New gentoo bootstrap, hopefully the last incarnation before forking live-bootstrap proper

gentoo-2025.8/Containerfile

@@ -0,0 +1,274 @@
+FROM live-bootstrap
+
+#mkdir -p /var/cache/distfiles; cd /var/cache/distfiles
+#curl -LO http://gitweb.gentoo.org/proj/portage.git/snapshot/portage-3.0.68.tar.bz2
+#curl -LO http://distfiles.gentoo.org/snapshots/squashfs/gentoo-20250801.xz.sqfs
+#curl -LO https://github.com/plougher/squashfs-tools/archive/refs/tags/4.7.2/squashfs-tools-4.7.2.tar.gz
+## TODO: gentoo currently uses squashfs-tools-4.7, but that fails to build, upgraded to 4.7.2
+
+WORKDIR /tmp
+
+# Build squashfs-tools to extract the ::gentoo tree
+# TODO: Include in live-bootstrap proper
+RUN tar xf /var/cache/distfiles/squashfs-tools-4.7.2.tar.gz && \
+    cd squashfs-tools-4.7.2 && \
+    make -C squashfs-tools install \
+        INSTALL_PREFIX=/usr \
+        LZO_SUPPORT=0 LZ4_SUPPORT=0 ZSTD_SUPPORT=0 && \
+    cd .. && \
+    rm -rf squashfs-tools-4.7.2
+
+# Make some additional root modifications
+RUN cp /usr/include/asm-generic/mman.h /usr/include/asm  # needed by dev-libs/openssl
+
+# Unpack the ::gentoo tree
+RUN unsquashfs /var/cache/distfiles/gentoo-20250801.xz.sqfs && \
+    mkdir -p /var/db/repos && \
+    rm -rf /var/db/repos/gentoo && \
+    mv squashfs-root /var/db/repos/gentoo
+
+# Install temporary copy of portage
+RUN tar xf /var/cache/distfiles/portage-3.0.68.tar.bz2 && \
+    ln -sfT portage-3.0.68 portage
+
+# Add portage user/group
+RUN echo 'portage:x:250:250:portage:/var/tmp/portage:/bin/false' >> /etc/passwd && \
+    echo 'portage::250:portage' >> /etc/group
+
+# Create cross repository
+RUN <<'EOR'
+mkdir -p /var/db/repos/cross/profiles
+echo cross > /var/db/repos/cross/profiles/repo_name
+mkdir -p /var/db/repos/cross/metadata
+printf '%s\n' 'masters = gentoo' 'thin-manifests = true' \
+    > /var/db/repos/cross/metadata/layout.conf
+mkdir -p /var/db/repos/cross/cross-base
+ln -sfT /var/db/repos/gentoo/sys-devel/binutils /var/db/repos/cross/cross-base/binutils
+ln -sfT /var/db/repos/gentoo/sys-devel/gcc /var/db/repos/cross/cross-base/gcc
+mkdir -p /var/db/repos/cross/cross-base/glibc
+printf '%s\n' EAPI=8 SLOT=0 KEYWORDS='"*"' > /var/db/repos/cross/cross-base/glibc/glibc-0.ebuild
+EOR
+
+# Register i686-cross-linux-gnu toolchain
+RUN <<'EOR'
+echo cross-i686-cross-linux-gnu >> /var/db/repos/cross/profiles/categories
+ln -sfT cross-base /var/db/repos/cross/cross-i686-cross-linux-gnu
+EOR
+
+# Configure prefix for host tools
+RUN <<'EOR'
+mkdir -p /cross/etc/portage/make.profile
+cat > /cross/etc/portage/make.profile/make.defaults << 'EOF'
+FETCHCOMMAND="curl -k --retry 3 -y 60 --ftp-pasv -o \"\${DISTDIR}/\${FILE}\" -L \"\${URI}\""
+RESUMECOMMAND="curl -C - -k --retry 3 -y 60 --ftp-pasv -o \"\${DISTDIR}/\${FILE}\" -L \"\${URI}\""
+FEATURES="-news -sandbox -usersandbox -pid-sandbox -ipc-sandbox -network-sandbox -parallel-fetch"
+BINPKG_COMPRESS=bzip2
+CLEAN_DELAY=0
+
+ARCH=x86
+ACCEPT_KEYWORDS="$ARCH"
+CHOST=i686-unknown-linux-musl
+IUSE_IMPLICIT="prefix prefix-guest kernel_linux elibc_musl elibc_glibc sparc m68k alpha amd64 x86"
+USE="prefix prefix-guest kernel_linux elibc_musl x86 python_targets_python3_13"
+
+C_INCLUDE_PATH="$EROOT/usr/include"
+CPLUS_INCLUDE_PATH="$EROOT/usr/include"
+LIBRARY_PATH="$EROOT/usr/lib"
+PKG_CONFIG_PATH="$EROOT/usr/lib/pkgconfig:$EROOT/usr/share/pkgconfig"
+LDFLAGS="-Wl,--disable-new-dtags,-rpath,$EPREFIX/usr/lib"
+EOF
+cat > /cross/etc/portage/repos.conf << 'EOF'
+[cross]
+location = /var/db/repos/cross
+EOF
+cat > /cross/etc/portage/package.use << 'EOF'
+dev-lang/perl minimal
