What is the update frequency with Gentoo?
Message
What is the update frequency with Gentoo?
Hello, I'm thinking on migrating to Gentoo after extensive testing. My biggest pain point with Arch was how bleeding edge it was. How is the update cycle with Gentoo? Is it way to fast like Arch or is it like OpenSUSE Tumbleweed, which is usually tested rather well. I'm not asking this for just binaries either. I want to know about source repos too.
- NeddySeagoon
- Administrator
- Posts: 56094
- Joined: Sat Jul 05, 2003 9:37 am
- Location: 56N 3W
Welcome to Gentoo.
The ::gentoo repo is updated every 30 minuets. :)
You are not expected to keep up with that.
Therre are two 'branches'in the repo, stable and testing.
There are also a smattering af 'live' commit by commit packages too.
By default you will have stable, denoted by ACCEPT_KEYWORDS="arch"
If you want sometingthat moves a bit faster, there is testing, denoted by ACCEPT_KEYWORDS="~arch"
That requires you to set that. It's also possible to mix and match.
Using 'live' packages can only be done on a package by package basis.
That's just the start, it covers what is available to you.
How often you update your Gentoo is up to you.
The longer you leave it the harder it gets.
Monthly is fine for stable. More often for testing.
If you leave it a year, it's still possible but you will learn things about Gentoo you can learn no other way
The ::gentoo repo is updated every 30 minuets. :)
You are not expected to keep up with that.
Therre are two 'branches'in the repo, stable and testing.
There are also a smattering af 'live' commit by commit packages too.
By default you will have stable, denoted by ACCEPT_KEYWORDS="arch"
If you want sometingthat moves a bit faster, there is testing, denoted by ACCEPT_KEYWORDS="~arch"
That requires you to set that. It's also possible to mix and match.
Using 'live' packages can only be done on a package by package basis.
That's just the start, it covers what is available to you.
How often you update your Gentoo is up to you.
The longer you leave it the harder it gets.
Monthly is fine for stable. More often for testing.
If you leave it a year, it's still possible but you will learn things about Gentoo you can learn no other way
Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
You can update easily on any interval between daily and monthly. After that things get increasingly more difficult, depending on the time passed and your luck. Stories of updates delayed by a year or two pop up now then then as well. Obviously, this path is pretty much for masochists only.
Both, stable and testing branch tend to work. Downloadable stage3 tarballs are stable, you can update to testing at any time with a simple change to accept_keywords.
Both, stable and testing branch tend to work. Downloadable stage3 tarballs are stable, you can update to testing at any time with a simple change to accept_keywords.
I have been summoned!rtx wrote: I'm very curious what the unstable users say about this threat xD
Stable is fine, but there are some packages in portage that are ~amd64 only. One example is x11-misc/xcape.
You will either occasionally have to file stable requests or accept ~amd64 packages.
Stable also has the added benefit of binhosts, as binhosts do not provide testing binaries.
Globally accepting testing "solves" the above problem and has been surprisingly stable in my experience.
Instead of stable requests, I do occasionally file actual bug reports, like the latest tmux version messing up xterm's terminfo (or something like that).
There's also occasional issues in the portage tree itself, but those are fixed within hours. If one really wanted to update today... just wait a bit and it will sort itself out.
Stable also takes too long to stabilize a new gcc/clang/python major version. I know there are excellent reasons for that, but I want to play with new features of compilers!
Maybe it sounds ominous, but it's very true. On the bright side, you have this forum as a helping hand if you do decide to tempt fate after some years of gentoo collecting dust. You wouldn't be the first!xanrer wrote:NeddySeagoon wrote:
Welcome to Gentoo.
If you leave it a year, it's still possible but you will learn things about Gentoo you can learn no other wayThat's ominous. I'm fine by just updating every other week so this works out for me. Thank you for the kind introduction!
I would say Gentoo testing is comparable with non-testing Arch. Well, assuming I remember well how Arch [testing] looked.xanrer wrote:How is the update cycle with Gentoo?
Gentoo stable is considerably slower.
One key difference between arch and gentoo testing is that gentoo is a lot more flexible, so it's easier to fix things when something breaks.
it all depends how often you run
Code: Select all
# emerge --sync
Re: What is the update frequency with Gentoo?
OpenSUSE Tumbleweed, Arch, and Gentoo are all rolling release distros, so you will get package updates as they become available / tested for stability rather than having new OS versions once every couple of years. In a lot of ways, the experience will be somewhat similar between the three.xanrer wrote:Hello, I'm thinking on migrating to Gentoo after extensive testing. My biggest pain point with Arch was how bleeding edge it was. How is the update cycle with Gentoo? Is it way to fast like Arch or is it like OpenSUSE Tumbleweed, which is usually tested rather well. I'm not asking this for just binaries either. I want to know about source repos too.
