Gentoo Desktop

[Gizmo]

Moved to new thread from this old thread: https://www.gamersonlinux.com/forum/threads/linux-has-begun-its-assent.5196/

It's not even history - just a statement of fact. One of the great strengths of the GNU/Linux/Desktop/Application ensemble is the breadth and depth of choice and variety in all things. One of the great weaknesses of of the GNU/Linux/Desktop/Application ensemble is also the breadth and depth of choice and variety in all things.

Given that pretty much every other computer, phone, tablet, or device that people buy comes with a fully-configured OS and user interface preinstalled, and that those user interfaces actually have very limited degrees of freedom to customise, the wider public are simply not prepared for what awaits them if they start down the path of Linux: do you use a tiling window manager like TR favours, or something that looks more like Windows or MacOS, or something straight out of sci-fi like Hyprland... or recapture your lost youth with AmiWM. Do you like everything to be just a little clunky, like Enlightenment, or as basic as they come but fast (KDE Trinity, Mate, XCFE...)

Are you prepared to accept that if a program or device you want to use doesn't work out of the box, you have to put in a little effort? You can't just download a driver from the manufacturer's website and click "install" for hardware. For software, you can't just grab any other distro's version of the same software.

The whole reason why MacOS, Windows, iPhones and Android, and other closed shops do so well with users is that, in having a less free system, they're instead free from choice and effort. They know what they're getting - even if it's shit.

Are you still using Gentoo for your daily driver?

 

[Kaitain]

Are you still using Gentoo for your daily driver?

Yeah, 'fraid so - after more than 20 years, I still find the quality of integration in binary distros to be sub-par. Better than Windows, but not the level of perfection that I can achieve with Gentoo.

 

[Gizmo]

I've been thinking about converting my desktop setup to Gentoo, just haven't had a chance to do it yet because there's just a LOT of tweaking involved.

 

[Kaitain]

It’s a LOT easier than it used to be: for both Gentoo laptops (one OpenRC, one systemd) I initially set no USE flags beyond the desktop profile, and included minimal entries in separate files below /etc/portage/package.use/ to allow all licences, set video card options, and nls support. Then I installed initially using a bindist mirror to minimise compilation during the initial setup phase. Only once I had a working desktop did I set march, cflags, and any global and package specific use flags I wanted. Whole process only took a shade longer than reinstalling Windows and all its drivers.

I don’t expect ever to have to do a clean install on these again - even profile changes aren’t the open heart surgery they used to be.

For comparison I have an ancient AMD APU based laptop that used to run OpenSuSE after a fashion, and my previous workhorse, Intel core i5 and NVIDIA (Fermi) dgpu that used to run Mint xfce as it was incapable of running anything else after about 2018. They’re only really booted anymore if for some reason I need an optical drive. The package distros try to hide too much from me, so that when there is the inevitable glitch, it takes forever to sort out.

 

[Gizmo]

Are you on systemd or openrc? I can't say I'm a fan of systemd, but I'm not religious about it.

I've got Gentoo servers, and I absolutely love the freedom they give me because I can get the build tuned to what I want. It's remarkably hard to get Redhat to operate in a minimalist environment.

Given its focus on corporate customers, and the security drives of most companies, you'd think it would be easier to minimize the attack surface in e.g. Redhat by not having to install a bunch of dependencies that don't have anything to do with what you're actually building the server for, but it's not. It's incredibly easy to prevent installing of a package that you know you don't use (e.g. Mandarin character sets) and suddenly discover that some other package you have installed has a built-in dependency on that package. While we can argue that the real issue there is a poorly packaged application (and it is), the fact remains.

Instead, most CorpSec seems to be focused on installing still more packages to bring in IDS, AV, and ACL to solve problems that shouldn't even be there if you didn't have to load a whole bunch of cruft that you don't actually need.

 

[Kaitain]

Are you on systemd or openrc? I can't say I'm a fan of systemd, but I'm not religious about it.

Both - I set up the old Raven Ridge based convertible laptop using systemd explicitly so that I could use iio-sensor-proxy to handle the accelerometer without having to try to liberate it from systemd myself (I subsequently found an overlay where someone had done exactly that, but too late).

