While there are quite some shortcomings w.r.t. essential documentation, I was very pleased of the Gentoo-LXC container, CZ.NIC has supplied with the TO router. And I think, it was just fair, to report the positive, too. I am completely new to OpenWRT (and it sure has a learning curve) and still quite new in Gentoo. Nevertheless it might be, that somebody found my comments useful…
I will describe the steps, I used to upgrade the LXC container into a fully working Gentoo installation. Note that this does require to have a SSD mounted to hold the files of the LXC container. CZ.NIC did quite a good job, cutting everything off, which is not absolutely necessary to run the container - we will need to add quite a bit of stuff in the following. My final target is to have a Samba4 Domain Controller running in the LXC container - not the file server. My file server is a real machine with a H/W raid and an i7 CPU…
We start in LuCI creating the container by downloading the Gentoo prototype. To get a fixed IP we add these two lines to the configuration (fill in an IP OK for You):
lxc.network.ipv4 = 192.168.1.25/24
lxc.network.ipv4.gateway = auto
The name of my VM is horus, as it dwells in the dark inards of the Turris. 
So lets log into it to fire up the ssh server
lxc-attach -n horus
First set the root password, furthermore it might be useful to set PermitRootLogin to yes until You have set up the ssh-keys. You might find it useful to edit /etc/ssh/sshd-config from a T/O session as our Gentoo container right now only has nano, which is awkward once You are used to vim. After that is done, we start the ssh server on horus (and let it restart after reboot).
rc-service sshd start
rc-update add sshd default
ssh to it to check everything went OK. Next we prepare the Gentoo repo:
mkdir /etc/portage/repos.conf
vim /etc/portage/repos.conf/gentoo.conf
fill in this:
[DEFAULT]
main-repo = gentoo
[gentoo]
location = /usr/portage
sync-type = rsync
sync-uri = rsync://rsync.gentoo.org/gentoo-portage
auto-sync = yes
We try to update the repo:
emerge --sync
But, no luck. The DNS lookup fails as the corresponding tools are not installed. We’ve got to muddle through this, as we need data from Gentoo. The error message tells us, what emerge tried to look-up. So we add this to the hosts file /etc/hosts. After a few tries You’ll get it running.
First we need to fix the DNS lookup:
emerge --ask net-dns/bind-tools
This takes a little while (man, it’s Gentoo - Gentoo on small machines is no fun, but in the end You can get exactly the installation You want to). Ok, get a capuchino, or a cold beer, or a good glass of Sancerre.
Next we will try to get vim for editing. We will get screen to run longer compiles without being crashed due to an ended ssh session. And I typically install eudev, the Gentoo fork of udev, to avoid systemd creeping in. Finally we will also emerge gentoolkit, which contains the essential revdep-rebuild utility.
emerge --ask app-misc/screen
app-editors/vim
sys-fs/eudev
app-portage/gentoolkit
This will compile quite a few packages, so let it run…
Once it is ready, we first fix the DNS lookup.
vim /etc/resolv.conf
fill in whatever You need…
domain ask.me
nameserver 192.168.1.1
Check it. You may want to delete the entries in the hosts file You made earlier.
Now we can go on, and update the system for the first time.
emerge --ask --update --deep --newuse @world
I’ve got a problem when updating Python. It complained about the shm file system not being present. I still don’t know, how to deal with this. But the short fix is to create the directory…
mkdir /dev/shm
chmod 1777 /dev/shm
OK, after a longer while, we will start removing the old packages:
emerge --pretend --depclean
This is the dry-run, and it tells You, what packages the emerge-tool considers unnecessary. I would be very careful at this stage, and add everything to the world set. For me this was:
emerge --noreplace app-admin/python-updater
app-editors/nano dev-python/packaging
emerge --ask --depclean
Furthermore some libraries were updated, so that emerge sees the necessity to recompile some packages. Let’s do it:
emerge --ask @preserved-rebuild
Finally we repair any reverse dependencies:
revdep-rebuild
Our last action for today is reading the information, we’ve got due to the update - and the system did propose to update some config files. We look for them, and may check them by hand (there is a nice tool, which we will install later).
eselect news read
find /etc -iname ‘.cfg???*’
So, the system is now up and running. On the next day, we will review the USE-flags, the make.conf file and a few other things, before we start installing samba (with the embedded Heimdal library, which the Gentoo maintainers hate to do - we’ll do it anyway ).-