+dev-libs/libxml2 -python
+sys-apps/file -seccomp
+sys-apps/util-linux -su
+cross-i686-cross-linux-gnu/gcc -sanitize -fortran openmp
+EOF
+cat > /cross/etc/portage/make.profile/package.provided << 'EOF'
+sys-devel/binutils-2.27
+sys-devel/gcc-6.2
+app-arch/xz-utils-0
+EOF
+mkdir -p /cross/etc/portage/env/cross-i686-cross-linux-gnu
+cat > /cross/etc/portage/env/cross-i686-cross-linux-gnu/gcc << '_EOF'
+EXTRA_ECONF='--with-sysroot=/gentoo'
+#EXTRA_ECONF="$EXTRA_ECONF --enable-shared --enable-threads=posix"  # TODO: test without
+#EXTRA_ECONF="$EXTRA_ECONF --enable-host-shared"  # Needed because --enable-host-pie is enabled in ebuild, fixed in GCC 15
+#EXTRA_ECONF="$EXTRA_ECONF --enable-host-bind-now"
+#post_src_prepare() {
+## Avoid configuration bug triggered by --disable-shared -enable-shared
+#sed -i '/enable_shared | enable_static) ;;/d' config-ml.in || die
+#}
+post_src_install() {
+cat > "$ED/usr/lib/gcc/$CTARGET/specs" << 'EOF'
+*link:
++ %{!shared:%{!static:%{!static-pie:-dynamic-linker %{m64|mx32:;:/gentoo/lib/ld-linux.so.2}%{m64:/gentoo/lib64/ld-linux-x86-64.so.2}%{mx32:/gentoo/libx32/ld-linux-x32.so.2}}}}
+EOF
+}
+_EOF
+mkdir -p /cross/etc/portage/env/dev-lang
+cat > /cross/etc/portage/env/dev-lang/python << 'EOF'
+pre_src_prepare() {
+sed -i 's/\[MULTIARCH=\$(.*\]/[MULTIARCH=]/' configure.ac || die
+}
+EOF
+mkdir -p /cross/etc/portage/env/dev-build
+echo 'CFLAGS=-std=c17' > /cross/etc/portage/env/dev-build/make
+EOR
+
+# TODO: Upgrade to findutils 4.9 for portage, and add pax-utils for "scanelf". Both of these are required by portage's `estrip`
+
+# Initialize environment
+RUN PORTAGE_OVERRIDE_EPREFIX=/cross ./portage/bin/emerge -D1n sys-apps/baselayout
+RUN echo 'PATH=/usr/bin' > /cross/etc/env.d/99host && \
+    PORTAGE_OVERRIDE_EPREFIX=/cross ./portage/bin/env-update
+RUN mkdir -p /cross/bin
+RUN ln -sf /bin/sh /cross/bin  # Required by sys-devel/gcc
+RUN ln -sf /bin/bash /cross/bin  # Required by eautoreconf
+
+# Build tools missing from/broken in live-bootstrap
+# TODO: Include in live-bootstrap proper
+RUN PORTAGE_OVERRIDE_EPREFIX=/cross MAKEOPTS=-j1 ./portage/bin/emerge -D1n dev-build/make  # make in live-bootstrap has trouble with parallel builds under portage
+RUN PORTAGE_OVERRIDE_EPREFIX=/cross ./portage/bin/emerge -D1n net-misc/rsync  # https://bugs.gentoo.org/963902
+
+# Configure target prefix
+RUN <<'EOR'
+mkdir -p /gentoo/etc/portage
+ln -sfT /var/db/repos/gentoo/profiles/default/linux/x86/23.0/i686/prefix/kernel-3.2+ /gentoo/etc/portage/make.profile
+cat > /gentoo/etc/portage/make.conf << 'EOF'
+FETCHCOMMAND="curl -k --retry 3 -y 60 --ftp-pasv -o \"\${DISTDIR}/\${FILE}\" -L \"\${URI}\""
+RESUMECOMMAND="curl -C - -k --retry 3 -y 60 --ftp-pasv -o \"\${DISTDIR}/\${FILE}\" -L \"\${URI}\""
+FEATURES="-news -sandbox -usersandbox -pid-sandbox -ipc-sandbox -network-sandbox -parallel-fetch"
+BINPKG_COMPRESS=bzip2
+CLEAN_DELAY=0
+
+PORTDIR=/var/db/repos/gentoo
+DISTDIR=/var/cache/distfiles
+PORTAGE_TMPDIR=/var/tmp
+
+CHOST=i686-cross-linux-gnu
+ACCEPT_KEYWORDS="-~$ARCH"
+USE=-nls
+INSTALL_MASK=/etc/env.d/99host
+EOF
+mkdir -p /gentoo/etc/portage/profile
+cat > /gentoo/etc/portage/profile/package.use << 'EOF'
+sys-devel/gcc -sanitize -fortran
+app-arch/gzip pic
+EOF
+cat > /gentoo/etc/portage/profile/package.accept_keywords << 'EOF'
+~net-misc/curl-8.15.0  # Fix bug that prevents --ftp-pasv from working
+EOF
+cat > /gentoo/etc/portage/bashrc << 'EOF'
+if [ "$CBUILD" = i686-unknown-linux-musl ]; then
+export BUILD_CFLAGS="-I$BROOT/usr/include"
+export BUILD_LDFLAGS="-L$BROOT/usr/lib -Wl,--disable-new-dtags,-rpath,$BROOT/usr/lib"
