Hyperbola gnu linux libre

Гипербола GNU / Linux-libre — Hyperbola GNU/Linux-libre

Разработчик Основатели Hyperbola Семейство ОС Unix-подобный Рабочее состояние Текущий Исходная модель Бесплатно программное обеспечение изначальный выпуск 15 апреля 2017 г . ; 4 года назад ( 2017-04-15 ) Последний релиз v0.3.1 (Млечный Путь) / 10 февраля 2020 г . ; 17 месяцев назад ( 2020-02-10 ) Репозиторий Метод обновления Долгосрочная поддержка Менеджер пакетов Пакман Платформы AMD64 , i686 Тип ядра Монолитный ( Linux-libre ) Userland GNU Пользовательский интерфейс по умолчанию Bash (основной live и HyperTalking ISO) Лицензия ФСДГ Официальный веб-сайт www .hyperbola .info

Hyperbola GNU / Linux-libre — операционная система для архитектур i686 и x86-64 . Он основан на снимках состояния Arch и разработке Debian . Он включает компоненты операционной системы GNU и ядро Linux-libre вместо общего ядра Linux . Hyperbola GNU / Linux-libre внесена в список Free Software Foundation как полностью бесплатная операционная система, соответствующая их Руководству по распространению свободных систем .

СОДЕРЖАНИЕ

История

5 августа 2017 года поддержка systemd была прекращена в пользу OpenRC в качестве системы инициализации по умолчанию для поддержки кампании Init Freedom, начатой Devuan .

6 декабря 2018 года Hyperbola стала первым бразильским дистрибутивом, признанным GNU полностью бесплатным проектом и включившим его в список бесплатных дистрибутивов FSF.

23 сентября 2019 года Hyperbola объявила о своем первом выпуске с реализацией Xenocara в качестве сервера отображения по умолчанию для системы X Window и LibreSSL в качестве библиотеки системной криптографии по умолчанию.

В декабре 2019 года Hyperbola объявила, что перестанет быть дистрибутивом Linux и станет хард-форком OpenBSD с кодом под лицензией GPL. В проекте приводились возражения против недавних разработок в ядре Linux, которые они считали «нестабильным путем», включая включение дополнительной поддержки для защиты цифрового контента с высокой пропускной способностью , ядро ​​«написано без учета требований безопасности», GNU и «ядро». «компоненты с необязательными зависимостями и одобрение языка программирования Rust — из-за возражений против политики в отношении товарных знаков Mozilla Foundation и« централизованное хранилище кода, которое более подвержено кибератакам и обычно требует доступа в Интернет для использования ». Поддержка версии для Linux прекращается в конце жизненного цикла ее текущего выпуска.

Социальный контракт

Гипербола заключила общественный договор . Общественный договор Hyperbola совершает проект в сообществе свободного программного обеспечения, свободной культуры , неприкосновенность частной жизни, стабильности, свободы инициализации, и следовать Arch основе упаковки системы, но в соответствии с принципами стабильности, развития и поддержания Debian. В соглашение включены Руководящие принципы бесплатного распространения системы GNU .

Разработка

Рекомендации по упаковке

Hyperbola установила правила упаковки. Руководство по упаковке Hyperbola содержит набор общих проблем и степени серьезности, которая должна быть им присвоена при разработке, например, обратное портирование, выпуски пакетов и исправления Debian.

Кодовые имена

Гипербола называет свои стабильные выпуски псевдонимами, используя названия галактик в качестве кодовых имен, выбранных из списка ближайших известных галактик Млечного Пути в порядке возрастания расстояния.

Цикл выпуска

Стабильная версия Hyperbola выпускается примерно каждые три года. Точечные релизы будут выпускаться каждые несколько месяцев. Для каждого выпуска Hyperbola он получит два года дополнительных обновлений безопасности после окончания срока его службы (EOL). Однако дальнейшие точечные релизы производиться не будут. Каждый выпуск Hyperbola получит в общей сложности пять лет поддержки безопасности.

Монтаж

Есть два способа установить Hyperbola GNU / Linux-libre: либо с нуля с использованием живых образов, либо путем миграции с существующей системы на основе Arch.