Considering the *stable* branches of each (if you use unstable branches, then well, you have agreed to use unstable branches, eh?):
Arch typically packages new versions as soon as they are available, and updating will get you that exact bleeding-edge new version. No getting around that, with the exception of core packages used for booting which also require being signed off by two people who have tested and verified that the package works for them on their machine, and in some cases, *if and only if* the Arch maintainer is particularly worried about that package, an undefined period of time spent with that package in testing. I'm not sure what OpenSUSE Tumbleweed's policy is. Gentoo typically requires a 30-day testing period for each package after it is updated before it gets marked as stable, and this policy is kept fairly consistently (with certain carefully tested exceptions for security stabilizations, usually of backported fixes).
Gentoo is thus, per definition, less bleeding edge and more well tested than Arch is. Issues are usually smoked out by people testing out the unstable branch long before the whole 30 days are up.
It's a bit of a fun joke.xanrer wrote:NeddySeagoon wrote:Welcome to Gentoo.
If you leave it a year, it's still possible but you will learn things about Gentoo you can learn no other way
If you leave a linux distro for too long, you are prone to getting package transitions disappear, and updating results in unresolvable conflicts.As a Gentoo Dev that used to fulfill the similar role in Arch, if you leave Arch for a year without updating you will learn things about Arch you cannot learn any other way too.
Expect some interesting binary repository bisection with the Arch Linux Archive, and possibly requiring to use a special pacman-static build to perform updates.Gentoo isn't too dissimilar. You can sometimes get into hairy update situations if you leave it for over a year, then try to update, and discover that one package has been updated and replaced by another package, and another package gained/dropped a dependency on that package, and now you have no route to migrating from the original package without breaking the other package that you need. The package manager will then abort with a dependency resolution error, and say it cannot plot a path to upgrading.
Upgrading once every month or two is a fairly well-tested routine, in both distros. And I've never met or heard of a "too long without upgrading" problem in either distro, that couldn't be solved by first upgrading to the version of the repository from 3 months after your last update, then 6 months, then 9 months, then 12 months. Just update in snapshots, it takes maybe 4 steps, and then you're all better.
Gentoo's official policy is that it should always be possible to upgrade systems that are only a single year out of date. Therefore if that fails, it's surely a bug. Whether people regularly test this, is another question entirely.
Thank you for the detailed answer! I love the 30 day policy on stable. And of course I am going to update often. I don't want to keep my system unmaintained.
My use case for Gentoo is kind of complicated. I can of course build sources or use binaries but aside from the core utils + desktop + a few terminal applications I actually want to use Gentoo as a gate to my sandboxes. I will have flatpaks and different distroboxes for different use cases, Arch for programming, Ubuntu for everyday tasks etc. With those I will have the optimal sanboxed and stable experience in my opinion.
The more I learn about Gentoo the more I see it being a perfect fit for my use case. Stable yet up to date core to run my sandboxes on. It will take some learning obviously, but since I learned to use VanillaOS (which is really different from using any other mainstream distro) this year on my other PC I think I'll be able to use Gentoo as well. Not to mention unlike VanillaOS, Gentoo has great documentation.
Plus to all of these I love the community so far. Especially coming from Arch. Arch community was the thing that made me learn to read documentation because they were (although helpful) always really hostile, especially the moderators. In here I only seen support! So thanks to everyone who helped me with all the topics I created so far!
My use case for Gentoo is kind of complicated. I can of course build sources or use binaries but aside from the core utils + desktop + a few terminal applications I actually want to use Gentoo as a gate to my sandboxes. I will have flatpaks and different distroboxes for different use cases, Arch for programming, Ubuntu for everyday tasks etc. With those I will have the optimal sanboxed and stable experience in my opinion.
The more I learn about Gentoo the more I see it being a perfect fit for my use case. Stable yet up to date core to run my sandboxes on. It will take some learning obviously, but since I learned to use VanillaOS (which is really different from using any other mainstream distro) this year on my other PC I think I'll be able to use Gentoo as well. Not to mention unlike VanillaOS, Gentoo has great documentation.
Plus to all of these I love the community so far. Especially coming from Arch. Arch community was the thing that made me learn to read documentation because they were (although helpful) always really hostile, especially the moderators. In here I only seen support! So thanks to everyone who helped me with all the topics I created so far!
Congratulations, you've just invented QubesOSMy use case for Gentoo is kind of complicated. I can of course build sources or use binaries but aside from the core utils + desktop + a few terminal applications I actually want to use Gentoo as a gate to my sandboxes. I will have flatpaks and different distroboxes for different use cases, Arch for programming, Ubuntu for everyday tasks etc. With those I will have the optimal sanboxed and stable experience in my opinion.