+export PKG_CONFIG_LIBDIR="$EROOT/usr/lib/pkgconfig:$EROOT/usr/share/pkgconfig"
+export PKG_CONFIG_SYSTEM_INCLUDE_PATH="$EROOT/usr/include"
+export PKG_CONFIG_SYSTEM_LIBRARY_PATH="$EROOT/lib:$EROOT/usr/lib"
+export CONFIG_SITE="$EROOT/etc/portage/config.site"
+fi
+EOF
+cat > /gentoo/etc/portage/config.site << 'EOF'
+ac_cv_file__dev_ptmx=yes  # dev-lang/python
+ac_cv_file__dev_ptc=no  # dev-lang/python
+gl_cv_func_strcasecmp_works=yes  # sys-apps/diffutils
+EOF
+mkdir -p /gentoo/etc/portage/env/dev-lang
+cat > /gentoo/etc/portage/env/dev-lang/python << '_EOF'
+if [ "$CBUILD" = i686-unknown-linux-musl ]; then
+pre_src_prepare() {
+sed -i 's/\[MULTIARCH=\$(.*\]/[MULTIARCH=]/' configure.ac || die
+}
+fi
+_EOF
+EOR
+
+# Initialize prefix
+RUN PORTAGE_OVERRIDE_EPREFIX=/gentoo USE=build ./portage/bin/emerge -D1n sys-apps/baselayout
+RUN echo 'man:x:13:15:System user; man:/dev/null:/sbin/nologin' >> /gentoo/etc/passwd && \
+    echo 'man:x:15:' >> /gentoo/etc/group
+# TODO: The acct-user and acct-group should create the groups honestly
+
+# Build libc and adapt compiler for target prefix
+# Usually, CC and CXX should be the CHOST compilers, to cross compile. However, they're compatible enough here.
+# Using --nodeps because the live-bootstrap environment is guaranteed to provide enough to build glibc
+RUN PORTAGE_OVERRIDE_EPREFIX=/cross PORTAGE_CONFIGROOT=/gentoo EPREFIX=/gentoo CBUILD=i686-unknown-linux-musl CC=i686-unknown-linux-musl-gcc CXX=i686-unknown-linux-musl-g++ BOOTSTRAP_RAP=y ./portage/bin/emerge -O1n sys-kernel/linux-headers
+RUN PORTAGE_OVERRIDE_EPREFIX=/cross PORTAGE_CONFIGROOT=/gentoo EPREFIX=/gentoo CBUILD=i686-unknown-linux-musl CC=i686-unknown-linux-musl-gcc CXX=i686-unknown-linux-musl-g++ BOOTSTRAP_RAP=y ./portage/bin/emerge -O1n sys-libs/glibc
+RUN PORTAGE_OVERRIDE_EPREFIX=/cross ./portage/bin/emerge -D1n cross-i686-cross-linux-gnu/glibc  # Dummy package to use proper flags in gcc
+RUN PORTAGE_OVERRIDE_EPREFIX=/cross ./portage/bin/emerge -D1n cross-i686-cross-linux-gnu/binutils  # TODO: cross-gcc doesn't depend on the right binutils
+RUN PORTAGE_OVERRIDE_EPREFIX=/cross ./portage/bin/emerge -D1n cross-i686-cross-linux-gnu/gcc
+
+# Build compiler and initial tools for prefix
+RUN PORTAGE_OVERRIDE_EPREFIX=/cross ./portage/bin/emerge -D1n sys-libs/ncurses  # https://bugs.gentoo.org/963660
+RUN PORTAGE_OVERRIDE_EPREFIX=/cross ./portage/bin/emerge -D1n dev-lang/python  # TODO: dev-util/re2c requires dev-lang/python
+RUN PORTAGE_OVERRIDE_EPREFIX=/cross PORTAGE_CONFIGROOT=/gentoo EPREFIX=/gentoo CBUILD=i686-unknown-linux-musl USE=build ./portage/bin/emerge -D1n \
+    app-alternatives/awk \
+    app-alternatives/gzip \
+    app-shells/bash \
+    dev-build/make \
+    sys-apps/coreutils \
+    sys-apps/diffutils \
+    sys-apps/grep \
+    sys-apps/portage \
+    sys-apps/sed \
+    sys-devel/binutils \
+    sys-devel/gcc \
+    sys-devel/patch
+
+# Finalize prefix
+RUN /gentoo/usr/bin/emerge -DUu @world
+RUN /gentoo/usr/bin/emerge -c
+
+# Create a cross compiler
+RUN /gentoo/usr/bin/emerge -Dn sys-devel/crossdev app-eselect/eselect-repository sys-apps/shadow
+RUN ( . /gentoo/etc/profile; eselect repository create crossdev )
+RUN mkdir -p /gentoo/etc/portage/profile/package.use.mask
+RUN printf 'cross-x86_64-pc-linux-gnu/%s -multilib cet\n' linux-headers glibc binutils gcc gdb > /gentoo/etc/portage/profile/package.use.mask/cross-x86_64-pc-linux-gnu.multilib
+RUN ( . /gentoo/etc/profile; crossdev -A 'amd64 x86' -S -P -v x86_64-pc-linux-gnu )
+
+# Configure new system
