From tchung at fedoraproject.org Mon Jan 7 09:57:35 2008 From: tchung at fedoraproject.org (Thomas Chung) Date: Mon, 7 Jan 2008 01:57:35 -0800 Subject: Fedora Weekly News Issue 114 Message-ID: <369bce3b0801070157p70cf834ej70dc5c32ebb1f44@mail.gmail.com> = Fedora Weekly News Issue 114 = Welcome to Fedora Weekly News Issue 114 for the week of December 31st, 2007 http://fedoraproject.org/wiki/FWN/Issue114 In Announcement, "FUDCon Raleigh 2008" and "Fedora Unity announces Fedora 8 Re-Spin" In Planet Fedora, "Red Hat's New CEO", "bugz.fedoraproject.org" and "Fedora Xfce Spin" To join or give us your feedback, please visit http://fedoraproject.org/wiki/NewsProject/Join. 1. Announcements 1. FUDCon Raleigh 2008 2. Fedora Unity announces Fedora 8 Re-Spin 2. Planet Fedora 1. Red Hat's New CEO 2. bugz.fedoraproject.org 3. Fedora Xfce Spin 3. Marketing 1. Is Red Hat still relevant? You bet 2. IcedTea 1.5 Adds PowerPC Java Port 3. Installing Fedora 8 on Hyper-V 4. Developments 1. SELinux Rants 2. Mass Rebuild Using GCC 4.3.0-0.4 3. Call For Maintainers Of TeXLive-Related Packages 4. Policy Proposal For New Compatibility Packages 5. GDB Messages Enhanced To Indicate Missing Debuginfo Files 5. Documentation 1. FDSCo results 6. Security Advisories 1. Fedora 8 Security Advisories 2. Fedora 7 Security Advisories 7. Events and Meetings 1. Fedora Board Meeting Minutes 2008-MM-DD 2. Fedora Ambassadors EMEA Meeting 2008-MM-DD 3. Fedora Documentation Steering Committee 2008-MM-DD 4. Fedora Engineering Steering Committee Meeting 2008-MM-DD 5. Fedora Infrastructure Meeting Log 2008-01-03 6. Fedora Localization Meeting 2008-MM-DD 7. Fedora Marketing Meeting 2008-MM-DD 8. Fedora Packaging Committee Meeting 2008-MM-DD 9. Fedora Quality Assurance Meeting 2008-MM-DD 10. Fedora Release Engineering Meeting 2008-MM-DD 11. Fedora SIG EPEL Meeting Week 01/2008 12. Fedora SIG KDE Meeting Week 01/2008 13. Fedora SIG Store Meeting 2008-MM-DD 14. Fedora SIG Astronomy Meeting Log 2007-12-28 [[Anchor(Announcements)]] == Announcements == In this section, we cover announcements from Fedora Project. In this issue, we've included all new announcements since last issue. https://www.redhat.com/mailman/listinfo/fedora-announce-list Contributing Writer: ThomasChung === FUDCon Raleigh 2008 === MaxSpevack announces in fedora-announce-list[1], "Whether you are a new Fedora user who just started with Fedora 8, a seasoned veteran who has been with Red Hat from the very beginning, or somewhere in between, you are all invited to FUDCon Raleigh 2008. http://barcamp.org/FUDConRaleigh2008 This year's FUDCon is a 3 day event, from Friday January 11th - Sunday January 13th." [1] https://www.redhat.com/archives/fedora-announce-list/2007-December/msg00006.html === Fedora Unity announces Fedora 8 Re-Spin === JeroenVanMeeuwen announces in fedora-announce-list[1], "The Fedora Unity Project is proud to announce the release of new ISO Re-Spins (DVD and CD Sets) of Fedora 8. These Re-Spin ISOs are based on the officially released Fedora 8 installation media and include all updates released as of December 18th, 2007. The ISO images are available for i386 and x86_64 architectures via jigdo starting Sunday, December 23rd, 2007." [1] https://www.redhat.com/archives/fedora-announce-list/2007-December/msg00008.html [[Anchor(PlanetFedora)]] == Planet Fedora == In this section, we cover a highlight of Planet Fedora - an aggregation of blogs from world wide Fedora contributors. http://fedoraproject.org/wiki/Planet Contributing Writers: ThomasChung === Red Hat's New CEO === MaxSpevack points out in his blog[1], "Matt Asay interviewed Red Hat's new CEO, Jim Whitehurst. I thought this was a great interview. A lot of the things that Jim says really resonated with me, and I think that all of the Fedora folks out there will find themselves nodding their heads as they read it too." [1] http://spevack.livejournal.com/41708.html === bugz.fedoraproject.org === SethVidal points out in his blog[1], "Toshio, Will Woods and myself came up with something a little while back and each of us did a part in implementing it. It's bugz.fedoraproject.org" [1] http://skvidal.wordpress.com/2008/01/03/bugzfedoraprojectorg/ === Fedora Xfce Spin === RahulSundaram points out in his blog[1], "Fedora Xfce Spin is a variant of Fedora with a focus on low resource systems and in particular Xfce users. It is a live cd image that you can optionally install to hard disk or USB images." [1] http://rahulsundaram.livejournal.com/17893.html [[Anchor(Marketing)]] == Marketing == In this section, we cover Fedora Marketing Project. http://fedoraproject.org/wiki/Marketing Contributing Writer: ThomasChung === Is Red Hat still relevant? You bet === RahulSundaram reports in fedora-marketing-list[1], "Many Linux users don't seem to realize just how much Red Hat contributes back to the Linux community. They are major software developers on a number of projects not the least of which is the Linux kernel. The Fedora Project site has a page entitled Red Hat contributions to Free and Open Source software which lists most of Red Hat's contributions." [1] https://www.redhat.com/archives/fedora-marketing-list/2008-January/msg00044.html === IcedTea 1.5 Adds PowerPC Java Port === RahulSundaram reports in fedora-marketing-list[1], "The IcedTea project added a PowerPC Java port (both 32 and 64 bit) of OpenJDK. IcedTea 1.5 now also tracks the mercurial repo, provides better GNU/Linux integration by using standard system libraries (libpng, libjpeg, zlib, giflib) and can be bootstrapped with the free gcj/ecj/classpath toolchain. OpenJDK just accepted a new porters group and Gary Benson wrote a guide to porting IcedTea that might be the start of a lot of other Java ports." [1] https://www.redhat.com/archives/fedora-marketing-list/2008-January/msg00041.html === Installing Fedora 8 on Hyper-V === RahulSundaram reports in fedora-marketing-list[1], "Microsoft developer's article about Fedora as a guest in a Windows virtualized environment." [1] https://www.redhat.com/archives/fedora-marketing-list/2008-January/msg00037.html [[Anchor(Developments)]] == Developments == In this section, we cover the problems/solutions, people/personalities, and ups/downs of the endless discussions on Fedora Developments. http://www.redhat.com/mailman/listinfo/fedora-devel-list Contributing Writer: OisinFeeley === SELinux Rants === SELinux[1] was the subject of three distinct threads. The first was initiated when SteveGrubb responded[2] to the 22 Dec 2007 rawhide report with the information that all kernels for x86_64 subsequent to 2.6.24-0.81.rc4.git7.fc9 were failing to boot. PatriceDumas was able to confirm[3] the problem as was DavidZeuthen. A post from EricParis suggested that ''selinux-policy'' might be responsible for the problem and that manual (rpm) removal of the kernel followed by switching off SELinux enforcing mode and then updating the kernel and then re-activating enforcing mode might help. David stated[4] that he was not running enforcing mode. When DimiPaun expressed regret at this David produced[5] an "selinux rant, compressed version." In this David drew attention to the problem that SELinux policy is too complicated and requires a single maintainer, DanWalsh, to effectively know the quirks of every piece of software. In David's experience as a packager, user and developer SELinux had failed but he acknowledged that it might be useful for tightly-controlled servers. As a possible fix David suggested that policy files could be handled by rpm, but thought that this would be dismissed automatically as an option. [1] http://www.nsa.gov/selinux/ [2] https://www.redhat.com/archives/fedora-devel-list/2007-December/msg01500.html [3] https://www.redhat.com/archives/fedora-devel-list/2007-December/msg01677.html [4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00199.html [5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00219.html JesseKeating countered[6] the assumption that the problem was rpm, stating instead that SELinux itself prevented rpm from being able to write files for which it did not yet have a context. Jesse wished that SELinux upstream would get a clue. David argued[7] that SELinux were not solely to blame and suggested that rpm and selinux could be used together by installing the policy before the files were copied. He suggested that a two-way conversation between the respective projects would be useful. Jesse also touched[8] on the current necessity of using permissive mode during installs to avoid failures. [6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00223.html [7] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00226.html [8] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00225.html DanWalsh posted[9] a detailed rebuttal of David's contention that devolving policy to individual maintainers would work. His main points seemed to be assertions that maintainers would not do a good job and also that it was necessary for someone to take an overview of the complex interactions between many packages. Dan suggested that David was more likely to run into problems than most because of the frequent need for root permissions in his work. Dan also asked Jesse for specific details of problems that required running in permissive mode. Jesse's response indicated[10] the complexity of the problem involving at least two chroots. David asserted[11] was in essence confirming the idea that SELinux was too complicated and challenged Dan to allow him to maintain the policy for hal and to open up to other maintainers willing to help in this area. SteveGrubb differed[12] and suggested that rather than blame SELinux for complexity it was better to realize that it was describing the complex interactions between different pieces of software. Steve wondered if a tool to compare newly introduced syscalls with older versions could help out. [9] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00237.html [10] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00242.html [11] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00246.html [12] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00253.html The second rant was posted[13] by EdSwierk in which he detailed the problems he encountered when he tried to copy old user directories into a fresh server installation. Ed noted that his solution was just to switch SELinux off and commented "For me learning SELinux seems as pointless as trying to remember iptables commands, or AFS trivia back when I was a student--all cause me trouble just infrequently enough to ensure I have to relearn them from scratch every time. If I were a full-time sysadmin of course it would be a different story[.]" EricParis asked how Ed had copied the files, and when it turned