Guides

AppArmor is a Linux Security Module (LSM) implementation, which enforces Mandatory Access Control (MAC) on a system. AppArmor comprises of both a kernel module and user space profiles for each application. Apertis uses AppArmor to enforce security polices for applications and services to allow access to resources based on their profiles. Depending on the mode the application or service is running, AppArmor can generate audit logs or deny access to system resources in order to track or prevent undesired accesses. [Read More]

LAVA is a testing system allowing the deployment of operating systems to physical and virtual devices, sharing access to devices between developers. As a rule tests are started in non-interactive unattended mode and LAVA provides logs and results in a human-readable form for analysis. As a common part of the development cycle we need to do some integration testing of the application and validate it’s behavior on different hardware and software platforms. [Read More]

Starting with Apertis v2022dev2, Flatpak includes the ability to distribute application bundles verified with ed25519 signatures. The current implementation is a technology preview and it is expected to stabilize during the release cycles leading to the v2022 stable release. The prototype is already available in Apertis as documented here, but it may be subject to potentially incompatible changes during the upstream review process. This signature system relies on OSTree’s library functions. [Read More]

Automated Licensing Compliance Install As described in Automated License Compliance a check is performed on image creation to confirm the compliance with the terms that Apertis may wish to avoid. To support this feature several pieces of software need to be installed. FOSSology The recommended FOSSolgy setup consist in FOSSology server PostgreSQL database server Apache HTTP server We recommend to build this setup trough a Docker installation as described in FOSSolgy Docker installation [Read More]

The SDK is distributed as VirtualBox images, with one VirtualBox image for each version of Apertis. As the SDK is designed to be used for development, it is highly likely that developers using it will adjust the SDK to their needs. These changes include installing tools, libraries, changing system configuration files, and adding content to their workspace. Additionally some developers may have to support different versions of the SDK at the same time and it may be advantageous for them to be able to synchronize their customizations between multiple SDK VirtualBox images. [Read More]

Apertis stores the source of all the shipped packages in GitLab and uses a GitLab CI pipeline to manage the workflows and automate many of the tasks that are required to release a package, thus for many tasks such as adding or updating packages, interaction is only required with GitLab, with automation taking care of the rest of the process. Please see the Apertis workflow for more information regarding the automation provided by Apertis. [Read More]

This document aims as a single resource for all information related to Apertis Release Process. It covers the Major Release process as well as the Point Release process. Apertis Infrastructure The Apertis project is hosted on a couple of infrastructure services, which are tightly coupled to each other, providing end-to-end automation. This includes: Landing new packages into Apertis Landing new security and general updates into Apertis Landing downstream changes into Apertis This document stands as a comprehensive guide to all package related processes as outlined above. [Read More]

The recommended virtual machine platform for the AMD64 Apertis system images is VirtualBox. It is typical for the Apertis SDK to be run in a virtual machine, though other image types can also be used. This enables development to be performed on computers running Windows, Mac OS, or different Linux distributions. System requirements You will need a PC with the following configuration to install and run the SDK: Hardware Dual core CPU at 2GHz or higher 8 GB RAM or more 12 GB or more free space on the hard disk If your PC supports Virtualization Technology, make sure that it is enabled. [Read More]

Often target platforms are not supported by Apertis. This may be due to the way the Apertis components are built/configured or due to these components lacking support for the required hardware. Whilst they may lack support in Apertis, these boards frequently have reference images based on another Linux variant with the associated source code being available. This support is often provided in a Yocto-based deliverable. The support generally provides good coverage of the vendors hardware, however the quality of implementation can vary quite dramatically. [Read More]

Linters are tools that analyze the code and warn about bugs & style issues. Utilising such tools can help improve code quality and enforce a consistent style which can help with code maintainability and bug fixing, especially where multiple developers are likely to be maintaining the code. This guide shows how to utilise the clang linter. Install clang-format-linter locally A custom local install of the linter for C, C++, Python and Bash/POSIX shell can be easily done. [Read More]