+RUN ( . /gentoo/etc/profile; PORTAGE_CONFIGROOT=/gentoo/usr/x86_64-pc-linux-gnu eselect profile set --force default/linux/amd64/23.0 )
+RUN ( m=/gentoo/usr/x86_64-pc-linux-gnu/etc/portage/make.conf; \
+    test -f "$m" && mv "$m" "$m.tmp" && mkdir "$m" && mv "$m.tmp" "$m/0100_crossdev.conf" )
+RUN <<'EOR'
+cat > /gentoo/usr/x86_64-pc-linux-gnu/etc/portage/make.conf/1000_make.conf << 'EOF'
+FEATURES="$FEATURES -news -sandbox -usersandbox -pid-sandbox -ipc-sandbox -network-sandbox -parallel-fetch"
+PORTDIR=/var/db/repos/gentoo
+DISTDIR=/var/cache/distfiles
+
+ACCEPT_KEYWORDS="-~$ARCH"
+CONFIG_SITE=/gentoo/usr/share/config.site  # Needed because --prefix for target != /gentoo/usr
+EOF
+cat > /gentoo/usr/x86_64-pc-linux-gnu/etc/portage/bashrc << 'EOF'
+export SOURCE_DATE_EPOCH=315532800  # 1980-01-01, because 0 is too old for zip files (e.g. python wheels)
+EOF
+mkdir -p /gentoo/usr/x86_64-pc-linux-gnu/etc/portage/env/dev-libs
+cat > /gentoo/usr/x86_64-pc-linux-gnu/etc/portage/env/dev-libs/libassuan << 'EOF'
+# https://bugs.gentoo.org/962780
+export GPGRT_CONFIG="$ESYSROOT/usr/bin/$CHOST-gpgrt-config"
+EOF
+cat > /gentoo/usr/x86_64-pc-linux-gnu/etc/portage/env/dev-libs/libgcrypt << 'EOF'
+# https://bugs.gentoo.org/963810
+export GPGRT_CONFIG="$ESYSROOT/usr/bin/$CHOST-gpgrt-config"
+EOF
+cat > /gentoo/usr/x86_64-pc-linux-gnu/etc/portage/env/dev-libs/libksba << 'EOF'
+# https://bugs.gentoo.org/963811
+export GPGRT_CONFIG="$ESYSROOT/usr/bin/$CHOST-gpgrt-config"
+EOF
+EOR
+
+# Work around an ebuild bug
+RUN ln -s /gentoo/lib/ld-linux.so.2 /lib  # https://bugs.gentoo.org/962756
+
+# Cross compile the new system
+RUN ( . /gentoo/etc/profile; USE=build x86_64-pc-linux-gnu-emerge -D1n sys-apps/baselayout )
+RUN ( . /gentoo/etc/profile; x86_64-pc-linux-gnu-emerge -DUu @world )
+
+# Create final rootfs
+RUN ( . /gentoo/etc/profile; ROOT=/target USE=build x86_64-pc-linux-gnu-emerge -KDU1n sys-apps/baselayout )
+RUN ( . /gentoo/etc/profile; ROOT=/target x86_64-pc-linux-gnu-emerge -KDUu @world )

gentoo-2025.8/Containerfile.live-bootstrap

@@ -0,0 +1,13 @@
+FROM scratch
+
+COPY seed/stage0-posix seed/*.* / 
+COPY steps /steps
+COPY <<EOF /steps/bootstrap.cfg
+CONFIGURATOR=False
+SWAP_SIZE=0
+FINAL_JOBS=8
+EOF
+RUN --network=none \
+    --mount=type=bind,src=./distfiles,dst=/external/distfiles,rw \
+    --mount=type=tmpfs,dst=/external/repo \
+    ["/bootstrap-seeds/POSIX/x86/kaem-optional-seed"]

gentoo-2025.8/build-live-bootstrap.sh

@@ -0,0 +1,4 @@
+#!/bin/sh
+d="$(dirname "$0")"
+
+buildah build -f "$d/Containerfile.live-bootstrap" -t live-bootstrap

gentoo-2025.8/build.sh

@@ -0,0 +1,3 @@
+#!/bin/sh
+mkdir -p distfiles
+buildah build -t live-bootstrap-gentoo --layers -v $PWD/distfiles:/var/cache/distfiles .

gentoo-2025.8/gentoo.txt

@@ -0,0 +1,379 @@
+# vim:set ft=sh:
+
+# Changelog:
+# - 2025.8:
+#   - Set up a proper gentoo install using prefix, by building a bunch of tools
+#     in a temporary prefix, and then cross-compiling a final prefix.
+#   - Use crossdev to build the final system.
+#   - Both of these changes make the instructions significantly more
+#     future-proof, although there's still a lot of bugs to fix upstream, and
+#     ways to lessen the amount of compilation needed.
+# - 2025:
+#   - Upstreamed portage patch
+#   - Cross-compile all packages in packages.build for the profile
+#     (this simplifies the steps afterwards significantly)
+#   - Pin to GCC 13 (gcc 14 isn't working...)
+#   - Future proofing by ignoring HTTPs certificates
+#     (portage verifies the checksums anyway)
+#   - Avoid using wget (need to set FETCHCOMMAND anyway...)
