Geek magazine hacker daily blog

8 years, 3 months ago
OUTDATED: This article became outdated, for installation under modern OS see new article.

Update: The description of installation under the Windows XP SP2 is added.
Update: The description of installation under Mac OS X 10.4.8 Tiger is added.
Update: The description of installation under Mac OS X 10.5.5 Leopard is added.

New Edition

Yes, the version in svn calls itself quite so! Set, start the browser (Charon) and be convinced. (In principle, the last release is "Fourth Edition", but in practice for a long time the same svn — "Fourth Edition" left approximately in 2004, and now on an off.sayta under the guise of "Fourth Edition" it is laid out snapshot by svn from 20071003.)

The version in svn is absolutely stable, and, unlike an installyashka of "Fourth Edition", it is much simpler to update it. On fighting servers or release of your application it is not less convenient for installation. Generally, minus is only need to have subversion and the compiler for assembly of system, all the rest pluses.

So, we put fresh OS Inferno from SVN, in hosted the mode (i.e. in the form of the emulator working under other OS).

OS Inferno hosted on Mac OS X

Features of installation in different systems

Though Inferno has to be established and work equally in all systems, all of us perfectly know that nuances are always. I tested installation in Hardened Gentoo Linux and in Ubuntu 8.04. I hope, such choice of systems will block the majority of nuances of installation and in other Linux distribution kits.

Hardened Gentoo Linux

With the compiler and .h-files in Gentoo problems will not be, I assure you. :) And here Hardened will add a little work. The matter is that emu is able to work both in an interpretive mode of bytes codes of the Dis virtual computer, and in the JIT mode. And Hardened (more precisely, PaX entering it) very much does not love code generation on the fly with transfer of management on it. Therefore for start emu in the JIT mode for it it will be required to disconnect PaX partially. Commands are engaged in it paxctl and chpax. Without PaX these commands are not on systems, most likely, and it is not necessary to execute them. One more nuance arises at the included Trusted Path Execution (TPE), but it is usually enough to trace that the rights to the directory with emu belonged to root. How to fight against SeLinux — understand. :)

Ubuntu 8.04

Here what is not present here … e … there is nothing here. :) There is neither Hardened, nor subversion, nor libraries, nor .h-files. It is necessary to put:

apt-get install subversion build-essential 
apt-get install libx11-dev libxext-dev x11proto-xext-dev

Perhaps it will be necessary to connect additional repositories, I will definitely not tell — at me they were already connected for installation of other applications.

OS Inferno installation

Below installation from root, in the directory is described /usr/local/inferno, in a full-fledged multiuser mode. Differences at installation from the normal user in ~/inferno/ I will mention on the process course — generally they are reduced to the fact that senselessly to execute part of commands and/or it is not necessary.

Costs of a time/traffic / disk space approximately following:
  • the archive of the version from svn occupies about 30 MB, but it is clear that svn will pump up a traffic much more
  • the system completely [feather] gathers on my Core2Duo 6600 approximately in two minutes
  • in the set type on a disk it occupies about 250 MB
ATTENTION: Inferno rather strongly does not love "strange" characters in names of files and directories. Including a space! It is not a bug, this conscious architectural concept. Therefore it is recommended to trace that in the directory where Inferno is put, and in your house directory in Inferno, names of files were without characters it seems ":", "!", "#", space, etc.

We swing. All commands if the return is not told, are executed from root. At installation in the house directory set INFERNO_ROOT, for example, so: /home/powerman/inferno. And, certainly, execute all commands from the normal user.

export INFERNO_ROOT=/usr/local/inferno
svn checkout $INFERNO_ROOT

We configure compiler toggles. Instead of perl -i -pe it is possible to start a favourite text editor and to edit mkconfig handles.

export PATH=$INFERNO_ROOT/Linux/386/bin:$PATH
perl -i -pe 's/^ROOT=.*/ROOT=$ENV{INFERNO_ROOT}/m' mkconfig
perl -i -pe 's/^SYSHOST=.*/SYSHOST=Linux/m' mkconfig
perl -i -pe 's/^OBJTYPE=.*/OBJTYPE=386/m' mkconfig

We bring together system. You remember, paxctl it is necessary only on systems of the protected PaX and only for start in the JIT mode.

