Protocol 7 — LainOS Layer 02 System

Init-Agnostic Compatibility Architecture for OpenRC on Arch Linux (Single-User Desktop Stack)

---

Overview

Protocol 7 is a minimal, interface-level compatibility layer and system architecture designed to run Arch Linux without systemd while preserving broad compatibility with AUR software.

It does not replace systemd and does not emulate full systemd behavior.

Instead, it provides a controlled compatibility surface that satisfies common systemd expectations in user applications while the system itself runs on a non-systemd init and IPC stack.

Protocol 7 eliminates roughly 1.28 million lines of systemd's codebase (verified via cloc against upstream) while retaining only libsystemd for ABI compatibility.

The goal is simple:

Run a usable, modern desktop system (Wayland + AUR ecosystem) without systemd.

---

Design Philosophy

Protocol 7 is built on three strict principles:

1. Interface over Implementation

Only the expected surface of systemd is provided:

• libraries
• return values
• D-Bus endpoints
• filesystem paths

No full subsystem logic is implemented.

---

2. Single-User Assumption

The system assumes:

• 1 user
• 1 session
• 1 seat (seat0)
• no session switching
• no multi-user runtime coordination

This eliminates logind-class complexity entirely.

---

3. Real System + Minimal Compatibility Layer

Protocol 7 is not a system replacement. It is layered on top of a system that includes real systemd libraries:

• Init: OpenRC
• IPC: dbus-openrc
• Session: seatd
• Compositor: Sway (Wayland) / Openbox (X11 live session)
• systemd libraries: systemd-libs (real, for ABI compatibility)

---

Current Library Strategy

As of 2026-06-14: Protocol 7 uses real systemd-libs for ABI compatibility rather than mock libraries. This is a transitional state.

Library	Status	Location	Notes
libsystemd.so.0	Real (systemd-libs)	/usr/lib/	Provides actual systemd symbols
libudev.so.1	Real (systemd-libs)	/usr/lib/	Provides actual udev symbols
libdbus-1.so.3	Real (dbus)	/usr/lib/	Standard D-Bus library
liblainos-systemd-mock.so.0	Inert	/usr/lib/lainos/	Private SONAME, not in library search path
liblainos-dbus-mock.so.3	Inert	/usr/lib/lainos/	Private SONAME, not in library search path

The mock libraries remain in the package for future use but are not active in the current build. They are installed with private SONAMEs and are never loaded by the dynamic linker.

Rationale: Using real systemd-libs simplifies the compatibility story — AUR packages link against real symbols and receive real (if minimal) implementations. The mock libraries may be reactivated if symbol drift or version conflicts occur.

---

System Scope

Supported Environment

Protocol 7 is designed for:

• Wayland-based desktop environments (Sway)
• X11 live installer sessions (Openbox)
• AUR-heavy workflows
• Electron / Chromium applications
• PipeWire audio stacks
• Flatpak (portal-based usage)
• CLI and developer tooling

---

Explicitly Out of Scope

The following are intentionally unsupported:

• KDE Plasma, GNOME, Cinnamon (logind/polkit dependency)
• systemd-based services (systemctl)
• journald
• systemd-resolved
• systemd-homed
• multi-seat or multi-user systems

---

Architecture

Protocol 7 consists of four layers:

---

Layer 0 — Base System (Real OS)

This is the actual operating system environment:

• Init: OpenRC
• IPC: dbus-openrc
• Session: seatd
• Audio: PipeWire / WirePlumber
• Networking: iwd + openresolv
• Privilege: doas
• systemd libraries: systemd-libs (real, for ABI)

This layer is fully real and authoritative.

---

Layer 1 — ABI Compatibility Layer

Components

• systemd-libs (real)
• liblainos-systemd-mock.so.0 (inert, private path)
• liblainos-dbus-mock.so.3 (inert, private path)

Purpose

Provides systemd-linked applications with:

• expected symbols (via real systemd-libs)
• expected ABI signatures
• safe no-op or minimal implementations from runtime layer

Current Behavior

• Real libraries: AUR packages link against libsystemd.so.0 and libudev.so.1 from systemd-libs
• Mock libraries: Present but inactive; reserved for future use if needed
• No LD_LIBRARY_PATH manipulation: Real libraries are found via standard ldconfig

---

Layer 2 — Runtime Compatibility Layer

Components

• lainos-dbus-bridge
• lainos-notifyd
• lainos-ghost-units

Purpose

Translates systemd-style expectations into OpenRC-compatible behavior.

