Microsoft yakaburitsa yekutanga yakagadzika gadziriso yebazi idzva rekugovera CBL-Mariner 2.0 (Common Base Linux Mariner), iri kuvandudzwa senzvimbo yepasirese chikuva cheLinux nharaunda dzinoshandiswa mumakore, edge masisitimu uye akasiyana masevhisi eMicrosoft. Iyo purojekiti ine chinangwa chekubatanidza Microsoft Linux mhinduro uye kurerutsa kuchengetedza kweLinux masisitimu ezvinangwa zvakasiyana kusvika parizvino. Zviitiko zveprojekiti zvakagoverwa pasi peMIT rezenisi. Pakeji inovaka inogadzirirwa aarch64 uye x86_64 zvivakwa.
Kuburitswa kutsva kwakakosha pakuvandudza kwakakosha kweshanduro dzechirongwa. Kusanganisira shanduro dzakagadziridzwa dzeLinux kernel 5.15 (mubazi 1.0 iyo 5.4 kernel yakashandiswa), systemd 250, glibc 2.35, GCC 11.2, clang 12, Python 3.9, ruby ββββ3.1.2, rpm 4.17, 6.1. , ostree 5.34. Iyo core repository inosanganisira GUI zvikamu zvakaita seWayland 2022.1, Mesa 1.20, GTK 21.0 uye X.Org Server 3.24, izvo zvakambotumirwa mune yakaparadzana coreui repository. Yakawedzerwa kernel inovaka nePREEMPT_RT zvigamba zvekushandisa mune chaiyo-nguva masisitimu.
Iyo CBL-Mariner kugovera inopa diki yakajairwa seti yemapakeji ekutanga anoshanda seyepasirese hwaro hwekugadzira zviri mukati memidziyo, nharaunda dzevaenzi uye masevhisi anomhanya mumafu zvivakwa uye pamipendero michina. Zvimwe zvakaoma uye zvine hunyanzvi zvigadziriso zvinogona kugadzirwa nekuwedzera mamwe mapakeji pamusoro peCBL-Mariner, asi hwaro hwese masisitimu akadaro hunoramba hwakafanana, zvichiita kuti kugadzirisa uye kugadzirisa kuve nyore. Semuenzaniso, CBL-Mariner inoshandiswa sehwaro hweWSLg mini-kugovera, iyo inopa magiraidhi stack zvikamu zvekushandisa Linux GUI maapplication munzvimbo dzakavakirwa paWSL2 (Windows Subsystem yeLinux) subsystem. Kuwedzerwa kushanda muWSLg kunowanikwa kuburikidza nekubatanidzwa kwemamwe mapakeji neWeston Composite Server, XWayland, PulseAudio uye FreeRDP.
Iyo CBL-Mariner kuvaka sisitimu inobvumidza iwe kugadzira ese ari maviri ega RPM mapakeji anoenderana neSPEC mafaera uye sosi kodhi, pamwe ne monolithic system mifananidzo inogadzirwa uchishandisa rpm-ostree toolkit uye yakagadziridzwa atomu pasina kupatsanura mumapakeji akasiyana. Saizvozvo, maviri ekugadzirisa edhisheni modhi anotsigirwa: kuburikidza nekuvandudza ega mapakeji uye kuburikidza nekuvaka patsva nekugadzirisa iyo yese system mufananidzo. Nzvimbo inosvika zviuru zvitatu zvakavakwa RPM mapakeji iripo yaunogona kushandisa kuvaka yako mifananidzo zvichienderana nefaira yekumisikidza.
Kugovera kunosanganisira chete izvo zvinonyanya kukosha zvikamu uye zvakagadziridzwa kune shoma ndangariro uye dhisiki nzvimbo yekushandisa, pamwe nekumhanyisa kurodha. Kugovera kwacho kwakakoshawo pakuiswa kwedzimwe nzira dzakasiyana dzekuwedzera kuchengetedzwa. Iyo purojekiti inotora "yakanyanya kuchengetedzwa nekusarudzika" nzira. Zvinogoneka kusefa mafoni ehurongwa uchishandisa seccomp mechanism, encrypt disk partitions, uye simbisa mapakeji uchishandisa siginecha yedhijitari.
Kero nzvimbo randomisation modes inotsigirwa muLinux kernel inogadziriswa, pamwe chete nedziviriro nzira dzekurwisa symlink kurwiswa, mmap, /dev/mem uye /dev/kmem. Idzo nzvimbo dzekurangarira dzine zvikamu zvine kernel uye module data dzakagadzirirwa kuverenga-chete modhi uye kodhi kuuraya inorambidzwa. Imwe sarudzo ndeyekudzima kurodha kernel modules mushure mekutanga system. Iyo iptables toolkit inoshandiswa kusefa network mapaketi. Padanho rekuvaka, dziviriro kubva pakupfachukira, buffer mafashama, uye tambo yefomati matambudziko inogoneswa nekusarudzika (_FORTIFY_SOURCE, -fstack-protector, -Wformat-security, relro).
Iyo system maneja systemd inoshandiswa kubata masevhisi uye boot. RPM uye DNF mapakeji maneja anopihwa maneja manejimendi. Iyo SSH server haina kugoneswa nekusarudzika. Kuti uise kugovera, mugadziri anopiwa anogona kushanda mune zvese zvinyorwa uye graphical modes. Iyo yekumisikidza inopa sarudzo yekuisa ine yakazara kana yakakosha seti yemapakeji, uye inopa chinongedzo chekusarudza dhisiki partition, kusarudza zita remuenzi, uye kugadzira vashandisi.
Source: opennet.ru