Let’s Encrypt on Gentoo

I was always a fan of CACert but unfortunately, Gentoo recently decided to no longer trust CACert by default which caused our overlay to become unavailable for a few weeks without us noticing it (thanks for not notifying users about that unexpected move…). Gentoo thus forced us to switch to Let’s Encrypt immediately (or pay for a commercial certificate) if we wanted to keep our repository easily accessible. While we could have issued a LE certficate manually, that method is completely impractical as certificates issued by LE expire after just 90 days, while CACert’s certificates lasted 6 months or even 2 years if you passed the assurance tests.

Choosing an ACME client, aka “bot”

The implied requirement for automated renewal means you have to install a client for the so-called ACME protocol and allow it to generate a key & CSR, submit it to LE, somehow provide a domain-based verification, finally reload your server application and repeat that whole process periodically on its own. As we want to install certificates into an Apache web server but there’s no module to handle LE certificate issuance directly from within Apache yet, we have to use some tool to perform the necessary tasks for us. The first client published by LE themselves (“Certbot” or app-crypt/acme on Gentoo) had a terrible reputation as it was heavily modifying the system it was being installed on. Soon after the initial start last year, multiple alternate implementations became available, more or less system-specific and more or less disruptive in the way they hook into the system.

I wanted to avoid that. The client I would choose for our server should not manipulate any configs on its own and it shouldn’t install extra dependencies outside the regular package management provided by the system (portage on Gentoo). It should just handle certificate creation/registration and renewal, nothing else. And it should have a comprehensive documentation.

Judging from just the documentation, my personal favourites so far have been acme.sh and acmetool. While acme.sh would have had the big advantage that it requires basically no (unusual) dependencies as it’s “just a shell script”, that was also the reason why I decided against deploying it on my server. While there’s no rational reason against that script, I, as well as the friend I’m sharing the server with, had a gut instinct that didn’t allow us to trust an externally developed shell script to perform some periodic task in processing external data (i.e. interaction with LE’s ACME server). I therefore decided to try acmetool instead, which has been developed in Go.

This article thus details the installation of acmetool on Gentoo but most steps should apply to other clients as well.

Continue reading “Let’s Encrypt on Gentoo”

Patching a non-syncing RAID 1

I have yet to figure out why, but today one of my hard drives hit multiple CRC errors and went offline. It is part of a software (mdraid) RAID 1 and I had seen such errors before, so I did the usual procedure: Shutdown and power off for a few minutes, check that all drives come up on boot, boot to a rescue system, stop RAIDs, run a long self-test on the lost drive and then resync the RAID by running mdadm --add using the drive that remained online as source. Sounds okay? Too bad I had errors on the source drive…

When the first RAID partition’s resync neared completion around 95%, it suddenly stopped and marked the target drive as spare again. I wondered what happened and looked at the kernel log which told me that there have been many failed retries to read a particular sector which made the resync impossible to complete. Plus, S.M.A.R.T. now listed one “Current Pending Sector”.

What could I have done to avoid this?

First of all, I should have run check/repair more regularly. If a check is being run, uncorrectable read errors can be noticed and the failed sectors can be re-written from a good disk. However, check/repair can be a rather lengthy task which means it is not very suited to desktop computers that are not running 24/7.

Another option could have been to use --re-add instead of --add, which might have synced only recently modified sectors, thus skipping the bad one I hit on the full resync caused by --add. However, since I had my system in use about one hour before I noticed the emails indicating RAID failure, I doubt this could have helped much. Plus, it would likely have been too late to run that after a resync has already tried and failed as the data on the lost disk was already partially overwritten.

What I did to work around the issue


The following steps can cause irreparable damage to your data. Only continue if you fully understand what you are doing and you either have a working backup or can avoid loosing the data. This post is omitting information you should know if you are going to follow these steps. Please make your own mind about them before running any commands.


NOTE: The failed sector will be called 12345 from now on. The broken sector resides on /dev/sdb and the drive that went offline and has a partial resync but good sector is /dev/sdc.

A quick search turned up some helpful sites ([1], [2]). First, I verified that I had the correct sector address by running hdparm --read-sector 12345 /dev/sdb, which returned an I/O error just as expected. I then checked the sectors immediately before and after the failed one. I was lucky to find a strangely uniform pattern that simply counted up – I’m not sure if that is some feature of either ext4 or mdraid or just random luck. I tried to ask debugfs what’s stored there (could have been free space, as in [2]) but I wasn’t sure if I had the correct ext4 block number, so I didn’t give anything on that information.