Responsibilities

Function	Behavior
login1 API	D-Bus facade mapped to OpenRC
sd_notify	logged via syslog, no system control
/run/systemd/*	ghost directories for existence checks

---

Layer 3 — Session & Initialization Layer

Components

• lainos-init
• lainos-audio-init
• lainos-net-init

Purpose

Initializes a single-user session (Wayland or X11).

Responsibilities

• environment sanitization
• runtime directory setup
• compositor/session launch (Sway or Openbox)
• PipeWire + network initialization

Session Selection

Protocol 7 supports dual-session boot via greetd + tuigreet:

Session	Type	Purpose	Command
Openbox	X11	Live installer preview	P7_SESSION_TYPE=x11 lainos-init
Sway	Wayland	Installed system preview	P7_SESSION_TYPE=wayland lainos-init

The user selects the session at the tuigreet login prompt. lainos-init detects P7_SESSION_TYPE and configures the environment accordingly:

• X11: sets DISPLAY=:0, XDG_SESSION_TYPE=x11, execs openbox-session
• Wayland: sets WAYLAND_DISPLAY=wayland-1, XDG_SESSION_TYPE=wayland, execs sway (or dwl/river fallback)

---

Layer 4 — Policy & Integrity Layer

Components

• pacman.conf restrictions
• installation sealing scripts
• Protocol 7 install hooks

Purpose

Prevents system corruption from systemd dependencies.

Guarantees

• systemd packages cannot be installed or upgraded (blocked by dummy packages)
• Protocol 7 shims cannot be overwritten
• ABI drift halts package transactions

---

Boot Chain

1. BIOS/UEFI → GRUB/Syslinux → kernel + initramfs
   └─ Kernel cmdline: init=/sbin/openrc-init

2. Dracut initramfs
   └─ dmsquash-live mounts squashfs as root
   └─ 98protocol7-live module handles live boot
   └─ execs /sbin/openrc-init

3. OpenRC sysinit runlevel
   ├─ cgroup-delegate → mounts cgroup2, enables controllers
   ├─ lainos-ghost-units → creates /run/systemd/* ghost dirs
   └─ lainos-notifyd → opens DGRAM socket on /run/systemd/notify

4. OpenRC default runlevel
   ├─ dbus → D-Bus system bus
   ├─ seatd → seat management
   ├─ lainos-dbus-bridge → login1 D-Bus facade
   ├─ iwd → WiFi daemon
   └─ greetd → display manager on TTY1

5. greetd → tuigreet
   └─ Session selection: Openbox (X11) or Sway (Wayland)

6. User login → lainos-init
   ├─ X11: DISPLAY=:0, openbox-session, Calamares
   └─ Wayland: WAYLAND_DISPLAY=wayland-1, sway

---

Execution Flow

Application Startup

Application
   ↓
systemd-libs (real ABI)
   ↓
sd-bus call
   ↓
dbus-openrc (real IPC)
   ↓
lainos-dbus-bridge (if systemd interface required)
   ↓
OpenRC services / system utilities

---

Key Design Behavior

1. Static System Identity

The system always presents:

• one session
• one seat (seat0)
• one active user session

---

2. Deterministic Responses

System-level queries return stable values:

• no runtime mutation of identity
• no session switching logic

---

3. Compatibility-First Responses

APIs return:

• success when safe
• error codes when necessary (-ENODATA, -ENOENT)

---

4. Non-Orchestration Model

Protocol 7 does NOT:

• manage services dynamically
• track dependencies
• simulate systemd lifecycle behavior

---

Compatibility Profile

Works Well

• Electron applications
• Chromium / Firefox
• CLI tooling
• Wayland-native applications
• X11 applications (via Openbox live session)
• PipeWire audio stack
• Flatpak (portal-based workflows)