It still seems to me to be a solution in search of a problem. Boot speed is no faster, and yes, enabling Plasma’s system monitor to display per process statistics in a similar format to Windows task manager is cute but “top” exists and does the same thing. Systemd service files are slightly easier to write than openrc scripts, but that’s something you’ll deal with maybe once in a system’s lifetime. Binary logging is a pain and you’ll still pipe logging output to syslog-ng. Systemd’s boot loader is functional but grub is still more flexible. Systemd’s network handler works but you’ll still use NetworkManager.

Even on openrc, though, you still end up with systemd components as dbus, udev, session handling and a few other components of desktop environments have been folded up into the cube…

…as ambivalent as I am on the subject, resistance is ultimately futile.

I've got Gentoo servers, and I absolutely love the freedom they give me because I can get the build tuned to what I want. It's remarkably hard to get Redhat to operate in a minimalist environment.

Desktop Gentoo is a nice experience, especially for a KDE Plasma user… I’ve always wanted Windows/Mac functionality without the cost, and a DE that gets out of my way and lets me work. Most of the packagers seem dead set on pushing Gnome and its derivatives, which I’ve always felt is the Tomy toy expression of a DE.

Given its focus on corporate customers, and the security drives of most companies, you'd think it would be easier to minimize the attack surface in e.g. Redhat by not having to install a bunch of dependencies that don't have anything to do with what you're actually building the server for, but it's not. It's incredibly easy to prevent installing of a package that you know you don't use (e.g. Mandarin character sets) and suddenly discover that some other package you have installed has a built-in dependency on that package. While we can argue that the real issue there is a poorly packaged application (and it is), the fact remains.

Because they’re selling worldwide, if they didn’t include the dependency on e.g. a random character set (presumably for a program that doesn’t properly support UTF) they’ll get a tickets from Far Eastern users complaining that they only see boxes. The need to be all things to all men does make the packaged distros a balance of compromises.

They (and giving credit, MS and Apple) do balance it pretty well… I’m just a cantankerous old git and want my suit made to measure.

Instead, most CorpSec seems to be focused on installing still more packages to bring in IDS, AV, and ACL to solve problems that shouldn't even be there if you didn't have to load a whole bunch of cruft that you don't actually need.

I recently supported our external information security audit - it is very much a box checking exercise. The external auditor is trained in the standards, but is not a cybersecurity expert.

It is simply easier to point to a product and say, “this fulfils that criterion” rather than to try to explain actual risk profiling and risk reduction measures. The former gets you a gold star, the latter a bunch of “observations” or “opportunities for improvement.” Or a non-conformity based on the assessor’s lack of understanding.

Thankfully my role isn’t IT focused - I only needed to prove that we don’t let any old numbskull on the project read commercially sensitive info… and there’s a product for that

 

[Gizmo]

I've just spent about half a day trying to get Gentoo desktop working. I've no idea what I've done wrong, but I've got an interesting scenario where I'm booting with Nouveau instead of NVidia drivers. I'm coming up in what looks like runlevel 3 (or the systemd equivalent anyway) but I never get a login prompt, just the boot screen output and nothing else.

The worst part was that when I rebooted the system to try to get back to Mint, the system just booted back to Gentoo; my keyboard was completely dead and I had no way to get into the BIOS. I unplugged the keyboard from my KVM and plugged it directly into my machine and was able to get that working again, fortunately. Probably the act of unplugging the keyboard reset the keyboard and cleared whatever confusion had created the situation.

Guess I'll try again next weekend.

 

[Kaitain]

Sounds like you're only a couple of instructions off getting to a desktop:
1) First off, can you confirm which profile you've selected? (Output of: eselect profile show ), which will most likely be one of these:
[1] default/linux/amd64/23.0 (stable)
[2] default/linux/amd64/23.0/systemd (stable)
[3] default/linux/amd64/23.0/desktop (stable)
[4] default/linux/amd64/23.0/desktop/systemd (stable)
[5] default/linux/amd64/23.0/desktop/gnome (stable)
[6] default/linux/amd64/23.0/desktop/gnome/systemd (stable)
[7] default/linux/amd64/23.0/desktop/plasma (stable) *
[8] default/linux/amd64/23.0/desktop/plasma/systemd (stable)

2) Did you intend to use nouveau rather than nvidia?
2a) If so, did you emerge sys-firmware/nvidia-firmware ? If not, you will not get more than a framebuffer device.
2b) If not, can you confirm the presence of /etc/modprobe.d/nvidia.conf ?
2c) Have you remembered to set your VIDEO_CARDS flag before building mesa, libdrm, etc.?
For me, I have a file called /etc/portage/package.use/00video_cards with the contents:

*/* VIDEO_CARDS: -* amdgpu radeonsi nvidia radeon
x11-libs/libdrm VIDEO_CARDS: -* amdgpu radeonsi nvidia radeon

(I have both integrated and dGPU - although I usually only use the dGPU, I keep the capability of using either).

