this post was submitted on 30 Dec 2024
32 points (88.1% liked)

Linux

48954 readers
767 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

I looked up specifically examples of this and didn't find answers, they're buried in general discussions about why compiling may be better than pre-built. The reasons I found were control of flags and features, and optimizations for specific chips (like Intel AVX or ARM Neon), but to what degree do those apply today?

The only software I can tell benefits greatly from building from source, is ffmpeg since there are many non-free encoders decoders and upscalers that can be bundled, and performance varies a lot between devices due to which of them is supported by the CPU or GPU. For instance, Nvidia hardware encoders typically produce higher quality video for similar file sizes than ones from Intel AMD or Apple. Software encoders like x265 has optimizations for AVX and NEON (SIMD extensions for CPUs).

you are viewing a single comment's thread
view the rest of the comments
[–] corsicanguppy@lemmy.ca 4 points 1 week ago* (last edited 1 week ago)

didn’t find answers [:] they’re buried in general discussions about why compiling may be better than pre-built. The reasons I found were control of flags and features, and optimizations for specific chips (like Intel AVX or ARM Neon), but to what degree do those apply today?

You won't build and install directly from source in any proper enterprise environment, simply because validation breaks and (provably) consistency goes with it; and that takes out reliability.

Even accounting for the gains when you're tuning stuff, or even when it's a home build, or even when it's a kernel build and you're removing or adding drivers or tunable defaults, ultimately you will be building a package as a portable artefact to be submitted for testing or pulled out of backups for easy re-install. Especially when kernel builds take a long time, and even when you're using makefiles for much of it, you're STILL going to be building a package, only so you have the process encoded and repeatable and so you don't have to re-make if it all works (more an issue when building a kernel package took 25 hours, but you get the idea).

So. In short, if someone's telling you to compile into production from source, it's still a security risk and it's also inefficient past the N=1 stage. Irresponsible for TWO reasons, then.

Edit. I coordinated with Support while I was doing Security work in ~2005. You wanna know how to piss off your support worker and fast-track a ticket to 'no repro' death? "I compiled it on the machine from source ..." and that goes for paid support or gitlab project volunteer support.