Microsoft yakaburitsa gadziriso kune yekugovera kit CBL-Mariner 2.0.20221029 (Common Base Linux Mariner), iyo iri kuvandudzwa senzvimbo yepasirese chikuva cheLinux nharaunda dzinoshandiswa mumakore, edge masisitimu uye akasiyana masevhisi eMicrosoft. Iyo purojekiti ine chinangwa chekubatanidza mhinduro dzeLinux dzinoshandiswa muMicrosoft uye kurerutsa kuchengetedza kweLinux masisitimu ezvinangwa zvakasiyana kusvika parizvino. Zviitiko zveprojekiti zvakagoverwa pasi peMIT rezenisi. Mapakeji anogadzirwa aarch64 uye x86_64 zvivakwa. Bootable ISO mufananidzo wakagadzirirwa (1.1 GB) ye x86_64 dhizaini.
Mushanduro itsva:
- Yakagadziridzwa pasuru shanduro, zvinosanganisira zvakarongwa kuburitswa kweLinux kernel 5.15.74, PHP 8.1.11, nodejs 16.17.1, cassandra 4.0.7, dbus 1.15.2, expat 2.5.0, mysql 8.0.31, terraform 1.32.2, tidy5.8.0 3.4.16. 1.22.1, wireshark XNUMX, nginx XNUMX.
- Akawedzera mapakeji matsva cairomm 1.12.0, cpptest 1.1.2, k-exec-tools, kernel-drivers-gpu, libcroco 0.6.13, python-google-auth-oauthlib, sgx-backwards-compatability.
- Inosanganisirwa mamodule ekuchinja iyo TCP congestion control algorithm (TCP Congestion).
- Kugadziriswa kwekusagadzikana kwakaendeswa kune libtar, unbound, aspell, libtiff, redis, livepatch, libtasn1, PHP, nodejs, dbus, expat, mod_wsgi, wireshark, nginx, mysql, terraform mapakeji.
Iyo CBL-Mariner kugovera inopa diki yakajairwa seti yemapakeji ekutanga anoshanda seyepasirese hwaro hwekugadzira zviri mukati memidziyo, nharaunda dzevaenzi uye masevhisi anomhanya mumafu zvivakwa uye pamipendero michina. Zvimwe zvakaoma uye zvine hunyanzvi zvigadziriso zvinogona kugadzirwa nekuwedzera mamwe mapakeji pamusoro peCBL-Mariner, asi hwaro hwese masisitimu akadaro hunoramba hwakafanana, zvichiita kuti kugadzirisa uye kugadzirisa kuve nyore. Semuenzaniso, CBL-Mariner inoshandiswa sehwaro hweWSLg mini-kugovera, iyo inopa magiraidhi stack zvikamu zvekushandisa Linux GUI maapplication munzvimbo dzakavakirwa paWSL2 (Windows Subsystem yeLinux) subsystem. Kuwedzerwa kushanda muWSLg kunowanikwa kuburikidza nekubatanidzwa kwemamwe mapakeji neWeston Composite Server, XWayland, PulseAudio uye FreeRDP.
Iyo CBL-Mariner kuvaka sisitimu inobvumidza iwe kugadzira ese ari maviri ega RPM mapakeji anoenderana neSPEC mafaera uye sosi kodhi, pamwe ne monolithic system mifananidzo inogadzirwa uchishandisa rpm-ostree toolkit uye yakagadziridzwa atomu pasina kupatsanura mumapakeji akasiyana. Saizvozvo, maviri ekugadzirisa edhisheni modhi anotsigirwa: kuburikidza nekuvandudza ega mapakeji uye kuburikidza nekuvaka patsva nekugadzirisa iyo yese system mufananidzo. Nzvimbo inosvika zviuru zvitatu zvakavakwa RPM mapakeji iripo yaunogona kushandisa kuvaka yako mifananidzo zvichienderana nefaira yekumisikidza.
Kugovera kunosanganisira chete izvo zvinonyanya kukosha zvikamu uye zvakagadziridzwa kune shoma ndangariro uye dhisiki nzvimbo yekushandisa, pamwe nekumhanyisa kurodha. Kugovera kwacho kwakakoshawo pakuiswa kwedzimwe nzira dzakasiyana dzekuwedzera kuchengetedzwa. Iyo purojekiti inotora "yakanyanya kuchengetedzwa nekusarudzika" nzira. Zvinogoneka kusefa mafoni ehurongwa uchishandisa seccomp mechanism, encrypt disk partitions, uye simbisa mapakeji uchishandisa siginecha yedhijitari.
Kero nzvimbo randomisation modes inotsigirwa muLinux kernel inogadziriswa, pamwe chete nedziviriro nzira dzekurwisa symlink kurwiswa, mmap, /dev/mem uye /dev/kmem. Idzo nzvimbo dzekurangarira dzine zvikamu zvine kernel uye module data dzakagadzirirwa kuverenga-chete modhi uye kodhi kuuraya inorambidzwa. Imwe sarudzo ndeyekudzima kurodha kernel modules mushure mekutanga system. Iyo iptables toolkit inoshandiswa kusefa network mapaketi. Padanho rekuvaka, dziviriro kubva pakupfachukira, buffer mafashama, uye tambo yefomati matambudziko inogoneswa nekusarudzika (_FORTIFY_SOURCE, -fstack-protector, -Wformat-security, relro).
Iyo system maneja systemd inoshandiswa kubata masevhisi uye boot. RPM uye DNF mapakeji maneja anopihwa maneja manejimendi. Iyo SSH server haina kugoneswa nekusarudzika. Kuti uise kugovera, mugadziri anopiwa anogona kushanda mune zvese zvinyorwa uye graphical modes. Iyo yekumisikidza inopa sarudzo yekuisa ine yakazara kana yakakosha seti yemapakeji, uye inopa chinongedzo chekusarudza dhisiki partition, kusarudza zita remuenzi, uye kugadzira vashandisi.
Source: opennet.ru