On Sat, 15 Dec 2007 03:44:55 -0600, Dale wrote: > That is when you compile it on another machine then install it on the > laptop. The -K option comes to mind here.
Which is what I think the OP was talking about. If you install one of the *-bin packages from portage, you are protected by the checksums in the ebuild digest. But if you create a binary package repository, there is currently no means of applying the same protection. So if you are administering machines at different locations and want to keep a single binary package repository so you only build once (remember, production servers may not have gcc installed), there is no means of checking that the downloaded package has not been tampered with. This protection applies to ebuilds and distfiles but cannot be applied to packages you build yourself. > I also think that the "choice" is in what you install as far as programs > and the options they have available. Gentoo is Linux from Scratch with > a serious package manager. "Choice" is not about having binaries or > not. Also keep in mind that if a binary has something compiled in that > you don't want or need, you are stuck with it and its dependencies. This is not about precompiled packages from a distro. Portage already has the mechanism for "build once, install many", it is just lacking some of the safeguards at the install stage that are present for the build stage. -- Neil Bothwick Computers are like Old Testament gods; lots of rules and no mercy.
signature.asc
Description: PGP signature
