Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

Building from Source & Package Management

InterGenOS is built from source. Every package that ships in the system was compiled from upstream code in an isolated build environment, recorded with content hashes, and deployed by a package manager that can later prove each file on disk is exactly what was installed. This section explains how that pipeline works and how you can inspect, rebuild, or extend it yourself.

This is the practical expression of the project’s posture: a machine you understand, can modify, and can trust.

The two halves of the system

InterGenOS package handling splits cleanly into a factory and a consumer:

  • igos-build is the factory. It constructs packages from source code in an isolated environment and produces binary archives (.igos.tar.gz).
  • pkm is the consumer. It runs against the live filesystem, installing, removing, querying, and verifying those archives. It records every deployed file in a database that doubles as an audit trail.

igos-build compiles source and generates the initial file list and hashes. pkm is the command-line tool end users run to download and install the resulting archives, and to confirm at any later time that nothing on disk has drifted from what was installed.

See The Transparent Package Manager for pkm in depth, and Building Packages from Source for the build side.

How the system is assembled: the build tiers

The full system is organized into six tiers, built in dependency order. As of this writing (1.0-dev, build id v1.0-dev1), the live package counts derive roughly as follows. These numbers drift as packages are split, added, or merged, so derive the live count from the package definitions rather than treating any figure as permanent.

TierRoleApproximate count
toolchainBootstrap compiler and core build tools~28
coreEssential system libraries and utilities~272
baseBase userland on top of core~23
desktopGraphical environment and desktop applications~420
extraAdditional applications and tooling~112
aiLocal assistant components~2

That totals roughly 857 packages across the six tiers today. To derive the current figure, count the package definitions per tier rather than quoting this table.

The build pipeline

A full image build runs through 20 phases in fixed order, with an optional publish step at the end:

  1. validate
  2. verify-sources
  3. setup
  4. toolchain
  5. chroot-prep
  6. chroot-tools
  7. core
  8. config
  9. core-extra
  10. base
  11. kernel
  12. desktop
  13. ai
  14. extra
  15. bootloader
  16. image
  17. manifest
  18. squashfs
  19. ukis-verity
  20. iso

Source verification happens before any compilation. Image, manifest, squashfs, UKI/verity, and ISO assembly happen after the package tiers are built, so the final artifact carries an integrity chain from the verified sources through to the bootable image.

What this gives you

Because the package manager records a SHA-256 hash for every file it deploys, you can ask the system to re-verify itself at any time. The pkm verify command recalculates the hash of every installed file on disk and compares it against the expected hash, detecting both accidental corruption and unauthorized modification. Package state lives in a SQLite database for fast queries and, alongside it, human-readable text manifests for direct inspection. The same record-keeping that makes the system fast makes it auditable.

Upgrades use a “supersede” model rather than blind overwrites, so package splits (for example, separating a tool’s core utilities from its extras) happen without orphaning files or breaking dependencies. Configuration files under /etc/ are tracked separately and preserved across changes, so your local modifications are not silently discarded.

What ships today

  • pkm, the package manager described above.
  • Forge, the system installer. See the FORGE Installation Guide.
  • A signed Secure Boot chain, dm-verity integrity over the read-only system image, and UKI signing, covered in Verified Boot & Secure Boot.
  • GNOME 49 on Wayland as the desktop environment.
  • InterGen, a tiered, hardware-detected, offline-first local assistant built on Qwen models, with zero telemetry. See The AI Assistant.
  • InterGen Sentinel, a pluggable security scanner defaulting to Local-Rules and Local-Qwen, with six opt-in cloud providers available via “Phone-A-Friend” (Frontier/Cloud Escalation): Claude (Anthropic), Gemini (Google), Copilot (Microsoft), ChatGPT (OpenAI), Grok (xAI), and DeepSeek.

KDE/Plasma and Qt6, switchable desktops, and dedicated application campaigns (for video, graphics, CAD, finance, virtualization, and similar) are planned and not part of the current system. This section documents only what ships today.

In this section