Alpine Linux 3.18 releases, lightweight Linux distribution
Alpine Linux is a community-developed operating system designed for x86 routers, firewalls, virtual private networks, IP telephones, and servers. It is designed to implement the concept of security, including a number of active security features such as PaX and SSP, they can prevent the software vulnerabilities are used by rivals. The system uses the C language library is musl, the basic tools are in BusyBox. They are common in embedded systems and are smaller than tools in GNU / Linux systems.
Feature
SMALL
Alpine Linux is built around musl libc and busybox. This makes it smaller and more resource efficient than traditional GNU/Linux distributions. A container requires no more than 8 MB and a minimal installation to disk requires around 130 MB of storage. Not only do you get a fully-fledged Linux environment but a large selection of packages from the repository.
Binary packages are thinned out and split, giving you even more control over what you install, which in turn keeps your environment as small and efficient as possible.
SIMPLE
Alpine Linux is a very simple distribution that will try to stay out of your way. It uses its own package manager called apk, the OpenRC init system, script driven set-ups and that’s it! This provides you with a simple, crystal-clear Linux environment without all the noise. You can then add on top of that just the packages you need for your project, so whether it’s building a home PVR, or an iSCSI storage controller, a wafer-thin mail server container, or a rock-solid embedded switch, nothing else will get in the way.
SECURE
Alpine Linux was designed with security in mind. The kernel is patched with an unofficial port of grsecurity/PaX, and all userland binaries are compiled as Position Independent Executables (PIE) with stack smashing protection. These proactive security features prevent the exploitation of entire classes of zero-day and other vulnerabilities.
Alpine Linux 3.18 has been released.
Changelog
- Linux kernel 6.1 – with signed kernel modules
- musl libc 1.2.4 – now with TCP fallback in DNS resolver
- Python 3.11
- Ruby 3.2
- Node.js (current) 20.1
- GNOME 44
- Go 1.20
- KDE Plasma 5.27
- Rust 1.69
- Experimental support for unattended installs via tiny-cloud
SIGNIFICANT CHANGES
Kernel modules are now signed. Verified modules are not enforced by default, so 3rd party modules with akms still works.
All packages for ppc64le, x86, and x86_64 was linked with DT_RELR. This should have reduced size of compiled binares.
Python pre-compiled files (pyc
) are now shipped in separate packages. It is now possible to avoid install those and save space by doing apk add !pyc
.