+#   - Future proofing by not hardcoding a python version
+# - 2024.8:
+#   - Rewrite bootstrap to avoid using LFS
+#   - Pin the repository version
+# - 2024:
+#   - Initial version
+
+# Overview of bootstrap:
+# step 0: Build live-bootstrap as a starting point
+# step 1: Install a temporary copy of portage to /tmp/portage
+# step 2: Setup a prefix-guest using the live-bootstrap toolchain, build a few additional tools
+# step 3: Set up a target prefix, build glibc, and a cross compiler targetting it
+# step 4: Build portage and necessary utilities for the target prefix
+# step 5: Switch to it and emerge the rest of @world
+# step 6: Install crossdev and build the final system
+
+# Build live-bootstrap
+git clone https://github.com/fosslinux/live-bootstrap
+git -C live-bootstrap checkout 63b24502c7e5bad7db5ee1d2005db4cc5905ab74
+git -C live-bootstrap submodule update --init --recursive --depth=1 --progress
+cd live-bootstrap
+python3 -m venv env
+env/bin/pip install -U --no-binary :all: pip
+env/bin/pip install -v --no-binary :all: requests
+./download-distfiles.sh
+#sudo -s  # if not root already
+umask 022
+env/bin/python ./rootfs.py -c --external-sources --cores $(nproc) -m ''
+umount target/dev/shm  # double mounted?
+umount target/dev/shm target/sys target/proc target/tmp
+
+# Optional: Back up the system
+rm -r target/dev/*  # allow extracting as non-root
+env -i chroot target tar --exclude='/external' --sort=name -cf /target.tar /
+env -i chroot target bzip2 -9v /target.tar
+mv target/external/repo .
+mv target/target.tar.bz2 .
+rm -rf target/external
+
+# Optional: Keep distfiles in one place
+mkdir -p target/var/cache/distfiles
+mount --bind distfiles target/var/cache/distfiles
+
+# Chroot into the live-bootstrap system
+cd target
+mount -t proc proc proc
+mount -t sysfs sysfs sys
+mount -t devtmpfs devtmpfs dev
+mount -t devpts devpts dev/pts
+env -i TERM="$TERM" chroot . /bin/bash -l
+
+umask 022
+source /steps/env
+cd /tmp
+
+# Optional: Configure additional mirrors for missing/removed distfiles
+# This is a space-separated list of URLs, but full paths to local directories
+#   can be added as well.
+export GENTOO_MIRRORS="/mirror http://distfiles.gentoo.org"
+
+mkdir -p /var/cache/distfiles; cd /var/cache/distfiles
+curl -LO http://gitweb.gentoo.org/proj/portage.git/snapshot/portage-3.0.68.tar.bz2
+curl -LO http://distfiles.gentoo.org/snapshots/squashfs/gentoo-20250801.xz.sqfs
+curl -LO https://github.com/plougher/squashfs-tools/archive/refs/tags/4.7.2/squashfs-tools-4.7.2.tar.gz
+cd /tmp
+# TODO: gentoo currently uses squashfs-tools-4.7, but that fails to build, upgraded to 4.7.2
+
+# Build squashfs-tools to extract the ::gentoo tree
+# TODO: Include in live-bootstrap proper
+tar xf /var/cache/distfiles/squashfs-tools-4.7.2.tar.gz
+cd squashfs-tools-4.7.2
+make -C squashfs-tools install \
+    INSTALL_PREFIX=/usr \
+    LZO_SUPPORT=0 LZ4_SUPPORT=0 ZSTD_SUPPORT=0
+cd ..
+rm -rf squashfs-tools-4.7.2
+
+# Make some additional root modifications
+cp /usr/include/asm-generic/mman.h /usr/include/asm  # needed by dev-libs/openssl
+
+# Unpack the ::gentoo tree
+unsquashfs /var/cache/distfiles/gentoo-20250801.xz.sqfs
+mkdir -p /var/db/repos
+rm -rf /var/db/repos/gentoo
+mv squashfs-root /var/db/repos/gentoo
+
+# Install temporary copy of portage
+tar xf /var/cache/distfiles/portage-3.0.68.tar.bz2
+ln -sfT portage-3.0.68 portage
+
+# Add portage user/group
+echo 'portage:x:250:250:portage:/var/tmp/portage:/bin/false' >> /etc/passwd
+echo 'portage::250:portage' >> /etc/group
+
+# Create cross repository
+mkdir -p /var/db/repos/cross/profiles
+echo cross > /var/db/repos/cross/profiles/repo_name
+mkdir -p /var/db/repos/cross/metadata
+printf '%s\n' 'masters = gentoo' 'thin-manifests = true' \
+    > /var/db/repos/cross/metadata/layout.conf
+mkdir -p /var/db/repos/cross/cross-base