Anyway, tricky setups are Gentoo's bread and butter. If you're already comfortable with unix-like systems, you should find yourself at home in no time.
- NeddySeagoon
- Administrator
- Posts: 56094
- Joined: Sat Jul 05, 2003 9:37 am
- Location: 56N 3W
At the risk of pointing out something you have already spotted, Gentoo is the Portage package manager and the ::gentoo ebuild repo.
That's all. Everything else is $UPSTREAM.
As a result, Gentoo is a perfect fit for any use case, servers, desktops, SBCs ...
I'm rambling a bit .. back to my point. The Gentoo community all use the same tools to fit whatever their individual use case is. We all know that all Gentoo installs are different. It's my opinion that using the same tools to achieve different things helps the community be more user friendly.
You will be referred to the friendly manual from time to time. It saves helpers repeating it in a post. However, you will get a pointer to the information you need too. Being lazy, I write wiki pages for recurring problems that I can refer to. :)
One last thing, the old hands here will pitch help just out of your reach.
The aim is to teach you to fish, not feed you. We won't let you drown either.
That's all. Everything else is $UPSTREAM.
As a result, Gentoo is a perfect fit for any use case, servers, desktops, SBCs ...
I'm rambling a bit .. back to my point. The Gentoo community all use the same tools to fit whatever their individual use case is. We all know that all Gentoo installs are different. It's my opinion that using the same tools to achieve different things helps the community be more user friendly.
You will be referred to the friendly manual from time to time. It saves helpers repeating it in a post. However, you will get a pointer to the information you need too. Being lazy, I write wiki pages for recurring problems that I can refer to. :)
One last thing, the old hands here will pitch help just out of your reach.
The aim is to teach you to fish, not feed you. We won't let you drown either.
Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Just want to share an opposite view of frequent update. By no mean I am trying to convince you don't update. I don't do update frequently, I only reinstall from scratch once a few years.
I suggest think what is your daily workflow and reason for update/changes. I will provide a few reason why do and why not.
You do because you wish to stay on edge and to test to help development.
You do because your hardware changed.
You do because you encounter a problem that later version of software solved.
You do because you got new use case that was not part of initial build design.
Why you don't want to make frequent update?
Don't do it because security. security setup should be design upfront with you own thread model. World update may fix something but may break you careful design that bring something in unexpected.
Don't do it because update bring in changes you may not expect and that break your workflow. (think update that need spent time on conflict resolution)
Don't do it because update may break your carefully customisation. for example your key binding, external kernel modules fail due to kernel version update. (think virtualbox)
The drawback of not doing frequent update,
the longer hold back the more difficult for update. So you need to get familiar with Gentoo's tool, Like Neddy said, Gentoo is package manager and ebuild repo. for the package management there are lots of tools to help. see Useful Portage tools wiki page for what I mean.
I suggest think what is your daily workflow and reason for update/changes. I will provide a few reason why do and why not.
You do because you wish to stay on edge and to test to help development.
You do because your hardware changed.
You do because you encounter a problem that later version of software solved.
You do because you got new use case that was not part of initial build design.
Why you don't want to make frequent update?
Don't do it because security. security setup should be design upfront with you own thread model. World update may fix something but may break you careful design that bring something in unexpected.
Don't do it because update bring in changes you may not expect and that break your workflow. (think update that need spent time on conflict resolution)
Don't do it because update may break your carefully customisation. for example your key binding, external kernel modules fail due to kernel version update. (think virtualbox)
The drawback of not doing frequent update,
the longer hold back the more difficult for update. So you need to get familiar with Gentoo's tool, Like Neddy said, Gentoo is package manager and ebuild repo. for the package management there are lots of tools to help. see Useful Portage tools wiki page for what I mean.
See what the number 2 behind Linus Torvalds, Greg Kroah-Hartman, says in minute 32:00 -> https://www.youtube.com/watch?v=Rg_VPMT0XXwpingtoo wrote:Don't do it because security. [...]
F̶u̶c̶k̶ Love you too sweetie. All jocularity aside, Gentoo does what you tell it to, nothing more AND nothing less - With this in mind I tell all my Gentoo systems to sync (update the available package list) at midnightish, then email me a list of "pretend updates" (emerge -uDNpv @world). As soon as one of my machines produces an "error in updating"* I do the manual fondling required to manage the update, because two conflicting updates make "Jack an unhappy boy".szatox wrote:Stories of updates delayed by a year or two pop up now then then as well. Obviously, this path is pretty much for masochists only.
*I also update when the number of updates reaches/exceeds 80 or so, or about every 30 days, because "attention deficit" reasons.
