kellito ae749ffb23 build: ship build-system hardening arc (5 of 10 improvements)
The v6.0 build-system hardening arc lands 5 of the 10 improvements
proposed in local/docs/BUILD-SYSTEM-IMPROVEMENTS.md. All scripts
have unit tests (62 -> 86, all pass in <1s) and the new 'lint-recipe'
Gitea Actions job runs on every PR.

Per-recipe audit & lint scripts (catch R1/R2 violations BEFORE cook):
  * audit-patch-idempotency.py  — verifies external patches in
    local/patches/ still apply against the upstream pinned rev.
    Caught 1 real bug on first run: libdrm/02-redox-dispatch.patch
    hunk at xf86drm.c:321 no longer matches libdrm-2.4.125.
  * audit-kf6-deps.py           — fetches upstream, scans for
    find_package(KF6Xxx REQUIRED), compares to recipe deps. Catches
    missing + dead dependencies in every kf6-* and qt* recipe.
  * classify-cook-failure.py    — 17-rule cook-failure classifier.
    10-30s diagnosis vs 5-10min manual. exit code is intentionally
    inverted (0=novel failure, 1=known fix) for CI signal.
  * lint-recipe.py              — 7-rule recipe lint: R1-NO-PATCH-FILE,
    R1-PATH-SOURCE, R2-INLINE-SED, R2-PATCHES-DIR-UNUSED,
    NO-LEGACY-MAKE, R1-LEGACY-APPLY-PATCHES, DEP-NOT-FOUND.
    1.1s for 171 recipes (down from 60s+ in v1 via recipe-index
    precomputation). Strict mode promotes warnings to errors.

Build-system convenience:
  * repair-cook.sh              — incremental-build optimizer.
    Equivalent to 'repo cook <pkg>' but with a fast-path that
    skips configure when CMakeCache.txt is newer than source AND
    external patches haven't changed. 30-60s vs 5-10min on KF6
    recipes. make repair.<pkg> / make clean-repair.<pkg> targets.
  * migrate-kf6-seds-to-patches.sh — migration skeleton for
    converting 56 inline 'sed -i' chains across the KF6 recipes
    to durable external patches in local/patches/<name>/.

Gitea Actions (host-execution, no Docker):
  * .gitea/workflows/build-system.yml — 8-job pipeline:
    unit-tests, lint-offline, lint-network (nightly),
    lint-recipe (NEW), lint-docs, build-mini, build-full,
    smoke (QEMU boot).
  * .gitea/RUNNER-SETUP.md — one-time Manjaro/Arch host setup.

Build script hardening:
  * build-redbear.sh            — when a low-level source (relibc,
    kernel, base, bootloader, installer) is newer than its pkgar,
    clean build/ and sysroot/ across all recipes too. Low-level
    package changes leave autotools packages (pcre2, gettext,
    libiconv, ...) with stale configure/libtool scripts referencing
    the old runtime, causing 'libtool version mismatch' and
    'not a valid libtool object' errors. Cleaning forces
    re-configuration; stage/ and source/ are preserved so the
    cookbook skips unchanged packages that don't use autotools.
  * Makefile                    — wire lint-cook-failure,
    lint-cook-failure-explain, lint-recipe, lint-recipe.%,
    lint-recipe.strict, lint-recipe.%.strict, repair.%,
    clean-repair.%, test-lint-scripts[-quiet]. Replace the
    legacy 'validate-patches' target with a deprecation notice
    pointing at validate-sources.

Documentation:
  * BUILD-SYSTEM-IMPROVEMENTS.md   — mark #2 and #5 DONE; full
    implementation notes; updated Make-targets table.
  * BUILD-SYSTEM-V6-HARDENING-POSTMORTEM.md (NEW) — 226-line durable
    record of the 8-session arc: 32 findings categorized, 5 P0
    audit-script bugs fixed, 6 over-broad multi-pattern rules
    discovered + fixed, test coverage 86/86 in <1s, 7/10
    improvements DONE.
  * SCRIPT-BEHAVIOR-MATRIX.md   — apply-patches.sh row marked
    LEGACY/ARCHIVED; build-redbear.sh row no longer claims to
    call it.
  * boot-logs/README.md (NEW)   — frozen-evidence policy:
    'do not edit' rule for REDBEAR-FULL-BOOT-*-RESULTS.md files.
  * libdrm/02-redox-dispatch.patch.README (NEW) — 8-step regen
    procedure for the broken hunk.

Cleanup:
  * local/cache/README.md deleted (1-line placeholder).
  * legacy 'make validate-patches' target removed.

