped in a nice GUI. Overall, I was very impressed with how quickly I actually was able to get down to working with the Ubuntu system, without even knowing the root password. Eventually, I discovered how to “unlock” the root account, but I suspect many Ubuntu users never have to resort to such administrivia.
My whole experience with Ubuntu was very Windowsesque, and not in a monopolistic, dumbed-down, UNIX wanna-be kind of way. I was very impressed and easily could see how almost anyone could download an Ubuntu CD and be up and running productively within minutes.
When I went to Fedora's Web site to download the Fedora 9 installation CD, I was given a choice of downloading six CDs or one DVD image that weighed in at 3.6GB. There also was a network installation CD, but it required access to the other CDs over the network, and I didn't want to take the time to set up that. I opted to start the DVD image download and go to bed for the night. In the morning, I started the installation. During the installation, I was given the choice of doing a Desktop/Productivity, Web Server or Programming installation. I chose the Desktop installation. When it was done and the system had rebooted, I was presented with a GNOME desktop environment with OpenOffice.org already installed, as with Ubuntu. I found the menu structure for Fedora to be a bit more intuitive. The fact that the system required the root password in order to perform privileged functions left me feeling like I was in familiar territory.
By clicking on the Customize Now box, I was given the chance to determine, much more granularly, what software would be installed on my new system. For example, I saw that I could substitute the KDE environment, which I prefer, for the GNOME environment that Fedora installs by default. Of course, because Fedora is an RPM-based distribution, I can install new software anytime I want.
Fedora is a Red Hat-sponsored and community-supported project. Red Hat sponsorship carries a lot of weight with me, because I've dealt directly with some of the Red Hat developers whose drivers I've used, and I've always had a positive experience. To me, Red Hat epitomizes the open-source business model. It is a for-profit corporation that funds and supports open-source development. Because it is a for-profit corporation, Red Hat product licensing is an easy sell in the business arena. Managers tend to want to know that their core operating system will be documented and supported for the foreseeable future.
The rest of this article focuses on the Gentoo Linux distribution. My coverage of Ubuntu and Fedora are purposely superficial, because I think most Linux users have installed Linux before and understand how package management works and what configuration usually needs to be done on a new machine. Drawing on this experience gives us a context in which to discuss Gentoo.
Although Gentoo does have a live CD image with a graphical installation program, I usually download the minimal installation CD. It's only 50MB, so it typically takes longer to find a blank CD than it does to download. Once the installation CD has booted, you are presented with a bash shell prompt with root privilege, still running from the mounted CD image. As Indiana Jones once said, “We walk from here”. From this point, we perform all of the installation steps manually.
The Gentoo documentation is excruciatingly thorough, and although I don't recommend you send it to the laser printer, it is very much worth reading. Fortunately, it's also color-coded, so experienced Gentoo users quickly can go through the steps without skipping a beat. The documentation walks you through partitioning and formatting the drive and installing a base system, upon which the rest of the system builds.
During the installation process, you can configure almost every aspect of the system. For example, Gentoo provides you with a /etc/fstab template, but you have to fill in the details. Finally, you configure and install GRUB, then reboot.
When you first log in to a new Gentoo system, you're faced with a completely stripped-down version of Linux—no port mapper, no Apache, no (x)inetd, nothing. The SSH dæmon isn't even running by default! This is kind of the fork in the road. Are you building a Web server, a file server, a mail server or a desktop? Now you simply install the software that needs to be installed, and only the software that needs to be installed.
During the installation process, you will encounter a few concepts that are unique to Gentoo: portage and use flags.
Portage is Gentoo's package management system. Although made up of a bunch of shell scripts, portage essentially is a database that tells emerge, the Gentoo software installer, how to download, build and install any given software package. Portage also takes care of calculating package dependencies. Installing a new software package is as easy as typing emerge apache, and emerge determines what other software packages are required, downloads all the needed packages, compiles them in order and installs the resulting binaries. Although not tied to a graphical environment, it is a pretty nice way to install software.
If you tend to prefer a more graphical experience, kuroo allows you to do anything that emerge can do, but with a point-and-click interface. Not much could be easier.
Source-based software installation is pretty slick, but Gentoo's use flags are what makes it as customizable as it possibly can be. Use flags are mechanisms that let you decide what optional features should be compiled into the system. For example, by setting or resetting the MySQL use flag, you can determine whether Qt is compiled with MySQL support. If you leave out the MySQL support, you also get rid of the MySQL dependency. So, by carefully tweaking the use flags, you can pare a system down to its bare necessities, and bare necessities are easier to secure and maintain.
Another benefit of installing from source is that you can configure GCC to take advantage of the particular chipset you are using. This feature, as well as the use flags, is configured in /etc/make.conf. By telling Gentoo that you are using an AMD processor, for example, you enable GCC to compile your software to take advantage of any AMD-specific instructions. Gentoo systems that run on a Pentium 4 computer will take advantage of the features of the P4 that are lacking from the PIII, AMD or PowerPC architectures.