Once set up correctly, run an "emerge -1aDv --changed-use @world" to update.

Next, you must explicitly enable kernel modesetting for your selected drivers, otherwise wayland will fail in all sorts of creative ways.

3) How did you install the kernel? If using dracut, for the first kernel installation it almost certainly exited configuring the bootloader with an error, which is resolved by putting a token kernel command line into /etc/dracut.conf.d/ such as
/etc/dracut.conf.d/00_installkernel.conf

kernel_cmdline=" mem_encrypt=off amdgpu.modeset=1 amdgpu.dc=1 "

(note the spaces between the " and the cmdline contents)

After first installation and reboot, you can usually safely delete this. A check was put in to stop people trying to reboot with the livecd's command line and not documented properly.

4) Are you using a full featured bootloader (e.g. grub), or did you try to use the systemd bootloader or EFI Stub?
4a) If the former, pass your kernel command line parameters to grub by editing /etc/default/grub
4b)If the latter, you will need to ensure that your kernel's command line is built into the kernel. If using the distkernel (sys-kernel/gentoo-kernel), which I would recommend, it's as easy as:
mkdir -p /etc/kernel/config.d
echo "CONFIG_CMDLINE_BOOL=y" >> /etc/kernel/config.d/00_boot_cmdline
echo "CONFIG_CMDLINE=\"your cmdline parameters\"" >> /etc/kernel/config.d/00_boot_cmdline

5) Have you actually emerged a desktop? The desktop profiles set out the ground rules, but, bizarrely, doesn't actually install a working desktop by default. You can get the absolute barebones for a KDE session with emerge -av kde-plasma/plasma-meta - but be warned, plasma-meta is literally just the window manager, with no utilities at all. You would need to install at least kde-apps/kdecore-meta to get the basics. For Gnome - I don't use it, but if that's your preference, the guide will help.

5a) Don't forget to actually enable the service with systemctl enable (xdm.service | gdm.service | kdm.service) depending on what you actually use.

5b) When you finally do get a desktop, enjoy the fact that the systemd profile forgets to enable sound by default:
As a user: systemctl --user enable pipewire pipewire-pulse

 

[Gizmo]

I finally have a Plasma session up and running.

To answer your questions:

Sounds like you're only a couple of instructions off getting to a desktop:
1) First off, can you confirm which profile you've selected? (Output of: eselect profile show ), which will most likely be one of these:
[1] default/linux/amd64/23.0 (stable)
[2] default/linux/amd64/23.0/systemd (stable)
[3] default/linux/amd64/23.0/desktop (stable)
[4] default/linux/amd64/23.0/desktop/systemd (stable)
[5] default/linux/amd64/23.0/desktop/gnome (stable)
[6] default/linux/amd64/23.0/desktop/gnome/systemd (stable)
[7] default/linux/amd64/23.0/desktop/plasma (stable) *
[8] default/linux/amd64/23.0/desktop/plasma/systemd (stable)

I'm using 8, above

2) Did you intend to use nouveau rather than nvidia?
2a) If so, did you emerge sys-firmware/nvidia-firmware ? If not, you will not get more than a framebuffer device.
2b) If not, can you confirm the presence of /etc/modprobe.d/nvidia.conf ?
2c) Have you remembered to set your VIDEO_CARDS flag before building mesa, libdrm, etc.?

2) No, I was planning to use nVidia; I have a 1650 (I know, but it suffices for my needs at the moment).
2a) Not initially, no, I had assumed it had been pulled in because of 2c)
2b) I didn't check, but I would have expected it to be pulled in because of 2c)
2c) Yes, I did.

For me, I have a file called /etc/portage/package.use/00video_cards with the contents:

*/* VIDEO_CARDS: -* amdgpu radeonsi nvidia radeon
x11-libs/libdrm VIDEO_CARDS: -* amdgpu radeonsi nvidia radeon

(I have both integrated and dGPU - although I usually only use the dGPU, I keep the capability of using either).

I just have nvidia in mine and I don't have x-11-libs/drm in there. Do I need drm in there?

