Microsoft yakaburitsa gadziriso kuCBL-Mariner kugovera 1.0.20210901 (Common Base Linux Mariner), iyo iri kuvandudzwa senzvimbo yepasirese yenzvimbo yeLinux nharaunda inoshandiswa muzvivakwa zvemakore, edge masisitimu uye akasiyana masevhisi eMicrosoft. Iyo purojekiti ine chinangwa chekubatanidza Microsoft Linux mhinduro uye kurerutsa kuchengetedza kweLinux masisitimu ezvinangwa zvakasiyana kusvika parizvino. Zviitiko zveprojekiti zvakagoverwa pasi peMIT rezenisi.
Mukuburitswa kutsva:
- Kuumbwa kweiyo yekutanga iso mufananidzo (700 MB) kwatanga. Mukuburitswa kwekutanga, mifananidzo yakagadzirira-yakagadzirwa ISO haina kupihwa; zvaifungidzirwa kuti mushandisi anogona kugadzira chifananidzo chine kuzadza kwakakodzera (mirayiridzo yegungano yakagadzirirwa Ubuntu 18.04).
- Tsigiro yeotomatiki pasuru inogadziridza yaitwa, iyo iyo Dnf-Otomatiki application inosanganisirwa.
- Iyo Linux kernel yakagadziridzwa kuita shanduro 5.10.60.1. Updated purogiramu shanduro, kusanganisira openvswitch 2.15.1, golang 1.16.7, logrus 1.8.1, tcell 1.4.0, gonum 0.9.3, kupupura 1.7.0, crunchy 0.4.0, xz 0.5.10, swig 4.0.2. 4.4, squashfs-zvishandiso 8.0.26, mysql XNUMX.
- OpenSSL inopa iyo sarudzo yekudzosera rutsigiro rweTLS 1 uye TLS 1.1.
- Kuti utarise iyo kodhi kodhi yeturusi, iyo sha256sum utility inoshandiswa.
- Mapakeji matsva aisanganisira: etcd-zvishandiso, cockpit, aide, fipscheck, tini.
- Iwo brp-strip-debug-symbols, brp-strip-unneeded uye ca-legacy mapakeji abviswa. Yakabviswa SPEC mafaira eDotnet uye aspnetcore mapakeji, ayo zvino aunganidzwa neiyo core .NET development timu uye akaiswa mune yakaparadzana repository.
- Kugadziriswa kwekusagadzikana kwakaendeswa kune shanduro dzepasuru dzakashandiswa.
Ngatiyeukei kuti kugovera kweCBL-Mariner kunopa diki diki seti yemapakeji ekutanga anoshanda seyepasirese hwaro hwekugadzira zviri mukati memidziyo, nharaunda dzevaenzi uye masevhisi anomhanya mumafu ehupfumi uye pamidziyo yemupendero. Zvimwe zvakaoma uye zvine hunyanzvi zvigadziriso zvinogona kugadzirwa nekuwedzera mamwe mapakeji pamusoro peCBL-Mariner, asi hwaro hwese masisitimu akadaro hunoramba hwakafanana, zvichiita kuti kugadzirisa uye kugadzirisa kuve nyore. Semuenzaniso, CBL-Mariner inoshandiswa sehwaro hweWSLg mini-kugovera, iyo inopa magiraidhi stack zvikamu zvekushandisa Linux GUI maapplication munzvimbo dzakavakirwa paWSL2 (Windows Subsystem yeLinux) subsystem. Kuwedzerwa kushanda muWSLg kunowanikwa kuburikidza nekubatanidzwa kwemamwe mapakeji neWeston Composite Server, XWayland, PulseAudio uye FreeRDP.
Iyo CBL-Mariner kuvaka sisitimu inobvumidza iwe kugadzira ese ari maviri ega RPM mapakeji anoenderana neSPEC mafaera uye sosi kodhi, pamwe ne monolithic system mifananidzo inogadzirwa uchishandisa rpm-ostree toolkit uye yakagadziridzwa atomu pasina kupatsanura mumapakeji akasiyana. Saizvozvo, maviri ekugadzirisa edhisheni modhi anotsigirwa: kuburikidza nekuvandudza ega mapakeji uye kuburikidza nekuvaka patsva nekugadzirisa iyo yese system mufananidzo. Nzvimbo inosvika zviuru zvitatu zvakavakwa RPM mapakeji iripo yaunogona kushandisa kuvaka yako mifananidzo zvichienderana nefaira yekumisikidza.
Kugovera kunosanganisira chete izvo zvinonyanya kukosha zvikamu uye zvakagadziridzwa kune shoma ndangariro uye dhisiki nzvimbo yekushandisa, pamwe nekumhanyisa kurodha. Kugovera kwacho kwakakoshawo pakuiswa kwedzimwe nzira dzakasiyana dzekuwedzera kuchengetedzwa. Iyo purojekiti inotora "yakanyanya kuchengetedzwa nekusarudzika" nzira. Zvinogoneka kusefa mafoni ehurongwa uchishandisa seccomp mechanism, encrypt disk partitions, uye simbisa mapakeji uchishandisa siginecha yedhijitari.
Kero nzvimbo randomisation modes inotsigirwa muLinux kernel inogadziriswa, pamwe chete nedziviriro nzira dzekurwisa symlink kurwiswa, mmap, /dev/mem uye /dev/kmem. Idzo nzvimbo dzekurangarira dzine zvikamu zvine kernel uye module data dzakagadzirirwa kuverenga-chete modhi uye kodhi kuuraya inorambidzwa. Imwe sarudzo ndeyekudzima kurodha kernel modules mushure mekutanga system. Iyo iptables toolkit inoshandiswa kusefa network mapaketi. Padanho rekuvaka, dziviriro kubva pakupfachukira, buffer mafashama, uye tambo yefomati matambudziko inogoneswa nekusarudzika (_FORTIFY_SOURCE, -fstack-protector, -Wformat-security, relro).
Iyo system maneja systemd inoshandiswa kubata masevhisi uye boot. Zvepakeji maneja, mapakeji maneja RPM uye DNF (tdnf musiyano kubva vmWare) anopihwa. Iyo SSH server haina kugoneswa nekusarudzika. Kuti uise kugovera, mugadziri anopiwa anogona kushanda mune zvese zvinyorwa uye graphical modes. Iyo yekumisikidza inopa sarudzo yekuisa ine yakazara kana yekutanga seti yemapakeji, uye inopa chinongedzo chekusarudza dhisiki partition, kusarudza zita remuenzi, uye kugadzira vashandisi.
Source: opennet.ru