hosted by liquidweb

Go Back   Web Hosting Talk : Web Hosting Main Forums : Dedicated Server : Source code or compiling

Forum Jump

Source code or compiling

Reply Post New Thread In Dedicated Server Subscription
Send news tip View All Posts Thread Tools Search this Thread Display Modes
New Member
Join Date: Jan 2007
Posts: 2

Source code or compiling


It would like to know what he is safer to initiate the server, get all the sources codes and to compile or to the packages with apt-get direct?


Sponsored Links
Join Date: Dec 2005
Location: Internet
Posts: 1,324
There is no safety problems for both the ways. If you use source codes, you will be able to define the path of the binaries and configuration files. If you use apt-get, you can install the necessary packages very easily.

Junior Guru Wannabe
Join Date: Dec 2006
Location: Missoula,MT
Posts: 45
Really, it's a personal preference

Originally Posted by CarlAndr
It would like to know what he is safer to initiate the server, get all the sources codes and to compile or to the packages with apt-get direct?
I am often conflicted with this, as I really enjoy using vendor tested and supplied binaries, especially from MySQL. On the other hand, if you want to upgrade to a newer version and maintain the older version or if you have some non-standard build options/parameters not included in the base RPM, you may well want to approach building from source.

It comes down to a couple different options when wanting to install custom compiled software.

1. You can build from source and install, typically using the configure/make/make install paradigm.

2. You can install, in my case because I use RedHat, a source RPM and then modify it to reflect the paths and build options you want. Then you simply rebuild the RPM then install it. You can also have specific build RPMs of apache/php/mysql and others that you place into a system like apt-get or yum or up2date, really, they can be repositories of binaries that you have custom built and act as a means for a cenrtal build server, that comes in very handy if you have multiple machines.

Method 2 is nice if you have several machines, all with an identical builds/architectures and you like maintaining RPMs. Otherwise, if you prefer a very fine grained control to how you build and where you install the software, go with a custom compile.

There are certain distros of Unix/Linux that cater to the different preferences. A typical BSD system uses the ports system, which is an automated means for pulling down and compiling from source. While RPM based systems like RedHat/CentOS/Fedora use prebuilt binaries. I also know some folks that really like Gentoo Linux, as it has very nice controls for automating builds, but does them all in a BSD-style way.

As far as your question about "safer", I'd say that if you rely on a vendor for an RPM update for a security flaw, and don't have the means to patch and/or recompile and install again, it *may* be less secure, simply in that your boxes have compromised software hanging out there for less time than others.

SupportLayer - Enterprise Linux Server Management

Sponsored Links
Junior Guru
Join Date: Nov 2006
Location: College Station, TX
Posts: 185
Vendor RPMs are signed with a GPG-key typically. (I'm not sure how apt-get does things, as I haven't used a Debian distro in years...) The repository that you download those packages from also has a key. First the repository key is verified, and then the individual RPM keys that pertain to the packages can be verified. This means that the releases you get from a repository are just as safe as compiling and installing the source code... and it's 100x easier to deal with RPMs than it is to deal with upgrading source installations.

Community Guide
Join Date: Nov 2005
Location: Minneapolis, MN
Posts: 1,646
Most everyone would agree that keeping current on software patches and updates is a vital step for overall server security. That said, which are you most likely to do:

Option 1: Grab the source code for all of the packages you want, define all your compile-time options (and record them so that you can recompile later), and track the project status for each program for when new critical patches and bug fixes are released so you can feed the changes back into the source and recompile.

Option 2: Occasionally type "apt-get update" and then "apt-get upgrade" to keep your packages up to date.

Eric Spaeth
Enterprise Network Engineer :: Hosting Hobbyist :: Master of Procrastination
"The really cool thing about facts is they remain true regardless of who states them." -SpaethCo

Predatory Poster
Join Date: Jul 2003
Location: Goleta, CA
Posts: 5,550
It depends on what your goals are. Packages are generally better than source in a production environment because they are back ported with security fixes. This means stability for your system. For example, apache has from time to time rewritten their interface and configuration so that newer versions conflict with configurations used for the older versions. Back porting allows production systems to maintain the old interfaces but incorporate the new security updates (effectively tweaking the old version of the software)

I understand why they don't increment the version number since it's not officially the new version. However, this can cause false positives on security scanners that check based on version number.

Conversely, source code compiling can break dependencies with other applications.

New Member
Join Date: Jan 2007
Posts: 2
Thanks my friends.

I caught another server with the Red Hat.

I go to use up2date and yum. It takes that everything is functioning very well.

One more time, thanks for the tips.

I find that I do not go to have problems in using the packages.


Junior Guru Wannabe
Join Date: Jun 2006
Posts: 57
I normally read all of the change logs and the forums of vendors (if they have one) for any problems that people may get. I'll only upgrade the crucial things which I know what source code changes are and will only then update the software.

using apt-get or yum is actually relatively fast and efficient, so I'll stick with that unless you know exactly what your doing

ServerTweak Networks, LLC >>
Experience the fastest network and superior servers, feel the power of ServerTweak!
Fremont, CA DataCenter | Dedicated Servers | Colocation | Cross Connects | 1/4 - Full Cab Sales


Related posts from
Title Type Date Posted
Libscore Launches to Help Developers Track Popularity of Open Source Code Web Hosting News 2014-12-17 15:06:10
Microsoft Open Sources the Entire .NET framework, Sets Plans for Linux Distributions Web Hosting News 2014-11-13 09:03:00
Web Hosting Sales and Promos Roundup - May 2, 2014 Web Hosting News 2014-05-23 16:54:17
Web Hosting Sales and Promos Roundup - April 4, 2014 Web Hosting News 2014-05-23 15:42:22
Cloudant Merges BigCouch Code into Apache Open Source Database Web Hosting News 2013-07-22 17:55:14

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Postbit Selector

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump
Log in with your username and password

Forgot Password?
WHT Host Brief Email:

We respect your privacy. We will never sell, rent, or give away your address to any outside party, ever.

Web Hosting News:
WHT Membership
WHT Membership



Welcome to

Create your username to jump into the discussion! is the largest, most influentual web hosting community on the Internet. Join us by filling in the form below.

(4 digit year)

Already a member?