out to be with ''tar'' TomaszTorcz suggested[14] that he should have used the ''--xattrs'' option. Tomasz explained that all that was important was that the context labels were set correctly for the files and that file location was irrelevant. JohnDennis drew[15] attention to the ''setroubleshoot'' and ''setroubleshoot-server'' packages which help SELinux novices identify such problems and suggests resolutions for them. The ''setroubleshoot-server'' package was explained[16] by John to address the needs of those running headless servers. [13] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00230.html [14] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00267.html [15] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00315.html [16] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00331.html Ed expressed appreciation for JohnDennis's help but wondered why the messages could be made clearer somehow. KonstantinRyabitsev suggested[17] using ''audit2allow'' and ''audit2why'' and John suggested {{{sudo sealert -a /var/log/audit/audit.log}}}. [17] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00352.html A less sanguine evaluation of ''setroubleshoot'' was expressed[18] by JonathanUnderwood who thought that it taught novice users that many problems were simply "due to bugs in selinux policy". TomLane agreed[19] with RalfCorsepius that it might not be appropriate to inform ordinary users about avc denials, but pointed out that at the present the policies were a work in progress and that feedback on them was essential. [18] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00376.html [19] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00414.html The thread ended[20] amicably as discussion between Ed and AndrewFarris made it quite clear that Ed was reporting his experience as an insight into why some people disable SELinux. Closing posts indicated that perhaps improving the error messages could help. [20] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00259.html The third related discussion was initiated[21] by LinusWalleij when he asked why ''system-config-selinux'' or ''anaconda'' did not seem to disable all the selinux related services and daemons upon request. EricParis replied[22] that in general services were not coupled such that stopping one stopped others, and that for the specific cases of ''auditd'', ''mcstrans'', ''restorecond'' and ''setroubleshoot'' mentioned by Linus there was no necessity for it as ''auditd'' can work without the presence of ''selinux'' and vice-versa. Linus investigated[23] the other users of ''auditd'' in Fedora and came up with some non-default installed programs and the conclusion that "As it stands now, a human can advise the user (in this case me) to turn off auditd (and the other selinux services) on their travel laptop [...] but the system itself cannot." A very interesting post from SteveGrubb explained[24] the utility of auditd (which among other things prevents the syslog from becoming cluttered. Steve pointed out that the audit logs collected a large amount of information ranging from failed logins to segfaulting applications, all of which could be quickly eyeballed with {{{aureport --start this-week}}}. He also pointed out that the new security audit tool ''sectool''[25] and ''aide'' and his own planned IDS plugin[26] would use this information, so that turning off auditd was possibly not desirable. EnricoScholz added[27] the caution that the local logging of auditd limited its usefulness on compromised machines. [21] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00243.html [22] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00244.html [23] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00279.html [24] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00296.html [25] https://hosted.fedoraproject.org/sectool [26] See FWN#100 "Layering An IDS On Linux" http://fedoraproject.org/wiki/FWN/Issue100#head-051ea9b1b3a45c4c8cae083db32214ee8682a1f8 [27] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00299.html Linus thanked Steve for the detailed explanation and proved his good intentions with a patch to add a better description to /etc/init.d/auditd. The patch was accepted with minor changes by SteveGrubb. [28] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00372.html === Mass Rebuild Using GCC 4.3.0-0.4 === The results of rebuilding Rawhide using the newest GCC were posted[1] by JakubJelinek. A snapshot of Rawhide dated 20th Dec 2007 contained 5118 src.rpms of which 1054 failed to build. In order to determine which of those failures were due to the new GCC Jakub attempted to rebuild using the older, stock GCC (4.1.2-36) and identified 547 that failed, leaving 507 which failed solely due to the new GCC. Jakub classified these failures in his post and listed the failing packages for the benefit of maintainers. The bulk of the errors seemed to be due to changes in the C++ Standard Template Library. [1] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00128.html Jakub answered a few queries from maintainers who needed further help and one useful practical point that emerged[2] was that in order to test the building of a package with the new GCC it is necessary to do a scratch build in dist-f9-gcc43 as suggested by "drago01". It also seemed that there was a problem with "gettext" depending on a newer Java. Jakub clarified[3] that he had rebuilt gettext in his original buildroots, but not for dist-f9-gcc43. [2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00149.html [3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00277.html Later ThorstenLeemhuis provided[4] a version of the list with package owner names prepended to each line. [4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00145.html HansdeGoede noticed[5] what seemed to be errors which were due to ''boost'' which was not itself on the list of packages failing to build. [5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00162.html The possibility that some failures are due to problems in rawhide at the time that the snapshot was taken was highlighted[6] when ChristopherWickert sought and received Jakub's help in interpreting a cryptic error. [6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00154.html [7] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00163.html Failures experienced by HansdeGoede for a package depending on "allegro" and BradenMcDaniel for ''openvrml'' exposed[8] some problems due to the use of ''extern "C" ''. TomTromey pointed out[9] that a parameter list cannot contain a typedef to void instead of a type void in C++. JakubJelinek echoed[10] this and emphasized that any included header could only use the common subset of C and C++. Hans expressed[11] the opinion that this was a bug of C++, which TomTromey agreed with. [8] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00262.html [9] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00264.html [10] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00278.html [11] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00327.html JonCiesla added[12] his voice to the many thanks that Jakub received and requested that the exercise be repeated before F9 Gold. The specific errors that he, IgnacioVazquezAbrams and GianlucaSforna were dealing with were in Python packages (eggs) which were failing to have their info included in the specfile. [12] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00285.html === Call For Maintainers Of TeXLive-Related Packages === PatriceDumas asked[1] for volunteers to help maintain packages which had been bundled into TeXLive although they are not actually part of it[2]. Patrice offered to review any packages but was too busy to take on the burden of maintaining these programs. [1] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00433.html [2] TeXLive is a collection of software for working with TeX markup. It replaces the older teTeX collection Discussion centered around the ''xdvi'' document renderer, which JonathanUnderwood suggested could be entirely eliminated if only ''evince'' had dvi support enabled. MatthiasClasen commented that the dvi backend of evince was actually enabled in rawhide for some time, which led Jonathon to ask[3] for the relevant bugzilla entry to be closed. When Patrice commented that the removal of ''xdvi'' would be a problem for him Jonathon concurred[4] after testing a local build and finding that evince does not automatically refresh when the file changes on disk. [3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00471.html [4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00439.html MamoruTasaka also thought that removing ''xdiv'' would be a problem because users of Japanese pTeX needed it. Jonathon responded[5] that he was hacking together a specfile to allow xdvi to be maintained. [5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00465.html === Policy Proposal For New Compatibility Packages === BrianPepple requested[1] feedback on a proposal concerning the maintenance of compatibility packages which will be voted on at the 10th January 2008 FESCo meeting. The proposal attempts to describe the limited conditions under which compatibility packages could be maintained and the manner in which disputes could be resolved. [1] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00052.html The issue of whether there should be a time-limit on the maintenance was raised by several people. NicolasMailhot made[2] a strong case that it was necessary, and raised the specter of "the path of least resistance" resulting in maintainers pushing such libraries for ever with the result that upstream development would receive no pressure to move to newer APIs. Although several others shared these concerns there was also a desire to avoid bureaucracy and trust packagers as expressed[3][4] by PatriceDumas. [2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00085.html [3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00084.html [4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00094.html Patrice wondered why extra veto powers were being given to the primary maintainers over those that wished to maintain compatibility libraries. BrianPepple responded that it was due to the increased work that would inevitably devolve onto the primary maintainer (due to security problems and misfiled bugs). Patrice remained unconvinced and stated[5] that the "asymmetry" introduced was unneeded as the primary maintainer could already raise concerns. JoshBoyer thought[6] that the emphasis on vetoes was misplaced and that the differences between Brian and Patrice were more apparent than real. Patrice finished[7] off with an examination of the language of the proposal which pointed