commit aac44ba0443f8fb2038ec78657b1d1a37f1a8699
parent 71b19707969e0811633ebcd57f01cba0759347f5
Author: Jan Pobrislo <ccx@te2000.cz>
Date: Mon, 11 Nov 2024 02:12:50 +0000
Update README for mrrl
Diffstat:
| M | README | | | 86 | +++++++++---------------------------------------------------------------------- |
1 file changed, 9 insertions(+), 77 deletions(-)
diff --git a/README b/README
@@ -1,7 +1,5 @@
-Packaging Through Hashed Build Scripts
-======================================
-
-Not a distro. Barely a packaging system.
+Minimal Reliable Reproducible Linux
+===================================
Intent of this project is to build robust, minimal Linux-based system that is
just enough to boot, start some containers (via unshare and pidns patch to s6),
@@ -11,46 +9,13 @@ It should be fully compatible with installation as a software overlay over
existing Linux distributions.
The robustnes should come from two design decisions:
-* picking simple software that does it's job right
-* package versioning scheme inspired by Stow/Nix/Guix and also partly by
- slashpackage convention
-
-How this works
---------------
-
-Each package definition is actually a shell script that has all the instructions
-to build the software in question as well as hash of any installed software or
-sources it needs, either in form of sha256sum or git commit id.
-
-This shell script is then hashed with sha256 and the result is appended to
-package name to form unique installation directory for that specific
-configuration.
-This way you are not limited from installing multiple versions or build
-configurations of software and switching between them freely.
-
-These package installations then are combined into environments (similar to
-profiles in Nix) implemented using symlink forest and are again identified by
-their content hash.
+* packaging simple software that does it's job right
+* using filesystem layout that supports fully parallel installation with atomic
+ switchover
-The packaging system itself is intended to pose as building block for larger
-system configuration management suite that allows for atomic software and
-configuration updates, A/B boot with rollback options, etc., without trying to
-tell you how those should be managed.
-
-Dependencies of the package build and installation system are kept intentionally
-as slim as possible.
-Currently it's all done using busybox utilities and GNU make and this list is
-expected to stay final.
-
-However, package dependency management can be very complex.
-This design decouples the complexity of determining which software fits together
-in desired configuration (which easily leads into combinatorial explosion) from
-the packaging tool itself.
-
-The software packaged here is hand-picked minimal set, but there is nothing
-preventing creation of a sophisticated package specification generator on top of
-an efficient constraint solving algorithm and should work as a solid base for
-that.
+See:
+* https://ccx.te2000.cz/stagit/pthbs/ for package manager code
+* https://ccx.te2000.cz/stagit/pthbs_genpkgpy/ for package generator
Requirements
------------
@@ -58,44 +23,11 @@ Requirements
The bootstrap is done by compiling musl-cross-make.
Ideally you should not need anything above requirements of that project but
currently the reproducible build checks are implemented using explicit calls to
-busybox binary. (TODO)
+busybox binary. (TODO: sandbox.py needs to be rewritten to C and bootstrapped)
For regenerating the package build scripts from templates you will also need
Python3 and Jinja2.
-Features
---------
-
-Implemented features
-~~~~~~~~~~~~~~~~~~~~
-
-* per-package build options
- * `sandbox` prevents access outside explicit dependencies (default=on)
- * `set_path` configures PATH to given build environment (default=on)
-* build sources
- * git commit id
- * file sha256
- * extract tarballs, including compression
- * automatically download when URL provided in downloadlist.sha256
-* collects build logs and prints errors
-* uses parallel with inferred job count by default
-* build sandbox for regular user builds
- * using simple user namespace based (and possibly not very secure) python script
- * using syd <https://git.sr.ht/~alip/syd> (requires recent kernel)
-* ensure all installed binaries are statically linked
-
-Work in progress
-~~~~~~~~~~~~~~~~
-
-Planned features
-~~~~~~~~~~~~~~~~
-
-* build sandbox with segregated build users using only packaged software
-* fully reproducible builds
-* bootstrap sanboxing binaries
-* rewrite Python package generator into something easier to bootstrap with on
- POSIX-ish system (AWK?)
-
Packages
--------
