Ukukhishwa kwe-Bastille 0.9.20220216 kushicilelwe, uhlelo lokuzenzakalela ukuthunyelwa nokuphathwa kwezinhlelo zokusebenza ezisebenza ezitsheni ezihlukanisiwe kusetshenziswa indlela ye-FreeBSD Jail. Ikhodi ibhalwe ngo-Shell, ayidingi ukuncika kwangaphandle ukuze isebenze futhi isatshalaliswa ngaphansi kwelayisensi ye-BSD.
Ukuphatha iziqukathi, i-interface yomugqa womyalo we-bastille inikeziwe evumela ukuthi udale futhi ubuyekeze izindawo zeJail ngokusekelwe enguqulweni ekhethiwe ye-FreeBSD futhi wenze imisebenzi yesitsha efana nokuqala / ukumisa, ukwakha, ukuhlanganisa, ukungenisa / ukuthumela, ukuguqula, ukushintsha izilungiselelo, ukulawula ukufinyelela kwenethiwekhi nokusetha imikhawulo ekusetshenzisweni kwezinsiza. Kuyenzeka ukuthi kusetshenziswe izindawo ze-Linux (Ubuntu ne-Debian) esitsheni, sisebenzisa i-Linuxulator. Phakathi kwezici ezithuthukisiwe, isekela ukusebenzisa imiyalo ejwayelekile ezitsheni eziningana ngesikhathi esisodwa, izifanekiso ezibekwe esidlekeni, izifinyezo kanye nezipele. Ingxenye yempande esitsheni ifakwe kumodi yokufunda kuphela.
Indawo yokugcina ihlinzeka ngezifanekiso ezingaba ngu-60 zokwethula ngokushesha iziqukathi zezinhlelo zokusebenza ezijwayelekile, eziqukethe izinhlelo zamaseva (nginx, mysql, wordpress, asterisk, redis, postfix, elasticsearch, salt, njll.), abathuthukisi (gitea, gitlab, jenkins jenkins , python , php, perl, ruby, rust, go, node.js, openjdk) kanye nabasebenzisi (firefox, chromium). Isekela ukwakhiwa kwezitaki zeziqukathi, okukuvumela ukuthi usebenzise isifanekiso esisodwa kwesinye. Indawo yeziqukathi ezigijimayo ingadalwa kokubili kumaseva aphathekayo noma amabhodi we-Raspberry Pi, nasezindaweni zamafu ze-AWS EC2, i-Vultr kanye ne-DigitalOcean.
Le phrojekthi ithuthukiswa nguChrister Edwards ovela e-SaltStack, ophinde agcine amachweba ohlelo lokulawulwa kokumiswa okuphakathi kukaSalt lweFreeBSD. UChrister wake waba nesandla ekuthuthukiseni Ubuntu, wayengumqondisi wesistimu e-GNOME Foundation, futhi wasebenzela i-Adobe (ungumbhali wethuluzi le-Adobe lomthombo ovulekile we-Hubble lokuqapha nokugcina ukuphepha kwesistimu).
Ekukhishweni okusha:
- Ukwesekwa okungeziwe kokuhlanganisa izindawo zejele elisingathwe kuma-partitions e-ZFS.
- Kwengezwe umyalo othi "bastille list release -p" ukuze ubonise ukukhishwa okuphakathi lapho kufakwa kuhlu izinguqulo zesistimu ezindaweni.
- Ukuthunyelwa okuthuthukisiwe kwezindawo ze-Linux. Ukwesekwa okungeziwe kokusebenzisa izindawo ze-Debian ne-Ubuntu ze-Aarch64 (arm64) yezakhiwo.
- Izinkinga ngokwakha amanethiwekhi abonakalayo okuhlanganisa iziqukathi kusetshenziswa isistimu engaphansi ye-VNET sezixazululiwe.
Source: opennet.ru