Microsoft tau tshaj tawm qhov hloov tshiab rau cov khoom siv faib khoom CBL-Mariner 2.0.20221029 (Common Base Linux Mariner), uas tau tsim los ua lub hauv paus thoob ntiaj teb rau Linux ib puag ncig siv hauv huab vaj tse, ntug tshuab thiab ntau yam kev pabcuam Microsoft. Txoj haujlwm no yog tsom rau kev sib koom ua ke ntawm Linux cov kev daws teeb meem siv hauv Microsoft thiab ua kom yooj yim rau kev saib xyuas ntawm Linux systems rau ntau lub hom phiaj mus txog hnub. Txoj haujlwm tsim kho tau muab faib raws li daim ntawv tso cai MIT. Cov pob yog tsim rau aarch64 thiab x86_64 architectures. bootable ISO duab npaj (1.1 GB) rau x86_64 architecture.
Hauv qhov tshiab version:
- Hloov tshiab pob versions, suav nrog kev tshaj tawm ntawm Linux ntsiav 5.15.74, PHP 8.1.11, nodejs 16.17.1, cassandra 4.0.7, dbus 1.15.2, expat 2.5.0, mysql 8.0.31, terraform, 1.32.2.ti5.8.0. 3.4.16, wireshark 1.22.1, nginx XNUMX.
- Ntxiv cov pob tshiab cairomm 1.12.0, cpptest 1.1.2, k-exec-tools, kernel-drivers-gpu, libcroco 0.6.13, python-google-auth-oauthlib, sgx-backwards-compatability.
- Xws li modules hloov TCP congestion tswj algorithm (TCP Congestion).
- Kev kho qhov tsis zoo tau raug hloov mus rau libtar, tsis muaj kev cuam tshuam, aspell, libtiff, redis, livepatch, libtasn1, PHP, nodejs, dbus, expat, mod_wsgi, wireshark, nginx, mysql, terraform pob.
CBL-Mariner faib muab cov txheej txheem me me ntawm cov pob khoom yooj yim uas ua haujlwm raws li lub hauv paus rau kev tsim cov ntsiab lus ntawm cov thawv ntim khoom, cov chaw ib puag ncig thiab cov kev pabcuam uas khiav hauv huab infrastructures thiab ntawm ntug khoom. Ntau txoj kev daws teeb meem thiab tshwj xeeb tuaj yeem tsim los ntawm kev ntxiv cov pob khoom ntxiv rau saum CBL-Mariner, tab sis lub hauv paus rau tag nrho cov kab ke no tseem zoo ib yam, ua rau kev saib xyuas thiab hloov kho yooj yim dua. Piv txwv li, CBL-Mariner yog siv los ua lub hauv paus rau WSLg mini-distribution, uas muab cov duab kab ke rau kev khiav Linux GUI daim ntawv thov hauv ib puag ncig raws li WSL2 (Windows Subsystem rau Linux) subsystem. Kev ua haujlwm txuas ntxiv hauv WSLg tau pom los ntawm kev suav nrog cov pob ntxiv nrog Weston Composite Server, XWayland, PulseAudio thiab FreeRDP.
CBL-Mariner tsim cov txheej txheem tso cai rau koj los tsim ob qho tib si RPM pob khoom raws li SPEC cov ntaub ntawv thiab cov lej cim, nrog rau cov duab monolithic uas tsim los siv cov cuab yeej rpm-ostree thiab hloov kho atomically yam tsis muaj kev sib cais rau hauv cov pob khoom. Raws li, ob qho kev hloov pauv hloov tshiab tau txais kev txhawb nqa: los ntawm kev hloov kho cov pob khoom ntawm tus kheej thiab los ntawm kev tsim kho thiab hloov kho tag nrho cov duab hauv lub cev. Ib qhov chaw khaws cia ntawm kwv yees li 3000 pob khoom ua ntej RPM yog muaj uas koj tuaj yeem siv los tsim koj tus kheej cov duab raws li cov ntaub ntawv teeb tsa.
Kev faib khoom suav nrog tsuas yog cov khoom tsim nyog tshaj plaws thiab tau ua kom zoo rau qhov tsawg kawg nkaus nco thiab qhov chaw siv disk, nrog rau kev thauj khoom ceev. Qhov kev faib tawm kuj tseem ceeb rau kev suav nrog ntau yam ntxiv rau kev txhim kho kev ruaj ntseg. Qhov project yuav siv sij hawm "kev ruaj ntseg siab tshaj plaws los ntawm lub neej ntawd" mus kom ze. Nws muaj peev xwm lim cov xov tooj hu siv lub tshuab seccomp, encrypt disk partitions, thiab xyuas cov pob khoom siv kos npe digital.
Chaw nyob qhov chaw randomization hom kev txhawb nqa hauv Linux ntsiav tau qhib, nrog rau cov txheej txheem tiv thaiv kev tawm tsam symlink, mmap, /dev/mem thiab /dev/kmem. Cov chaw nco uas muaj ntu nrog cov ntsiav thiab cov ntaub ntawv module tau teeb tsa rau hom nyeem nkaus xwb thiab kev ua tiav code raug txwv. Ib qho kev xaiv xaiv yog los lov tes taw loading kernel modules tom qab pib qhov system. Cov khoom siv iptables yog siv los lim cov pob ntawv network. Thaum lub sij hawm tsim, kev tiv thaiv tawm tsam pawg overflows, tsis overflows, thiab txoj hlua formatting teeb meem yog enabled los ntawm lub neej ntawd (_FORTIFY_SOURCE, -fstack-protector, -Wformat-kev ruaj ntseg, relro).
Tus tswj hwm qhov systemd yog siv los tswj cov kev pabcuam thiab khau raj. RPM thiab DNF tus thawj tswj pob yog muab rau kev tswj pob. SSH server tsis tau qhib los ntawm lub neej ntawd. Txhawm rau nruab qhov kev faib tawm, tus installer yog muab uas tuaj yeem ua haujlwm hauv ob hom ntawv thiab duab. Lub installer muab cov kev xaiv ntawm kev txhim kho nrog ib tug tag nrho los yog yooj yim txheej ntawm tej pob khoom, thiab muaj ib tug interface rau xaiv ib tug disk muab faib, xaiv tus tswv lub npe, thiab tsim cov neeg siv.
Tau qhov twg los: opennet.ru