+ln -sfT /var/db/repos/gentoo/sys-devel/binutils /var/db/repos/cross/cross-base/binutils
+ln -sfT /var/db/repos/gentoo/sys-devel/gcc /var/db/repos/cross/cross-base/gcc
+mkdir -p /var/db/repos/cross/cross-base/glibc
+printf '%s\n' EAPI=8 SLOT=0 KEYWORDS='"*"' > /var/db/repos/cross/cross-base/glibc/glibc-0.ebuild
+
+# Register i686-cross-linux-gnu toolchain
+echo cross-i686-cross-linux-gnu >> /var/db/repos/cross/profiles/categories
+ln -sfT cross-base /var/db/repos/cross/cross-i686-cross-linux-gnu
+
+# Configure prefix for host tools
+mkdir -p /cross/etc/portage/make.profile
+cat > /cross/etc/portage/make.profile/make.defaults << 'EOF'
+FETCHCOMMAND="curl -k --retry 3 -y 60 --ftp-pasv -o \"\${DISTDIR}/\${FILE}\" -L \"\${URI}\""
+RESUMECOMMAND="curl -C - -k --retry 3 -y 60 --ftp-pasv -o \"\${DISTDIR}/\${FILE}\" -L \"\${URI}\""
+FEATURES="-news -sandbox -usersandbox -pid-sandbox -ipc-sandbox -network-sandbox -parallel-fetch"
+BINPKG_COMPRESS=bzip2
+CLEAN_DELAY=0
+
+ARCH=x86
+ACCEPT_KEYWORDS="$ARCH"
+CHOST=i686-unknown-linux-musl
+IUSE_IMPLICIT="prefix prefix-guest kernel_linux elibc_musl elibc_glibc sparc m68k alpha amd64 x86"
+USE="prefix prefix-guest kernel_linux elibc_musl x86 python_targets_python3_13"
+
+C_INCLUDE_PATH="$EROOT/usr/include"
+CPLUS_INCLUDE_PATH="$EROOT/usr/include"
+LIBRARY_PATH="$EROOT/usr/lib"
+PKG_CONFIG_PATH="$EROOT/usr/lib/pkgconfig:$EROOT/usr/share/pkgconfig"
+LDFLAGS="-Wl,--disable-new-dtags,-rpath,$EPREFIX/usr/lib"
+EOF
+cat > /cross/etc/portage/repos.conf << 'EOF'
+[cross]
+location = /var/db/repos/cross
+EOF
+cat > /cross/etc/portage/package.use << 'EOF'
+dev-lang/perl minimal
+dev-libs/libxml2 -python
+sys-apps/file -seccomp
+sys-apps/util-linux -su
+cross-i686-cross-linux-gnu/gcc -sanitize -fortran openmp
+EOF
+cat > /cross/etc/portage/package.mask << 'EOF'
+sys-devel/binutils
+sys-devel/gcc
+EOF
+cat > /cross/etc/portage/make.profile/package.provided << 'EOF'
+sys-devel/binutils-2.27
+sys-devel/gcc-6.2
+app-arch/xz-utils-0
+EOF
+mkdir -p /cross/etc/portage/env/cross-i686-cross-linux-gnu
+cat > /cross/etc/portage/env/cross-i686-cross-linux-gnu/gcc << '_EOF'
+EXTRA_ECONF='--with-sysroot=/gentoo'
+post_src_install() {
+cat > "$ED/usr/lib/gcc/$CTARGET/specs" << 'EOF'
+*link:
++ %{!shared:%{!static:%{!static-pie:-dynamic-linker %{m64|mx32:;:/gentoo/lib/ld-linux.so.2}%{m64:/gentoo/lib64/ld-linux-x86-64.so.2}%{mx32:/gentoo/libx32/ld-linux-x32.so.2}}}}
+EOF
+}
+_EOF
+mkdir -p /cross/etc/portage/env/dev-lang
+cat > /cross/etc/portage/env/dev-lang/python << 'EOF'
+pre_src_prepare() {
+sed -i 's/\[MULTIARCH=\$(.*\]/[MULTIARCH=]/' configure.ac || die
+}
+EOF
+mkdir -p /cross/etc/portage/env/dev-build
+echo 'CFLAGS=-std=c17' > /cross/etc/portage/env/dev-build/make
+
+# TODO: Upgrade to findutils 4.9 for portage, and add pax-utils for "scanelf". Both of these are required by portage's `estrip`
+
+# Initialize environment
+PORTAGE_OVERRIDE_EPREFIX=/cross ./portage/bin/emerge -D1n sys-apps/baselayout
+echo 'PATH=/usr/bin' > /cross/etc/env.d/99host
+PORTAGE_OVERRIDE_EPREFIX=/cross ./portage/bin/env-update
+mkdir -p /cross/bin
+ln -sf /bin/sh /cross/bin  # Required by sys-devel/gcc
+ln -sf /bin/bash /cross/bin  # Required by eautoreconf
+
+# Build tools missing from/broken in live-bootstrap
+# TODO: Include in live-bootstrap proper
+PORTAGE_OVERRIDE_EPREFIX=/cross MAKEOPTS=-j1 ./portage/bin/emerge -D1n dev-build/make  # make in live-bootstrap has trouble with parallel builds under portage
+PORTAGE_OVERRIDE_EPREFIX=/cross ./portage/bin/emerge -D1n net-misc/rsync  # https://bugs.gentoo.org/963902
+
+# Configure target prefix
+mkdir -p /gentoo/etc/portage
+ln -sfT /var/db/repos/gentoo/profiles/default/linux/x86/23.0/i686/prefix/kernel-3.2+ /gentoo/etc/portage/make.profile
+cat > /gentoo/etc/portage/make.conf << 'EOF'
+FETCHCOMMAND="curl -k --retry 3 -y 60 --ftp-pasv -o \"\${DISTDIR}/\${FILE}\" -L \"\${URI}\""
