Alpine Linux | |
Developer: | Alpine Linux development team |
Family: | Linux (Unix-like) |
Working State: | Active |
Source Model: | Open source |
Marketing Target: | General-purpose. Security, embedded systems and other resource-constrained systems, such as containers.[1] |
Language: | Multilingual |
Package Manager: | apk-tools |
Supported Platforms: | |
Kernel Type: | Monolithic (Linux) |
Userland: | BusyBox |
Ui: | Ash |
Alpine Linux is a Linux distribution designed to be small, simple, and secure.[2] It uses musl, BusyBox, and OpenRC instead of the more commonly used glibc, GNU Core Utilities, and systemd.[3] [4] [5] [6] [7] This makes Alpine one of few Linux distributions not to be based on the GNU Core Utilities.[8]
For security, Alpine compiles all user-space binaries as position-independent executables with stack-smashing protection.[9]
Because of its small size and rapid startup, it is commonly used in containers providing quick boot-up times,[10] [11] on virtual machines as well as on real hardware in embedded devices, such as routers, servers and NAS.
Originally, Alpine Linux began as an embedded-first distribution for devices such as wireless routers, based on Gentoo Linux,[12] inspired by and the Bering-uClibc branch of the LEAF Project.[13] Founder Natanael Copa has said that the name was chosen as a backronym for "A Linux-Powered Network Engine" or some similar phrase, but that the exact phrase has since been forgotten.
Alpine's package management system, the Alpine Package Keeper,[14] was originally a collection of shell scripts[15] but was later rewritten in C.[16] The aim of this package manager is to achieve a high install and update speed, which it does by writing new data directly in-place into the operating system's file system, rather than employing caching or compression.
In 2014, Alpine Linux switched from uClibc to musl as its C standard library.[17]
A PaX hardened kernel was included in the default distribution to aid in reducing the impact of exploits and vulnerabilities,[18] but Alpine's maintainers chose to discontinue this support due to the PaX patch no longer being made publicly available.[19] Alpine still uses a hardened toolchain and position-independent executables to minimize the potential for stack-based attacks, but is now based on the standard long term stable distribution of the Linux kernel.
Alpine's primary feature is its small size, which enables it to start quickly and run in environments very low in memory and storage, such as containers or embedded devices.
Alpine Linux can optionally be installed as a run-from-RAM operating system. This allows Alpine to work reliably in demanding embedded environments or to (temporarily) survive partial disk failures as sometimes experienced in public cloud environments. By default, Alpine running in this mode will only load a few key packages, but a tool called LBU (Alpine Local Backup)[20] is made available that allow changes in this boot configuration to be written to a special file called an APK overlay file (usually shortened to apkovl), a tar.gz file that by default stores a copy of all files in /etc that have been changed from the default configuration, with the option to track more directories as needed.
Alpine offers a number of preinstalled configuration scripts which guide the user through initial configuration of the system for common computing tasks. In addition, Alpine also offers a webserver-based tool known as the Alpine Configuration Framework, which allows users less familiar with Alpine or the command line to configure the operating system in a way similar to that allowed by Debian's debconf utility. Alpine's configuration scripts are written entirely as UNIX shell scripts, which call a small ISO image parsing utility written in C and distributed in Alpine. The Alpine Configuration Framework is scripted in Lua.[21]
postmarketOS, a Linux distribution for mobile devices, is based on Alpine Linux.[22]
Due to its robustness and compactness, Alpine Linux got tightly integrated with popular developer and system administrator environments and toolsets.