Say Hi To Microsoft's Own Linux: CBL-Mariner

An anonymous reader quotes a report from ZDNet, written by Steven J. Vaughan-Nichols: Microsoft now has its very own, honest-to-goodness general-purpose Linux distribution: Common Base Linux, (CBL)-Mariner. And, just like any Linux distro, you can download it and run it yourself. Microsoft didn't make a big fuss about releasing CBL-Mariner. It quietly released the code on GitHub and anyone can use it. Indeed, Juan Manuel Rey, a Microsoft Senior Program Manager for Azure VMware, recently published a guide on how to build an ISO CBL-Mariner image. Before this, if you were a Linux expert, with a spot of work you could run it, but now, thanks to Rey, anyone with a bit of Linux skill can do it.

CBL-Mariner is not a Linux desktop. Like Azure Sphere, Microsoft's first specialized Linux distro, which is used for securing edge computing services, it's a server-side Linux. This Microsoft-branded Linux is an internal Linux distribution. It's meant for Microsoft's cloud infrastructure and edge products and services. Its main job is to provide a consistent Linux platform for these devices and services. Just like Fedora is to Red Hat, it keeps Microsoft on Linux's cutting edge. CBL-Mariner is built around the idea that you only need a small common core set of packages to address the needs of cloud and edge services. If you need more, CBL-Mariner also makes it easy to layer on additional packages on top of its common core. Once that's done, its simple build system easily enables you to create RPM packages from SPEC and source files. Or, you can also use it to create ISOs or Virtual hard disk (VHD) images.

As you'd expect the basic CBL-Mariner is a very lightweight Linux. You can use it as a container or a container host. With its limited size also comes a minimal attack surface. This also makes it easy to deploy security patches to it via RPM. Its designers make a particular point of delivering the latest security patches and fixes to its users. For more about its security features see CBL-Mariner's GitHub security features list. Like any other Linux distro, CBL-Mariner is built on the shoulders of giants. Microsoft credits VMware's Photon OS Project, a secure Linux, The Fedora Project, Linux from Scratch -- a guide to building Linux from source, the OpenMamba distro, and, yes, even GNU and the Free Software Foundation (FSF). To try it for yourself, you'll build it on Ubuntu 18.04. Frankly, I'd be surprised if you couldn't build it on any Ubuntu Linux distro from 18.04 on up. I did it on my Ubuntu 20.04.2 desktop. You'll also need the latest version of the Go language and Docker.

MS-Linux?

[IWantMoreSpamPlease]

Will it slowly infect the Open Source world, like SystemD did?

Only time will tell.

Re:

[ArchieBunker]

Just wait until systemd starts morphing all the separate plain text config files into a single binary database. It will happen, mark my words.

Re:

[oldgraybeard]

And bam! the worst of the registry is recreated! You know! for security it will need to be an encrypted, signed binary that normal's are not allowed to access.

Re:

[F.Ultra]

No it will never happen, and you can mark my words and QFT me all you want. Just shows how little you anti-systemd people really know about the project.

Re:

[Schoenlepel]

Thanks to the complete lack of documentation or, more precisely, a specification.

Re:

[F.Ultra]

a specification for what? And what do you mean by "complete lack of documentation"? There are hundreds of man-pages, tutorials, blog posts etc on https://www.freedesktop.org/wi... [freedesktop.org]

Re:

[phantomfive]

No it will never happen,

Why not? Then you can have a nice little configuration GUI.

Re:

[F.Ultra]

There is zero need for such an abomination to create a nice little configuration GUI. No this is just FUD from the anti-systemd trolls that thinks that they can scare people with "it will be just like in Windows" which in itself is based in the false notion that the journal is anything close to the Windows Event Log, so another thing where the anti-systemd people don't know what the hell they are talking about.

Re:

[Midnight Thunder]

Just wait until systemd starts morphing all the separate plain text config files into a single binary database. It will happen, mark my words.

For what benefit? The monolithic windows registry is an example of why we should avoid this.