Since this is a RAID 1, I thought, maybe I could just selectively copy the sector over from /dev/sdc. What I needed to do was to get the correct sector address for sdc and then run some dd command. Since the partition layouts differ on sdb and sdc, the sector numbers don’t match 1:1 and have to be calculated. I ran parted and set unit s to get sector addresses, then ran print to get the partition tables of both disks. All that has to be done is subtracting the start offset from the failed sector address, then add the other partition’s offset again. Let’s say the address was 23456.

Since I knew what the sector should look like, I could verify it directly with hdparm. Additionally, I checked a few sectors below and above that address and the data matched perfectly.

Next, I had to assemble a dd command to display and then copy the sector. Using dd if=/dev/sdc bs=512 count=1 skip=23456 | hexdump (bs should match the logical sector size) and comparing it to the hdparm output, I could verify that I read the correct sector. I also tried a few sectors above/below again. When I was ready, I finally copied the sector: dd if=/dev/sdGOOD of=/dev/sdBAD bs=512 count=1 skip=23456 seek=12345 oflag=direct (replace sdGOOD and sdBAD by the actual drives – just making this post copy&paste-proof :) ) oflag=direct is required or you will likely get an I/O error.

To be sure that everything went fine, I checked the result with hdparm again. After restarting the RAID, the resync ran fine this time.

Reconstructing directory modification times

I’m currently migrating large parts of a Windows NTFS partition to Ext4 on my desktop system and accidentally messed the modification times of all directories I moved with Dolphin (KDE) by aborting the operation and restarting it over the already created directories from the first run. I decided to hack a small script to reconstruct the modification times (getting close to the original ones). It works by recursively finding the latest, deepest nested file modification time for a directory (as those have been copied correctly) and using touch to set the same timestamp on the target directory. I would advise to call it with find on the directories it should operate on, for example if it has been saved as ~/fix-copied-dirtimes.sh:

find first/ second/ -type d -not -empty -exec ~/fix-copied-dirtimes.sh \{\} \;

It is by far not optimized (being called this way will perform highly redundant queries on the file system) but it works very fast nevertheless and you usually don’t run it frequently, so that’s okay…

A little word of warning: Verify the correct behaviour on your own! That means: Please manually confirm that all calls performed by this script and method turn up with the correct result. This comes without any warranty and although touch shouldn’t do any more than changing timestamps you never know… ;) So… do your checks please and try it on some unimportant test directories first.

# sets one directory modification time according to its latest file modification time (searched recursively)

LATESTDATE=`find "$DIR" -type f -printf '%TY%Tm%Td%TH%TM.%TS\n' | sort -n | tail -n1 | cut -c-15`

        touch -m -t "$LATESTDATE" "$DIR"

wine caching Temporary Internet Files indefinitely

Taking a look at where my disk space went, I was quite surprised to find 11GiB in a directory at ~/.wine/drive_c/windows/profiles/username/Local Settings/Temporary Internet Files/Content.IE5/

It appears that this is an already reported issue with wine, as downloads made through calls to wininet.dll are supposed to be deleted by Windows sooner or later. As wine caches its downloads the same way but without ever removing old files, everything ever downloaded through wine’s wininet.dll currently gets cached indefinitely. To work around that problem, it’s currently necessary to clear that folder once in a while (or to automate that on reboots or similar). Simply deleting that directory should work just fine as it is supposed to be created automatically if needed.

It’s probably best to also search for other temp directories inside ~/.wine from time to time. Apart from cached downloads I could free another 6GiB of unnecessarily wasted space at the usual locations. It’s easy to forget about “C:” when running wine… :)

KDE 4.3 upgrade and Cashew

I reinstalled KDE for an upgrade from 4.2 to 4.3 (doesn’t seem to work without uninstalling on Gentoo; no idea why) and ran into some problems afterwards.

reinstalling KDE

I was still using the unstable KDE 4.2 until this weekend. For some strange reason, the slotted 4.2 ebuilds were completely removed from portage, thus preventing any re-merges which I had to do since I wanted to also upgrade from GCC 4.1.2 to 4.3.4, so I had to uninstall KDE before, upgrade GCC, recompile everything, then finally merge KDE again. To remove KDE more or less completely I was told to do emerge -pCv $(qlist -ICv kde | grep 4.2) (minus the pv of course). I had some other ebuilds left for manual checking but this command caught the vast majority. Unmerging and remerging kde-meta (after the GCC upgrade) went really smooth. To have a WM in the meantime I emerged xfce4-meta and gnome-terminal before I unmerged KDE.

