jw.emerge_update 0.7.4

This is a script for package update and general system management in Gentoo’s portage package manager. The aim is to automate system updating and maintenance as straight forward as possible. There are a lot of commands to be run to keep a Gentoo Linux system healthy and tidy. Emerge alone does not do a lot. That’s where this script comes in.

What does emerge_update do?

The following tasks are run:

1. Run qcheck --badonly --all to check for altered files belonging to packages installed with emerge. With a few exceptions no files should be modified. This is a simple way to detect malicious activities e.g. by an intruder.[1]
2. Run eix-sync -q to update the package repository
3. Backup /etc (see Backups)
4. Run emerge @world. A lot of options are given, see Emerge Options
5. If automatic unmasking of packages is detected, etc-update --automode=-5 /etc/portage is run to make the changes proposed by emerge permanent. If Oracle’s JDK should be downloaded, it does so. Then, emerge @world is run again.
6. Run emerge --depclean to remove unnecessary packages
7. Run revdep-rebuild --ignore to rebuild packages with broken shared library dependencies due to the last emerge.
8. Run emerge @preserved-rebuild. Another measure to repair broken library dependencies. Gentoo recommends running both revdep-rebuild and @preserved-rebuild.
9. Run python-updater if an update of Python was detected
10. Run perl-cleaner --all
11. Run cfg-update --update --automatic-only to update all config files which can be updated automatically.
12. Run cfg-update --index to create update indexes for the next run of cfg-update.
13. Run prelink --all to prelink all binaries to speed up loading them.
14. Backup /var/db/pkg (see Backups). If this directory is destroyed, you are in the most serious trouble.
15. Run qcheck --all --update to bring the checksums up-to-date for the next run.
16. Run emaint -c all to check for potential problems or points for improvement. This does not repair anything. You can run emaint -f ... eg. emaint -f all to fix things.

Using emerge_update

Options

-h, --help	show the help
--dry-run, -n	don’t execute commands, just print them
--verbose, -v	print commands as they are executed
--version, -V	show program’s version number and exit
--output OUTPUT, -o OUTPUT
	specify output file
--append, -a	append to output file instead of overwriting

To test the script, run it with emerge_update --dry-run. This way, it only shows what would be done.

Tip

Run the script with --verbose --output /var/log/emerge_update --append to have a nice log of what’s going on.

Tip

Run the script with nice -19 and ionice -c3 in order to not put the system under too much load.

Backups

Backups are done by renaming and hard-linking the target ~/.local/share/applications/mimeapps.listif possible. This does not work with mount points, however. Directories acting as a mount point are backed up as a tar file into a backup directory ( /var/lib/emerge_update by default). The backup directory is created if necessary.

Note

You should maintain the backup directory (usually /var/lib/emerge_update) by deleting old backups. You can do this with package tmpwatch. The move-and-link backups retain 8 generations.

Emerge Options

Emerge is run with these options:

--nospinner	This is not desirable in automated runs of emerge
--update	Only update packages
--newuse	Update packages when the USE configuration changes
--deep	Consider updating dependencies
--keep-going	Continue in case of error to update as much as possible
--autounmask y	Unmask required packages
--autounmask-write y
	Make unmasking permanent
--jobs n	where n = 4. This runs a maximum of 4 parallel emerge jobs
--load-average n
	where n is the number of processors on-line in the system or 3 if this number cannot be determined. This prevents creating new emerge jobs if the load average if above n