I don't have any solid numbers to back my claim, but I felt the difference when I compiled KDE for the AMD Athlon as opposed to the generic Pentium at the time. With the divergence between Intel and Athlon, this feature will become more and more important in the future.
The magic of Gentoo is that you not only can determine exactly what software packages get installed on your system, but you also have quite a bit of flexibility in determining exactly how those packages are compiled. I used to chuckle about how much cruft was being installed with the average Windows installation and feared that Linux was following the trend. There is no reason to install software you don't intend to use, and there are considerable advantages to not installing it at all. Gentoo gives you the control needed to ensure that your system has only those packages installed you intend to use. There is no reason for a Web server or a mail server to have the X Window System installed, for example.
I've been a Gentoo user for several years now, and I've found that the Gentoo mailing list is completely invaluable. Unlike some of the mailing lists for other mainstream Linux distributions, the Gentoo mailing-list members seem to understand that there are issues unique to Gentoo, and they are pretty patient with new and old users alike. I've never been patronized or insulted for asking dumb-sounding questions.
I have to say, the Gentoo community is one of the stronger arguments for using Gentoo in the first place. The community understands that Gentoo has a learning curve, and they are more than up to the task of helping people climb it.
Alas, Gentoo isn't without its weaknesses. Most new Gentoo users quickly realize that it can take time, sometimes a lot of time, to build a Gentoo system. Whereas the Ubuntu system was up and running in less than ten minutes, even under a virtual machine, a typical Gentoo system can take hours to build from scratch. I like to tell myself that you get what you pay for, and an initial investment in time spent during the installation process will pay dividends in heightened security and ease of maintenance in the end. Overall, I'd say that this time investment has paid off. Because my servers don't have as much software installed on them, they don't need to be patched as often, and they've been remarkably stable. But then, Linux is inherently stable.
Many new Gentoo users lament the lack of a graphical installation program. And, although a graphical installation wizard is nice, I'd argue that you get to know your system much more intimately by getting your hands dirty and configuring each and every aspect of it. Getting to know your servers intimately begins to make sense when you start building mission-critical servers and workstations. Such servers don't need the X Window System or any other extraneous software installed. Eventually, I think, most Gentoo users end up scripting their installations, and as no GUI is involved, this process is fairly easy. I have an installation script that I'm quite happy with.
The other major weakness in the Gentoo system is that sometimes the Gentoo maintainers decide to make major architectural changes. Because Gentoo users compile their systems from scratch, they don't enjoy any shelter from these various types of changes. I remember when the maintainers decided to rework completely how Gentoo did its network configuration. The old configuration was fairly simple and intuitive. The next configuration entailed a 30K configuration file. Of course, much of this configuration file was comments, but it still was daunting. To be fair, the result was a system that not only could configure the standard Ethernet, but also Wi-Fi, VPN and all sorts of esoteric network configurations. The resulting mechanism was pretty elegant, but the transition was a bit painful.
So, what are my recommendations as a longtime Linux user? Well, if you want to get up and running with a Linux system and have no, or little background in Linux, try Ubuntu, particularly if you are an enlightened Windows user. I think you'll be at home with Ubuntu almost immediately. I almost was sucked in too. If you are accustomed to the standard Linux installation process, or if, for political reasons, you need corporate support, I wholeheartedly recommend Red Hat or Fedora. However, if you want something a bit more customizable, or if you want to learn Linux at a completely different level, I recommend trying Gentoo. Walking through all of the steps needed to install a Linux machine from scratch is educational and can instill you with a profound appreciation for all the work that the Linux distribution maintainers do for the rest of us.
As a final comment, I'd like to mention that about every six months, someone on the Gentoo user's mailing list asks if Gentoo is suitable for production environments. My answer is pretty simple. All of my production servers, as well as my work-related workstations and laptops, are Gentoo systems. This list includes production mail and Web servers, production Asterisk servers and workstations that I simply can't afford to be without. So, yes, Gentoo is ready for the production environment.
Mike Diehl is a professional computer nerd in Albuquerque, New Mexico. Mike lives with his wife and three small boys, including a newborn, and can be reached via e-mail at email@example.com.
Mike Diehl is a freelance Computer Nerd specializing in Linux administration, programing, and VoIP. Mike lives in Albuquerque, NM. with his wife and 3 sons. He can be reached at firstname.lastname@example.org
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Ubuntu Online Summit
- Devuan Beta Release
- The Qt Company's Qt Start-Up
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- May 2016 Issue of Linux Journal
- The US Government and Open-Source Software
- Open-Source Project Secretly Funded by CIA
- The Death of RoboVM
- New Container Image Standard Promises More Portable Apps
- BitTorrent Inc.'s Sync
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide