__          __             __
\ \_________\ \____________\ \___
 \  _ \  _\ _  \  _\ __ \ __\   /
  \___/\__/\__/ \_\ \___/\__/\_\_\
                      Bedrock Linux

Introductory Material

Current Release (0.7 Poki)



© Bedrock Linux 2012-2024
Linux® is a registered
trademark of Linus Torvalds

Frequently Asked Questions

What is Bedrock Linux?

Bedrock Linux is a meta Linux distribution which mixes-and-matches components from other distributions and integrates them into one largely cohesive system.

What is meant by "meta" Linux distribution?

Traditional Linux distributions distribute software which includes the Linux kernel. This is done with the aim of providing users a Linux based operating system.

Meta Linux distributions share the eventual goal of a Linux based operating system, but do so in a means other than distributing the end-goal software itself.

Other meta Linux distributions include:

Bedrock provides a means to compose a target of the user's desired system from a potentially eclectic mix of parts of other distros.

Does Bedrock install on top of other distros?

No. Rather, Bedrock's install process replaces another distro install then adds the previous install as a new Bedrock stratum. It does this sufficiently quickly and smoothly that it is easy to misinterpret the process.

The significance here is that Bedrock becomes integral to the system after the install while the hijacked stratum's files may be trivially swapped out and removed.

When one installs a traditional distro, the preceding install is wiped. It is best to model installing Bedrock as similar, even if the process to get there is unusual. Along these lines, consider the hijacked stratum simply a default collection of software, where any and all may be replaced.

Why does Bedrock install by replacing another distro?

Bedrock's goal is to provide users access to features of other distros. For example, Bedrock makes other distro init systems and fonts available. Bedrock itself is unopinionated about the choices; it doesn't care which init system or font the user wants.

To Bedrock, the install process is another feature that Bedrock should make available from other distros. It achieves this by having users first install a distro that has the install process he or she prefers, then providing a low-friction method of converting that install into a Bedrock install.

This process is referred to as hijacking to emphasize the forceful way Bedrock takes control from the previous install.

Which distro should I hijack?

Whichever offers the install process you like the most.

Once you've had Bedrock hijack the install, you're no longer running that distro - you're running Bedrock. You can then can swap out everything specific to the hijacked distro with parts from other distros. Once you've configured the system to your liking, the result is functionally the same irrelevant of which install process you happened to use to get there.

How does Bedrock Linux Work?

The exact details may change drastically from release-to-release. A detailed white paper is planned once things stabilize around a 1.0 release.

Bedrock has different strategies for different subsystems. Its most widely used strategy is to:

Please note that this is not the only strategy Bedrock leverages, and that different subsystems may require radically different strategies to provide cross-distro features. See the planned white paper once it releases for a comprehensive and detailed explanation.

Why should I use Bedrock?

If you have experience with a number of Linux distributions and find whenever you're on one distro you miss a feature provided by another, Bedrock may provide a suitable means of getting the best of multiple worlds.

Why should I not use Bedrock?

How secure is Bedrock Linux?

A Bedrock Linux system is composed of software from other distributions. If you limit yourself to packages from secure, well-proven, hardened distros, security could be comparable to those distros themselves. If you use less secure packages from less secure distros, Bedrock Linux's security will suffer accordingly.

In addition to code from other distros, Bedrock's own code introduces a couple theoretical potential weak points:

Additionally, Bedrock provides a brl fetch command which bootstraps minimal sets of files from other distros. To get around a catch-22 of needing a distro's packages to bootstrap the distro, an early part of this bootstrap process may occur without cryptographic signature checking.

Moreover, Bedrock's efforts to make things work cross-distro breaks expectations from many Linux hardening techniques. It is possible to create Mandatory Access Control policies for Bedrock, but policies written for other distros will not work as-is on Bedrock.

How stable is Bedrock Linux?

Since Bedrock's first public release in 2012 there have been:

Generally, once a Bedrock install is running well, it keeps running well.

However, Bedrock does have a number of known compatibility issues, and likely some unknown ones as well. It is wise to install Bedrock in a VM or spare machine and exercise your expected workflow to shake these out before installing it on a production machine.

Is Bedrock Linux far enough along for me to use?

While Bedrock just works for many workflows, others require further development effort. How things align for your particular workflow is difficult to predict without exercising it and finding out.

Typically issues become evident in relatively early use. Consider trying Bedrock in a VM or on a spare machine and exercise your expected workflow as a test. If that goes smoothly, Bedrock may indeed be suitable for you. Otherwise, consider revisiting it down the line.

How can I contribute?

See the contributing page.

Why that name?

Bedrock Linux does not do very much by itself; rather, it is the foundation upon which parts of other Linux distributions are placed. Initial ideas for a name were intent on reflecting this fact. Other proposed names included "Foundation Linux", "Frame Linux" and "Scaffolding Linux". The choice was made without consideration of the television show The Flintstones or videogame Minecraft.

Where do the release names come from?

All of the Bedrock Linux releases are named after characters from the Nickelodeon television programs Avatar: The Last Air Bender and The Legend of Korra.

What about Bedrock BSD or Bedrock Android or Bedrock Something-Else?

The techniques Bedrock Linux utilizes are fairly specific to Linux. While it may be possible to create a similar meta-distro for other kernels, they would require substantial new R&D and are not being pursued by anyone on the Bedrock Linux team.

While Android does use the Linux kernel, its userland is sufficiently distant that it, too, would require substantial R&D and is not currently being pursued.

What distros do Bedrock Linux support as strata?

See the distro compatibility page.

When did Bedrock Linux start?

Bedrock development officially started on the 9th of June, 2009.

The first internal release occurred 2011.

The first public release occurred the third of August, 2012.

How did Bedrock Linux start?

In 2008, paradigm experimented with creating a Linux sandbox technology. Particular focus was given to fluidly transitioning resources between security contexts to minimize friction without opening exploitable security holes.

In 2009, it became evident that Tomoyo Linux would be mainlined into the Linux kernel. Tomoyo was found to be a greatly preferable to paradigm's experimental sandbox system, and so the sandbox effort was abandoned.

Also around this time, paradigm became frustrated with the amount of packages he had to compile and maintain himself, as no distro provided everything desired.

Serendipitously, the technologies developed to fluidly transition between security contexts were found to be perfect for fluidly transitioning between Linux distro contexts. Further experimentation here lead to paradigm founding Bedrock Linux.