mk nuke
mk install
paxctl -psmxe Linux/386/bin/emu

We configure the emu settings. It is desirable to prescribe this command to himself in ~/.bashrc — not to transfer these parameters at each start emu. (By the way, still it is very desirable in ~/.bashrc to register export PATH=/usr/local/inferno/Linux/386/bin:$PATH — will start more conveniently emu and limbo.) Certainly, the sizes of the window Inferno system need to be exposed what to you more convenient, it is not obligatory for 1024x768. In principle, it is more convenient when the sizes of the Inferno window host OS there is less than permission. Parameter -c0 disconnects JIT (for inclusion just start emu -c1). The matter is that at the included JIT it is more difficult to debug the applications — the debugger does not work, borders of arrays are controlled worse, etc. And speed at Inferno and without JIT more than impressive.

export EMU="-r$INFERNO_ROOT -g1024x768 -c0"

We configure the user of inferno. At installation in the house directory these commands do not need to be executed. The second chown is necessary at the included TPE.

groupadd inferno
useradd -m -s /bin/bash -g inferno inferno
chown -R inferno:inferno $INFERNO_ROOT
chown -R root:root $INFERNO_ROOT/Linux/386/bin/
echo exec $INFERNO_ROOT/Linux/386/bin/emu $EMU  >>~inferno/.bashrc
mv usr usr.skel
ln -s /home usr
cp -a usr.skel/inferno/* ~inferno/

Update: see the comment about setup/tmp.


In principle, by this moment of OS Inferno it is set, and it can be used. But additional fonts enter "Fourth Edition" (B&H; Lucida), which because of license restrictions Google does not permit to spread in svn on In principle the majority of applications will work also without them. Besides, they can be replaced with alternative free fonts (so, it seems, made in the Acme SAC project). But I did not deal with it. Therefore we now, fast, will extort and we will set in the temporary directory "Fourth Edition", and we will tear out from it these fonts. :)

mkdir /tmp/inferno
cd /tmp/inferno
tar xzf inferno.tgz
tar xzf Linux.tgz
chown -R root:root /tmp/inferno
chpax -psmxe Linux/386/bin/emu
sh install/ /tmp/inferno/
cp -r fonts/{lucida,lucidasans,lucm,pelm,LICENCE} /usr/local/inferno/fonts/
rm -rf /tmp/inferno

We test

The semicolon at the beginning of lines is an invitation of Inferno-vsky of sh. Completion of work with Inferno — in an alpha mode either Ctrl-D, or Ctrl-C, in graphic — closing of the graphic Inferno window. (The graphical environment is started by command wm/wm.)

Input under the user of inferno. At installation in the house directory you pass this step.

# su - inferno
; cd
; pwd
; cat /dev/user

Input under the normal user. Command cp will initialize your house directory, it in the future does not need to be repeated before start of Inferno. Too it is better to register the PATH and EMU installation in ~/.bashrc. Then for start of Inferno will be to start enough emu.

$ cp -r /usr/local/inferno/usr.skel/inferno/* ~/
$ export PATH=/usr/local/inferno/Linux/386/bin:$PATH
$ export EMU="-r/usr/local/inferno/ -g1024x768 -c0"
$ emu
; cd
; pwd
; cat /dev/user

Initial Inferno setup

At start emu the system is minimum initialized then it is started sh, which executes /lib/sh/profile for further initialization of system. I in it usually register:
  • Installation of a time zone. In principle it can be made once having copied the file, but to use bind — it is more Infern-ish. :)
  • Transition to the house directory of the current user (by default the system is in the root directory).
  • If in the house directory of the user the corresponding files are configured — to continue initialization of system by these files.
So, you register in / usr/local/inferno/lib/sh/profile:
bind /locale/Moscow /locale/timezone
load std
and {ftest -e namespace} {nsbuild}
and {ftest -e profile} {run profile}

At installation in the house directory on it setup comes to an end — there is no sense to configure three subjects of authorization with a lot of passwords during the work under the only account.

Authorization setup

For a start it is necessary to explain as why it is configured. Authorization works as follows: the client and service mutually will authorize each other by means of certificates based on private/public of keys — all almost like at ssh or https. Almost because they will authorize each other really mutually. For this purpose both of them have to receive the certificates at the same CA (certificate authority) to which both trust. So CA, issuing or not issuing these certificates, defines, the client will have an access to service, or not.

