Linux OS with immutable file system

Computer/Embedded Technology

Computing hardware suppliers

Computing software suppliers

Computing technology suppliers

printer friendly version

25 October 2023 Computer/Embedded Technology

For those engineers and technicians who prefer a vanilla Linux operating system instead of the more common Windows OS, then a new kid on the block may pique your interest.

Known as VanillaOS (yes, really), this OS promises a lot in terms of security.

Although based on Ubuntu, it does not use any of the niceties making up the Ubuntu experience: the Ubuntu Dock, the Yaru theme and other modifications are all missing. Instead, the default plain Gnome desktop environment is present.

What really sets this project apart from others, however, is in the security stakes. This OS takes a new approach to computing by using an immutable file system. For installations and updates, this system does not use the standard apt package manager. Instead, a new package manager and subsystem has been developed called apx.

This new subsystem is a wrapper around multiple package managers, which allows one to run commands inside a managed container for security. The benefit of this is that any apps being installed cannot change or affect the core system packages in a bid to improve security, reliability and stability.

OS updates are also handled differently using a custom-written software technology called ABRoot. VanillaOS uses transactions between two root file systems. When a new package is installed, ABRoot will check

which partition is the present root partition (let’s say A) and then mount an overlay on top of the partition A and perform the transaction. If the transaction succeeds, the overlay will be merged with the future root partition (B).

On the next boot, the system will automatically use the new root partition unless there is a boot failure. In that case, the overlay will be discarded and the system will boot normally, without any changes to either partition.

Updates have also been made to behave smarter. Instead of installing in the background, regardless of what the machine is doing, VanillaOS updates are installed only if the device is not under load or not running on low battery. If it is, the machine then waits for a reboot to perform the install.

Share this article:

Eskom announces PV registration extension
Computer/Embedded Technology
The South African Photovoltaic Industry Association has welcomed Eskom’s decision to extend its zero-registration fee policy and free smart meter installation for residential Small-Scale Embedded Generation customers until March 2026.

Read more...

Unlock enhanced wireless performance
Computer/Embedded Technology
Duxbury Networking has introduced Cambium Networks’ Deep Virtual Circuit (Deep VC) technology, a free upgrade for the PMP 450 platform that will transform wireless broadband performance across the country.

Read more...

Computing in industrial environments
Vepac Electronics Computer/Embedded Technology
The Panasonic Toughbook CF-33/CF33 Tablet is a 12,0-inch fully rugged device with hot-swappable twin batteries and highly configurable capabilities.

Read more...

DDR5 DRAM series
Vepac Electronics Computer/Embedded Technology
Innodisk has announced its DDR5 6400 DRAM series featuring the industry’s largest 64GB single-module capacity.

Read more...

Generate waveforms at 10 GS/s
Vepac Electronics Computer/Embedded Technology
New flagship arbitrary waveform generator cards from Spectrum Instrumentation generate waveforms with 2,5 GHz bandwidth and 16-bit vertical resolution.

Read more...

Categories

Computer/Embedded Technology

Linux OS with immutable file system

Further reading:

Publications by Technews