Microsoft ya wallafa sakin CBL-Mariner 1.0 (Common Base Linux Mariner), wanda aka yiwa alama a matsayin farkon sakin aikin. Ana haɓaka rarrabawar CBL-Mariner azaman dandamali na duniya don mahallin Linux da aka yi amfani da su a cikin kayan aikin girgije, tsarin gefe da sabis na Microsoft daban-daban. An yi aikin ne don haɗa hanyoyin magance Microsoft Linux da kuma sauƙaƙe kiyaye tsarin Linux don dalilai daban-daban har zuwa yau. Ana rarraba ci gaban aikin a ƙarƙashin lasisin MIT.
Rarraba yana ba da ƙaramin daidaitaccen tsari na fakiti na asali waɗanda ke aiki azaman tushen duniya don ƙirƙirar abubuwan da ke cikin kwantena, mahalli da sabis da sabis waɗanda ke gudana a cikin kayan aikin girgije da na'urori masu gefe. Za a iya ƙirƙirar ƙarin hadaddun mafita da na musamman ta hanyar ƙara ƙarin fakiti a saman CBL-Mariner, amma tushen duk irin waɗannan tsarin ya kasance iri ɗaya, yana sa kulawa da sabuntawa cikin sauƙi.
Misali, ana amfani da CBL-Mariner a matsayin tushen rarraba WSLg, wanda ke ba da abubuwan da suka dace don gudanar da aikace-aikacen Linux GUI a cikin mahalli dangane da tsarin WSL2 (Windows Subsystem don Linux). Mahimmancin wannan rarraba ba ya canzawa, kuma ana samun aikin fadadawa ta hanyar hada da ƙarin fakiti tare da Weston, XWayland, PulseAudio da FreeRDP composite uwar garken.
Tsarin ginin CBL-Mariner yana ba ku damar samar da fakitin RPM guda biyu dangane da fayilolin SPEC da lambar tushe, da kuma hotunan tsarin monolithic da aka samar ta amfani da kayan aikin rpm-ostree kuma an sabunta su ta atomatik ba tare da rarraba cikin fakiti daban ba. Dangane da haka, ana tallafawa samfuran isar da sabuntawa guda biyu: ta hanyar sabunta fakiti guda ɗaya da ta sake ginawa da sabunta hoton tsarin gaba ɗaya. Rarraba ya ƙunshi kawai abubuwan da suka fi dacewa kuma an inganta shi don ƙarancin ƙwaƙwalwar ajiya da amfani da sararin faifai, da kuma babban saurin lodawa. Rarraba kuma sananne ne don haɗa wasu ƙarin hanyoyin inganta tsaro.
Aikin yana ɗaukar hanyar "mafi girman tsaro ta tsohuwa". Yana yiwuwa a tace kiran tsarin ta amfani da tsarin seccomp, ɓoye ɓangarori na diski, da kuma tabbatar da fakiti ta amfani da sa hannu na dijital. A matakin ginawa, ana ba da kariya daga cunkoso da yawa, buffer overflow, da matsalolin tsara kirtani ta tsohuwa (_FORTIFY_SOURCE, -fstack-protector, -Wformat-security, relro). Hanyoyin bazuwar adireshi da ke goyan bayan kernel na Linux ana kunna su, da kuma hanyoyin kariya daga harin symlink, mmap, /dev/mem da /dev/kmem. Wuraren ƙwaƙwalwar ajiya waɗanda ke ƙunshe da ɓangarori tare da bayanan kernel da bayanai an saita su zuwa yanayin karantawa kawai kuma an haramta aiwatar da lambar. Wani zaɓi na zaɓi shine a kashe kayan aikin kernel na lodawa bayan fara tsarin. Ana amfani da kayan aikin iptables don tace fakitin cibiyar sadarwa.
Ba a bayar da hotunan ISO da aka riga aka yi ba. Ana ɗauka cewa mai amfani zai iya ƙirƙirar hoto tare da cikawa da ake bukata (an ba da umarnin taro don Ubuntu 18.04). Akwai ma'ajiyar fakitin RPM da aka riga aka gina, waɗanda za ku iya amfani da su don gina naku hotunan dangane da fayil ɗin sanyi. Wurin ajiya yana ba da fakiti kusan 3300. Misali, don gina cikakken hoton iso, kawai gudu: git clone https://github.com/microsoft/CBL-Mariner.git cd CBL-Mariner/toolkit sudo make iso REBUILD_TOOLS=y REBUILD_PACKAGES=n CONFIG_FILE=./imageconfigs /cikakken .json
Ana amfani da tsarin sarrafa tsarin don sarrafa ayyuka da taya. Don sarrafa fakiti, ana ba da manajojin fakitin RPM da DNF (bambance-bambancen tdnf daga vmWare). Sabar SSH baya kunna shiru. Don shigar da rarraba, an samar da mai sakawa wanda zai iya aiki a cikin duka rubutu da kuma yanayin hoto. Mai sakawa yana ba da zaɓi na shigarwa tare da cikakken ko ainihin saitin fakiti, kuma yana ba da hanyar sadarwa don zaɓar ɓangaren diski, zaɓar sunan mai watsa shiri, da ƙirƙirar masu amfani.
source: budenet.ru