Additionally, given where it sits in the operating system, the file system should be the only 'database' around that it depends on.

BTW an interesting video on Systemd and its background: https://www.youtube.com/watch?... [youtube.com]

Re:

[gosso920]

Only gClippy knows for sure.

Re:

[drainbramage]

I'll be waiting for gBob.
Bill had Melinda lead that project, turned out to be better than their marriage...
Who would have guessed?
--
If you're from Seattle you might know "Bob Is A Robot"
https://www.youtube.com/watch?... [youtube.com]

Re:

[thegarbz]

Will it slowly infect the Open Source world, like SystemD did?

Only time will tell.

Why would it? Does it provide technical benefits to the end user while making it easier for distribution maintainers to maintain?

I feel old

[mnmn]

I remember the comments on Slashdot about one day Microsoft will release Linux distros of their own. Back in Ballmer days.

I can't believe it but here we go.

Are the FreeBSD people still fuming?

Re:

[bhcompy]

Are the FreeBSD people still fuming?

Do BSD people ever stop fuming?

Re:I feel old

[Gravis Zero]

Are the FreeBSD people still fuming?

Do BSD people ever stop fuming?

I'm pretty sure they are made of the same stuff inside lithium batteries, catches fire when exposed to air and dowsing them in water only intensifies their burn.

Re: I feel old

[RightwingNutjob]

made of the same stuff inside lithium batteries

You mean...lithium?

Re: I feel old

[Gravis Zero]

Oh hey, lithium is the reactive element. You learn something new every day.

Re:

[Netcraft Confirms It]

Do BSD people ever stop fuming?

No, and BSD won't stop dying either.

Re:

[Jeremi]

>No, and BSD won't stop dying either.

At least Netcraft has stopped confirming it.

Re:

[mcswell]

I have no opinion about the BSD people. However, I read today that utilities like 'tr' work with Unicode in BSD; they do not all work (in particular, 'tr' does not) with non-ASCII Unicode under Linux. I can see why UTF-16 would be a problem (the BOM), but why UTF-8 doesn't work is a mysterification to me, particularly since it (reportedly) works under BSD.

Re:

[Ostracus]

Why would we be fuming when you all still think it's a conspiracy of proprietary and open-source companies to subvert the GPL and take away your crown jewels? At least we knew what we were from day one.

Re:

[JustAnotherOldGuy]

Yes, I've made more than a few comments to that effect over the years, and here we are.

I hate to say "I told you so", but I told you so.

And it won't stop there, trust me. MS is trying to figure out how they can infect and pollute the Linux ecosphere however they can.

They may not be able to kill Linux, but they will do their best to fuck it up so they can make money off of it. Look for Linux distros from MS with lots of binary blobs that the distro won't run without.

Does anyone think that if MS threw a few h

Re:

[phantomfive]

They don't even have to try to mess it up. They just have to contribute code.

Re:

[i.r.id10t]

They've been contributing kernel code for a while. IIRC a year or four ago they were in the most-number-of-commits list.

They realize that orgs will still need/want to run Linux for *something* and so they were making changes needed for it to run on Azure.

And their own distro is the obvious next step.

Re: I feel old

[kenh]

This has nothing to do with taking over Linux, from the linked-to article:

The goal of Mariner is to be used as an internal Linux distribution for Microsoftâ(TM)s engineering teams to build cloud infrastructure and edge products and services.

Re:

[JustAnotherOldGuy]

The goal of Mariner is to be used as an internal Linux distribution for Microsoftâ(TM)s engineering teams to build cloud infrastructure and edge products and services.

If I had a dollar for every time an "internal" tool ended up as a product I'd be a millionaire.

The bottom line is that if it's good enough for them to use in their infrastructure, it's good enough to turn into product and another revenue source. You'll see.

Re:

[drinkypoo]

some form of shitty MS Linux is coming. It'll have a "Windows Compatibility Layer", and it'll work great.