Источник

Hyperbola

A fully free, stable, secure, simple, lightweight and long-term support distribution

You’ve reached the website for Hyperbola GNU/Linux-libre operating system. The Hyperbola Project is a community driven effort to provide a fully free (as in freedom) operating system that is stable, secure, simple, lightweight that tries to Keep It Simple Stupid (KISS) under a Long Term Support (LTS) way.

Derived from Arch plus stability and security from Debian, Hyperbola provides packages from it that meet the GNU Free System Distribution Guidelines (GNU FSDG) and replacements for the packages that don’t meet this requirement. Packages are provided for the i686 and x86_64 architectures.

Our community is friendly and helpful. Please hop on IRC channel and check out our forums and mailing lists to get your feet wet. Also glance through our wiki if you want to learn more about Hyperbola.

Latest News

Milky Way v0.3.1 install medium release

We hereby announce a new revision of Hyperbola live image and HyperTalking for Hyperbola GNU/Linux-libre.

Download information can be found here.

It’s FOSS interview

We would like to thank It’s FOSS for interviewing us about Hyperbola Project and upcoming HyperbolaBSD .

You can read about it here.

Announcing HyperbolaBSD Roadmap

Due to the Linux kernel rapidly proceeding down an unstable path, we are planning on implementing a completely new OS derived from several BSD implementations.

This was not an easy decision to make, but we wish to use our time and resources to create a viable alternative to the current operating system trends which are actively seeking to undermine user choice and freedom .

This will not be a «distro», but a hard fork of the OpenBSD kernel and userspace including new code written under GPLv3 and LGPLv3 to replace GPL-incompatible parts and non-free ones.

Reasons for this include:

Ensure all systems are using stable repository

Now that we have released Milky Way v0.3, users are strongly advised to use only the stable repository. There may be breaking changes and instability during upcoming developments on White Hole (aka the testing release) .

Debug users which are not afraid of a broken system may continue to use this bleeding edge version to report bugs, but it is not to be considered stable for daily use .

We are currently working on the following tasks:

Milky Way v0.3 install medium release

We hereby announce a new release of Hyperbola live image and HyperTalking for Hyperbola GNU/Linux-libre. It is the first release with LibreSSL support and adherence to the Filesystem Hierarchy Standard.

This version contains various bugfixes and improved stability.

Источник

Hyperbola GNU/Linux-Libre

en:guide:encrypted_installation

This guide covers how to install Hyperbola GNU/Linux-Libre, with full disk encryption, including /boot (the boot directory). On most systems, /boot has to be left unencrypted, while the other partition(s) are encrypted. This is so that GRUB (and therefore the kernel) can be loaded and executed, because most firmware can’t open a LUKS volume; however, with Libreboot , GRUB is already included as a payload, so even /boot can be encrypted; this protects /boot from tampering by someone with physical access to the system.

Minimum requirements

You can find the minimum requirements to run Hyperbola GNU/Linux-libre on download page.

Preparation

Download the live image

For this guide we are using Milky Way version, the live image is available on download page.

Choose the installation device

Refer to the beginner’s guide, for finding and choosing the proper installation device, whether you are using an optical disk, or a USB drive.

Boot Hyperbola’s install environment

After downloading the ISO, and creating some kind of bootable media, you will need to boot into the live image. If you are unsure of how to do so, see how to boot a GNU/Linux installer, and move on to the next step; otherwise, just go to the next step.

Setting up keyboard layout

To begin the installation, you must first select the proper keyboard layout.

Establish an internet connection

You will also need to set up a network connection, to install packages.

Preparing the storage device for installation

You need to prepare the storage device that we will use to install the operating system. You can use same device name that you used earlier, to determine the installation device for the ISO.

Wipe storage device

You want to make sure that the device you’re using doesn’t contain any plaintext copies of your personal data. If the drive is new, then you can skip the rest of this section; if it’s not new, then there are two ways to handle it:

Also, if you’re using an SSD, there are a two things you should keep in mind:

Formatting the storage device

Now that all the personal data has been deleted from the disk, it’s time to format it. We’ll begin by creating a single, large partition on it, and then encrypting it using LUKS.