Once set up correctly, run an "emerge -1aDv --changed-use @world" to update.

Did that already.

Next, you must explicitly enable kernel modesetting for your selected drivers, otherwise wayland will fail in all sorts of creative ways.

3) How did you install the kernel? If using dracut, for the first kernel installation it almost certainly exited configuring the bootloader with an error, which is resolved by putting a token kernel command line into /etc/dracut.conf.d/ such as
/etc/dracut.conf.d/00_installkernel.conf

kernel_cmdline=" mem_encrypt=off amdgpu.modeset=1 amdgpu.dc=1 "

(note the spaces between the " and the cmdline contents)

After first installation and reboot, you can usually safely delete this. A check was put in to stop people trying to reboot with the livecd's command line and not documented properly.

3) It is using dracut with grub.
I didn't do any of the other stuff.

4) Are you using a full featured bootloader (e.g. grub), or did you try to use the systemd bootloader or EFI Stub?
4a) If the former, pass your kernel command line parameters to grub by editing /etc/default/grub
4b)If the latter, you will need to ensure that your kernel's command line is built into the kernel. If using the distkernel (sys-kernel/gentoo-kernel), which I would recommend, it's as easy as:
mkdir -p /etc/kernel/config.d
echo "CONFIG_CMDLINE_BOOL=y" >> /etc/kernel/config.d/00_boot_cmdline
echo "CONFIG_CMDLINE=\"your cmdline parameters\"" >> /etc/kernel/config.d/00_boot_cmdline

4) As mentioned above, I'm using grub
I didn't make any edits to the kernel command line

5) Have you actually emerged a desktop? The desktop profiles set out the ground rules, but, bizarrely, doesn't actually install a working desktop by default. You can get the absolute barebones for a KDE session with emerge -av kde-plasma/plasma-meta - but be warned, plasma-meta is literally just the window manager, with no utilities at all. You would need to install at least kde-apps/kdecore-meta to get the basics. For Gnome - I don't use it, but if that's your preference, the guide will help.

5a) Don't forget to actually enable the service with systemctl enable (xdm.service | gdm.service | kdm.service) depending on what you actually use.

5b) When you finally do get a desktop, enjoy the fact that the systemd profile forgets to enable sound by default:
As a user: systemctl --user enable pipewire pipewire-pulse

And this would be the point that I slapped my forehead at 1 a.m.

It finally dawned on me that maybe I needed emerge the actual KDE stuff, so I went looking in the handbook and stumbled onto the KDE/Plasma section.

Frustratingly, that section tells me that SDDM is the default login (display) manager, and tells me all sorts of useless such as that I need to modify the /etc/conf.d/displaymanager file, but doesn't tell me what to put in the file, which doesn't matter anyway, because it wasn't until I actually looked at the Display Manager portion of the handbook (which BTW has no link or mention that I can find ANYWHERE in the KDE stuff) that I learned that all I had to do was 'systemctl start sddm' and Glory Be, I now have a desktop!

 

[Gizmo]

Still working on getting a usable desktop, but getting closer.

I didn't have to enable dkms, but I did have to add myself to the video group. My desktop was impressively fast for being software-rendered, but I could tell it wasn't as snappy as my Linux Mint desktop had been, and a bit of digging revealed the culprit to be that lack of video permissions. Once that was resolved, the desktop was significantly more snappy and my nVidia control panel suddenly populated with stuff about my nVidia card.

The next issue was to figure out why my microphone wasn't working.

Apparently, pipewire thinks my Roland Rubix22 USB Audio Interface has an "Analog Stereo Duplex" audio profile. Rather frustratingly, either Plasma or or pipewire defaults to using the "Analog Stereo Output" profile, with no indication of what "Duplex" means. After spending a couple of hours poking around in the guts of pipewire and wireplumber for a bit and ruling out a bunch of things, I went back to looking at the available profiles; after noticing that I had multiple 'Output' and 'Input' profiles (which 'Input' profile would switch the Rubix22 from "Playback Devices" to "Recording Devices"), as well Analog out + digital in, and Analog in + digital out, I finally deduced that "duplex" had to mean both in/out, and sure enough that got my audio working correctly.

Now I'm just in the process of figuring out how to install a few bits and bobs that I need like Webex Teams (since that's only distributed as an RPM/DEB package, but there appears to be an overlay that has converted it to a gentoo portage package, so I'm checking that out now).