out that as current procedures allow any packager to block a review with an escalation to FESCo there should really be no need for this apparently redundant guideline. [5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00098.html [6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00108.html [7] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00122.html Support for Brian's proposal was expressed[8] by LinusWalleij on the grounds that compatibility cruft would slow down the swift release cycle of Fedora. When Patrice wondered how this would actually happen JesseKeating suggested[9] that build failures and increased workload on the primary maintainer were two likely mechanisms. A small exchange between Linus and Patrice on the subject of breaking APIs versus publishing compatibility packages ensued[10]. [8] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00155.html [9] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00166.html [10] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00170.html An interesting reframing of the problem was posted[11] by ThorstenLeemhuis. Thorsten argued that proprietary applications frequently needed compatibility libraries. Rather than focusing on compatibility libraries as the problem Thorsten suggested that discouraging other non-proprietary applications from using the compat-packages should be a priority. Some practical reinforcement of the point was expressed[12] by "Alan". In response JesseKeating drew[13] a distinction between compatible libraries (which made sense to him) and compatible development packages (which did not). [11] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00065.html [12] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00066.html [13] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00069.html KevinKofler and LesMikesell argued the toss[14] over whether breaking the API was a good idea and how this affected proprietary code ... or not. [14] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00072.html === GDB Messages Enhanced To Indicate Missing Debuginfo Files === A query from NealBecker asked[1] why running ''gdb'' on a program now produced many warnings of the form "Missing the separate debug info file: /usr/lib/debug/.build-id/XXXXXXX.debug". AndrewHaley responded[2] that the problem was that the appropriate "-debug" packages for the shared libraries were not installed and suggested that the absence of specific information as to which libraries were missing was a bug. [1] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00300.html [2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00302.html While acknowledging that it was slightly awkward to find the information MattMiller suggested[3] enabling the debuginfo repository so that YUM could be used to install the missing filename's package. JesseKeating added[4] that it was easier to use {{{debuginfo-install }}} which would automatically enable the debuginfo repository and install the requisite debuginfo packages. A very informative post from JanKratochvil, a Red Hat employee primarily focusing on GDB, followed[5]. Jan's post showed how to find the name of the library missing debuginfo {{{ls -l /usr/lib/debug/.build-id/fa/XXXX.debug}}}, how to find the RPM package name to install the debuginfo {{{repoquery -qf /usr/lib/debug/.build-id/fa/XXXXX.debug}}} and as suggested previously by MattMiller how to simply install the missing debuginfo package with {{{yum install /usr/lib/debug/.build-id/fa/XXXXX.debug}}}. Jan cautioned that ''debuginfo-install '' method might not work due to multiple simultaneous debuginfo versions present and he also encouraged discussion on how to improve the output. [3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00306.html [4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00307.html [5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00308.html Further discussion between AndrewHaley and Jan on how to improve the ability of GDB to suggest the correct debuginfo packages uncovered some constraints. Jan pointed[6] out that ''debuginfo-install'' will have problems with dynamically opened libraries, that printing out a suggested RPM package would unacceptably tie GDB to Fedora. These debuginfo files are the result of work by RolandMcGrath and others on BuildID, which is a Fedora 8 feature[7][8], which extended the information in core files to include specific versions of binaries and dynamic shared objects. This enables precise replication of a problem for debugging. Implementing this required changes to the kernel[8a], ''ld'' and other parts of the compiler toolchain and so are of general interest, non-exclusive to Fedora. AndrewHaley suggested[9] that a local (to Fedora) patch could produce his version of perfection, which would be to suggest a specific yum installation command. JamesAntill thought[10] that if perfection and local patching were being considered then tighter integration with rpm or yum could allow the use of ''debuginfo-install ''. [6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00312.html [7] http://fedoraproject.org/wiki/Releases/FeatureBuildId [8] Section 15.2 of the gdb info file explains that a build-id is a section of the executable file which is a unique identification hash which remains constant across multiple builds of the same build tree. [8a] http://www.uwsg.indiana.edu/hypermail/linux/kernel/0707.1/1702.html [9] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00317.html [10] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00339.html When TomLondon experimented[11] with ''debuginfo-install'' and got a large list of dependencies Jan asked[12] why debuginfo packages were pulling in binary packages and suggested a patch to the redhat rpm macros. RolandMcGrath responded[13] with a suggestion that ''redhat-rpm-config'' should also change. [11] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00350.html [12] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00353.html [13] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00362.html In closing DavidNielsen suggested[14] that PackageKit might aid in figuring out which packages were missing and offering to install them for the user. [14] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00355.html [[Anchor(Documentation)]] == Documentation == In this section, we cover the Fedora Documentation Project. http://fedoraproject.org/wiki/DocsProject Contributing Writer: ThomasChung === FDSCo results === KarstenWade reports in fedora-docs-list[1], "With a slight delay for the holidays to get the results :), the following persons will be staying or joining the Fedora Documentation Steering Committee (FDSCo): BartCouvreur, JohnBabich, JaredSmith" [1] https://www.redhat.com/archives/fedora-docs-list/2007-December/msg00351.html [[Anchor(SecurityAdvisories)]] == Security Advisories == In this section, we cover Security Advisories from fedora-package-announce. https://www.redhat.com/mailman/listinfo/fedora-package-announce Contributing Writer: ThomasChung === Fedora 8 Security Advisories === * qt4-4.3.3-1.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00005.html * wordpress-2.3.2-1.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00079.html * libcdio-0.78.2-4.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00106.html * asterisk-1.4.17-1.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00167.html * python-cherrypy-2.2.1-8.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00240.html * mantis-1.1.0-1.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00309.html === Fedora 7 Security Advisories === * libcdio-0.78.2-4.fc7 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00080.html * wordpress-2.3.2-1.fc7 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00098.html * qt4-4.3.3-1.fc7 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00131.html * asterisk-1.4.17-1.fc7 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00166.html * mantis-1.1.0-1.fc7 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00227.html * python-cherrypy-2.2.1-8.fc7 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00297.html [[Anchor(EventsMeetings)]] == Events and Meetings == In this section, we cover event reports and meeting summaries from various Projects and SIGs. Contributing Writer: ThomasChung === Fedora Board Meeting Minutes 2008-MM-DD === * No Report === Fedora Ambassadors EMEA Meeting 2008-MM-DD === * No Report === Fedora Documentation Steering Committee 2008-MM-DD === * No Report === Fedora Engineering Steering Committee Meeting 2008-MM-DD === * No Report === Fedora Infrastructure Meeting Log 2008-01-03 === * https://www.redhat.com/archives/fedora-infrastructure-list/2008-January/msg00019.html === Fedora Localization Meeting 2008-MM-DD === * No Report === Fedora Marketing Meeting 2008-MM-DD === * No Report === Fedora Packaging Committee Meeting 2008-MM-DD === * No Report === Fedora Quality Assurance Meeting 2008-MM-DD === * No Report === Fedora Release Engineering Meeting 2008-MM-DD === * No Report === Fedora SIG EPEL Meeting Week 01/2008 === * https://www.redhat.com/archives/epel-devel-list/2008-January/msg00043.html === Fedora SIG KDE Meeting Week 01/2008 === * https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00216.html === Fedora SIG Store Meeting 2008-MM-DD === * No Report === Fedora SIG Astronomy Meeting Log 2007-12-28 === * https://www.redhat.com/archives/fedora-astronomy-list/2007-December/msg00047.html -- Thomas Chung http://fedoraproject.org/wiki/ThomasChung From rmeggins at redhat.com Tue Jan 8 15:53:50 2008 From: rmeggins at redhat.com (Rich Megginson) Date: Tue, 08 Jan 2008 08:53:50 -0700 Subject: Announcing Fedora Directory Server 1.1.0 Message-ID: <47839C8E.3010408@redhat.com> Fedora Directory Server 1.1.0 is now available. See http://directory.fedoraproject.org/wiki/Release_Notes for details about new features and new installation procedures. What's new? * Auto UID and GID number generation with the libdna plugin - Distributed Numeric Assignment * Separate packages - each main component is in its own package - uses yum for installation * Filesystem Hierarchy Standard file/path layout (e.g. log files are under /var/log/dirsrv) * Init scripts! service dirsrv {start|stop|restart} [instance name] service dirsrv-admin {start|stop|restart} edit /etc/sysconfig/dirsrv or /etc/sysconfig/dirsrv-admin to set environment * Many of the components are now built into Fedora * The setup command is now /usr/sbin/setup-ds-admin.pl * startconsole is gone - use /usr/bin/fedora-idm-console instead * Migration from version 1.0 and earlier is fully supported by the /usr/sbin/migrate-ds-admin.pl script provided with the package * IcedTea Java runs the console on Fedora 8 and later - proprietary Java no longer required Known Issues * Binary packages are provided only for Fedora 6, 7, 8 and 9 - The Fedora 6 packages should run on EL5.1 (not 5.0) * Version 1.1 does not include the phonebook, gateway, or org chart web apps - those will be provided in a following release * Migration to Fedora 8 and later, and upgrading an existing Fedora DS on Fedora 8, requires LDIF files - binary database migration and upgrade from an earlier release to Fedora 8 or later does not work. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3245 bytes Desc: S/MIME Cryptographic Signature URL: From mspevack at redhat.com Fri Jan 11 16:11:13 2008 From: mspevack at redhat.com (Max Spevack) Date: Fri, 11 Jan 2008 11:11:13 -0500 (EST) Subject: FUDCon Raleigh 2008 Message-ID: FUDCon weekend has started here in Raleigh at the Red Hat headquarters. We had about 60 hackers show up on Friday morning for the hackfest day, and we've broken up into several groups for what should be a great day of work on Fedora. Saturday January 12th is the "main" FUDCon with presentations, etc. All of Saturday's sessions will take place at the main Red Hat headquarters in Raleigh. I want to make sure everyone knows the schedule for Saturday, so here it is. 8:30 AM Breakfast 9:00 AM Fedora State of the Union 9:30 AM Begin pitching sessions 10:15 AM Session #1 11:15 AM Session #2 Noon Lunch 1:30 PM Session #3 2:30 PM Session #4 3:30 PM Session #5 4:30 PM Session #6 5:30 PM Wrap up, clean up 6:30 PM FUDPub at the Flying Saucer 328 W Morgan St, Raleigh NC 27601 From mspevack at redhat.com Sat Jan 12 04:11:37 2008 From: mspevack at redhat.com (Max Spevack) Date: Fri, 11 Jan 2008 23:11:37 -0500 (EST) Subject: Fedora's way forward Message-ID: To the Fedora community: The first day of FUDCon is now complete. 78 members of our community spent the entire day working on many aspects of Fedora. It was an incredibly productive day, and we expect the rest of the weekend to be more of the same. Over 150 people will be attending FUDCon on Saturday, which will be a more traditional day of presentations, sessions, etc. The opening talk will be my yearly "State of Fedora" speech. I believe it will be videotaped and up on the internet eventually, but I want to take a few minutes to share some of the details with you. ==== Two years ago, Matthew Szulik (Red Hat's CEO) asked me to be the Fedora Project Leader, and I was flattered and humbled by the opportunity. It has been one of the coolest jobs that a person could have. I started about one month before Fedora Core 5 was released. Only a few people within the Fedora community knew me -- I had been at Red Hat for a year and a half at that point in the Red Hat Network group, but I had not done much with Fedora other than simply *use* the distro. You, the community, were very fair with me, incredibly accepting, and you gave me the opportunity to earn your respect and to influence the direction of Fedora. You trusted me, you gave me a chance, and I appreciate that more deeply than I can express. I hope I have not disappointed you. Now we're a few months past the Fedora 8 release, and the time has come for me to hand off the Fedora Project Leader role, though I hope to remain involved in Fedora and Red Hat's community efforts. That's all I want to say about me. Now I want to talk about the larger Fedora Project, and introduce a few new leaders. ==== Fedora has come a long way in the last few years. Red Hat has committed more resources to Fedora, enabling us to grow the Fedora team when the opportunity came up to hire some of the true stars of the Fedora community. This in turn allows the core group of Fedora folks within Red Hat to be more effective leaders within the community, because a focus on community building is the most important thing that we do. The people who are lucky enough to get paid to spend their workdays 100% on Fedora each have a responsibility to be community builders first, and individual contributors second. A community that does not grow and that does not develop new leadership will stagnate. Red Hat's investments in the Fedora community help to prevent this. Continuing to grow our community, lower barriers to entry, and develop new leaders will remain a top priority for Fedora. We've also made tremendous changes to Fedora at a technical level in the past two years -- merging Core and Extras into a single repository, working with Red Hat and community engineers to produce a new build system for Fedora, and new tools that allow users to create fully customized versions of Fedora and deliver Fedora in new ways (Live USB, for example). Additionally, the work that we have done with the branding, marketing, and press folks both inside Red Hat and in our community has led to a resurgence in the Fedora brand. Fedora enjoys an identity as an independent Linux distribution that focuses on innovation, freedom, and community, all while still serving as the upstream for RHEL. ==== I am very pleased to announce that Paul Frields has accepted a job with Red Hat, and he will be taking over as Fedora Project Leader in February. Many of you already know Paul. He has been part of the Fedora community since 2003, not long after the Red Hat Linux Project officially merged with the original Fedora.us. Paul has worked with Fedora's documentation, packaging, marketing, news, and artwork teams. He also served as one of the inaugural members of the Fedora Project Board. ==== Additionally, Jack Aboutboul has recently transferred into a full-time job in Red Hat's marketing and brand communications group. We have asked Jack to take an active leadership role in Fedora marketing, community building, and Ambassadors. Jack was one of the original Fedora Ambassadors in our community. He has organized FUDCons, and he has been promoting Fedora with his endless energy and enthusiasm for several years now. While Jack was in school, he worked for Red Hat as an intern and part-time employee, and we are very happy to bring Jack on full-time to continue building the Fedora community. ==== I have rambled on now for far longer than I planned to. I shall simply say that it has been an honor to be the Fedora Project Leader. Thank you. --Max From tchung at fedoraproject.org Mon Jan 14 08:56:18 2008 From: tchung at fedoraproject.org (Thomas Chung) Date: Mon, 14 Jan 2008 00:56:18 -0800 Subject: Fedora Weekly News Issue 115 Message-ID: <369bce3b0801140056ya6017bj1fee9ece8b15274e@mail.gmail.com> = Fedora Weekly News Issue 115 = Welcome to Fedora Weekly News Issue 115 for the week of January 7th http://fedoraproject.org/wiki/FWN/Issue115 In Announcement, we have "Fedora's way forward" a special announcement by MaxSpevack In Planet Fedora, we have "Transition", "Fedora marketing revitalization", "To all FUDCon attendees", "FUDCon 2008 - Day 2" and "FUDCon 2008 - Day 1" To join or give us your feedback, please visit http://fedoraproject.org/wiki/NewsProject/Join. 1. Announcements 1. Fedora's way forward 2. Planet Fedora 1. Transition 2. Fedora marketing revitalization 3. To all FUDCon attendees 4. FUDCon 2008 - Day 2 5. FUDCon 2008 - Day 1 3. Marketing 1. Fedora gets a new project leader 2. FUDCon Raleigh 2008 Video 4. Developments 1. The X-orcist: Driver Slasher! 2. Call To Choose An Initscript Replacement 3. Firewire, Choice And Fedora 4. Applications Using Type1 Fonts Should Upgrade To OTF 5. I'm Melting! Core Temp Of 125C Due To Kernel? 5. Infrastructure 1. Outages 2. A new FIG: sysadmin-tools 6. Security Week 1. Coverity and Open Source 2. Bruce Schneier Interview 7. Security Advisories 1. Fedora 8 Security Advisories 2. Fedora 7 Security Advisories 8. Events and Meetings 1. Fedora Board Meeting Minutes 2008-MM-DD 2. Fedora Ambassadors Meeting 2008-MM-DD 3. Fedora Documentation Steering Committee 2008-MM-DD 4. Fedora Engineering Steering Committee Meeting 2008-01-10 5. Fedora Infrastructure Meeting (Log) 2008-01-10 6. Fedora Localization Meeting 2008-MM-DD 7. Fedora Marketing Meeting 2008-MM-DD 8. Fedora Packaging Committee Meeting 2008-MM-DD 9. Fedora Quality Assurance Meeting 2008-MM-DD 10. Fedora Release Engineering Meeting 2008-MM-DD 11. Fedora SIG EPEL Meeting Week 02/2008 12. Fedora SIG KDE Meeting Week 02/2008 13. Fedora SIG Store Meeting (Log) 2008-01-09 14. Fedora SIG Astronomy Meeting Log 2008-MM-DD [[Anchor(Announcements)]] == Announcements == In this section, we cover announcements from Fedora Project. In this issue, we've included all new announcements since last issue. https://www.redhat.com/mailman/listinfo/fedora-announce-list Contributing Writer: ThomasChung === Fedora's way forward === MaxSpevack announces in fedora-announce-list[1], "Over 150 people will be attending FUDCon on Saturday, which will be a more traditional day of presentations, sessions, etc. The opening talk will be my yearly "State of Fedora" speech. I believe it will be videotaped and up on the internet eventually, but I want to take a few minutes to share some of the details with you." "I am very pleased to announce that PaulFrields has accepted a job with Red Hat, and he will be taking over as Fedora Project Leader in February." "Additionally, JackAboutboul has recently transferred into a full-time job in Red Hat's marketing and brand communications group. We have asked Jack to take an active leadership role in Fedora marketing, community building, and Ambassadors." https://www.redhat.com/archives/fedora-announce-list/2008-January/msg00003.html [[Anchor(PlanetFedora)]] == Planet Fedora == In this section, we cover a highlight of Planet Fedora - an aggregation of blogs from world wide Fedora contributors. http://fedoraproject.org/wiki/Planet Contributing Writers: ThomasChung === Transition === MaxSpevack points out in his blog[1], "While Paul will be taking over for me as the Fedora Project Leader in February, I will still be involved in Fedora. I am going to be spending a lot of time over the next month or two helping Paul transition into the job, especially during the several-week period that we are in right now when Paul is still finishing up his old job and before he joins Red Hat." [1] http://spevack.livejournal.com/42900.html === Fedora marketing revitalization === KarstenWade points out in his blog[1], "As a last hackfest item before my flight, we're talking with Red Hat's press/comms superstar Leigh Day about Fedora marketing. She is leading a mini-design thinking session with us around everything from our communications mechanism to how we handle event planning and execution." [1] http://iquaid.org/2008/01/13/fedora-marketing-revitalization/ === To all FUDCon attendees === JonRoberts points out in his blog[1], "I know everyone is busy hacking away, and today is the last day, but if anyone happens to have a spare moment to reply to a few generic questions about what they've gotten upto that would be hugely appreciated :) Want to try and do something useful with this info to help promote Fedora and everyone's aweseome work...Will even try and send out some more specific questions later - have fun! Oh, p.s. reply to these on the marketing list, to my e-mail or on this blog if you get a chance." [1] http://blog.questionsplease.org/2008/01/13/to-all-fudcon-attendees/ === FUDCon 2008 - Day 2 === ChrisTyler points out in his blog[1], "FUDCon day 2 has wrapped up. It was great to meet a number of people who to this point have been a hackergotchi or IRC nick." [1] http://blog.chris.tylers.info/index.php?