Create the LUKS partition

You will need the device-mapper kernel module during the installation; this will enable us to set up our encrypted disk. To load it, use the following command:

We then need to select the device name of the drive we’re installing the operating system on; see the above method, if needed, for figuring out device names.

Now that we have the name of the correct device, we need to create the partition on it. For this, we will use the cfdisk command:

Now that you have created the partition, it’s time to create the encrypted volume on it, using the cryptsetup command, like this:

These are just recommended defaults; if you want to use anything else, or to find out what options there are, run man cryptsetup .

You will now be prompted to enter a passphrase; be sure to make it secure. For passphrase security, length is more important than complexity (e.g., correct-horse-battery-staple is more secure than bf20$3Jhy3), but it’s helpful to include several different types of characters (e.g., uppercase/lowercase letters, numbers, special characters). The password length should be as long as you are able to remember, without having to write it down, or store it anywhere.

Use of the diceware method is recommended, for generating secure passphrases (rather than passwords).

Create the volume group and logical volumes

The next step is to create two logical volumes within the LUKS-encrypted partition: one will contain your main installation, and the other will contain your swap space.

We will create this using, the Logical Volume Manager (LVM).

First, we need to open the LUKS partition, at /dev/mapper/lvm :

Then, we create LVM partition:

Check to make sure that the partition was created:

Next, we create the volume group, inside of which the logical volumes will be created. For this example, we will call this group matrix. You can call yours whatever you would like; just make sure that you remember its name:

Check to make sure that the group was created:

Lastly, we need to create the logical volumes themselves, inside the volume group; one will be our swap, cleverly named swapvol, and the other will be our root partition, equally cleverly named as rootvol.

You can also be flexible here, for example you can specify a /boot , a / , a /home , a /var , or a /usr volume. For example, if you will be running a web/mail server then you want /var (where logs are stored) in its own partition, so that if it fills up with logs, it won’t crash your system. For a home/laptop system (typical use case), just a root and a swap will do.

Verify that the logical volumes were created correctly:

Make the rootvol and swapvol partitions ready for installation

The last steps of setting up the drive for installation are turning swapvol into an active swap partition, and formatting rootvol.

To make swapvol into a swap partition, we run the mkswap (i.e., make swap) command:

Activate the swapvol, allowing it to now be used as swap, using swapon (i.e., turn swap on) command:

Now we have to format rootvol, to make it ready for installation; we do this with the mkfs (i.e., make file system) command. We choose the ext4 filesystem, but you could use a different one, depending on your use case:

Lastly, We need to mount rootvol. Fortunately, GNU/Linux has a directory for this very purpose: /mnt :

Create the /boot and /home directories

Now that you have mounted rootvol, you need to create the two most important folders on it: /boot and /home ; these folder contain your boot files, as well as each user’s personal documents, videos, etc..

Since you mounted rootvol at /mnt , this is where you must create them; you will do so using mkdir :

You could also create two separate partitions for /boot and /home , but such a setup would be for advanced users, and is thus not covered in this guide. For more information on how to do this, refer to the Arch wiki on partitions.

The setup of the drive and partitions is now complete; it’s time to actually install Hyperbola.

Install the base system

We need to install the essential applications needed for your Hyperbola installation to run; refer to Install the base system, on the our wiki.

Generate an fstab

The next step in the process is to generate a file known as an fstab ; the purpose of this file is for the operating system to identify the storage device used by your installation. On the beginner’s guide is the instruction to generate that file.

Chroot into and configure the system

Now, you need to chroot into your new installation, to complete the setup and installation process. Chrooting refers to changing the root directory of an operating system to a different one; in this instance, it means changing your root directory to the one you created in the previous steps, so that you can modify files and install software onto it, as if it were the host operating system.

To chroot into your installation, follow the instruction on the beginner’s guide.

Setting up the locale

Locale refers to the language that your operating system will use, as well as some other considerations related to the region in which you live. To set this up, follow the instructions in the beginner’s guide.

Setting up the consolefont and keymap

This will determine the keyboard layout of your new installation; follow the instructions in the beginner’s guide.