---

Works With Limitations

• applications querying login1 APIs
• software expecting optional systemd features

---

Not Supported

• systemctl-based workflows
• polkit-dependent desktop environments
• systemd-resolved / journald / homed ecosystems

---

System Guarantees

Protocol 7 guarantees:

• No systemd runtime dependency (PID 1 is OpenRC)
• No systemd package contamination (blocked by dummy packages)
• Deterministic single-user environment
• Stable ABI compatibility surface (via real systemd-libs)
• No hidden system orchestration layer

---

Failure Model

Failures occur only when:

• software requires full systemd semantics
• new upstream systemd APIs are not yet covered
• applications rely on multi-user/session coordination

Failure behavior:

• install-time blocking preferred
• runtime fallback otherwise

---

Why It Exists

Before Protocol 7, OpenRC users on Arch had three options when encountering AUR packages that required systemd: patch every affected PKGBUILD, maintain personal forks of those packages, or avoid the AUR entirely. Each option was labor-intensive, fragile, or self-defeating. Protocol 7 is designed to be the fourth way: satisfy the dependency without providing the full functionality, because the functionality was never truly needed.

---

How It Works

Protocol 7 provides just enough systemd surface that applications proceed past their checks without crashing. File existence checks find ghost directories already in place. D-Bus calls receive plausible replies from stub services. Notification calls get absorbed and logged. Pacman is configured to ignore real systemd, never extract unit files, and never overwrite Protocol 7 components.

Most applications treat systemd interactions as best-effort and ignore return values, making them naturally tolerant of stub implementations. Protocol 7 exploits this tolerance.

OpenRC service packages are provided by the Artix system repo, meaning that this is a hybrid Arch/Artix setup (for the time being).

---

System Resilience

Protocol 7 leverages the strict dependency logic of Arch Linux to maintain a stable, deterministic system state. When upstream updates introduce "symbol drift" — new functions required by software that the current libraries do not yet contain — the package manager detects the mismatch and automatically aborts the transaction. Because the environment is governed by a "Pacman Seal" of IgnorePkg and NoUpgrade rules, it is architecturally impossible for an update to overwrite custom components or force-install systemd. The system does not crash; it simply holds the update at the gate until the compatibility surface is extended.

---

Architecture

The complete component map is documented in the repository. Core components include:

• systemd-libs — real ABI compatibility (transitional)
• liblainos-systemd-mock.so.0 — private SONAME mock (inert, reserved)
• liblainos-dbus-mock.so.3 — private SONAME mock (inert, reserved)
• lainos-dbus-bridge — login1 D-Bus facade (power actions, session properties)
• lainos-notifyd — absorbs sd_notify messages
• lainos-init — session environment setup (X11 + Wayland)
• lainos-audio-init — PipeWire orchestration
• lainos-net-init — network hardening
• lainos-ghost-units — creates volatile systemd paths
• cgroup-delegate — cgroup v2 controller delegation
• pacman.conf — seals system against systemd leakage
• shellprocess-final.conf — wires OpenRC services during Calamares installation

---

Custom Repo Packages

The lainos_repo and protocol_7_repo contain custom, dummy, and stub packages to satisfy systemd dependencies and provide lainOS-specific functionality:

Protocol 7 Core Packages

Package	Type	Purpose
protocol7-core	Real	Main compatibility layer: lainos-init, lainos-dbus-bridge, lainos-notifyd, lainos-ghost-units, lainos-audio-init, lainos-net-init, cgroup-delegate.initd, OpenRC service scripts, private SONAME mock libraries
dbus-openrc	Real	OpenRC service script for D-Bus system bus

Dummy / Stub Packages (Dependency Blockers)

Package	Type	Purpose
systemd-256-1	Dummy	Blocks real systemd installation; satisfies pacman dependency chain
systemd-sysvcompat-256-1	Dummy	Blocks real systemd-sysvcompat; prevents init conflicts
elogind-252-1	Dummy	Blocks real elogind installation
mkinitcpio-41-1	Dummy	Blocks mkinitcpio; forces dracut usage
initramfs-1-1	Dummy	Blocks mkinitcpio hooks from running
libudev-260.2-1	Dummy	Satisfies libudev dependency chain without conflict