/archives/100-FUDCon-2008-Day-2.html === FUDCon 2008 - Day 1 === JefSpaleta points out in his blog[1], "Here's a smattering of pictures from day 1. First a picture from this morning's meetup before breaking into groups for the hackfest:" [1] http://jspaleta.livejournal.com/17056.html [[Anchor(Marketing)]] == Marketing == In this section, we cover Fedora Marketing Project. http://fedoraproject.org/wiki/Marketing Contributing Writer: ThomasChung === Fedora gets a new project leader === RahulSundaram reports in fedora-marketing-list[1], "Isn't it interesting that someone could have such a big impact on Red Hat as Paul has...without working for Red Hat? That's the power of open source. Merit before bureaucracy." [1] https://www.redhat.com/archives/fedora-marketing-list/2008-January/msg00074.html === FUDCon Raleigh 2008 Video === RahulSundaram reports in fedora-marketing-list[1], "This is a special edition of Weekly Wire, made on location at the Fedora User and Developers Conference (FUDCon) in Raleigh, N. Carolina. This video gives you a look at how FUDCon operates and introduces you to some of the participants." [1] https://www.redhat.com/archives/fedora-marketing-list/2008-January/msg00070.html [[Anchor(Developments)]] == Developments == In this section, we cover the problems/solutions, people/personalities, and ups/downs of the endless discussions on Fedora Developments. http://www.redhat.com/mailman/listinfo/fedora-devel-list Contributing Writer: OisinFeeley === The X-orcist: Driver Slasher! === A call for objections to the removal of specific Xorg drivers was posted[1] by AdamJackson as part of the clean-up work he was doing while porting to the new server APIs. Adam listed the following as slated for removal: ''avivo'' (ATI R500+ chips will use either ''radeon'' or ''radeonhd''); ''s3''; ''vga''; ''ark''; ''chips'' and ''tseng''. Adam asked that objections to any part of his plan should now speak up. [1] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00847.html The ''chips'' driver for C&T 65xx mode[2] was declared[3] by AlanCox to be essential to the small LCD displays which are common on low-power boxes and for which VESA is unable to correctly set the modes. Alan offered to test or debug as required. Adam promised[4] "chips will be spared from the coming apocalypse." [2] "Chips and Technology" http://en.wikipedia.org/wiki/Chips_and_Technologies [3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00852.html [4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00858.html The next two objections seemed to be false alarms. WarrenTogami was worried[5] about both the AMD Geode driver and the ''s3'' driver as the former was used by the OLPC and the latter by Intel's "Affordable PC". ThorstenLeemhuis corrected[6] this with the information that the APC actually used the "SiSM661GX [which] is driven by xorg-x11-drv-sis" and AdamJackson confirmed[7] this and also clarified that the AMDGeode was not going to be dropped. HansdeGoede noted[8] however that the ''vesa'' driver would not be able to handle pre-Virge cards contrary to Adam's plan as their BIOSes had no VESA support. [5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00930.html [6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00941.html [7] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00983.html [8] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00943.html A plea to save the ''tseng'' driver came[9] from FelixMiata. He outlined their usefulness for upgraders with only a PCI and no AGP slots. In the end Adam agreed to do his best to port all the drivers (as a low priority task) as there had been requests to retain them. ChristopherAillon and AlanCox nevertheless vied[11] to name the promised purge. [9] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00935.html [10] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01058.html [11] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01051.html === Call To Choose An Initscript Replacement === Another discussion (see also FWN#111 "Fedora 8 Boot-up Speed"[1]) on how to decrease init time occurred when EricTanguy asked[2] for discussion of ''Mudur'', an init system for the Turkish GNU/Linux distribution named ''Pardus''[3]. The project's webpage identifies disk I/O as a limiting resource and the use of startup scripts rewritten in Python to run in parallel and avoid unnecessary I/O as the solution. The Pardus approach does not replace ''initd''. [1] http://fedoraproject.org/wiki/FWN/Issue111#head-2fa65b1cb87233afa6584ff976a30ded300fab7e [2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00460.html [3] http://www.pardus.org.tr/eng/projeler/comar/SpeedingUpLinuxWithPardus.html CaseyDahlin responded[4] that he had been working on a parallel boot system, ''rrn'', which provided ''dbus'' notifications of starting services, retains 'initd' and is compatible with SysV initscripts. (A FUDCon[5] session was planned for ''rrn''). Casey was skeptical about the use of Python, preferring Haskell, but agreed that BASH ran many other programs causing extra I/O. [4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00484.html [5] http://barcamp.org/FUDConRaleigh2008 JonathanUnderwood asked why ''upstart'' had not been chosen as a replacement and Casey provided[6] the information that discussions on the subject (he included a link to the wiki entry) had preferred ''prcsys'' but that its use of pthreads and lack of dbus functionality had inidcated a rewrite would be useful. Jonathon thought[6a] that the current roadmap for "upstart" obviated many of those objections. [6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00490.html [6a] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00558.html NicolasMailhot wished[7] that any replacement init system would also take care of session initiation and LinusWalleij provided[8] a link to the ''InitKit'' project at Freedesktop.org. Casey investigated this and later reported[8a] that InitKit plans solely to create a standard for even-based activation to provide a common target for dependent software. No actual code is specifically planned to come from InitKit. [7] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00506.html [8] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00518.html [8a] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00918.html A name-change was suggested by LeszekMatok due to both the sound and a potential namespace pollution. Casey explained[9] that it stood for "Resolve/Run/Notify" but took the points on board. [9] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00579.html The suggestion that Haskell might be used was ridiculed by DimiPaun who pointed out that any language chosen should be widely known by sysadmins and that it would be better to use C if the init scripts were to be rewritten. YaakovNemoy accepted the obscurity argument but argued[10] Haskell's advantages over Python, pointing out that Haskell needed no VM and instead is compiled to native machine code. NilsPhilippsen thought[11] that requiring a compiler collection merely to boot a machine needed much justification. [10] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00545.html [11] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00569.html The use of any dependency bloating requirements such as PERL or Python was considered[12] a non-starter by EnricoScholz. YaakovNemoy responded[13] that Python was installed on most machines and that the combination of Bash with awk, grep and other tools most definitely was. Yaakov called for comparative measurements of the time taken and number of kilobytes read during startup by the current system and one that starts python. Enrico pointed[14] to over 50% of his machines not using Python and MattMiller's disbelief that YUM (and hence python) was installed on less than half was answered[15] by DanielBerrange with the information that "stateless" installs or VM "appliances" do not require YUM. [12] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00505.html [13] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00541.html [14] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00551.html [15] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00582.html The use of an initscript which required anything outside of POSIX was anathema to RalfCorsepius. NilsPhillipsen responded[16] that he could see no way of removing the numerous forks and exec()s within the current SysV framework. Casey and YaakovNemoy thought that Ralf's argument that a bare-bones POSIX should be adhered to was a nearly religious one. Ralf backed[18] up his argument with reference to SuSE's initscript changes. [16] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00572.html [17] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00826.html [18] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00829.html The suggestion of HorstvonBrand was that service dependencies should be considered and AndrewFarris largely agreed[19] but thought that Horst's specific suggestion that a webserver should be prevented from running if there were no network was wrong. An interesting subthread developed in which the hanging of network services due to DNS lookups failing when there is no network developed. [19] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00860.html The suggestion that daemons could be changed to become non-forking and thus avoid having to use Python was made[20] by Enrico and this led to an informative exchange. NilsPhilippsen riposted[21] that Enrico's scheme only handled the subset of daemons which used pidfiles and that Python was not irretrievably bloated. JamesAntill confirmed[22] that a "core" python could be a fraction of the current size, but cautioned that it would be a lot of work to sort out the dependencies. Enrico responded[23] with an estimate of the size of a slimmed down bash and arguments that suggested that pidfiles were an anachronism required by initsystems with forking daemons. Nils seemed to rebut[24] most of these points, arguing that PIDs of processes could change