irssi-cvs moving to irssi-svn

Today I’d like to bring you some information on the pending irssi-cvs to irssi-svn move. Upstream Irssi developers changed from CVS to Subversion as their version control system already a couple of months ago and we’re now following this change with our live ebuilds.

Now to the point that makes this a little bit tricky. irssi-cvs is currently marked stable on hppa, ppc, sparc and x86. This is just inappropriate for a live ebuild, because we (as in Gentoo developers) have no way to verify the state of the source code. Moreover we can’t verify the integrity of downloaded files, that means we expose our users to some security risk.

To cut a long story short, we’re going to keyword irssi-svn ~arch only and I’m going to push this move out as an automatic move via our regular updates files. The new irssi-svn ebuild has a version number higher than the old irssi-cvs ebuild. For our ~arch users this means that they will see this as an update to irssi-svn after the move is done on their local system. For arch users with current portage versions the move will be done and they will see no update and no error message, if no package depends on irssi-svn. They will stay at the same version of irssi they had before. If they want to emerge irssi-svn, they will get the familar ‘All ebuilds that could satisfy “irssi-svn” have been masked.’ message. Stable users are free to take a look at “Mixing Software Branches” from our handbook, on how to use irssi-svn on their stable system.

Posted in net-irc | 6 Comments

Announcing autorepoman

I’d like to announce autorepoman to our developer (and user) community.

You may ask: What the hell is autorepoman? I guess from the name you already have some ideas in your head. Something that does something automatic with repoman. Here we go: autorepoman is a script that runs on one of my systems that runs repoman on changed packages every 30 minutes and generates an email for every package that has errors and sends the email to a mailing list for everyone to read. As it only runs repoman for changed packages the time it takes is quite low, compared to a full tree-wide repoman. Most of the time the running time for an autorepoman run is ~1 minute. A large amount of time is spend on loading the reverse dependencies. Yes, autorepoman has reverse dependencies, that means it will also check packages that depend on the modified package. It also checks for broken Manifests in packages.

If you want to subscribe to the mailing list you can do so by sending an email to, but be aware that depending on the number of commits made to the tree and the quality of these commits, the volume might be relatively high.

Please send comments and suggestions to

Posted in Gentoo | 4 Comments

Gentoo: Missing QA?

Here is what happened yesterday:

  • 17:35 UTC

    I decided to give my webserver a package update. So as always I launched an emerge –sync, following an emerge -upD world to see what portage would like to update. What I saw was not what I expected:

    [blocks B ] >=net-www/apache-2.0.52-r3 (is blocking dev-php/mod_php-4.3.11)
    [blocks B ] >=net-www/apache-2.0.52-r3 (is blocking dev-util/subversion-1.1.3)

    Well, I said to myself: Probably a mistake, so let’s wait one or two hours to give our developers some time to fix these issues.

  • 19:11 UTC

    About 1.5 hours passed by. Looking at #gentoo-commits on freenode I saw that our developers fixed the blockers. I issued another emerge –sync and afterwards an emerge -upD world. Everything looked good, so I removed -p from the command and started emerge again. But now this:

    >>> emerge (4 of 4) net-www/apache-2.0.54-r4 to /
    >>> Previously fetched file: apache-patches-2.0.54-r4.tar.bz2 size ;-)
    >>> Previously fetched file: apache-patches-2.0.54-r4.tar.bz2 MD5 ;-)
    >>> Previously fetched file: apache-conf-2.0.54-r4.tar.bz2 size ;-)
    >>> Previously fetched file: apache-conf-2.0.54-r4.tar.bz2 MD5 ;-)

    !!! No message digest entry found for file “httpd-2.0.54.tar.gz.”
    !!! Most likely a temporary problem. Try ‘emerge sync’ again later.
    !!! If you are certain of the authenticity of the file then you may type
    !!! the following to generate a new digest:
    !!! ebuild /usr/portage/category/package/package-version.ebuild digest

    Well, I don’t say that this never happens to me. There might be one excuse for it, repoman has a digest.unused check for digest entries that are not used by a file in SRC_URI, but misses a reverse check that checks for missing digest entries. But it’s up to the developers to make sure that what they commit to the tree actually works. And there is no excuse that two arch teams mark this version stable on their arch without notifying the missing digest entry.

  • 19:34 UTC

    I finally finished updating apache, after fixing the above issue myself.

What else drives me nuts it that I sometimes catch developers that do not use repoman to commit their changes. This results in Manifests that break FEATURES=”strict” which has been added to the base profile about one month ago. I often fix them silently because I’m tired of telling developers to use repoman. They should know that, else I wonder who made them developers.

Other developers don’t enter something into repoman’s commit message prompt and just accept the empty line. This makes it really hard to track their CVS changes. Are these developers just to lazy or (sorry) to dumb to create an ecommit shell alias/function/script/whatever that takes care of creating a ChangeLog entry and passing the message to repoman for use as the CVS commit message. Like this:

ecommit() {
        echangelog "${*}"
        repoman --commitmsg "${*}" commit

I say, if we want to play where the big boys play, we need to do something about it. Giving a first-time Gentoo user such an experience will probably make them go to another distribution.

Posted in Gentoo | 3 Comments

My fight with ntp autokey authentication

After fighting several hours with ntp and its autokey support, I found out that it was a bug in ntpd.

It doesn’t correctly check for errno and as a result packets get dropped completely. I’ve added a fix for this issue to net-misc/ntp- and included a patch (based on the one from that allows to override the hostname used by ntpd, especially useful for autokey authentication. Also I’ve merged some IPV6 fixes from upstream developers.

If you have a couple of hours and don’t mind reading source code to get good documentation I can recommend you to take a peek at ntp and its autokey support! I promise you, it’s hours of fun…

Posted in Gentoo | Leave a comment

xchat 2.4.3 stable on x86

Some news from yesterday. I marked xchat-2.4.3 stable on x86, other arches to follow soon. Also I bumped UnrealIRCd to 3.2.3-r1 with support for network-based configuration includes. Please be aware that you need net-misc/curl compiled with the ares USE flag to be able to use UnrealIRCd with the network-based configuration includes. Last but not least is the clean up of net-irc/rbot’s dependencies to not pull in an old and no more needed version of rexml. That’s all folks!

Posted in net-irc | 2 Comments