Real System Packages

Package	Type	Purpose
eudev-3.2.14-2	Real	Standalone udev daemon and tools; no libudev conflict with systemd-libs
polkit-124-1	Real	PolicyKit for Calamares privilege escalation

Calamares / Installer Packages

Package	Type	Purpose
lainos-calamares-dracut-3.3.15.250221-01	Real	Calamares installer binary with dracut integration
lainos-calamares-config-layer02-81-9	Real	Calamares configuration for lainOS Layer 02

Custom eudev Package

Package	Type	Purpose
eudev	Real (custom)	systemd-free fork of udev providing udevadm, udevd, and device node management. Unlike systemd's built-in udev, this is a standalone package that does not conflict with libudev from systemd-libs. The custom build ensures libudev.so.1 is provided by systemd-libs (real) while eudev handles the daemon and CLI tools.

Key design point: The custom eudev package is built to avoid the libudev SONAME conflict that occurs when Artix eudev and Arch systemd-libs are both installed. Our eudev-3.2.14-2 provides udevadm, udevd, and the udev rules system without owning libudev.so.1. The dummy libudev-260.2-1 package satisfies any dependency chain that explicitly requires libudev.

---

The lainOS Layer 02 System

The following components constitute the complete supported userland for Protocol 7. This table is not a list of suggestions — it is the operational boundary of the system. Each component was selected specifically because it functions without systemd, logind, or polkit. This system is intended for single-user setups.

Category	Component	Role / Purpose
Init System	OpenRC	Primary service supervision (hybrid cgroup mode); replaces systemd as PID 1.
Initramfs	dracut	Modern initramfs generator; handles early-boot and live ISO logic.
Device Mgmt	eudev	Standalone device node manager; a systemd-free fork of the udev daemon. Custom build avoids libudev conflict.
IPC Bus	dbus-openrc	Standard D-Bus message bus with native OpenRC init integration.
API Bridge	openrc-settingsd	Provides hostnamed, localed, and timedated D-Bus APIs for desktop compatibility.
Session Mgmt	seatd	Minimalist seat and session handling for unprivileged Wayland/X11 access.
Compositor (Wayland)	Sway	Primary Wayland tiling compositor; functions independently of logind.
Compositor (X11)	Openbox	Live session window manager for Calamares installer preview.
Login Mgmt	greetd / tuigreet	Secure TUI-based greeter portal with session selection (Openbox/Sway).
Interface	yambar / waybar	Minimalist status monitoring for Wayland.
Terminal	foot / alacritty	High-performance Wayland terminal.
Notifications	mako	Lightweight notification daemon for the Wayland environment.
Audio Engine	Pipewire / wireplumber	Modern audio/video routing; operates via sovereign session management.
Connectivity	iwd	Standalone wireless daemon (iwctl); ensures network autonomy.
DNS / Resolver	openresolv	Hardened resolv.conf management to prevent DNS leakage and entropy.
Media Autonomy	udevil / devmon	Sovereign auto-mount logic; provides Thunar sidebar support without udisks2.
Media Support	thunar-volman / gvfs	Enhanced volume management and filesystem abstraction for the userland.
Authentication	doas	Minimalist privilege escalation; replaces sudo for reduced attack surface.
Entropy	haveged	Provides high-entropy for the system RNG to ensure cryptographic strength.
ABI Compatibility	systemd-libs	Real systemd libraries providing ABI surface for AUR packages (transitional).

---

Code Size Comparison

Component	Lines of Code
Protocol 7	≈ 10,000 LOC
OpenRC	≈ 14,000 LOC
systemd	≈ 1.2 – 1.7 million LOC

---

Summary

Protocol 7 is:

A real OpenRC-based Linux system with a minimal compatibility layer that satisfies systemd-dependent applications without implementing systemd.

---

One-Line Definition

Protocol 7 = Real Linux system + constrained systemd compatibility surface for single-user AUR desktop operation

---

Document generated from live build session. Protocol 7 v4.5 / lainOS Layer 02.