+RESUMECOMMAND="curl -C - -k --retry 3 -y 60 --ftp-pasv -o \"\${DISTDIR}/\${FILE}\" -L \"\${URI}\""
+FEATURES="-news -sandbox -usersandbox -pid-sandbox -ipc-sandbox -network-sandbox -parallel-fetch"
+BINPKG_COMPRESS=bzip2
+CLEAN_DELAY=0
+
+PORTDIR=/var/db/repos/gentoo
+DISTDIR=/var/cache/distfiles
+PORTAGE_TMPDIR=/var/tmp
+
+CHOST=i686-cross-linux-gnu
+ACCEPT_KEYWORDS="-~$ARCH"
+USE=-nls
+INSTALL_MASK=/etc/env.d/99host
+EOF
+mkdir -p /gentoo/etc/portage/profile
+cat > /gentoo/etc/portage/profile/package.use << 'EOF'
+sys-devel/gcc -sanitize -fortran
+app-arch/gzip pic
+EOF
+cat > /gentoo/etc/portage/profile/package.accept_keywords << 'EOF'
+~net-misc/curl-8.15.0  # Fix bug that prevents --ftp-pasv from working
+EOF
+cat > /gentoo/etc/portage/bashrc << 'EOF'
+if [ "$CBUILD" = i686-unknown-linux-musl ]; then
+export BUILD_CFLAGS="-I$BROOT/usr/include"
+export BUILD_LDFLAGS="-L$BROOT/usr/lib -Wl,--disable-new-dtags,-rpath,$BROOT/usr/lib"
+export PKG_CONFIG_LIBDIR="$EROOT/usr/lib/pkgconfig:$EROOT/usr/share/pkgconfig"
+export PKG_CONFIG_SYSTEM_INCLUDE_PATH="$EROOT/usr/include"
+export PKG_CONFIG_SYSTEM_LIBRARY_PATH="$EROOT/lib:$EROOT/usr/lib"
+export CONFIG_SITE="$EROOT/etc/portage/config.site"
+fi
+EOF
+cat > /gentoo/etc/portage/config.site << 'EOF'
+ac_cv_file__dev_ptmx=yes  # dev-lang/python
+ac_cv_file__dev_ptc=no  # dev-lang/python
+gl_cv_func_strcasecmp_works=yes  # sys-apps/diffutils
+EOF
+mkdir -p /gentoo/etc/portage/env/dev-lang
+cat > /gentoo/etc/portage/env/dev-lang/python << '_EOF'
+if [ "$CBUILD" = i686-unknown-linux-musl ]; then
+pre_src_prepare() {
+sed -i 's/\[MULTIARCH=\$(.*\]/[MULTIARCH=]/' configure.ac || die
+}
+fi
+_EOF
+
+# Initialize prefix
+PORTAGE_OVERRIDE_EPREFIX=/gentoo USE=build ./portage/bin/emerge -D1n sys-apps/baselayout
+echo 'man:x:13:15:System user; man:/dev/null:/sbin/nologin' >> /gentoo/etc/passwd
+echo 'man:x:15:' >> /gentoo/etc/group
+# TODO: The acct-user and acct-group should create the groups honestly
+
+# Build libc and adapt compiler for target prefix
+# Usually, CC and CXX should be the CHOST compilers, to cross compile. However, they're compatible enough here.
+# Using --nodeps because the live-bootstrap environment is guaranteed to provide enough to build glibc
+PORTAGE_OVERRIDE_EPREFIX=/cross PORTAGE_CONFIGROOT=/gentoo EPREFIX=/gentoo CBUILD=i686-unknown-linux-musl CC=i686-unknown-linux-musl-gcc CXX=i686-unknown-linux-musl-g++ BOOTSTRAP_RAP=y ./portage/bin/emerge -O1n sys-kernel/linux-headers
+PORTAGE_OVERRIDE_EPREFIX=/cross PORTAGE_CONFIGROOT=/gentoo EPREFIX=/gentoo CBUILD=i686-unknown-linux-musl CC=i686-unknown-linux-musl-gcc CXX=i686-unknown-linux-musl-g++ BOOTSTRAP_RAP=y ./portage/bin/emerge -O1n sys-libs/glibc
+PORTAGE_OVERRIDE_EPREFIX=/cross ./portage/bin/emerge -D1n cross-i686-cross-linux-gnu/glibc  # Dummy package to use proper flags in gcc
+PORTAGE_OVERRIDE_EPREFIX=/cross ./portage/bin/emerge -D1n cross-i686-cross-linux-gnu/binutils  # TODO: cross-gcc doesn't depend on the right binutils
+PORTAGE_OVERRIDE_EPREFIX=/cross ./portage/bin/emerge -D1n cross-i686-cross-linux-gnu/gcc
+
+# Build compiler and initial tools for prefix
+PORTAGE_OVERRIDE_EPREFIX=/cross ./portage/bin/emerge -D1n sys-libs/ncurses  # https://bugs.gentoo.org/963660
+PORTAGE_OVERRIDE_EPREFIX=/cross ./portage/bin/emerge -D1n dev-lang/python  # TODO: dev-util/re2c requires dev-lang/python
+PORTAGE_OVERRIDE_EPREFIX=/cross PORTAGE_CONFIGROOT=/gentoo EPREFIX=/gentoo CBUILD=i686-unknown-linux-musl USE=build ./portage/bin/emerge -D1n \
+    app-alternatives/awk \
+    app-alternatives/gzip \
+    app-shells/bash \
+    dev-build/make \
+    sys-apps/coreutils \
+    sys-apps/diffutils \
+    sys-apps/grep \
+    sys-apps/portage \
+    sys-apps/sed \
+    sys-devel/binutils \
+    sys-devel/gcc \
+    sys-devel/patch
+
+# Finalize prefix
