Microsoft ebipụtala mmelite na nkesa CBL-Mariner 1.0.20210901 (Common Base Linux Mariner), bụ nke a na-emepe emepe dị ka ebe ndabere zuru ụwa ọnụ maka gburugburu Linux ejiri na akụrụngwa ígwé ojii, usoro ihu na ọrụ Microsoft dị iche iche. Ebumnuche a bụ ime ka usoro Linux dị n'otu na Microsoft dị mfe ma dị mfe nhazi nke sistemụ Linux maka ebumnuche dị iche iche ruo ugbu a. A na-ekesa mmepe nke ọrụ a n'okpuru ikikere MIT.
Na mwepụta ọhụrụ:
- Nhazi nke isi onyonyo iso (700 MB) amalitela. Na ntọhapụ nke mbụ, enyeghị ihe oyiyi ISO emebere emebere; e chere na onye ọrụ nwere ike ịmepụta ihe oyiyi nwere njuputa dị mkpa (nhazi ntuziaka maka Ubuntu 18.04).
- E mejuputara nkwado maka mmelite ngwugwu akpaka, nke etinyere ngwa Dnf-Automatic.
- Emelitela kernel Linux ka ọ bụrụ ụdị 5.10.60.1. Ụdị mmemme emelitere, gụnyere openvswitch 2.15.1, golang 1.16.7, logrus 1.8.1, tcell 1.4.0, gonum 0.9.3, na-agba akaebe 1.7.0, crunchy 0.4.0, xz 0.5.10, swig 4.0.2. 4.4, squashfs-ngwaọrụ 8.0.26, mysql XNUMX.
- OpenSSL na-enye nhọrọ iji weghachi nkwado maka TLS 1 na TLS 1.1.
- Iji lelee koodu isi mmalite nke ngwa ngwa, a na-eji uru sha256sum.
- Ngwunye ọhụrụ gụnyere: wdgd-ngwaọrụ, kokpiiti, inyeaka, fipscheck, tini.
- E wepụrụ akara ngosi brp-strip-debug, brp-strip-enweghị mkpa na ca-legacy ngwugwu. E wepụrụ faịlụ SPEC maka ngwungwu Dotnet na aspnetcore, nke ndị otu mmepe isi .NET na-achịkọta ugbu a ma tinye ya na ebe nchekwa dị iche.
- Ebugharịla ndozi adịghị ike na ụdị ngwugwu ejiri.
Ka anyị cheta na nkesa CBL-Mariner na-enye obere nchịkọta ọkọlọtọ nke nchịkọta bụ isi nke na-eje ozi dị ka ihe ndabere zuru ụwa ọnụ maka ịmepụta ọdịnaya nke arịa, gburugburu ebe obibi na ọrụ na-agba ọsọ na igwe ojii na ngwaọrụ ihu. Enwere ike ịmepụta ngwọta dị mgbagwoju anya na nke pụrụ iche site n'ịgbakwunye ngwugwu ndị ọzọ n'elu CBL-Mariner, ma ndabere maka usoro niile dị otú ahụ ka dị otu, na-eme ka mmezi na mmelite dị mfe. Dịka ọmụmaatụ, a na-eji CBL-Mariner dị ka ntọala maka nkesa WSLg mini, nke na-enye ihe nchịkọta eserese maka ịme ngwa Linux GUI na gburugburu dabere na WSL2 (Windows Subsystem for Linux). A na-arụ ọrụ agbatịkwuru na WSLg site na ntinye nke ngwugwu ndị ọzọ na Weston Composite Server, XWayland, PulseAudio na FreeRDP.
Sistemụ nrụpụta CBL-Mariner na-enye gị ohere ịmepụta ngwugwu RPM nke ọ bụla dabere na faịlụ SPEC na koodu isi mmalite, yana onyonyo sistemụ monolithic emepụtara site na iji ngwa rpm-ostree wee na-emelite nke ọma na-enweghị ikewa n'ime ngwugwu dị iche iche. N'ihi ya, a na-akwado ụdị nnyefe mmelite abụọ: site na imelite ngwugwu onye ọ bụla yana site na iwughachi na imelite onyonyo sistemụ niile. Ebe nchekwa ihe dị ka ngwungwu RPM 3000 ewuruburu dị nke ị nwere ike iji wuo onyonyo nke gị dabere na faịlụ nhazi.
Nkesa na-agụnye naanị ihe ndị kachasị mkpa ma bụrụ nke kachasị maka ebe nchekwa dị ntakịrị na ohere ohere diski, yana nnukwu nbudata ọsọ. Nkesa ahụ bụkwa ihe ama ama maka ntinye nke usoro ndị ọzọ dị iche iche iji kwalite nchekwa. Ihe oru ngo a na-ewe uzo "nchekwa kacha elu site na ndabara". Ọ ga-ekwe omume inyocha oku sistemu site na iji usoro seccomp, zoo akụkụ diski, wee nyochaa ngwugwu site na iji mbinye aka dijitalụ.
A na-arụ ọrụ ụdịdị oghere randomization nke akwadoro na Linux kernel, yana usoro nchebe megide mwakpo symlink, mmap, /dev/mem na /dev/kmem. Edobere mpaghara ebe nchekwa nwere akụkụ nwere data kernel na modul ka ọ bụrụ naanị usoro ọgụgụ yana amachibidoro mmebe koodu. Nhọrọ nke nhọrọ bụ ka ị gbanyụọ modul kernel loading ka mmalite usoro. A na-eji ngwa iptables enyocha ngwugwu netwọkụ. N'ebe a na-ewu ụlọ, a na-akwado nchebe pụọ na njupụta nke njupụta, ihe nkpuchi, na nsogbu nhazi eriri (_FORTIFY_SOURCE, -fstack-protector, -Wformat-security, relro).
A na-eji sistemu njikwa sistemụ jikwaa ọrụ yana buut. Maka njikwa ngwugwu, ndị njikwa ngwugwu RPM na DNF (tdnf variant sitere na vmWare) ka enyere. Enweghị ihe nkesa SSH na ndabara. Iji wụnye nkesa, a na-enye ihe nrụnye nke nwere ike ịrụ ọrụ na ederede na ụdị eserese. Onye nrụnye na-enye nhọrọ nke ịwụnye na ngwugwu zuru ezu ma ọ bụ nke bụ isi, ma na-enye interface maka ịhọrọ akụkụ diski, ịhọrọ aha nnabata, na ịmepụta ndị ọrụ.
isi: opennet.ru