| 1 |
On Sat, 15 Dec 2007 03:44:55 -0600, Dale wrote: |
| 2 |
|
| 3 |
> That is when you compile it on another machine then install it on the |
| 4 |
> laptop. The -K option comes to mind here. |
| 5 |
|
| 6 |
Which is what I think the OP was talking about. If you install one of the |
| 7 |
*-bin packages from portage, you are protected by the checksums in the |
| 8 |
ebuild digest. But if you create a binary package repository, there is |
| 9 |
currently no means of applying the same protection. So if you are |
| 10 |
administering machines at different locations and want to keep a single |
| 11 |
binary package repository so you only build once (remember, production |
| 12 |
servers may not have gcc installed), there is no means of checking that |
| 13 |
the downloaded package has not been tampered with. This protection |
| 14 |
applies to ebuilds and distfiles but cannot be applied to packages you |
| 15 |
build yourself. |
| 16 |
|
| 17 |
> I also think that the "choice" is in what you install as far as programs |
| 18 |
> and the options they have available. Gentoo is Linux from Scratch with |
| 19 |
> a serious package manager. "Choice" is not about having binaries or |
| 20 |
> not. Also keep in mind that if a binary has something compiled in that |
| 21 |
> you don't want or need, you are stuck with it and its dependencies. |
| 22 |
|
| 23 |
This is not about precompiled packages from a distro. Portage already has |
| 24 |
the mechanism for "build once, install many", it is just lacking some of |
| 25 |
the safeguards at the install stage that are present for the build stage. |
| 26 |
|
| 27 |
|
| 28 |
-- |
| 29 |
Neil Bothwick |
| 30 |
|
| 31 |
Computers are like Old Testament gods; lots of rules and no mercy. |
Archives