On 04/13/2016 09:50 AM, Reindl Harald wrote: > > enough problems by wasting time if you have to maintain 10, 20, 30 or > more servers and in case of problems need fast downgrades - especially > if you run virtual machines where all the compile jobs share hardware
emerge --buildpkg will create a binary package that you can instantly downgrade to with emerge --usepkg > besides that on a production server no compilers should be installed at > all - the generation of malware which compiles itself is only a question > of time I'm not convinced that an attacker who can execute commands on your server is more dangerous when one of those commands is `gcc`. > > what gentoo would need to solve for professional environemnts is that > you have one machine which pulls the updates, compiles them and apckage > them in a way all other machines in the network can pull and apply them > in precompiled from over ftp, http or whatever network protocol > As you wish: https://wiki.gentoo.org/wiki/Binary_package_guide
