Void is a general purpose operating system, based on the monolithic Linux kernel. Its package system allows you to quickly install, update and remove software; software is provided in binary packages or can be built directly from sources with the help of the XBPS source packages collection.
It is available for a variety of platforms. Software packages can be built natively or cross compiled through the XBPS source packages collection.
Visit the Void build server console for package build status updates.
Void Linux is an independent distribution, developed entirely by volunteers.
Unlike trillions of other existing distros, Void is not a modification of an existing distribution. Void's package manager and build system have been written from scratch.
Void focuses on stability, rather than on being bleeding-edge. Install once, update routinely and safely.
Thanks to our continuous build system, new software is built into binary packages as soon as the changes are pushed to the void-packages repository.
Void Linux supports both the musl and GNU libc implementations, patching incompatible software when necessary and working with upstream developers to improve the correctness and portability of their projects.
xbps is the native system package manager, written from scratch with a 2-clause BSD license.
XBPS allows you to quickly install/update/remove software in your system and features detection of incompatible shared libraries and dependencies while updating or removing packages (among others). Refer to the Handbook for an overview.
xbps-src is the xbps package builder, written from scratch with a 2-clause BSD license.
This builds the software in containers through the use of Linux namespaces, providing isolation of processes and bind mounts (among others). No root required!
Additionally, xbps-src can build natively or cross compile for the target machine, and supports multiple C libraries (glibc and musl currently).
The previously announced OpenSSL switch is now underway. Because OpenSSL is a dependency of a large number of packages, the full rebuild process is expected to take several days. Syncing between the builders and public repositories has been suspended to ensure that the package tree remains consistent. Consequently, no new package updates will appear until the switch is complete.
Once updates appear, we recommend that you perform a complete system update to simplify the transition. Partial updates are possible, but you will need to manually trace all OpenSSL dependants installed on your system and update them atomically.
Since 2016, the default bootloader configuration in Void Linux has set
the Linux kernel command-line options
provide some level of kernel hardening. Kernel series 5.3 and later offer
init_on_free (see this kernel
Void’s kernels come with the
init_on_alloc option enabled by default where
linux5.11>=5.11.3). In most cases, you should not disable this option, as it
has a fairly minimal impact on performance (within 1%). The
option is more expensive (around 5% on average) and needs to be enabled by hand
init_on_free=1 on the kernel command line. Similarly,
init_on_alloc can be disabled if needed by passing
As a consequence of these changes, Void’s default kernel command-line now omits
page_poison options. There is a chance that your
existing system still has the old options enabled. They still work in newer
kernels, but have a performance impact more in line with
older hardware this can be quite noticeable. If you are running a kernel series
older than 5.4, you can keep them (or add them) for extra security at the cost
of performance; otherwise, you should remove them.
The Void Linux team is switching back to OpenSSL on March 5th, 2021 (2021-03-05).
For most users, there should be no noticeable change. If you have any packages installed that are no longer provided by Void, or your system has explicit dependencies on LibreSSL, you will of course need to take action to ensure your system continues to function after the switch.
A discussion about switching to OpenSSL began in a Request For Comments (RFC) posted on April 12th, 2020, at void-linux/void-packages#20935. Since then, a majority of Void maintainers have expressed support for the move. The main reasons for the switch are as listed in the RFC:
As a result of the above, the switch to OpenSSL is expected to lessen the time and effort spent on packages that require an OpenSSL-like library. This is especially notable because most other distributions which used LibreSSL have dropped it, so there aren’t as many people amongst whom to distribute the effort.
For further context, LWN covered the subject of LibreSSL on Linux at the beginning of this year. The article also covers the attention and improvements that the OpenSSL project has received post-Heartbleed, which was one of the main reasons for Void’s initial switch to LibreSSL.
For an example of extra work caused by packages that expect OpenSSL, Void’s version of Qt5 is heavily patched in order to properly support LibreSSL. Furthermore, the just released Qt6 would also need significant effort to be patched and maintained to use LibreSSL, without the possibility of such effort being upstreamed.
At the same time, other software can have limited functionality or hit edge cases when using LibreSSL, due to not being thoroughly tested with it. One example is Python, which is limited in the ciphers available to running programs, since it depends on what the SSL library provides - they are even considering dropping any support for LibreSSL in the future. Another example is OpenVPN, which we have received bug reports for connection issues with LibreSSL (void-linux/void-packages#23413). This required us to switch the package to use Mbed TLS by default, resulting in some limitations to the resulting package. With the switch to OpenSSL, the OpenVPN package will now be provided in the most widely deployed and tested configuration, so similar compatibility hiccups are unlikely to reappear.
Unfortunately, this move has required us to drop some packages that rely on the OpenSSL 1.0.1 API; while LibreSSL maintains compatibility with this legacy API, modern OpenSSL has abandoned it.
One great feature of LibreSSL not offered by OpenSSL is the
which aims to be a hard to misuse interface for communicating over the web
safely, with sane defaults. Some of the packages we ship depend on it, so work
has been done to package a standalone version of it in
The Void Linux team is grateful for the work of the OpenBSD community on libressl-portable, we have greatly benefited from their work. Void continues to package other excellent OpenBSD software, including OpenSSH and signify, which is our tool of choice for signing live images.
In conclusion, we expect our switch to OpenSSL to ease maintenance overhead, provide the same reliable experience to users, and improve functionality in select packages. Look forward to the update landing some time after March 5th!