If Microsoft put together a MS Linux that had a Windows compatibility layer that worked great, and if I could patch it to remove all the telemetry bullshit they would no doubt pack into it, I would definitely run it. It wouldn't be the only Linux I'd run, in part because I have machines where I have no need to run Windows applications, and in part because I only trust Microsoft so far. But I have a sizeable library of Windows software (mostly games, surprise!) and I'd like to have some plan as to how to run

Re:

[i.r.id10t]

Would be easier if they would just give knowledge and funding to the WINE project, they don't need to maintain a distribution.

Re:

[drinkypoo]

Windows is layers upon layers of crap. Making a compatibility layer work basically involves putting windows into the compatibility layer. Microsoft is not going to give up the rights to the sources any time soon. So I could see them porting NTVDM et al to Linux, but I can't seem them giving Wine what it needs for "full" compatibility. (The quotes are because Windows doesn't have perfect backwards compatibility either, though it is admittedly very good.)

Re: I feel old

[kenh]

Right. Their sharing an internal tool developed to support Azure is step one of their plan to what - sell it commercially?

There's little Microsoft could do to make it harder to install - they don't offer an ISO image, the base install is minimalist to the point SSH isn't included, there's no 'desktop' and by default almost nothing is installed.

Snd let's not forget the absolute lack of any announcement, release, or offers of available support - they simply shared out their code on GitHub and a couple MS employees shared blog posts about it. Wow. That's some stealth marketing designed to take over the Linux market!

Re:

[sinkskinkshrieks]

https://web.archive.org/web/20... [archive.org]

When was the last time...

[thragnet]

the Mariners made the playoffs ?

Re:

[Tablizer]

If you remove the "L"

irony

[awwshit]

Pretty ironic that to compete in the 21st century Microsoft needs Linux.

Re: irony

[kenh]

To perform support functions inside azure.

So what?

Re:

[awwshit]

MS has come a long way from 'linux is a cancer'.
https://slashdot.org/story/01/... [slashdot.org]

Apparently, Azure cannot compete without cancer.

Re: irony

[1s44c]

It proves that Windows can't provide those support functions, at least not to an acceptable level. But everyone that's used Azure knows that already.

I predicted this 10+ years ago!

[denis-The-menace]

I added they would include exchange for free with the deal.

I just can't find the post(s). :(

Re: I predicted this 10+ years ago!

[Grokew]

Predicted it way back in 2007 and were labeled a troll for it. XD you won. https://m.slashdot.org/thread/... [slashdot.org]

Re:

[JustAnotherOldGuy]

Same here, although I don't recall if I was labeled a troll for it. Pretty sure I didn't get a warm reception, though.

Windows 365

[michaelwigle]

This actually makes perfect sense in tandem with their release of Windows 365. Having a very small and secure kernel on a PC that is then used to "stream" a Windows 365 cloud-based desktop environment would be a big winner for them. They could hike up the price for OEM installations of Windows 11 and offer "free" 6 month subscriptions for new PCs. Then people would have to pay a subscription to Microsoft to keep using their own computer.

Re:

[bhcompy]

I feel like that's not the use case for the cloud desktop. The cloud desktop would be to replace the necessity for 3rd party VPN tools and remote desktop. MS always makes their changes around the corporate environment. Other than the Xbox, all of their consumer oriented shit fails. Build it for corporate, then market it to the public

Re: Windows 365

[michaelwigle]

Yeah, I realize the short game is Enterprise but like you said, eventually they make Enterprise features to the public. In this case, I think it strengthens their push to getting folks accustomed to paying a subscription for everything they do on or with a computer.

Re: Windows 365

[kenh]

This offering has no 'desktop' - its a server appliance distro, nothing more - and this hasn't been 'released' it's being shared, most likely to simplify compliance with GPL requirements.

Re: Windows 365

[kenh]

This software has nothing to do with Windows 365 announcement - at all:

The goal of Mariner is to be used as an internal Linux distribution for Microsoftâ(TM)s engineering teams to build cloud infrastructure and edge products and services.

