The first release of a custom Linux distribution carbonOS is presented, built using the atomic system layout model, in which the base environment is delivered as a single whole, not broken into separate packages. Additional applications are installed in Flatpak format and run in isolated containers. The size of the installation image is 1.7 GB. Project developments are distributed under the MIT license.
The contents of the base system are mounted in read-only mode to protect against modification in the event of a compromise (in addition, in the future they plan to integrate the ability to encrypt data and verify the integrity of files using digital signatures). The /usr/local partition is writable. The system update process boils down to loading a new system image in the background and switching to it after a restart. At the same time, the old system image is preserved and, if desired or problems arise, the user can return to the previous version at any time. During the development of the distribution, the stuffing of the system environment is assembled using the OSTree toolkit (the image is formed from a Git-like repository) and the BuildStream build system, without using packages from other distributions.
User-installed applications are isolated from each other in containers. In addition to installing Flatpak packages, the distribution also allows you to use the nsbox toolkit to create custom containers, which can also host traditional distribution environments such as Arch Linux and Debian. It also provides support for the podman toolkit, which provides compatibility with Docker containers. To install the distribution, a graphical installer and an interface for the initial system setup are offered.
Btrfs is used as a file system with compression of stored data enabled and snapshots actively used. Systemd-oomd is used to handle low memory situations in the system, and instead of a separate swap partition, swap-on-zram technology is used, which allows storing memory pages to be evicted in a compressed form. The distribution implements a centralized permissions management mechanism based on Polkit - sudo is not supported and the only way to execute commands as root is pkexec.
The project develops its own user environment GDE (Graphite Desktop Environment), based on GNOME 42 and including applications from the GNOME distribution. Among the differences from GNOME: upgraded login screen, configurator, volume and brightness indicators, panel and Graphite Shell. An application manager based on GNOME Software is used to manage the installation of system updates. PipeWire is used to process media streams. Built-in support for a variety of multimedia codecs is provided.
Source: opennet.ru