Akonadi migration with bogus entry

Recently I had issues with some corrupted config in Akonadi that could not be solved from within KDE 4.2. On every start I would now get the migration dialog retrying to migrate a bridge called Y2252jgYO7 – whatever that was, I couldn’t find it. Running locate on that ID revealed old lock files back from KDE 3.5. Having searched for a moment I figured out that I could simply find and remove the files:

find ~/.kde* -iname \*Y2252jgYO7\* -exec rm \{\} \;

Next, everything referencing that ID has to be removed from ~/.kde4/share/config/kres-migratorrc – redo whatever runs the migration assistant for you and the problem should be solved.

frenzy Nepomuk – again…

I don’t seem to be the only one where the desktop search never works. With KDE 4.2 I disabled Strigi and Nepomuk because it took 100% CPU even when idling. If it wasn’t idling it was accessing the harddisk way too fast and so it always slowed down my system. That wasn’t without sideeffects however: I was unable to use the runner (Alt+F2) without crashes. I figured out that enabling Nepomuk, disabling Strigi and removing all repository data worked in KDE 4.2. Guess what? The problem reappeared after the upgrade to KDE 4.3. I don’t know if I solved it “properly” (I don’t need desktop search ATM so I can afford disabling it). From Stéphane Laurière at Mandriva’s bug tracker:

  1. make a backup of your Nepomuk database by backuping the folder ~/.kde4/share/apps/nepomuk/repository/
  2. reconfigure Strigi from the Nepomuk System Settings so that it indexes less
    Note: I unchecked everything plus added * to the exclude patterns, just to be sure.
  3. stop Nepomuk by running the following command:
    qdbus org.kde.NepomukServer /nepomukserver org.kde.NepomukServer.quit
  4. remove the repository folder ~/.kde4/share/apps/nepomuk/repository/
  5. restart Nepomuk: nepomukserver

After restart I got several crashes (what else) but Nepomuk stops retrying after a short time… (you should watch out for large numbers of crash logs though)

the Cashew

If you ever wondered what the name for that moon-and-star-like icon is which you get when unlocking your panels in KDE4, it seems to be called “the Cashew”. I know there was one icon on the desktop when I started using KDE 4.2 but it somehow disappeared very soon on its own and I didn’t miss it. It seems like that has been some bug since I now had it again:

cashew on the right side KDE Cashew

That nasty icon was sitting right on my otherwise clean desktop wallpaper. I could move it around my screen borders but it could not be removed. I thought something was broken until I finally searched for it and figured out that it’s some kind of branding not be meant to be removed. Great… Now, how do you get rid of it?!

As pointed out on the Gentoo forums (thread “KDE 4.3.0 Annoyances“) and also on a blog post, there exists a plasmoid that you can simply drop onto your desktop to remove/hide that useless cashew: I HATE the Cashew

I HATE the Cashew

If you should ever want that apparently useless cashew icon back, simply remove “I HATE the Cashew” by clicking the minus icon on the “Add Widgets” dialog.

There used to be an ebuild for it but since I couldn’t find it I simply wrote one on my own (well, half-way copy&pasting from other ones and the ebuild documentation, but it works). In case you need it too, here it is: (kde-misc/ihatethecashew-0.4)

# Copyright 1999-2009 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2


DESCRIPTION="I HATE the Cashew - KDE4 corner icon removal plasmoid"

KEYWORDS="~amd64 ~x86"


src_unpack() {
        unpack ${A}

src_compile() {
        cd iHateTheCashew
        mkdir build
        cd build
        cmake -DCMAKE_INSTALL_PREFIX=/usr .. || die "CMake failed!"
        emake || die "Make failed!"

src_install() {
        cd iHateTheCashew/build
        emake DESTDIR="${D}" install || die "Install failed"

portage: (permanently) ignoring file collisions

I’m currently setting up a server to migrate an older one to. In order to emerge all necessary ebuilds I basically took the worldfile of the older one, sorted, diffed and edited it to finally emerge `cat mergelist` it on the new system. Except for a few dependency problems (emerge --resume --skip-first and later reruns fixed those) everything went fine. Unfortunately, having emerged maildrop, it blocked the installation of courier-imap due to file collisions:

 * This package will overwrite one or more files that may belong to other
 * packages (see list below). You can use a command such as `portageq    
 * owners / ` to identify the installed package that owns a    
 * file. If portageq reports that only one package owns a file then do   
 * NOT file a bug report. A bug report is only useful if it identifies at
 * least two or more packages that are known to install the same file(s).
 * If a collision occurs and you can not explain where the file came from
 * then you should simply ignore the collision since there is not enough 
 * information to determine if a real problem exists. Please do NOT file 
 * a bug report at http://bugs.gentoo.org unless you report exactly which
 * two packages install the same file(s). Once again, please do NOT file 
 * a bug report unless you have completely understood the above message. 
 * Detected file collision(s):                                           
 *      /usr/bin/maildirmake                                             
 *      /usr/share/man/man1/maildirmake.1.bz2                            
 *      /usr/share/man/man8/deliverquota.8.bz2                           
 * Searching all installed packages for file collisions...               
 * Press Ctrl-C to Stop                                                  
 * mail-filter/maildrop-2.2.0                                            
 *      /usr/bin/maildirmake                                             
 *      /usr/share/man/man1/maildirmake.1.bz2                            
 *      /usr/share/man/man8/deliverquota.8.bz2                           
 * Package 'net-mail/courier-imap-4.5.0' NOT merged due to file          
 * collisions. If necessary, refer to your elog messages for the whole   
 * content of the above message.                                         

maildrop belongs to courier and although that collision isn’t great but won’t hurt being ignored, I added the following line to /etc/make.conf (wrapped to be readable on my blog):

COLLISION_IGNORE="/usr/bin/maildirmake \
 /usr/share/man/man1/maildirmake.1.bz2 \

This will permanently ignore the collision for all 3 files.

Disabling HPA on Samsung HDDs

A friend of mine bought a new 1TB hard drive from Samsung (HD103SJ with firmware 1AJ100E4). He used Windows Vista to partition it and format 2 partitions for NTFS, one to install Windows 7 and one to move data from an external drive. Everything worked well, Vista used the drive as intended. When he rebooted to install Win7 everything – Windows 7 setup, BIOS and unfortunately also Vista – saw the drive with only 33 MB capacity, reporting one unformatted partition on it.

Searching the internet we found out it must be a problem with the drive’s host protected area (HPA) in conjunction with his mainboard/SATA controller (ironically from Gigabyte). He updated BIOS and chipset drivers but the problem persisted. According to some forums there are some tools for Windows to fix that issue. Since many people reported data loss afterwards and he didn’t have another copy of the data he moved from his external drive we decided to boot into the new Gentoo Live DVD that also allowed me to log in remotely via SSH to investigate the problem (we are more than 500km away from each other).

Following a short guide on how to detect and disable HPA we could see the settings of his drive:

# hdparm -N /dev/sdb
max sectors = 65134/1953525168, HPA is enabled

This seems to have been the opposite configuration of what should have been set according to the guide: While the examples from the guide had a much greater value before the slash his drive seemed to show the intended remainder to be allocated to the HPA set for “public” use, so his HPA seemed to cover almost the entire 1TB of his HDD.

Before we tried to correct that value we wanted to check if we can access any data right away. Unfortunately everything prevented us from accessing the HPA – the kernel did only register /dev/sdb1 but not /dev/sdb2, smartmontools showed 33MB capacity as well, parted refused to work and fdisk finally showed the correct partition table but reported a mismatch in geometry, so at least we still seemed to access the same start sector of his HDD:

Disk /dev/sdb: 33 MB, 33348608 bytes
255 heads, 63 sectors/track, 4 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Disk identifier: 0x24c2a85c

Device Boot Start End Blocks Id System
/dev/sdb1 1 38245 307200000 7 HPFS/NTFS
Partition 1 has different physical/logical endings:
phys=(1023, 254, 63) logical=(38244, 193, 29)
/dev/sdb2 38245 121601 669558784 7 HPFS/NTFS
Partition 2 has different physical/logical beginnings (non-Linux?):
phys=(1023, 254, 63) logical=(38244, 193, 30)
Partition 2 has different physical/logical endings:
phys=(1023, 254, 63) logical=(121600, 247, 55)

We also tried to access /dev/sdb with dd but only got the 33MB until the drive “ended”. Considering the HPA modifications to be the last resort we tried to change it only temporarily at first, but had to set it permanently to get any effects on the system after a reboot. Please note that the manpage for hdparm explicitely states that changing that setting is “VERY DANGEROUS, DATA LOSS IS EXTREMELY LIKELY”. I copied the old value to a text editor before making the modifications, so I hoped we could at least set it back to what it was before our changes in case it didn’t work well. To make a permanent change, simply run the same command with p (for permanent) followed by the new maximum value to be set (to disable HPA this would be the exact same value as written after the slash):

# hdparm -N p1953525168 /dev/sdb

Having rebooted, fdisk did not complain any more and the kernel recognized both partitions:

Disk /dev/sdb: 1000.2 GB, 1000204886016 bytes
255 heads, 63 sectors/track, 121601 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Disk identifier: 0x24c2a85c

Device Boot Start End Blocks Id System
/dev/sdb1 1 38245 307200000 7 HPFS/NTFS
/dev/sdb2 38245 121601 669558784 7 HPFS/NTFS

hdparm confirmed that we just disabled HPA:

# hdparm -N /dev/sdb

max sectors = 1953525168/1953525168, HPA is disabled

We mounted his data partition read-only using ntfs-3g and since everything seemed fine we started to copy everything back to his external drive, just to be sure we had a backup of his data in case that Windows would decide to crash his partition after another reboot. However, Windows Vista did recognize the drive correctly again and so did Windows 7; he can access all data and nothing seems to be corrupted or missing.

It appears strange that Windows initially ignored the HPA and worked well until he rebooted. But having had extreme, sporadic problems myself using a Silicon Image SATA controller with Windows XP SP2 as well as Windows Vista (without SP, back in 2007) it did not really surprise me any more.

segfaults and libjpeg.so.62 missing after update

I updated my Gentoo system last week (amd64) and ran into multiple problems.

Due to compile errors on many ebuilds I decided to run a revdep-rebuild. After about an hour it recognized that about 380 ebuilds were broken and had to be remerged. I began but could not finish that day so I left revdep-rebuild (which happened to stop due to an error anyway) and shut my system down.

The next day I realized that about half my system was broken. CUPS crashed repeatedly, reporting a segfault with libc whenever I tried to print anything (visible in the kernel log). Remerging cups or glibc did not help, so I went to the Gentoo forums and found the advise to run

emerge -e system 
perl-cleaner all 
emerge -1 libtool 

It took a long time involving the usual stop-and-go caused by build errors but finally it finished. CUPS worked again and so did most of the system. Unfortunately 64 bit binaries like nxclient still did not run because libjpeg.so.62 did not exist any longer. Well, it did for 32 bit apps (so the 32 bit Firefox binary could still run) but not for 64 bit. (the 32 bit version is belongs to app-emulation/emul-linux-x86-baselibs) As usual, linking to the 32 bit library was without success (wrong ELF architecture) and linking to libjpeg.so.7 didn’t work well (I was able to run NX but all JPEGs were missing).

I was lucky enough to find a rather unrelated bug report on the bugtracker that indicates there is a second ebuild for libjpeg called media-libs/jpeg-compat which actually contains the missing 64 bit version of libjpeg.so.62. Having emerged that everything works fine again now.

Opera 10: finally I got Flash and Java back

I don’t know what they did, but Opera 10 Beta 3 (build 4537) finally got Flash working again on my Linux system. Back in 2007 Flash 9 started to use GTK solely and Opera 10 could no longer run the plugin: Opera would simply freeze and/or crash. Due to security updates I finally had to upgrade the Flash player and had to start Firefox for every flash website (or Flash video) I wanted to view. With every update I checked if support returned but it still would not run. In 2008 I changed to 64 bit and while many people reported it started working again on their 32 bit systems I still only got crashes. In February I started using KDE 4 (and Qt 4) and while people started reporting Flash to work on 64 bit I – again – could not use it.

Maybe I was always upgrading/updating at the wrong time – there is one thing I can read from the filenames portage downloaded:


It seems like older versions have only been built (or downloaded) with Qt3 libraries but with beta 3 there finally is a Qt4 version available. Maybe that’s the fix – finally, after 2 years, I can use Flash again in my primary browser! :D

I checked some websites and while all Flash movies run and most run fine, videos still run jerky, highly depending on the players being used and the mode (fullscreen is worst). While these performance problems happen to be worse than in Firefox, it’s still mainly a problem of the Linux version of the Flash player (xkcd made a cartoon about it recently).

The next thing I could not use since I switched to 64 bit was the Java plugin. It was the same as with Flash, I got freezes and/or crashes and no useful error messages. I was quite surprised when I saw a useful backtrace on my terminal: For some reason, Opera 10 tried to use Blackdown JDK 1.4 which some ebuild must have had as a dependency. I unmerged it and now I got errors complaining about libjvm.so not being found. To point Opera to the correct path simply go into Tools/Preferences/Advanced/Content, enable Java and open the Java Options dialog. The path to be entered can be found by running locate libjava.so and should be something like /opt/sun-jdk- (excluding the filename; you will need to update this on version changes).

On Gentoo you may still get an error message telling you that libjvm.so cannot be found. You may need to symlink it from …/jre/lib/amd64/server/ to …/jre/lib/amd64/ and it should be working after a browser restart.

I don’t know since when there was a Java Options dialog, so maybe I could have been able to use Java for quite some time now. Anyway, it’s great to finally have both plugins working again.

Amarok 2 with Gentoo on AMD64

Finally, that’s possible. I will explain what’s necessary in case it’s not yet in portage (just saw the patches are making it to overlays now :D ) but not without a warning and explanation: Amarok 2 has been blocked by MySQL not compiling correctly for use as a shared library. The main bug report on Gentoo’s bugtracker is here for MySQL. Although it now seems to have made its way into mysql-extras overlay (?) it may still take a while to be verified for not causing any problems at all.


Read all instructions carefully. I’m not responsible for any data loss or corruption you may experience by following this howto and using the patched MySQL or beta release of Amarok.

You may want to backup your databases before you go into patching. You have been warned (although everything seems to be fine on my system).

Patching MySQL
When I got it working yesterday, I still patched the eclass file to add a USE-flag “pic” for triggering a GCC option. The current status from the bug comments is that it should be a false solution and not be necessary anymore. However, I still get a linker error “recompile with -fPIC” when compiling Amarok 2 afterwards. So you still need to patch the eclass file using the files stroken out on the bug report (mysql.eclass and a patch to it, apply the patch or grab the resulting file here). You may want to try if it works for you without the patched eclass, though. If you choose to apply the patched eclass, you need to put it in your overlay into /eclass directory (top-level like a category). On the next emerge you will be warned to add “metadata-transfer” to your FEATURES variable in /etc/make.conf and run emerge –regen after each sync (this will take a while; ~20 minutes on my 3GHz Core2Duo).

Now we need an ebuild, too. Download the patch file to MySQL’s source code (better check if it’s still current) and store it in your local overlay’s dev-db/mysql/files. Copy the latest ebuild for MySQL from official portage to your overlay and rename it to match version numbers with the patch. Run ebuild mysql-whateverversion.ebuild digest, unmask and emerge it! (using “embedded” USE-flag)

Amarok 2.1 Beta 1
If we go unstable, we do it right. So we are going to create an ebuild for Amarok 2.1 Beta 1, too. Again, BE WARNED: There are some possible corruption issues with ID3 tags (also reported for 2.0.1). You don’t want that to happen, so be careful not to do any writing operations to your files in Amarok until that bug gets fixed. (I got a couple more with reading tags but my files are still intact, so I’m fine; all bugs are already in the bug tracker)

Amarok 2.1 depends on taglib-extras, which is currently not in portage. So simply go to http://gpo.zugaina.org/media-libs/taglib-extras and grab 0.1.2’s ebuild, put it in overlay, digest, unmask and emerge.