and that python's size had been demonstrated to be of similar magnitude to bash's. Enrico countered[25] this by noting, among other things, that fork() and exec() performance were dependent on the particular program being executed and that a distinction needed to be drawn between first startup (which is not that important) and subsequent instances. This exchange continued a little further without apparent resolution or clarity. [20] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00619.html [21] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00624.html [22] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00739.html [23] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00633.html [24] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00642.html [25] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00650.html A suggestion was made[26] by CaseyDahlin to consider the use of ''busybox'' to replace bash and its attendent required programs. KevinKofler worried[27] that the number of forks would remain the same and wondered whether a "shell which emulates POSIX process handling in-process and uses direct builtin function calls for commands like sed rather than forking a new process [...] could work," but worried that maintainability would suffer due to the need for special-case code to handle pipes and other necessary features. Both Casey[29] and AlanCox[30] noted that the fork was less of an issue than the execve due to disk IO. Alan suggested Plan9's ''rc'' or ''ash'', but BillNottingham reported[31] that ''ash'' had been benchmarked and shown to be unpromising. [26] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00607.html [27] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00611.html [28] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00611.html [29] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00612.html [30] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00632.html [31] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00677.html A skeptical evaluation of ''initng'' was posted by LennartPoettering who seemed inclined[32] towards favoring ''upstart'' but thought it was a bit of a moving target "in short: initng is a joke, initkit not ready yet, upstart a bit of a moving target that's going to be replaced soon anyway. The other systems seem to be too simple (minit, runit) or totally un-Linuxish (SMF, launchd)." Lennart preferred the idea of following Debian's lead and implementing LSB headers "to allow parallel startup" and Casey responded[33] that Fedora should "commit to that outright, and not let ourselves sit on our asses for another 5 years while everything blows by." [32] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00666.html [33] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00675.html Casey made the excellent point that Fedora is supposed to be a showcase for innovation and that he had attempted to move forward with ''rrn'' (based on discussion with HaraldHoyer) and this was now apparently not desired. He exhorted fellow contributors to pick firm goal so that someone could do the work and expressed the willingness to do it himself as long as there was an agreed target. === Firewire, Choice And Fedora === The prize for this week's mammoth thread is awarded to one started by a complaint about regressions in firewire (IEEE 1394) support made[1] by HansdeGoede. Hans wondered if the implementation of the ''juju'' stack in the kernel to the exclusion of the old stack was a good idea and argued that both should have been provided with a switching utility. As supplementary evidence of Fedora being too "bleeding edge" he pointed to a PulseAudio bugzilla entry which on the face of it documents much unhappiness. ThorstenLeemhuis agreed (except about PulseAudio) and threw in[2] ''hplip'' for good measure. He added that "Linux is about choice" and disparaged the decisions made by the Fedora Project to not ship, for example, Xgl and the latest Zope/Plone. [1] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00845.html [2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00848.html Hans' original firewire concerns spawned a mostly technical thread while his more general complaint and Thorsten's amplification of it gave rise to a very wide ranging, voluminous argument. The firewire issue was directly addressed[3] by WillWoods who posted that a fix had already gone into Fedora 7 and Fedora 8, due in no small part to the feedback received by making the Juju stack available in Fedora. Information[4] from KrzysztofHalasa and JarodWilson suggested that Hans' "Via vt 6306" controller should work in OHCI-1.1 mode and Hans offered to help test a rawhide kernel built with some of the upstream linux1394 tree when it was ready. [3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00851.html [4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01029.html The idea that "Linux is about choice" was roundly rebuffed[5] by AdamJackson in a longish, impassioned post which argued that too much choice increased the failure rates combinatorially: "If I could only have one thing this year, it would be to eliminate that meme from the collective consciousness. It is a disease. It strangles the mind and ensures you can never change anything ever[...]" There was lots of (dis)agreement on this point especially between DavidZeuthen in agreement and PatriceDumas arguing in favor of more diversity. It was mildly heated and led David to accuse[6] Patrice of "screw[ing] up the SN ratio of this list even more". David wondered why he (David) was even on the list anymore. [5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00861.html [6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00988.html === Applications Using Type1 Fonts Should Upgrade To OTF === The suggestion that some means be introduced to handle fonts not registered through ''fontconfig'' was made[1] by PatriceDumas. Patrice had been investigating packages which use Type1 fonts via ''t1lib'' and wondered if the Debian package ''defoma''[2] would provide a solution. [1] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01046.html [2] DEbian FOnt MAnager http://packages.debian.org/unstable/admin/defoma KellyMiller was horrified[3] and cited his negative experiences with ''defoma'', including Xorg locking during startup, as a prime motivator in switching to Fedora. In response to MatejCepl Patrice clarified[4] that there was nothing wrong with ''fontconfig'' except that some applications, specifically ''grace'', ''xglyph'' and ''xdvi'', did not use it. Patrice noted that it might be better to port ''t1lib'' to use fontconfig instead of adding ''defoma''. [3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01048.html [4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01113.html A long-term perspective was added[5] by NicolasMailhot when he commented that Type1 fonts were becoming increasingly rare as the preferred non-TTF format was now OTF[6]. Nicolas advised that applications currently depending on Type1 fonts should upgrade their backend. [5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01145.html [6] http://en.wikipedia.org/wiki/OpenType === I'm Melting! Core Temp Of 125C Due To Kernel? === A very excitingly titled message was posted[1] by MatthewMiller. Matthew had seen the core temperature of a 32-bit Athlon 3200+ soar to 125C when he built a package while running kernel 2.6.24-0.133.rc6.git8.fc9. The previous kernel showed a more modest 95C. The machine was powering off once the 125C temperature was reached. [1] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00443.html AndrewHaley suggested[2] that the hardware was at fault rather than the software which led RichiPlana to rebut[3] that with a list of instances in which software had damaged hardware. AlanCox seemed to agree[4] with Richi that it was possible that a kernel error could lead to overheating and then the BIOS would shut the machine off once a critical temperature had been reached. Alan requested that the fans be checked and then old and new kernels run and if any anomalies resulted that Len Brown then be informed. [2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00444.html [3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00452.html [4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00459.html Inaccurate ACPI readings with other AMD processors were reported by SteveGrubb[5] and TrondDanielsen[6] although Trond noted that ''lm_sensors'' appeared to give accurate readings. [5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00447.html [6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00589.html [[Anchor(Infrastructure)]] == Infrastructure == In this section, we cover the Fedora Infrastructure Project. http://fedoraproject.org/wiki/Infrastructure Contributing Writer: HuzaifaSidhpurwala This section contains the major discussion, happening on the Fedora infrastructure list between 6th January 2008 to 12th January 2008. === Outages === MikeMcGrath reports[1], We've had some strange hardware outages over the last week or so. Basically 3 box reboots, one time xen6, and once or twice xen1. The more important guests have been moved off of xen1 on to xen2. xen2 is now running a lot of guests - app1, app2, app3, koji1, releng1, noc1, puppet1, 3 test servers. The host were later moved back to xen1. The RH team has been engaged to see if we experience anything strange there like brown outs etc. If they dont have anything and the box continues to act up then Dell will be called. Later in the week it was realised that the isssue was iscsi related. We dont have any monitoring tools on the hardware. [1] https://www.redhat.com/archives/fedora-infrastructure-list/2008-January/msg00025.html === A new FIG: sysadmin-tools === MikeMcGrath reports[1], Similar to the web group the sysadmin-tools group has access to a number of our collaborative tools (in the future to include asterisk, gobby and likely mailman). [1] https://www.redhat.com/archives/fedora-infrastructure-list/2008-January/msg00045.html [[Anchor(SecurityWeek)]] == Security Week == In this section, we highlight the security stories from the week in Fedora. Contributing Writer: JoshBressers === Coverity and Open Source === There were quite a few stories about Coverity this week. Most were rather poorly written and were confusing at best. The real story is best read from the Coverity site here: http://scan.coverity.com/ In general Coverity is portrayed in a mostly positive light for providing their service to various Open Source projects. In reality it's not that simple. Using a closed source tool for the supposed benefit of Open Source is misleading at best. If Coverity was serious about improving the state of Open Source, they would release their tool under an Open Source license for the community to consume and improve upon. Right now they simply have a clever marketing program. === Bruce Schneier Interview === Computerworld has a nice interview with Bruce Schneier that even mentions Linux: http://www.computerworld.com.au/index.php/id;1891124482;pp;1 He is one of the few security public figures who can explain things in a manner that most people can understand. [[Anchor(SecurityAdvisories)]] == Security Advisories == In this section, we cover Security Advisories from fedora-package-announce. https://www.redhat.com/mailman/listinfo/fedora-package-announce Contributing Writer: ThomasChung === Fedora 8 Security Advisories === * python-cherrypy-2.2.1-8.