Hackable and portable lab using Bedrock Linux

Exploring the magic of Bedrock Linux and making it as a powerhouse of portable development environment


11 May 2021



Bedrock Linux? What is this? TL;DR, it’s a meta Linux distro, with which you can do some real magic. You can mix-and-match compontents from different distros. For example: you can have kernel pulled from AUR, you can use Void’s Linux runit init system, use Debian’s coreutils and more. Given that, distro wars don’t make sense anymore.

However, Bedrock has it’s limitations. For example, Bedrock won’t like all distros. The work still needs to be done on NixOS, to make it play nice with Bedrock, since it’s not yet hijackable distro. You also can’t use, for example, btrfs with grub, Bedrock won’t like it.

If you want to learn more about Bedrock itself, feel free to check Bedrock Linux website here

Where to start?

I’d recommend two USB sticks for the start. One, from which we’d use Ventoy (this is life-saver, you must have one USB stick with Ventoy on it, trust me, it’s great), and one, destination USB on which you’ll install the distro you like. Just make sure, that you’ll pick a distro which is compatible with Bedrock, check it here. I’ll recommend going with either Alpine (super lightweight distro) or Artix (Arch-derivative, you might have less problems starting from that, since Alpine lacks even GNU coreutils out of the box). Also, both of them don’t use systemd, Alpine uses OpenRC, and, when it comes to Artix, you can choose if you’d like to use OpenRC or s6 or runit, for the purpouse of running the system from USB, I’d recommend using runit (Void also uses that), since it’s one of the most lightweight init systems, it indeed lacks some features, but it’d be perfect for system on USB stick.

After that, you’ll need Bedrock hijack script, I’d recommend going for stable release of Bedrock. Grab one corresponding to your architecture from here

OK, what now?

Once your Bedrock boots, it gives you tons of possibilities. You can now use brl fetch to fetch additional stratums, for example, Ubuntu, where you can add Kali or Parrot repositories and use it just like that, alongside things from AUR or other distro’s repositories.

Given that, you can have endless possibilities. I, for example, added BlackArch repositories to my Artix stratum and Kali+Parrot repo combo to my Ubuntu stratum.

I also recommend extending the possibilities even more by installing Nix. Our RedNix Nix Shells will work perfectly fine there.

But man, why a blogpost on such trivial thing?

Well, I guess that us, people from infosec community, or at least those I’ve met, wanted to have ultimate machine. Bedrock Linux allows doing so without playing with Virtual Machines, since, as I’ve mentioned, you can use tools and mix-and-match components of other distros. And now tell me, how many people have even heard about Bedrock. I guess that the question ‘why’ to make a post on that is now a retorical one.

OK, OK, but what if I know nothing about Bedrock?

Recently I’ve made a little cheat-sheet for Bedrock Linux, which you can find as a gist here

If you want to try other init systems and have problems with something other than systemd, a friend of mine, Night_H4nter, made an init rosetta, which you can find here