Canonical published release ubuntu core 22 , a compact version of the Ubuntu distribution, adapted for the use of things on the Internet (IoT) devices (IoT), in containers, consumer and consumer and consumer industrial equipment. Ubuntu Core is supplied in the form of an indivisible monolithic image of the basic system, which does not use breakdown into separate Deb packets. Images Ubuntu Core 22, the composition of which is synchronized with the Ubuntu package base 22.04, prepared for systems x86_64, ARMV7 and ARMV8. Open escape time is 10 years.
Ubuntu Core serves as the basis for launching additional components and applications that are made out in the form of self -sufficient superstructures in Snap format. The components of the Ubuntu Core, including the base system, the Linux nucleus and system superstructures, are also supplied in SNAP format and controlled by Snapd tools. Technology snappy makes it possible to form the image of the system as a whole, without breakdown into separate packages.
Instead of a phased update at the level of separate Deb packets in Ubuntu Core, an atomic update of SNAP packages and the base system is used, by analogy with Atomic, Chromeos, Endless, Coreos and Fedora Silverblue. When updating the basic environment and SNAP packages, it is possible to roll back the condition to the last version, in the case of problems identified after the update. Currently, in the catalog snapcraft there are more than 4.5 thousand SNAP- packages.
To ensure security, each component of the system is verified by digital signature, which allows you to protect the distribution from introducing hidden modifications or installing unverified SNAP packets. The components supplied in the span format are isolated using apparmor and secCCOCOMP, which creates an additional line to protect the system in case of compromise of individual applications. The base system includes only the minimum set of necessary applications, which not only allowed to reduce the size of the systemic environment, but also positively affected safety by reducing possible vectors for attacks.
The base file system is mounted in the mode only for reading. It is possible to use data encryption on the drive with using