If you wish to stay "up to date" for security reasons, then keep an eye on GLSA's. If you wish to stay up to date for "I need bleeding edge drivers for this new game" then check daily, and don't get "too far behind", because when you "need to update" no one want's to be upgrading gcc or glibc for 40 minutes before the "critical update" gets applied. Everything else is "a choice laying somewhere between the two" - a choice you get to make for yourself, as is the way with Gentoo.
EDIT:
HERETIC!! :ppingtoo wrote:I reinstall from scratch...
Can you give me some information on this? as my computer is not connect to audio device. I usually don't watch youtube on this computer unless it is slideshow.pietinger wrote:See what the number 2 behind Linus Torvalds, Greg Kroah-Hartman, says in minute 32:00 -> https://www.youtube.com/watch?v=Rg_VPMT0XXwpingtoo wrote:Don't do it because security. [...]
This is funny, the youtube video is one that I actually saw some time past. Then I was interesting about the title saying why all the sudden so many CVE in linux kernel.pietinger wrote:You dont need sound ... just read what there is on presentation board.pingtoo wrote:Can you give me some information on this? as my computer is not connect to audio device. I usually don't watch youtube on this computer unless it is slideshow.
I review this time, jump to 32:00 and I am not sure I understand your point. As the presentation said they update every 8 minutes for security average. if we take those words literary that if you are not stay on latest you are not secure than it is impossible to stay secure. I think nobody want to update linux kernel every day or even every other day.
In my mind security is not about the executable (kernel included) that have no logical flaw. It is about how the logical flaw being used by unauthorised usage. So for example last time the xz problem. on your environment that no one will every execute xz (just hummer me as this is example) so is it a security thread? This is what I mean you need to think and understand what is the thread model your use case. (for me the xz episode is not a thread because I stay behind so I never have that version installed. Luck me!)
No, My intent is not to persuade. I just want to provide a opposite point of view so the finial decision is clear that all sides was considered and the execution path match the intent. Because Gentoo is not a Distribution. Many Linux Distro like Debian/Redhat/Suse have specific model in mind and their product are build target to that model. Gentoo on the other hand does not have a fixed model. it is up to you to define what you want.xanrer wrote:Just checked the thread and... Oh no... Did I started something that I shouldn't?
I have seen many posts in Gentoo forums seems thinking Gentoo is a distribution therefor the end produce must have some kind of cohesive integrity. But this is not true. Gentoo as rolling release at any given moment there is no fixed state. so thinking if I do frequent update therefor I must have achieve cohesive integrity is just not true.
No. But it should be obvious that pingtoo's way of running a system is completely detached from typical Gentoo usage - talk of reinstalling from scratch really being alien to the typical Gentoo user -, and that was made obvious in past threads of theirs.xanrer wrote:Just checked the thread and... Oh no... Did I started something that I shouldn't?
They are free to run it the way they want, but it seems rather odd to then promote it to new users as well. It ultimately runs counter to security, obviously, and actually making yourself at home with the tools Gentoo provides. The worst possible way to go about that is to run it counterintuitively against the rolling release flow.
You learn Gentoo by updating frequently, and seeking help - if you need it - along the way. And one way of knowing you've mastered it, is not having felt the need to reinstall from scratch for >10 years.
IT security has always had a negative impact on convenience (and/or user-friendliness) ... and vice versa. Of course, it is more convenient to be able to simply open the front door of your house without having to unlock it first. So everyone has to decide for themselves what is more important to them. For me it's security ... and yes, I update my kernel with every new minor version (on average one new one per week) and am currently on 6.11.10.pingtoo wrote:[...] if we take those words literary that if you are not stay on latest you are not secure than it is impossible to stay secure. I think nobody want to update linux kernel every day or even every other day. [...]
Do you use a Linux kernel and a web browser on your system? If so, then you are using the two most dangerous programs available under Linux. Have you secured both against unauthorized use? (I use the latest hardened kernel and an AppArmor profile for my browser).pingtoo wrote:[...] In my mind security is not about the executable (kernel included) that have no logical flaw. It is about how the logical flaw being used by unauthorised usage. [...]
Yes I dopietinger wrote:Do you use a Linux kernel and a web browser on your system?
And mine currently use are very out of date. It was last updated sometime in 2021-2022. Google mail always tell me my browser are out of support.
I am in preparation of update using Catalyst.
From security thread point of view I don't feel it is much less security than the day I flash my kernel/rootfs to SD. I think it is just not secure then as now. So my prevention is not about secure the browser or kernel. It is about prevent unwanted or unnecessary network traffic. And ensure no one have access my nodes with me knowing. And do all online banking in private way and record everything.
Yes, I want to be good at using computer. I don't want to be great at Gentoo. I want to learn from Gentoo and its developers, because they are great to share their experience. And for that I am very much thank them for that (sorry I don't know how to express this in right English way)