Re:

[thegarbz]

Then people would have to pay a subscription to Microsoft to keep using their own computer.

*sigh*. Repeat after me: Windows 365 is *NOT* a desktop OS for the home PC. It has use cases no different to what any Azure customer has today and the only thing new it brings to the table is being able to run without RDP.

Office 365 also doesn't "stream" from the internet, and locking a system down with subscription has nothing at all to do with where the OS is installed or which hardware it is running on.

These conspiracy theories are tired because they just don't make sense.

All roads lead to *nix? /s

[UnknownSoldier]

1980: MS releases Xenix [wikipedia.org]
~30 years: MS ignores Linux
2020: MS submitting Hyper-V patches [kernel.org], 50% [microsoft.com] of Azure's VMs runs on Linux.

Re:

[kriston]

While 50% of Azure VMs run Linux, they are hosted on Windows Hyper-V.

Re:

[eneville]

AWS is KVM IIRC, but a bit less expensive. Might be a reason for that.

Re:

[drinkypoo]

~30 years: MS ignores Linux

s/ignores/attacks/

World domination

[Schoenlepel]

Microsoft is slowly, but surely, warming up to the idea of Linux running stuff. Granted, they picked the wrong package manager (xbps would have been better), but they're starting to get the idea that resistance is futile.

Every day Linux is, slowly but surely, getting closer to world domination.

Re:World domination

[MarkRose]

Every day Linux is, slowly but surely, getting closer to world domination.

Linux already dominates the world. Very little doesn't run it at this point. It's so dominant that MS had to start including it in their OS as they were losing developer market share from lacking it. About the only place it hasn't taken over (yet) are desktops and laptops.

Re: World domination

[kenh]

Except desktops/laptops. Linux has the server market, and the 'shit that fits in your pocket' market, but not desktops or laptops, not even if you count Chromebooks.

Did you actually read the article? This is a minor distribution that MS created to use internally to support Azure infrastructure. They likely posted it on GitHub to comply with GPL requirements.

Re:

[MarkRose]

Did you actually read the article?

With a four digit uid, you should know it's tradition to not read the article ;-)

Re:

[i.r.id10t]

But the GPL doesn't require them to run/maintain RPM repos with binaries, generate documentation and install instructions, etc. This is more than "the legal department says we have to do this". I have a feeling if that were the case then you'd need to send a letter to them and they'd mail back the minimal source needed to comply on a CD.

important thing

[Tablizer]

but does it run Windows?

more important

[Schoenlepel]

Will it blend?

Still more important

[LordHighExecutioner]

Can we imagine a beowulf cluster of these ?!?

Should call it

[Tablizer]

Bobix, Clippix, or BSODix

Re: Embrace!

[kenh]

Grow up.

It's a special-purpose distribution designed for use building network appliances for inside Azure. It is very stripped-down, a minimal distribution with no 'desktop' per se.

Not quite sure how Yet Another Linux Distribution is going to have any meaningful impact on Linux...

Does it have telemetry ...

[Alain Williams]

that cannot be switched off ?

Has a single one of you...

[ZombieCatInABox]

Has a single one of you who so far posted all the classic, stereotypical, anti-microsoft bullshit in this thread, actually tried this new distro ?

I thought so.

Basically, the vast majority of you are just talking out of their ass, because it's "kewl" to bash Microsoft of Slashdot. Tribalism.

Personnaly, I'm going to download, build, and try CBL-mariner, because I like to try new distros, because it seems to be strongly inspired by Fedora (which I like very much), because I can, and, incidentally, because it will piss off a whole bunch of people here.

Don't confuse quality with ideology.

[couchslug]

The distro may be perfectly fine! That should not confer sainthood on Redmond. One thing is not the other.

Re:

[AndyCater]

Don't bother - it doesn't build cleanly - "Have you hydrated the filesystem" - error is in their issue tracker. Could do with better quality control

Re:

[eneville]

Time will tell. Has MS opened up MS Office, or at least maintained a build for Linux?