Setting up the time zone

You’ll need to set your current time zone in the operating system; this will enable applications that require accurate time to work properly (e.g., the web browser). To do this, follow the instructions the beginner’s guide.

Setting up the hardware clock

To make sure that your computer has the right time, you’ll have to set the time in your computer’s internal clock. Follow the instructions in the beginner’s guide to do that.

Setting up the kernel modules

Now we need to make sure that the kernel has all the modules that it needs to boot the operating system. To do this, we need to edit a file called mkinitcpio.conf . More information about this file can be found in the Arch wiki, but for the sake of this guide, you simply need to run the following command.

There are several modifications that we need to make to the file:

Here’s what each module does:

After modifying the file and saving it, we need to update the kernel(s) with the new settings.

We will also install the grub package, which we will need later, to make our modifications to the GRUB configuration file:

Then, we update both kernels like this, using the mkinitcpio command:

Setting up the hostname

Now we need to set up the hostname for the system; this is so that our device can be identified by the network. Refer to the hostname section of the beginner’s guide. You can make the hostname anything you like; for example, if you wanted to choose the hostname hyperbola , you would run the echo command, like this:

And then you would modify /etc/hosts like this, adding the hostname to it:

Configure the network

Now that we have a hostname, we need to configure the settings for the rest of the network, we suggest use netifrc to set up your wired/wireless connection. See the Gentoo Handbook which explains netifrc scripts in a high level of detail.

Set the root password

The root account has control over all the files in the computer; for security, we want to protect it with a password. The password requirements given above, for the LUKS passphrase, apply here as well. You will set this password with the passwd command:

Extra security tweaks

There are some final changes that we can make to the installation, to make it significantly more secure; these are based on the security section of the Arch wiki.

Key strengthening

We will want to open the configuration file for password settings, and increase the strength of our root password:

Add rounds=65536 at the end of the uncommented ‘password’ line; in simple terms, this will force an attacker to take more time with each password guess, mitigating the threat of brute force attacks.

Restrict access to important directories

You can prevent any user, other than the root user, from accessing the most important directories in the system, using the chmod command.

Lockout user after three failed login attempts

We can also setup the system to lock a user’s account, after three failed login attempts.

To do this, we will need to edit the file /etc/pam.d/system-login , and comment out this line:

You could also just delete it. Above it, put the following line:

This configuration will lock the user out for ten minutes. You can unlock a user’s account manually, using the root account, with this command:

Generate grub.cfg

Edit configuration in /etc/default/grub , remembering to use UUID when pointing to mbr/gpt partition. Use blkid to get list of devices with their respective UUIDs. Next generate grub.cfg with:

If you have separate /boot partition, don’t forget to add boot symlink inside that points to current directory:

Unmount all partitions and reboot

Congratulations! You have finished the installation of Hyperbola GNU/Linux-libre. Now it is time to reboot the system, but first, there are several preliminary steps:

Exit from chroot , using the exit command:

Unmount all of the partitions from /mnt , and “turn off” the swap volume:

Deactivate the rootvol and swapvol logical volumes:

Lock the encrypted partition (i.e., close it):

Shutdown the machine:

After the machine is off, remove the installation media, and turn it on.

Booting the installation manually from GRUB

When you forget to configure or misconfigure grub on your hdd, you have to manually boot the system by entering a series of commands into the GRUB command line.

After the computer starts, Press C to bring up the GRUB command line. Here are the commands:

The workaround was to remove the DVD drive.

Configure pacman

Edit /etc/pacman.conf and configure pacman’s options, also enabling the repositories you need.

See Pacman and Repositories for details.

Update the system

At this point you should update your system.

Add an user

Finally, add a normal user as described in User management.

Service management

Since Hyperbola removed entire systemd support, we suggest you read about OpenRC which is our main default init system.

Conclusion

Your new Hyperbola GNU/Linux-libre base system is now a functional GNU/Linux environment.

Licensing

This wiki article is released under the GNU Free Documentation License 1.3 with no invariant sections, no front cover texts, and no back cover texts.

Acknowledgement

This wiki article is based on Libreboot documentation.

Источник