For Amarok itself, Beta 1 seems to be version 2.0.90. Simply grab my ebuild, which is a slightly modified version from official portage tree. I removed the iPod patch and the webkit string replacement, added 2 dependencies and had to fake the check for Qt script bindings. Of course, I needed to replace the download URI and add ~amd64 keyword:

--- /usr/portage/media-sound/amarok/amarok-       2009-03-16 11:36:10.000000000 +0100
+++ amarok-2.0.90.ebuild        2009-04-12 17:53:18.000000000 +0200
@@ -14,10 +14,11 @@
+KEYWORDS="~x86 ~amd64"
IUSE="daap debug ifp ipod mp3tunes mp4 mtp njb +semantic-desktop"

|| (
@@ -25,6 +26,8 @@
+       >=media-libs/taglib-extras-0.1
+       >=x11-libs/qt-script-4.4.2
|| ( media-sound/phonon x11-libs/qt-phonon:4 )
@@ -46,7 +49,8 @@
daap? ( www-servers/mongrel )"

-PATCHES=( "${FILESDIR}/${PV}-ipod.patch" )
+# PATCHES=( "${FILESDIR}/${PV}-ipod.patch" )

pkg_setup() {
if use amd64 ; then
@@ -77,9 +81,10 @@

# Remove superfluous QT_WEBKIT
-       sed -e 's/ -DQT_WEBKIT//g' \
-               -i "${S}"/src/scriptengine/generator/generator/CMakeLists.txt \
-               || die "Removing unnecessary -DQT_WEBKIT failed."
+#      sed -e 's/ -DQT_WEBKIT//g' \
+#              -i "${S}"/src/scriptengine/generator/generator/CMakeLists.txt \
+#              || die "Removing unnecessary -DQT_WEBKIT failed."
+       sed -e 's/CHECK_CXX_SOURCE_RUNS/set( BINDINGS_RUN_RESULT 1 )\n#/g' -i "${S}"/cmake/modules/FindQtScriptQtBindings.cmake

$(cmake-utils_use_with ipod Ipod)

You may need to uninstall Amarok 1 before emerging 2 or you will get file collisions.

Some problems
I have 2 soundcards and Amarok was playing everything on the wrong one on first start-up although I reordered my cards in the configuration dialog. I seem to have gotten rid of that problem by simply restarting Amarok after changing the order. GStreamer backend currently crashes, so you may prefer xine (which I do nevertheless).

I couldn’t get Ampache working yet, but I assume the fault is on Ampache’s side. We were able to track the problem down, likely being the hash being used on authorization which seems to be an issue between 32 bit servers and 64 bit clients (seems to be a different timestamp; I really don’t know why that’s still a problem, I guess it’s very bad programming or at least testing…).

Amarok doesn’t index all files correctly. Some files are not shown with metadata but only with their filenames instead. You may be able to work around it by rescanning your collection multiple times. There also seem to be some index issues on the collection when updating the collection while browsing through it. However, I still got some MP3s not showing up in my collection although they seem to be counted.

Oh, and you scrobble streams to Last.fm which I consider a bug since that’s not the intended behaviour (or at least has not been until now).

I will try to confirm these bugs and report them if they are not already listed in KDE’s bugtracker.

Some scripts currently don’t work. That’s because we faked around the script bindings dependency in order to be able to compile. You may get some ebuild to compile qtscriptgenerator, but it depends on Qt 4.5 which I haven’t yet installed (yes, I know I blogged about the recommendation to use it one post earlier, but I haven’t had time to recompile it yet – I should do that next). Do not report errors about scripts not running to Amarok devs; it’s entirely our own fault. However, if you need those scripts, you are free to get into compiling that dependency as well. ;)

Make it prettier
Amarok’s default theme doesn’t look appealing, at least not when using KDE’s Oxygen theme with default colors. You may have a look at alternative Amarok themes on kde-look.org. Most themes inherit their colors from your color theme, so don’t be surprised if it looks different than on the screenshots. I went for “Amarok Highlights” for the time being.

Unfortunately, Amarok 2 is still lacking a theme manager, so you have to install the themes manually by copying them to ~/.kde4/share/apps/amarok/images/ (one at a time; stylesheet.css goes one level above). You should quit Amarok before changing themes and clean caches before restarting it:

rm ~/.kde4/cache-YourHostname/kpc/Amarok-pixmaps.index
rm ~/.kde4/cache-YourHostname/kpc/Amarok-pixmaps.data