+/gentoo/usr/bin/emerge -DUu @world
+/gentoo/usr/bin/emerge -c
+
+# Optional: Back up
+tar --sort=name -cf /gentoo.tar /gentoo
+bzip2 -9v /gentoo.tar
+
+# Create a cross compiler
+/gentoo/usr/bin/emerge -Dn sys-devel/crossdev app-eselect/eselect-repository sys-apps/shadow
+( . /gentoo/etc/profile; eselect repository create crossdev )
+mkdir -p /gentoo/etc/portage/profile/package.use.mask
+printf 'cross-x86_64-pc-linux-gnu/%s -multilib cet\n' linux-headers glibc binutils gcc gdb > /gentoo/etc/portage/profile/package.use.mask/cross-x86_64-pc-linux-gnu.multilib
+( . /gentoo/etc/profile; crossdev -A 'amd64 x86' -S -P -v x86_64-pc-linux-gnu )
+
+# Configure new system
+( . /gentoo/etc/profile; PORTAGE_CONFIGROOT=/gentoo/usr/x86_64-pc-linux-gnu eselect profile set --force default/linux/amd64/23.0 )
+( m=/gentoo/usr/x86_64-pc-linux-gnu/etc/portage/make.conf; \
+    test -f "$m" && mv "$m" "$m.tmp" && mkdir "$m" && mv "$m.tmp" "$m/0100_crossdev.conf" )
+cat > /gentoo/usr/x86_64-pc-linux-gnu/etc/portage/make.conf/1000_make.conf << 'EOF'
+FEATURES="$FEATURES -news -sandbox -usersandbox -pid-sandbox -ipc-sandbox -network-sandbox -parallel-fetch"
+PORTDIR=/var/db/repos/gentoo
+DISTDIR=/var/cache/distfiles
+
+ACCEPT_KEYWORDS="-~$ARCH"
+CONFIG_SITE=/gentoo/usr/share/config.site  # Needed because --prefix for target != /gentoo/usr
+EOF
+cat > /gentoo/usr/x86_64-pc-linux-gnu/etc/portage/bashrc << 'EOF'
+export SOURCE_DATE_EPOCH=315532800  # 1980-01-01, because 0 is too old for zip files (e.g. python wheels)
+EOF
+mkdir -p /gentoo/usr/x86_64-pc-linux-gnu/etc/portage/env/dev-libs
+cat > /gentoo/usr/x86_64-pc-linux-gnu/etc/portage/env/dev-libs/libassuan << 'EOF'
+# https://bugs.gentoo.org/962780
+export GPGRT_CONFIG="$ESYSROOT/usr/bin/$CHOST-gpgrt-config"
+EOF
+cat > /gentoo/usr/x86_64-pc-linux-gnu/etc/portage/env/dev-libs/libgcrypt << 'EOF'
+# https://bugs.gentoo.org/963810
+export GPGRT_CONFIG="$ESYSROOT/usr/bin/$CHOST-gpgrt-config"
+EOF
+cat > /gentoo/usr/x86_64-pc-linux-gnu/etc/portage/env/dev-libs/libksba << 'EOF'
+# https://bugs.gentoo.org/963811
+export GPGRT_CONFIG="$ESYSROOT/usr/bin/$CHOST-gpgrt-config"
+EOF
+
+# Work around an ebuild bug
+ln -s /gentoo/lib/ld-linux.so.2 /lib  # https://bugs.gentoo.org/962756
+
+# Cross compile the new system
+( . /gentoo/etc/profile; USE=build x86_64-pc-linux-gnu-emerge -D1n sys-apps/baselayout )
+( . /gentoo/etc/profile; x86_64-pc-linux-gnu-emerge -DUu @world )
+
+# Create final rootfs
+( . /gentoo/etc/profile; ROOT=/target USE=build x86_64-pc-linux-gnu-emerge -KDU1n sys-apps/baselayout )
+( . /gentoo/etc/profile; ROOT=/target x86_64-pc-linux-gnu-emerge -KDUu @world )
+
+# Set up final system
+mkdir -p /target/etc/portage
+ln -sfT ../../var/db/repos/gentoo/profiles/default/linux/amd64/23.0 /target/etc/portage/make.profile
+echo 'nameserver 1.1.1.1' > /target/etc/resolv.conf
+echo 'C.UTF8 UTF-8' > /target/etc/locale.gen
+
+# This is the point where you have to move from the x86 system to an x86_64 system.
+# Make sure that you are running a x86_64 kernel before chrooting, or booting it.
+exit
+umount dev/pts dev sys proc
+umount var/cache/distfiles
+
+# Optional: Back up the system
+env -i chroot target tar --sort=name -cf /target-gentoo.tar /
+env -i chroot target bzip2 -9v /target-gentoo.tar
+mv target/target-gentoo.tar.bz2 ..
+
+# Copy ::gentoo repo and distfiles
+mkdir -p target/var/db/repos
+rsync -a var/db/repos/gentoo/ target/var/db/repos/gentoo
+rsync -a var/cache/distfiles/ target/var/cache/distfiles
+
+# Enter the final, x86_64 system
+cd target
+mount -t proc proc proc
+mount -t sysfs sysfs sys
+mount -t devtmpfs devtmpfs dev
+mount -t devpts devpts dev/pts
+env -i TERM="$TERM" chroot . /bin/bash -l
+
+umask 022
+
+# Initialize system and break dependency cycles
+ldconfig
+USE='-nls' emerge -1n sys-devel/gettext
+
+# Rebuild everything
+emerge -e @world