Alpine Linux:About: Difference between revisions

From Alpine Linux
(→‎How did Alpine Linux Begin?: clarify that "reboot to remove rootkits" is an oversimplification)
(moved to external site)
Line 1: Line 1:
[[Image:knotes.svg|96px|left|link=]]
This page moved to http://alpinelinux.org/about
{{TOC right}}
'''Alpine Linux''' is a community-developed operating system designed for x86 Routers, Firewalls, VPNs, VoIP and servers.
 
Alpine Linux is and always will be '''free of charge'''. You do not pay any licensing fees. You can download, use and share Alpine Linux with anyone for absolutely nothing.
 
Alpine Linux was designed with security in mind. It has '''proactive security''' features, such as [http://en.wikipedia.org/wiki/PaX PaX] and [http://en.wikipedia.org/wiki/Stack-smashing_protection SSP], that prevent security holes from being exploited.
 
Alpine Linux uses the [http://en.wikipedia.org/wiki/UClibc uClibc] C library and all of the base tools from [http://en.wikipedia.org/wiki/BusyBox BusyBox]. These are normally found on embedded systems and are '''smaller''' than the tools found on GNU/Linux systems.
 
== Why Should I Try It? ==
 
We're partial, of course, but here are a few reasons:
 
* '''It's quick:''' You can boot it from a USB stick and have a very usable system in less than 10 minutes.
* '''It's simple:''' The [[Alpine Linux package management|package management]] and [[Alpine Linux Init System|init system]] is a breeze to use.
* '''It's more secure:''' When The Linux 0-day [http://en.wikipedia.org/wiki/Vmsplice%28%29_local_root_exploit vmsplice vulnerability] was causing admins everywhere to upgrade their kernels post-haste, Alpine Linux systems were basically impervious. Yes, the code crashed the application, but the PaX protection prevented system compromise. The value of PaX and SSP has been proven on more than one occasion.
* '''It's small:''' The traditional GNU/Linux base system is over 100MB in size (excluding the kernel), while the base system in Alpine Linux is only 4-5MB in size (excluding the kernel).
* '''It has the [[Alpine Configuration Framework Design|Alpine Configuration Framework (ACF)]]:''' While optional, ACF is a powerful web application used to configure an Alpine Linux device. ([[User:K0gen/ACF_Screenshots|Screenshots]])
* '''It's great for experimenting:''' Since the system configuration can be backed up to a single file, you will be able to test configurations before deploying them to production systems. (See [[Alpine local backup|Alpine Local Backup]].)
* '''It supports [http://linux-vserver.org/ Linux-VServer]:''' Similar to FreeBSD Jails, it allows you to run virtual servers.
 
== What's It Like? ==
 
Its network configuration is similar to Debian's and its package management is, in some ways, similar to Debian's APT or RedHat's yum, the BSDs' <code>pkg_*</code> commands (<code>apk_*</code> under Alpine), and Arch Linux's PKGBUILDs (<code>APKBUILD</code> under Alpine).
 
Also, if you've ever used a BusyBox-based system before, you would know that its applets do not support all of the features of their GNU/Linux counterparts. However, in an effort to make the system run like any other, the Alpine developers have contributed a number of enhancements to the BusyBox project.
 
Having said that, there are situations where things do not run like they do on a traditional GNU/Linux system. When you run into those situations, just remember these two things:
 
* The base installation is kept small enough for a firewall or router system, so there's not much there except the basics. (You can probably get away with just using the tools that are there, although crudely. When combined, tools like sh, awk, sed, and grep can do everything Perl can &mdash; seriously.)
* Alpine does have a complete set of packages, but you have to explicitly choose what to install.
 
== What Should I Know? ==
 
In addition to basic *nix management, you should know that...
 
* Alpine Linux uses [[Alpine Linux package management|apk-tools]] for its package management system and [http://roy.marples.name/projects/openrc OpenRC] for [[Alpine Linux Init System|its init system]]. You will need to learn how to use them both before you can effectively manage an Alpine Linux system.
* Alpine Linux uses the [[Alpine local backup|Alpine Local Backup Utility]] (<code>lbu</code>) primarily for RAM-based installs so you don't lose everything between reboots &mdash; however &mdash; it can also be used on HDD installs to test configurations before deploying them to production systems.
* In some cases, there is not a lot of documentation available, and what is available can be scattered about the wiki and/or mailing lists. We're working on it, but could use some help. Please see the [[Contribute]] page if you would like to help out.
 
== How did Alpine Linux Begin? ==
 
Alpine Linux began as a fork of the [http://en.wikipedia.org/wiki/LEAF_Project LEAF Project].
 
The active members of the LEAF Project wanted to continue making a Linux distribution that ran off of a single floppy disk &mdash; and we think that's great &mdash; however, our needs required Squid, DansGuardian, Samba, and a slew of other heavyweight applications. So, we ended up with a set of packages that fit onto a CD-ROM.
 
The LEAF concept of "run from RAM" has a number of appealing features, especially for a firewall:
 
* If your configs are all on a floppy, an upgrade is as simple as burning a new CD and rebooting.
* If your configs are all on a (write-protected) floppy, recovering from a root-kit is as simple as rebooting. (In real life, this is an oversimplification - but that was one of the arguments that was used back then)
 
Aside from the applications that we required, there were some things that we wanted to experiment with that wasn't easy to do in the LEAF build environment at that time, such as:
 
* A Complete Build-from-Source Environment (e.g. Gentoo-Style Build World)
* 2.6.x Kernel Support
* Stack-Smashing Support (SSP) in GCC
* PaX Kernel Security
* Better package management with dependencies, upgrade path, pre- and post-install scripts, etc.
 
And so the project began.
 
Although Alpine Linux won't fit on a floppy disk today, it has and always will be our goal to keep it as small and simple as possible.
 
== Why the Name Alpine? ==
 
"Alpine" originally stood for A Linux Powered Integrated Network Engine. The idea was that the distribution would be focused on networking, and be a tiny "engine" or framework, which larger systems could be built upon.
 
Today, "Alpine" is nothing more than a name, despite continuing to live up to its original name. As an example, here are a few of Alpine's achievements and real-world uses:
 
* The first open-source implementation of Cisco's DMVPN, called [http://sourceforge.net/projects/opennhrp/ OpenNHRP], was written for Alpine Linux.
* In addition to its use as a firewall or router system, Alpine Linux is also used in a number of installations as the basis for enterprise servers, running such software as PostgreSQL, Postfix, Asterisk, Kamailio, and being used for iSCSI SANs. It is the little engine that could.

Revision as of 07:48, 3 May 2011

This page moved to http://alpinelinux.org/about