Microsoft ya buga sabuntawa na farko na sabon reshe na rarraba CBL-Mariner 2.0 (Common Base Linux Mariner), wanda ake haɓaka shi azaman dandamali na duniya don mahallin Linux da aka yi amfani da shi a cikin kayan aikin girgije, tsarin gefe da sabis na Microsoft daban-daban. An yi aikin ne don haɗa hanyoyin magance Linux da ake amfani da su a cikin Microsoft da sauƙaƙe kiyaye tsarin Linux don dalilai daban-daban har zuwa yau. Ana rarraba ci gaban aikin a ƙarƙashin lasisin MIT. An samar da fakitin ginin don gine-ginen aarch64 da x86_64.
Sabuwar sakin sanannen sanannen abu ne don gagarumin ɗaukaka nau'ikan shirin. Ciki har da sabbin sigogin Linux kernel 5.15 (a cikin reshen 1.0 an yi amfani da 5.4 kernel), systemd 250, glibc 2.35, GCC 11.2, clang 12, Python 3.9, ruby 3.1.2, rpm 4.17, 6.1 per 5.34. , Ostree 2022.1. Ma'ajiyar asali ta ƙunshi abubuwan GUI kamar Wayland 1.20, Mesa 21.0, GTK 3.24 da X.Org Server 1.20.10, waɗanda a baya aka tura su cikin ma'ajiyar coreui daban. Ƙara kernel yana ginawa tare da facin PREEMPT_RT don amfani a cikin tsarin lokaci-lokaci.
Rarraba CBL-Mariner yana ba da ƙaramin daidaitaccen tsari na fakiti na asali waɗanda ke aiki azaman tushen duniya don ƙirƙirar abubuwan da ke cikin kwantena, mahalli da sabis da sabis waɗanda ke gudana a cikin kayan aikin girgije da na'urori masu gefe. Za a iya ƙirƙirar ƙarin hadaddun mafita da na musamman ta hanyar ƙara ƙarin fakiti a saman CBL-Mariner, amma tushen duk irin waɗannan tsarin ya kasance iri ɗaya, tabbatarwa da sabuntawa cikin sauƙi. Misali, ana amfani da CBL-Mariner a matsayin tushen rarraba WSLg, wanda ke ba da abubuwan haɗin zane-zane don gudanar da aikace-aikacen Linux GUI a cikin mahalli dangane da tsarin WSL2 (Windows Subsystem don Linux). Extended ayyuka a cikin WSLg ana samun su ta hanyar haɗa ƙarin fakiti tare da Weston Composite Server, XWayland, PulseAudio da FreeRDP.
Tsarin ginin CBL-Mariner yana ba ku damar samar da fakitin RPM guda biyu dangane da fayilolin SPEC da lambar tushe, da kuma hotunan tsarin monolithic da aka samar ta amfani da kayan aikin rpm-ostree kuma an sabunta su ta atomatik ba tare da raba cikin fakiti daban ba. Dangane da haka, ana tallafawa samfuran isar da sabuntawa guda biyu: ta hanyar sabunta fakiti guda ɗaya da ta sake ginawa da sabunta hoton tsarin gaba ɗaya. Akwai ma'aji na kusan fakitin RPM 3000 da aka riga aka ginawa waɗanda za ku iya amfani da su don gina naku hotunan dangane da fayil ɗin sanyi.
Rarraba ya ƙunshi kawai abubuwan da suka fi dacewa kuma an inganta shi don ƙarancin ƙwaƙwalwar ajiya da amfani da sarari diski, da kuma babban saurin lodawa. Rarraba kuma sananne ne don haɗa ƙarin hanyoyin haɓaka daban-daban don haɓaka tsaro. Aikin yana ɗaukar hanyar "mafi girman tsaro ta tsohuwa". Yana yiwuwa a tace kiran tsarin ta amfani da tsarin seccomp, ɓoye ɓangarori na diski, da kuma tabbatar da fakiti ta amfani da sa hannu na dijital.
Hanyoyin bazuwar adireshi da ke goyan bayan kernel na Linux ana kunna su, da kuma hanyoyin kariya daga harin symlink, mmap, /dev/mem da /dev/kmem. Wuraren ƙwaƙwalwar ajiya waɗanda ke ƙunshe da ɓangarori tare da bayanan kernel da bayanai an saita su zuwa yanayin karantawa kawai kuma an haramta aiwatar da lambar. Zaɓin zaɓi shine musaki kayan aikin kwaya bayan ƙaddamar da tsarin. Ana amfani da kayan aikin iptables don tace fakitin cibiyar sadarwa. A matakin ginawa, ana ba da kariya daga cunkoso mai yawa, buffer overflow, da matsalolin tsara kirtani ta tsohuwa (_FORTIFY_SOURCE, -fstack-protector, -Wformat-security, relro).
Ana amfani da tsarin sarrafa tsarin don sarrafa ayyuka da taya. Ana ba da masu sarrafa fakitin RPM da DNF don sarrafa fakitin. Ba a kunna uwar garken SSH ta tsohuwa ba. Don shigar da rarraba, an samar da mai sakawa wanda zai iya aiki a cikin duka rubutu da kuma yanayin hoto. Mai sakawa yana ba da zaɓi na shigarwa tare da cikakken ko ainihin saitin fakiti, kuma yana ba da damar dubawa don zaɓar ɓangaren diski, zaɓar sunan mai watsa shiri, da ƙirƙirar masu amfani.
source: budenet.ru