Re: OpenBSD 5.1 i386- ports vs packages

Sat, 05 May 2012 19:11:03 -0700 

On 6 May 2012 01:15, Dimitry T <[email protected]> wrote:
> After a long reading I am still confused. On OpenBSD FAQ recommend to use
packages, most users speak the same, but some speak that it is safer to
compile programs from ports and then programs have better performance. Did I
get the better performance of the program on my hardware if i compile that
program on my hardware from ports? I try to compare md5 of package compiled
from ports with package downloaded from package server, and values b b do not
match. Surely I wrong somewhere, but I would like someone to explain me
packages vs ports.

If you wanted to get better performance, then you would have to change
something for your compile, so that it's different from what the
creator of the corresponding package did. In other words, you'd have
to fiddle with various knobs. Particularly on modern hardware, the
performance gain you might achieve by doing this is likely going to be
slight and probably unnoticeable  if there even is any gain at all.
However, by fiddling with all and sundry knobs and parameters, and
leaving out various stuff, you'll stand an excellent chance of subtly
or not so subtly breaking stuff and @misc generally loves it when
people who have shot themselves in the foot by doing something
unnecessary and ill advised come asking for help. Basically and I'm
not sure if it was Nick who first said it in the FAQ somewhere
basically, if you break things, you get to keep all the pieces. I seem
to remember seeing this mentioned on @misc a real long time ago:
http://funroll-loops.info/ And I believe this is relevant as well:
http://www.youtube.com/watch?v=xCIF6JF1O5U The OpenBSD packages.
Pre-tuned by Canadian engineers.

As for security, since the Openbsd.org packages and ports both come
from the same source, there's no security advantage of ports over
packages unless you don't trust OpenBSD.org and actually read all of
the source code you compile (and, by the way, do the same for your
whole compiler toolchain).

There are all kinds of reasons why the hashes of your self-compiled
ports and pre-made packaged might not match. In particular, your
compiler toolchain might slightly differ from what the package
maintainer used. Even using an identical toolchain on different
hardware could in some cases produce different results. With larger
and more complex compiles, I would expect it to be relatively rare
that the actual hashes will end up matching.

For learning about the process, fiddling and compiling and hacking
away with mad abandon can be great. But for when you're just
interested in running a quality end product? Heck, no.

regards,
--ropers

Reply via email to