Per build-system improvement #5: lint-recipe.py's first run on
the live tree surfaced 1 broken-patch reference (redbear-sessiond),
1 dangling cookbook_apply_patches call (tc), 19 sed -i calls in
sddm (warning — cookbook_apply_patches present, drop-x11.py
migration in progress), 4 sed -i calls in qt6-wayland-smoke
(uncovers the same bug class the libwayland fix prevented).
2026-06-12 13:37:39 +03:00

Red Bear OS

Red Bear OS

A microkernel operating system written in Rust, derived from Redox OS

MIT x86_64 Status


What is Red Bear OS?

Red Bear OS is a general-purpose, Unix-like operating system with a microkernel architecture, written in Rust. It is a full fork of Redox OS, with added hardware support, filesystem drivers, and a KDE Plasma desktop path. The current development branch is 0.2.3 and the current Red Bear OS version is 0.2.3 (same as the branch name).

Goals:

  • AMD & Intel parity — first-class support for both platforms on bare metal
  • KDE Plasma desktop — Wayland-based desktop environment via the KWin compositor
  • Hardware GPU acceleration — AMD GPU (amdgpu) and Intel GPU drivers via redox-drm
  • Modern subsystems — USB, WiFi, Bluetooth, ext4, GRUB, D-Bus
  • Offline-first builds — reproducible from archived, BLAKE3-verified sources

Quick Start

Prerequisites

Linux x86_64 host with Rust nightly, QEMU, nasm, and standard build tools.
See the Redox Build Guide for full setup.

Build & Run

# Clone
git clone https://gitea.redbearos.org/vasilito/RedBear-OS.git
cd RedBear-OS

# Build and run the desktop target in QEMU
./scripts/run.sh --build

# Build a live ISO for bare metal
./scripts/build-iso.sh redbear-full

# Build the text-only recovery target
./scripts/run.sh --build --config redbear-mini

Repository Hosting

The canonical Red Bear OS Git server is Gitea at https://gitea.redbearos.org/vasilito/RedBear-OS.git. GitHub is not a Red Bear OS source of truth and must not be used for pushes, issues, releases, or project coordination.

Public Scripts

Script Purpose
scripts/run.sh Build and run in QEMU (-b to build, -c <config> for target)
scripts/build-iso.sh Build a live ISO for bare-metal boot
scripts/build-all-isos.sh Build all live ISO targets
scripts/network-boot.sh PXE network boot helper
scripts/dual-boot.sh Dual-boot installation helper

Config Targets

Target Type Description
redbear-full Desktop Wayland + KDE + GPU drivers + D-Bus services
redbear-mini Console Text-only recovery / install target
redbear-grub Console Text-only with GRUB boot manager

Current Status

Red Bear OS boots to a login prompt in QEMU with working wired networking, D-Bus system bus, hardware detection daemons, and filesystem support (RedoxFS, ext4, FAT).

Area Status
Boot (ACPI/x2APIC/SMP) Bare-metal proven
Userspace drivers (PCI, storage, net) Working in QEMU
D-Bus system bus + services Working (login1, PolicyKit, UDisks, UPower)
ext4 / FAT filesystems Compiles, installer-wired
POSIX gaps (relibc) 🚧 Bounded Wayland-facing support
DRM/KMS display drivers 🚧 AMD + Intel compile; HW validation pending
Wayland compositor 🚧 Bounded proof; Qt6/KF6 clients crash at init
KDE Plasma desktop 🔄 In progress (Qt6/KF6 compile; KWin/QML blocked)
WiFi / Bluetooth 📋 Planned (architected, implementation pending)

How It Works

Red Bear OS uses a userspace driver model — all drivers run as unprivileged daemons:

Kernel (microkernel)
  └── schemes: memory, irq, event, pipe, debug
        └── Driver daemons (userspace)
              ├── pcid        → PCI enumeration
              ├── e1000d      → Intel ethernet
              ├── xhcid       → USB controller
              └── vesad       → Display framebuffer

The kernel provides minimal services (memory, interrupts, IPC). Everything else — filesystems, networking, graphics, input — runs in userspace.

Documentation

Contributing

Red Bear OS uses a full fork model. Upstream Redox sources are frozen and archived. All custom work lives in local/:

local/
├── sources/     # Red Bear source forks (git repos, directly editable)
├── recipes/     # Custom packages (drivers, GPU, system)
├── docs/        # Integration and planning docs
└── scripts/     # Build, test, and release tooling

We welcome contributions made with or without AI assistance — we care about quality, not how the code was produced.

License

MIT — same as upstream Redox OS.

S
Description
RedBear Operating System, based on RedoxOS. Licenced under MIT license.
https://redbearos.org
Readme MIT 20 GiB
Languages
C 43.9%
C++ 23.5%
Makefile 7.3%
Python 3.7%
JavaScript 3.4%
Other 17.1%