I thought so.

This isn't about tribalism this is about MS doing what MS wants to improve its market position how it thinks that may be perceived.

To me all their efforts so far seem self-centred and not at all for community good in the sense that Open Source and open standards thrives. If MS worked to make their office formats less binary blob and worked with Libre Office to assist with compatibility then I think we could say

Re:

[Tough Love]

Why should I try a piece of shit RPM distro?

This is old stuff

[F.Ultra]

So it was released in November of 2020, have had 101 releases so far and this is now considered news?

Re:

[couchslug]

Consider the editors...

This is bad news for Linux security.

[tanstaaf1]

...Or at least questionable. Microsoft is a monoculture and -- as long as it remains such -- will ALWAYS be the preferred target, by far, for ransomware and other exploits, at least on the desktop. How does it benefit LInux for Windows to now come commingled with a Linux attack surface? There has been a lot of celebration of Microsoft adopting Linux, but it is.a very uneven ("What can you do to help us sell more Windows software?") relationship. Security -- both because of Linux/Unix having a better security model, and also due to "security by obscurity" -- is one of Linux's big comparative strengths. And now it is being undercut by Windows coming with Linux inside as some sort of lapdog? This becomes a good reason to begin promoting and building up possibly BSD or - in the future - maybe https://www.redox-os.org/ [redox-os.org] Just a thought.

Re:

[SPerson223344]

And that's how the corporates will lead you right into the trap. Don't focus on BSD because their license makes it a non-requirement to share modified source code. Same for MIT. Remember that proprietary code is harder to audit.

Re:

[i.r.id10t]

There is nothing obscure about linux. It may represent a tiny fraction of desktops/laptops, but it is common elsewhere and source is available to go looking for potential exploits to use.

Microsoft will replace their kernel with Linux

[shm]

Once they have everyone on their cloud based services theyâ(TM)ll have no reason to maintain that bloated kernel.

Itâ(TM)ll take years, but it will happen.

Much like Appleâ(TM)s move from the old MacOS to the NeXT MACH kernel.

Re:

[eneville]

That's the direction I think they will take as it makes no sense now to maintain the Windows kernel when their development efforts are in Azure, that's what makes them the money now.

Wasn't there a computer/desktop as a service article in the last few days?

Typo

[jnorden]

I'm assuming that the title for this piece is just an accidental typo, and that it was supposed to be:

                    Say NO To Microsoft's Own Linux: CBL-Mariner

CBL?

[comm2k]

Cancer based Linux... If Ballmer had any say on it.

What's it based on?

[AndyCater]

At this point, it looks slightly messy. Building your own distro - and RPM-based at that - is not a great idea. I hope they've _really_ good dependency management and a top notch security team. If this is their distro for Azure - here's hoping they're prepared to sit on top of every CVE. There's Go in the mix - I hope they've got
enough expertise to keep it going well.

As well as this, let's also hope that they speed up their own internal processes - like getting shims signed for secure boot / accepting other

LinuxMEtoo

[flyingfsck]

I'm sure it will be a big improvement on whatever it is replacing or augmenting at Microsoft, but I think I would abstain.

If this leads to MS patches to Wine

[John.Banister]

I'm all for it.

Trust Microsoft to make the worst choices

[Tough Love]

You can always trust Microsoft to make the worst choices. RPM. Feh.

Bunch of fucking redhat/gnome toxic retreads hired by Microsoft, that's what's going on here.

I'm waiting

[Anonymous Crowded]

I'm waiting for a systemd / emacs only distro.

Re:so after decades of trying to destroy GNU/Linux

[UnknownSoldier]

> so after decades of trying to destroy Linux they're now our open source pals?

I'm no fan of MS but you DO realize that MS back in 2011 was the 5th largest contributor [zdnet.com] to Linux 3.0, right?

