Microsoft ebipụtala ntọhapụ nke nkesa CBL-Mariner 1.0 (Common Base Linux Mariner), nke akara dị ka ntọhapụ izizi nke ọrụ ahụ. A na-emepụta nkesa CBL-Mariner dị ka usoro ntọala zuru ụwa ọnụ maka gburugburu Linux ejiri na akụrụngwa igwe ojii, sistemụ ihu na ọrụ Microsoft dị iche iche. Ebumnuche a bụ iji mee ka ngwọta Microsoft Linux dị n'otu na ime ka mmezi nke sistemụ Linux dị mfe maka ebumnuche dị iche iche ruo ugbu a. A na-ekesa mmepe nke ọrụ a n'okpuru ikikere MIT.
Nkesa nkesa na-enye obere nhazi ọkọlọtọ nke ngwugwu bụ isi nke na-eje ozi dị ka ihe ndabere zuru ụwa ọnụ maka ịmepụta ọdịnaya nke arịa, gburugburu ebe obibi na ọrụ na-agba ọsọ na akụrụngwa igwe ojii na n'akụkụ ngwaọrụ. Enwere ike ịmepụta ngwọta dị mgbagwoju anya na nke pụrụ iche site n'ịgbakwunye ngwugwu ndị ọzọ n'elu CBL-Mariner, ma ndabere maka usoro niile dị otú ahụ ka dị otu, na-eme ka mmezi na mmelite dị mfe.
Dịka ọmụmaatụ, a na-eji CBL-Mariner dị ka ntọala maka nkesa WSLg mini, nke na-enye ihe nchịkọta eserese maka ịme ngwa Linux GUI na gburugburu dabere na WSL2 (Windows Subsystem for Linux). Isi nke nkesa a adịghị agbanwe agbanwe, a na-enwetakwa ọrụ agbasawanye site na ntinye nke ngwugwu ndị ọzọ na Weston, XWayland, PulseAudio na FreeRDP composite server.
Sistemụ wuo CBL-Mariner na-enye gị ohere ịmepụta ngwugwu RPM nke ọ bụla dabere na faịlụ SPEC na koodu isi mmalite yana onyonyo sistemụ monolithic emepụtara site na iji ngwa rpm-ostree wee na-emelite nke ọma na-enweghị ikewa n'ime ngwugwu dị iche iche. N'ihi ya, a na-akwado ụdị nnyefe mmelite abụọ: site na imelite ngwugwu onye ọ bụla yana site na iwughachi na imelite onyonyo sistemụ niile. Nkesa na-agụnye naanị ihe ndị kachasị mkpa ma bụrụ nke kachasị maka ebe nchekwa dị ntakịrị na ohere ohere diski, yana nnukwu nbudata ọsọ. Nkesa ahụ bụkwa ihe ama ama maka ntinye nke usoro ndị ọzọ dị iche iche iji kwalite nchekwa.
Ihe oru ngo a na-ewe uzo "nchekwa kacha elu site na ndabara". Ọ ga-ekwe omume inyocha oku sistemu site na iji usoro seccomp, zoo akụkụ diski, wee nyochaa ngwugwu site na iji mbinye aka dijitalụ. N'ebe a na-ewu ụlọ, a na-akwado nchebe pụọ na njupụta njupụta, ihe nkpuchi, na nsogbu nhazi eriri (_FORTIFY_SOURCE, -fstack-protector, -Wformat-security, relro). A na-arụ ọrụ ụdịdị oghere randomization nke akwadoro na Linux kernel, yana usoro nchebe megide mwakpo symlink, mmap, /dev/mem na /dev/kmem. Edobere mpaghara ebe nchekwa nwere akụkụ nwere data kernel na modul ka ọ bụrụ naanị usoro ọgụgụ yana amachibidoro mmebe koodu. Nhọrọ nke nhọrọ bụ ka ị gbanyụọ modul kernel loading ka mmalite usoro. A na-eji ngwa iptables enyocha ngwugwu netwọkụ.
A naghị enye foto ISO emegoro mbụ. A na-eche na onye ọrụ nwere ike ịmepụta ihe oyiyi na ihe dị mkpa na-ejuputa n'onwe ya (nyere ntụziaka mgbakọ maka Ubuntu 18.04). Ebe nchekwa nke ngwugwu RPM ewuruburu dị, nke ị nwere ike iji wuo onyonyo nke gị dabere na faịlụ nhazi. Ebe nchekwa ahụ na-enye ihe dị ka ngwugwu 3300. Dịka ọmụmaatụ, iji wuo onyonyo iso zuru oke, gbaa ọsọ: git clone https://github.com/microsoft/CBL-Mariner.git cd CBL-Mariner/toolkit sudo make iso REBUILD_TOOLS=y REBUILD_PACKAGES=n CONFIG_FILE=./imageconfigs / zuru .json
A na-eji sistemu njikwa sistemụ jikwaa ọrụ yana buut. Maka njikwa ngwugwu, ndị njikwa ngwugwu RPM na DNF (tdnf variant sitere na vmWare) ka enyere. Ihe nkesa SSH anaghị agbanye na nzuzo. Iji wụnye nkesa, a na-enye ihe nrụnye nke nwere ike ịrụ ọrụ na ederede na ụdị eserese. Onye nrụnye na-enye nhọrọ nke ịwụnye na ngwugwu zuru ezu ma ọ bụ nke bụ isi, ma na-enye interface maka ịhọrọ akụkụ diski, ịhọrọ aha nnabata, na ịmepụta ndị ọrụ.
isi: opennet.ru