User:Ncopa

From Alpine Linux

draft:

About

Alpine Linux is an x86 Linux distribution suitable for firewalls, routers, VPN gateways, lightweight servers (http, sql, mail), resque livecd or other embedded devices.

Lightweight

Alpine is based on and busybox (and are thus not a GNU/Linux distro).

The base system, excluding the kernel, is less than 2MB. That includes:

  • the C library runtime, uclibc
  • standard tools from busybox (cp, ls, mv, wget, iproute, nc etc)
  • package manager, apk-tools
  • openrc init system

Proactive security

The default kernel is patched with the grsecurity patches and provides features like:

  • Address Space Randomization Layout
  • Memeory protection

Alpine Linux is a run-from RAM linux distribution. Its original target was small appliances like routers, VPN gateways, or embedded x86 devices. However, it supports hosting other Linux guest OSes under VServer control, making it an attractive hosting solution as well.

It can boot from a 1GB USB stick, CDrom, or hard drive. Packages compiled against uClibc are pulled into RAM for execution. All packages are compiled with grsecurity patches and SSP to provide a secure runtime environment. The lbu backup system stores all changes to /etc (and custom changes) to the boot media, making system disaster recovery brain-dead simple.

APKBUILD Reference

APKBUILDs are scripts to build alpine packages using the abuild tool.

Variables

The following variables are defined by abuild:

startdir
The directory where APKBUILD script is found.
srcdir
The directory here sources are downloaded to and unpacked.
pkgdir
This directory should hold the data files for main package. A normal autotools package has a make DESTDIR="$pkgdir" install.
subpkgdir
This directory should have the data files for a subpackage. This variable should only be used from subpackage functions.
Note: All variables that holds a path (i.e $srcdir and $pkgdir) should always be within quotes in the APKBUILD (for example: "$srcdir"). This is so things don't break in case user has the APKBUILD in a directory with spaces.

The following variables should be defined by user in APKBUILD:

depends
Runtime dependencies that are not shared-object dependencies. Shared objects dependencies are autodetected and should not be specified here.
depends_dev
Runtime dependencies for -dev subpackage.
install
pre/post install/deinstall/remove scripts.
license
License(s) for the package.
makedepends
Build time dependencies.
options
build time options for package. Valid values are currently only !strip for avoid stripping the binaries.
pkgdesc
Short package description.
pkggroups
Groups to be created during buildtime. This group should be created in a $pkgname.pre-install script as well so group is created during runtime.
pkgname
The name of the package. All letters should be lowercase. Lua libraries/modules should be prefixed with lua- (for example lua-posix), perl modules with perl- (for example perl-xml-parser), php modules with php- and python modules with py--.
pkgusers
Users to be created during buildtime. Use $pkgname.pre-install for creating the user(s) during runtime.
pkgver
The package version.
replaces
package(s) that this package replaces. Useful when files moves from one package to another.
source
URL(s) to sources and patches.
subpackages
Subpackages built from this APKBUILD.
url
The homepage for the package. This is to help users find upstream developer, documentation etc.

Functions

The following functions should be specified in the APKBUILD. The functions should consider current work directory as undefined.

prepare()
Optional. Build preparation. Here should patches etc be applied. This is function is for convenience while working with the APKBUILD.
build()
Required. This is the compilation stage. This function will be called as normal user (unless the package() function is missing - for compatibility reasons). If no compilation is needed this function can contain a single return 0.
package()
Required. In this function the built application and files should be installed in "$pkgdir".
Note: Building in fakeroot will reduce performance for parallell builds dramatically. That is why we do the build() and package() separation.

The following functions are provided by abuild and is overrideable:

fetch()
download remote sources listed in $source to $SRCDEST and create symlinks to $srcdir.
unpack()
unpacks .tar.gz .tar.bz2 .tgz and .zip archices in $srcdir.
dev()
Subpackage function for -dev packages. By default this will only call default_dev which will move $pkgdir/usr/include, *.a, *.la and similar files to $subpkgdir.
doc()
Subpackage function for -doc packages. By default this will only call default_doc which will move $pkgdir/usr/share/doc, $pkgdir/usr/share/man and similar to $subpkgdir.