In 2016 they fell outside [linuxfoundation.org] the top 10.

For Linux 5.10 [lwn.net] they aren't even in the top 20 but they are still submitting patches [kernel.org] to Hyper-V.

Re:

[F.Ultra]

5th largest with only 4% of the changes resulting in a total of 11564 number of lines changed. So that MS was 5th largest just shows how many small contributors that v3.0 had.

Re:

[account_deleted]

Comment removed based on user account deletion

Re: so after decades of trying to destroy GNU/Linu

[1s44c]

Embrace, extend... You know how it goes.

Microsoft have to do a lot more to regain the trust they burnt with literally decades of immoral, illegal, corrupting, and anticompetitive behavior. "They have changed" is insufficient.

Re:

[BrookSmith]

Their contributions weren't there to serve the community but to serve the interests of Microsoft so while the metric looks good what was actually contributed was exclusively to get Linux to run inside Azure. So while is nice to think that Microsoft is a great contributor to Linux the reality is if your not using Azure then you won't benefit from any of the work.

Re:

[UnknownSoldier]

> Who should run Linux in a VM under Microsoft supervision? no one.

Just because you or I don't need this does NOT imply that no one doesn't either. MS feels they can serve their customers needs by supporting Hyper-V. i.e. If there wasn't a business case for it then MS wouldn't be doing it.

That's the beauty of open source -- if people need something they can fix it.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[iggymanz]

VM on Hyper-V run slower compared to superior alternatives, so of cousre choosing Hyper-V is choosing to run sub-optimally. Besides which it's choosing a less reliable and less secure foundation for virtualization.

Only a Microsoft shill would claim it's well respected, those who virtualize for a living like me think it's hot garbage. Choosing Micosoft has proven to be huge mistake in last two months, easy pickings for malware and ransomware. Why pretend Microsoft can make Enterprise grade stuff? They ca

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[technix4beos]

I don't like Microsoft's tactics either, but Azure is nothing to sneeze at.

https://www.parkmycloud.com/bl... [parkmycloud.com].

Re:

[Midnight Thunder]

so after decades of trying to destroy Linux they're now our open source pals? No, go to hell, Microsoft. We don't need your tentacles in our data centers, nor do we need your Azure.

Microsoft had a different leadership back then and their priorities were different. Today with host services and VMs, in the cloud, making it easier to get people to run in their data centres is probably higher up on their list. Also, they probably have come to accept that as good as Windows is on the desktop, Linux is the current king of the server side, unless you are looking to run your Windows domain.

Also, back then Linux was still the up and coming threat, whereas today it is the server operating syste

Re:

[Schoenlepel]

I think if this is Microsoft's intention, they'll find they actually can't handle the community constantly doing stuff which they don't want.

Microsoft is going to contribute stuff and then discover some people don't want it, go their own way and implement it in their own, lighter, more logical way.

Microsoft may find the Linux community hard to deal with. Hard enough to throw up its hands in frustration and say: if you can't beat them, join them.

Then, all of a sudden, they discover they need to deliver actua

Re: Embrace: Check

[1s44c]

What makes you think Microsoft is going to pull a 180 degrees turn and produce anything of quality? That would be a radical departure after spending decades producing big ridden software and relying entirely on marketing and anti-competitive practices.

Quoted as the REAL trolls downmodded you

[couchslug]

"

Extend: In progress...

Now cue all the naysayers and kids who have yet to make their own experiences.
Yes, we all wish that MS would better itself. I hope for the best too. But I have to accept my past experiences, or I'd be delusional: MS always tried to look like it was nice. And it was always a deliberate lie. Statistically, I'd have more luck getting some from Emma Watson, than not being back-stabbed by Microsoft. ;)
--
I may be direct, and criticize. But I never hate anyone, and am only angry that things

Re: Anything to avoid CentOS Stream

[samwichse]

AlmaLinux.

Re:

[samwichse]

I haven't tried rocky yet. But so far Alma gives me that old-timey CentOS vibe.