Thus, we need to customize three different systems — the authorization server, a certain useful service, and the client's terminal. For this purpose we can start three independent emu by the machine — from the point of view of Inferno it will be three different servers on which different applications will be started. Certainly, at such option there are some restrictions — for example, it is impossible to start two identical network services in different emu — they will have a conflict in attempt to open TCP port. Well and files on a disk at them the general, certainly — but it does not concern "virtual" files (a la / proc and / dev in Linux) which in Inferno are used very actively. So differences between these three emu will be enough for you to perceive them as really different and independent servers.

First of all it is necessary to register the address (hostname or IP) authorization servers by machines of the client and service. But, as files at them in our configuration match, it is enough to edit one file / usr/local/inferno/lib/ndb/local (you can enter

We start the authorization server further. It will be started under the user of inferno, and all files with keys and certificates of CA will be available only to this user.
# su - inferno
; cat /dev/user; echo

… we clear base of keys
; cp /dev/null /keydb/keys; chmod 600 /keydb/keys

… we generate the certificate of our CA, on the entered name (any)
; auth/createsignerkey

… we start authorization service, at the same time it will be required to set the password which will need to be entered at each start of this service — it is necessary since keys in files will be ciphered by this password
; svc/auth
Confirm key:

… now we can create on our service of authorization these user accounts, with passwords, at last :) — one for the user inferno (just not to bring also the third user, the second server for start of useful services will use it) and powerman, the second for the user (who will use the client terminal on the third server for connection to useful service on the second server)
; auth/changelogin inferno
new account
expires [DDMMYYYY/permanent, return = 23102009]: permanent
change written
; auth/changelogin powerman
new account
expires [DDMMYYYY/permanent, return = 23102009]: permanent
change written

… well we will also admire the TCP services started on this "server"
; netstat
tcp/0      inferno    Announced!6673         ::!0
tcp/1      inferno    Announced!6677         ::!0
tcp/2      inferno    Announced!6671         ::!0
tcp/3      inferno    Announced!6672         ::!0

The server of authorization is left to work, and we start following emu — with useful service.
# su - inferno
; cat /dev/user; echo

… as ndb/cs it something like a universal resolver, without it in Inferno with a network especially you will not work (there is still ndb/dns, but in hosted the mode it can be not started and used a dns-resolver of host OS)
; ndb/cs

… we address authorization service (the first server), we are represented under the login / password, and we receive from it the certificate (it is operation one-time provided that the certificate does not also the file where now the received certificate will be saved nobody will delete).
; getauthinfo default
use signer [$SIGNER]: 
remote user name [inferno]: 
save in file [yes]:

… now, having the certificate, it is possible to start useful service — for example rstyx which allows to execute far off on this server commands — analog of ssh
; svc/rstyx
; netstat
tcp/0      inferno    Announced!6668         ::!0

We leave it to work and we start the third emu — terminal of the user of powerman.
$ emu
; cat /dev/user; echo
; ndb/cs
; getauthinfo default
use signer [$SIGNER]: 
remote user name [powerman]: 
save in file [yes]: 

… now we can be connected to the second server and execute on it command. for an example, we will look at the process list at first on this terminal, and then on the second server
; ps
       1        1   powerman    0:00.0    release    74K Sh[$Sys]
       8        7   powerman    0:00.0        alt    17K Cs
      11        1   powerman    0:00.0      ready    74K Ps[$Sys]
; cpu ps
       1        1    inferno    0:00.0    release    83K Bufio[$Sys]
       8        7    inferno    0:00.0        alt    17K Cs
      13        1    inferno    0:00.0        alt     9K Listen
      15        1    inferno    0:00.0    release     9K Listen[$Sys]
      22        1   powerman    0:00.0      ready     1K Ps[$Sys]

Updating of system

Here everything is absolutely trivial:
cd /usr/local/inferno
svn up
mk install

What's next?

RTFM. RTFM. And again RTFM. The system very strongly differs from traditional. And do not expect to be limited to reading documentation — it is necessary to read source codes, there all most important. :)

When there is an understanding that as works — write on Limbo. (On sh to write I do not advise — it too slow that it is quite strange, by the way.) Write network services, distributed systems, or full-fledged GUI-applications.

Good luck! :)

This article is a translation of the original post at
If you have any questions regarding the material covered in the article above, please, contact the original author of the post.
If you have any complaints about this article or you want this article to be deleted, please, drop an email here:

We believe that the knowledge, which is available at the most popular Russian IT blog, should be accessed by everyone, even though it is poorly translated.
Shared knowledge makes the world better.
Best wishes.