It is common, in Internet debates about the Linux operating system, to find a participant who jumps out, suddenly, sentencing “Don’t say Linux! Say GNU/Linux!”.
Technically it is a correct claim: being precise, ‘Linux’ is just the system kernelwhile the rest of the basic components of any ‘Linux’ distribution is made up of the ecosystem of applications developed by the GNU project, in many cases prior to the release of the kernel created by Linus Torvalds.
A) Yes, ‘GNU/Linux’ it would be the only way to encompass all the basic components that make it a complete operating system: all our Android devices, for example, use a modified version of the Linux kernel. But what if a system based on that kernel looks a lot like what we understand by a GNU/Linux without using the GNU tools? Furthermore, what if your software packages were built without resorting to the GNU toolchain?
That is precisely what Alpine Linux is: an ultralight Linux distribution and security-oriented, whose software is compiled using Musl instead of the GNU C library (Libc)and which replaces the GNU tools with Busybox, a single executable capable of emulating the operation of all of them.
How to improve INTERNET SECURITY: VPN, DNS and pages with HTTPS
Minimalism that does not exclude a wide catalog of software
There is no ideological position in this massive substitution against the positions of the GNU project (as radical as they may be and as controversial as its founder may be), but a strictly technical motivation: it allows to create functional and efficient systems in much less space than the GNU/Linux configuration, which makes it easier to use on embedded devices (a category that includes, for example, physical firewalls, VPNs, and routers).
According to its website: “a container requires no more than 8 MB and a minimal installation on disk requires around 130 MB storage”.
And it is that Alpine is not only possible to install it as the main system of our computer or run it in the Windows WSL, but much of its popularity derives from its growing use in virtual machines or Docker containers, the latter widely used to run application development and execution environments, portable and isolated from the main system.
The selection of binary packages is more atomized than is common on other Linux systems (that is, software that is often distributed in a single package, in Alpine it tends to be subdivided into smaller packages) which “gives us even more control over what you install, which in turn keeps your environment as small and efficient as possible.”
But that doesn’t mean that its software catalog isn’t also vast (yes, it is possible, although optional, to install the GNU tools), nor that heavy software like the main desktop environments (KDE, GNOME…) are out of reach for Alpine users. To manage the Alpine software it uses its own package manager: APKs.
Security built on simplicity
Another factor that sets Alpine Linux apart from most distributions is its refusal to use the init system known as systemd. This software was massively adopted 7 years ago, but maintain numantine opposition nuclei (such as Void Linux, distribution of Spanish origin also based on Musl, but not on BusyBox) which adds unnecessary complexity to the operating system, and which violates the Unix philosophy of “do one thing and do it well”. Therefore, Alpine turns to OpenRC instead.
We said before that Alpine Linux emphasized security in mind: Thus, its binaries are compiled as position-independent executables (PIE), which protects them against ‘stack smashing’ vulnerabilities; what’s more, your kernel is hardened with the patch grsecurity / PAXand the system has a security-by-design policy that disable the most problematic settings by default.