Check out Nix. Deterministic source derivations of pretty much anything you might want to build, trivially re-buildable from source by anyone. It takes seconds to install the "Nix Shell" on pretty much any of the modern OSes.
Now, to avoid the "Reflections On Trusting Trust" exploit, building the C compiler toolchain from known-good "root" compiler/linker toolchains, and then comparing the output vs. self-compilation is quite a bit harder.
Define "ordinary person", as plenty of people here have. However, there's very little difference between downloading a reproducible system that compiles everything on your machine and downloading a binary with a known checksum from a perspective of trust.
I used to use Gentoo, and I built my entire OS from source. I'm not extraordinary in any way, I'm just an ordinary person who has a deep interest in software and computers.
I've done two "stage one" builds of Gentoo. I'm not super skilled but, I had a lot of time and reference material. My bet is that folks could but would not want to. There is significant time cost.
Also, I'm still using one of those original builds on my laptop - upgraded of course...still mad love for my daily driver.
It's a pretty automated process. I'd estimate 1/10 of all people who can use a computer and install software at all could do it if they wanted to and had sufficient time.
Now, to avoid the "Reflections On Trusting Trust" exploit, building the C compiler toolchain from known-good "root" compiler/linker toolchains, and then comparing the output vs. self-compilation is quite a bit harder.