Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
hjdjeiejd 2 days ago

This is on-brand.

There was a time that I used Gentoo, and may again one day, but for the past N years, I’ve not had time to compile everything from source, and compiling from source is a false sense of security, since you still don’t know what’s been compromised (it could be the compiler, etc.), and few have the time or expertise to adequately review all of the code.

It can be a waste of energy and time to compile everything from source for standard hardware.

But, when I’m retired, maybe I’ll use it again just for the heck of it. And I’m glad that Gentoo exists.

atrettel 2 days ago | parent | next [-]

At least when I used Gentoo, the point of compiling from source was more about customization than security. I remember having to set so many different options. It was quite granular. Now I just compile certain things from scratch and modify them as needed rather than having an entire system like Gentoo do that, but I do see the appeal to some people.

bombcar 2 days ago | parent | next [-]

This is exactly why I use it where I use it - on my servers. I don’t need to compile X or X support for programs that could have it, because they’re headless.

mikepurvis 2 days ago | parent | prev [-]

Nix is another route as far as a compile-from-source package manager with lots of options on many packages.

Cyph0n 2 days ago | parent [-]

I feel like most Gentoo folks probably moved over to Nix/NixOS.

The security argument for recompiling from source is addressed by the input addressed (sic) package cache. The customization aspect is mostly covered by Nix package overrides and overlays. You can also setup your own package cache.

filmor 2 days ago | parent | next [-]

I haven't. The Nix language makes no sense to me and there is still nothing akin to useflags. I don't want to override a bunch of packages just to make my system not pull in (e.g.) UI libraries.

mikepurvis a day ago | parent | prev [-]

Sibling comment aside, I could definitely picture it being a fairly narrow slice of folks who are ideologically motivated enough to choose a niche distro over Ubuntu, Debian, Fedora, or even Arch, but pragmatic enough to still prefer gentoo over Nix.

yjftsjthsd-h a day ago | parent | prev | next [-]

> I’ve not had time to compile everything from source,

Then use the official binary packages?

> and compiling from source is a false sense of security, since you still don’t know what’s been compromised (it could be the compiler, etc.), and few have the time or expertise to adequately review all of the code.

That would still leave you in a strictly better position, surely? Any other distro would pull the same code and build with compilers, so that attack surface exists regardless.

sgarland 2 days ago | parent | prev | next [-]

Granted, I wasn’t into Arch at the time, but in the mid-aughts, Gentoo’s forums were a massively useful resource for Linux knowledge in general. That’s why I used it, anyway. The joy of getting an obscure sound card (Chaintech AV-710) to work in Linux, and sharing that knowledge with others, was enough.

jimmaswell 2 days ago | parent | prev [-]

I use it on some systems so strong that most emerges hardly take much longer than a binary package install. It's pretty nice there.