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00240.html * mantis-1.1.0-1.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00309.html * libxml2-2.6.31-1.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00379.html * postgresql-8.2.6-1.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html * drupal-5.6-1.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00401.html * qimageblitz-0.0.4-0.3.svn706674.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00456.html * tog-pegasus-2.6.1-3.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00480.html === Fedora 7 Security Advisories === * mantis-1.1.0-1.fc7 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00227.html * python-cherrypy-2.2.1-8.fc7 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00297.html * qimageblitz-0.0.4-0.3.svn706674.fc7 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00381.html * drupal-5.6-1.fc7 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00387.html * libxml2-2.6.31-1.fc7 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00396.html * tog-pegasus-2.6.0-3.fc7 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00424.html * postgresql-8.2.6-1.fc7 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html [[Anchor(EventsMeetings)]] == Events and Meetings == In this section, we cover event reports and meeting summaries from various Projects and SIGs. Contributing Writer: ThomasChung === Fedora Board Meeting Minutes 2008-MM-DD === * No Report === Fedora Ambassadors Meeting 2008-MM-DD === * No Report === Fedora Documentation Steering Committee 2008-MM-DD === * No Report === Fedora Engineering Steering Committee Meeting 2008-01-10 === * https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01224.html === Fedora Infrastructure Meeting (Log) 2008-01-10 === * https://www.redhat.com/archives/fedora-infrastructure-list/2008-January/msg00060.html === Fedora Localization Meeting 2008-MM-DD === * No Report === Fedora Marketing Meeting 2008-MM-DD === * No Report === Fedora Packaging Committee Meeting 2008-MM-DD === * No Report === Fedora Quality Assurance Meeting 2008-MM-DD === * No Report === Fedora Release Engineering Meeting 2008-MM-DD === * No Report === Fedora SIG EPEL Meeting Week 02/2008 === * https://www.redhat.com/archives/epel-devel-list/2008-January/msg00058.html === Fedora SIG KDE Meeting Week 02/2008 === * https://www.redhat.com/archives/fedora-devel-list/2008-January/msg00790.html === Fedora SIG Store Meeting (Log) 2008-01-09 === * https://www.redhat.com/archives/fedora-marketing-list/2008-January/msg00064.html === Fedora SIG Astronomy Meeting Log 2008-MM-DD === * No Report -- Thomas Chung http://fedoraproject.org/wiki/ThomasChung From jwboyer at gmail.com Thu Jan 17 00:48:35 2008 From: jwboyer at gmail.com (Josh Boyer) Date: Wed, 16 Jan 2008 18:48:35 -0600 Subject: Cast your vote for the Fedora 9 Codename! Message-ID: <20080116184835.1bddf0f3@zod.rchland.ibm.com> We have several options for the Fedora 9 codename, and you get to help decide which we use! https://admin.fedoraproject.org/voting/vote.cgi is the URL to cast your vote. Log in with your Fedora Account name and password. As long as you belong to at least one group in the Fedora Account system you can cast your vote. Voting will end and be tallied at 2008-01-24 23:59:59 UTC josh From tchung at fedoraproject.org Mon Jan 21 08:58:29 2008 From: tchung at fedoraproject.org (Thomas Chung) Date: Mon, 21 Jan 2008 00:58:29 -0800 Subject: Fedora Weekly News Issue 116 Message-ID: <369bce3b0801210058o3517dd34k20e4b7c4552b4911@mail.gmail.com> = Fedora Weekly News Issue 116 = Welcome to Fedora Weekly News Issue 116 for the week of January 14th http://fedoraproject.org/wiki/FWN/Issue116 In Announcement, we have "Cast your vote for the Fedora 9 Codename!" In Planet Fedora, we have "Looking for a few good hackers!", "Fire in the Attic, Proof of the Prize", and "PackageKit Interview" To join or give us your feedback, please visit http://fedoraproject.org/wiki/NewsProject/Join. 1. Announcements 1. Cast your vote for the Fedora 9 Codename! 2. Planet Fedora 1. Looking for a few good hackers! 2. Fire in the Attic, Proof of the Prize 3. PackageKit Interview 3. Marketing 1. Red Hat at the crossroads 2. Video: Alan Cox on community and the enterprise 3. Fedora 9 and KDE 4.0.0 in distrowatch article 4. Developments 1. OpenVPN And NetworkManager 2. What To Do About Bugs? 3. Displaying Application Icons In PackageKit 4. AVC:Denied {trolling} For PID=666 Comm={SELinuxRemove} 5. System-config-firewall Changes For Fedora 9 6. Fedora 9 CD ISOs 5. Documentation 1. Status of FOP Support in xmlto 2. Progress on the DUG and AG 6. Infrastructure 1. Something up with the bzr browsing in trac 2. Continuing issues with xen1 7. Security Week 1. X Update 2. More Vulnerability Reporting 3. Embedded library madness 8. Security Advisories 1. Fedora 8 Security Advisories 2. Fedora 7 Security Advisories 9. Events and Meetings 1. Fedora Board Meeting Minutes 2008-01-13 2. Fedora Ambassadors Meeting 2008-01-17 3. Fedora Documentation Steering Committee 2008-MM-DD 4. Fedora Engineering Steering Committee Meeting 2008-MM-DD 5. Fedora Infrastructure Meeting (Log) 2008-01-17 6. Fedora Release Engineering Meeting 2008-01-14 7. Fedora SIG EPEL Meeting Week 03/2008 8. Fedora SIG KDE Meeting Week 03/2008 9. Fedora SIG Store Meeting (Log) 2008-01-16 [[Anchor(Announcements)]] == Announcements == In this section, we cover announcements from Fedora Project. In this issue, we've included all new announcements since last issue. https://www.redhat.com/mailman/listinfo/fedora-announce-list Contributing Writer: ThomasChung === Cast your vote for the Fedora 9 Codename! === JoshBoyer announces in fedora-announce-list[1], "We have several options for the Fedora 9 codename, and you get to help decide which we use!" "Voting will end and be tallied at 2008-01-24 23:59:59 UTC" [1] https://www.redhat.com/archives/fedora-announce-list/2008-January/msg00005.html [[Anchor(PlanetFedora)]] == Planet Fedora == In this section, we cover a highlight of Planet Fedora - an aggregation of blogs from world wide Fedora contributors. http://fedoraproject.org/wiki/Planet Contributing Writers: ThomasChung === Looking for a few good hackers! === JesseKeating points out in his blog[1], "Are you looking for that awesome summer job? Tired of spending your summer listening to your grandma's stories over and over again? Looking for a challenge, a resume builder, a real world experience, a chance to try out those flame proof undies? Well do we have something that might interest you!" [1] http://jkeating.livejournal.com/52337.html === Fire in the Attic, Proof of the Prize === JackAboutboul points out in his blog[1], "That's right! AOL might no longer be the laughing stock of everyone who has owned a computer since the 80's. Seriously though, AOL has the potential to be the world's largest identity providers. They have over 63 Million user accounts and have been working on implementing OpenID" "Now in case that wasn't exciting enough for you, the bombshell came this morning. AIM is going Jabber! I was absolutely delighted when I read this. AOL is making positive steps to finally move on and up from their decade long commitment to being as proprietary as possible and pissing of numerous people to actually opening up, embracing the age of open standards and trying to regain some mind share and build community." [1] http://feeds.feedburner.com/~r/MadRhetoric/~3/218930583/fire-in-attic-proof-of-prize.html === PackageKit Interview === JonRoberts points out in his blog[1], "Woah, it's the 18th of January 2008 - Fedora 9 Alpha is not even out yet but the first developer interview of the new year is! Thanks to Robin Norwood and Richard Hughes for giving me some of their time to talk about PackageKit, the super-cool cross-distribution package management solution that is already making things suck-less." [1] http://blog.questionsplease.org/2008/01/18/packagekit-interview/ [[Anchor(Marketing)]] == Marketing == In this section, we cover Fedora Marketing Project. http://fedoraproject.org/wiki/Marketing Contributing Writer: ThomasChung === Red Hat at the crossroads === RahulSundaram reports in fedora-marketing-list[1], "Red Hat has managed to walk the line between corporate ambition and community ethics, resisting the temptation to compromise in deals with Microsoft and others, and has endeavored to remain honest and true to its community roots, which it has maintained through its dependence on the Fedora community." [1] https://www.redhat.com/archives/fedora-marketing-list/2008-January/msg00132.html === Video: Alan Cox on community and the enterprise === RahulSundaram reports in fedora-marketing-list[1], "Interesting and concise descriptions of a lot of things. Alan Cox on his involvement in the Linux kernel, working for Red Hat, the value of enterprises, subscription model, staying true to Free software, birth of Fedora and even more." [1] https://www.redhat.com/archives/fedora-marketing-list/2008-January/msg00118.html === Fedora 9 and KDE 4.0.0 in distrowatch article === SebastianVahl reports in fedora-marketing-list[1], "The Fedora distribution has traditionally been focusing on GNOME as its preferred desktop environments, but with the increasing community participation in the project, perhaps we shouldn't be surprised that KDE 4.0.0 is now included in "rawhide" (Fedora's development branch). Not only that, it also appears to be the default KDE (KDE 3.5.8 is present as well, but these packages have been renamed to kdebase3, kdelibs3, etc.). Moreover, the Fedora community has released an installable Fedora live CD containing a base system from the latest rawhide + KDE 4.0.0 - a good way to evaluate the progress Fedora has made since the release of version 8. The live CD is available for download from here: rawhide-KDE4-i686-20080109.4.iso (694MB, SHA1)." [1] https://www.redhat.com/archives/fedora-marketing-list/2008-January/msg00117.html [[Anchor(Developments)]] == Developments == In this section, we cover the problems/solutions, people/personalities, and ups/downs of the endless discussions on Fedora Developments. http://www.redhat.com/mailman/listinfo/fedora-devel-list Contributing Writer: OisinFeeley === OpenVPN And NetworkManager === A need to control individual VPN connections led JosVos to post[1] that Fedora's OpenVPN package currently stops and starts all VPN interfaces simultaneously using a single init script. Jos pointed out that the classic Red Hat way was to support interfaces with ifup/ifdown scripts, that there had been some groundwork done in 2004 towards this end, and he wondered if there was general interest in including such methods in Fedora. Although AndrewParker expressed interest in extending NetworkManager's functionality to include both this and the (un)mounting of network shares Jos was clear[2] that his interests excluded NetworkManager and were modestly focused on individual VPN connection control. [1] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01165.html [2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01174.html RalfErtzinger posted[3] a link to an rpm package of scripts which he had written[4] to do some of these things on Rawhide and CentOS5. [3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01194.html [4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01225.html Strong agreement that the ability to individually control VPN interfaces should be part of the OpenVPN package was expressed[5] by DavidWoodhouse. David added that this functionality should have been a condition of the initial review of the package. StevenPritchard explained[6] that at the time of the review it had appeared that NetworkManager was "going to take over the world" and thus ifup/ifdown had been neglected. It was observed[7] by DavidHollis that NetworkManager-openvpn seemed to be stagnating and lacked support for "tls-auth/tls-remote" among other options. DanWilliams responded[8] that the proliferation of OpenVPN options meant that adding GUI dialogs for all of them was impractical. He suggested that perhaps allowing custom-option-entries which could later be over-ridden if the same option were added to the GUI might solve the problem, but worried that opening up too much would present a security risk: "About the last thing we want to be doing is executing a root process with random arguments entered by some trojan that stuffed values into GConf." DavidHollis expanded[9] on the problems faced by OpenVPN administrators due to the inability of NetworkManager-openvpn to import a boilerplate configuration file. [5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01279.html [6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01342.html [7] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01346.html [8] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01354.html JosVos wrapped[9] things up with the promise to make a proposal based on the information he had been given, but it should be noted that this seems likely to be exclusive of NetworkManager functionality. [9] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01349.html === What To Do About Bugs? === An interesting thread was opened[1] by JesseKeating when he posted a link to a blog entry detailing frustrations with Ubuntu's bug handling policy. [1] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01870.html Many good points were made both expressing the problems faced by maintainers, an excellent example of which was KevinKofler's description[2] of the KDE workload, and those who have been frustrated by the manner in which their bugs have been handled. [2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01914.html Of particular note was the discussion[3] of bugs closed as "UPSTREAM" which saw some maintainers such as SethVidal state[4] that they would only do this if they had a fix already checked into the upstream codebase. MatejCepl made[5] a great post which linked to the actual description of what the "upstream" tag is supposed to mean and promote yet cautioned that bug reporters should be treated "as our most valuable asset". [3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01900.html [4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01901.html [5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01926.html The whole thread gives a frank and useful insight into some of the processes which swing into motion once Fedora users summon up the willpower to grapple with Bugzilla. === Displaying Application Icons In PackageKit === The buzz of excitement around PackageKit (e.g. JonathanRoberts' interview[1] of RichardHughes and RobinNorwood) stimulated a proposal[2] from JakubRusinek (livio) to replace the generic package icon with the specific icons for each application. [1] http://lwn.net/Articles/265748/ [2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01840.html BillNottingham pointed out[3] that this would bloat the repositories and increase the download times for users. Jakub suggested[5] that the hicolor-icon-theme could supply the missing icons and thus avoid users having to download all icons for all packages but Bill thought[6] that "updating the hicolor-icon-theme package every time we add a new app to Fedora, or any time such an app changes its icon, is somewhere beyond impractical." [3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01843.html [4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01847.html [5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01847.html [6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01849.html A nice summary of the situation was made[7] by JefSpaleta which suggested that if icon names could be included in the repodata then when they were present on the system they could be displayed, otherwise they would use a generic icon. Jef wondered if it was worth all the trouble though. [7] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01854.html After Jakub explained that he thought his proposal would add usability improvement, making PackageKit similar to Ubuntu's "gnome-app-install" RobinNorwood agreed[8] with Jakub that there would be some value in providing application specific icons, but pointed out that the current use of the icons was to indicate whether the package is installed on the system. He added that to implement Jakub's proposal was non-trivial and required adding an icon field to the package metadata. RichardHughes agreed and invited[9] Jakub to discuss things further on the PackageKit mailing list. MartinSourada added[10] encouragement that the scheme outlined by Jef could be implemented. Jakub seemed somewhat discouraged and cautioned[11] that he was not a programmer, but KevinKofler responded[12] that the feedback should not be taken personally. [8] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01862.html [9] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01867.html [10] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01879.html [11] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01887.html [12] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01865.html === AVC:Denied {trolling} For PID=666 Comm={SELinuxRemove} === A call for the removal of SELinux from the Desktop LiveCD spin was made[1] by ValentTurkovic. Valent argued that SELinux was useful for servers but that it was a net disadvantage to "ordinary desktop users". Initial answers took the question at face value, but later contributions from Valent appeared to be of a slightly goading nature, suggesting variously that Ubuntu LTS[1a] or SLED[1b] would be better than Fedora, so perhaps the thread should be read with skepticism. [1] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01573.html [1a] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01710.html [1b] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01722.html DanielBerrange listed[2] the confined system daemons on his laptop as examples of how SELinux helped "desktops". StevenSmalley added[3] the interesting information that "XACE/XSELinux has been merged to the trunk of xorg", which will allow yet more desktop applications to be confined. Valent commented that Daniel (and others) could always choose to use SELinux, but asked for specific examples of the benefits conferred. Daniel cited[4] the ''hplip'' arbitrary root execution in response. [2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01583.html [3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01580.html [4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01583.html Valent was still not buying the benefits of SELinux for "average home users" and now counterposed "corporate desktop" users and "fedora [as] a testing ground for redhat corporate desktop"[5]. Responses from GilboaDavra, AndrewFarris and others emphasized that it was necessary to develop protections against viruses now, but Valent doubted[6] the existence of viruses targeted towards GNU/Linux and suggested that SELinux should be developed and tested for five years before being rolled out. Gilboa responded[7] pretty comprehensively to this listing the network facing services exposed on many desktops and privilege escalation possibilities as broad categories in which security must improve. [5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01585.html [6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01708.html [7] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01731.html The discussion went fairly rapidly downhill with Valent citing[8] some ''grsecurity'' propaganda that SELinux is actually a potential "backdoor waiting to happen". This was debunked[9] by BenjaminKreuter and KarstenWade[10] who wondered ''In the "fantasy football" of NSA v. grsecurity team, I wonder who wins?'' A further claim from Valent that[10a] the interaction of Fluendo codecs and SELinux had been untested was hotly contested[10b] by BastienNocera who cited the evidence of the timestamp of the upstream bug filed with Fluendo and asked Valent to "Please stop lying." [8] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01724.html [9] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01727.html [10] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01784.html [10a] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01593.html [10b] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01620.html RichiPlana noted[11] both the problems Valent had highlighted with Fluendo gstreamer codecs (see FWN#107 "Fluendo Codecs Violate SELinux Policies" [12]) and also the necessity for SELinux being used now. He praised DanWalsh and others for sorting out bugs as they appear. [11] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01633.html [12] http://fedoraproject.org/wiki/FWN/Issue107#head-29d30b0ee5257a4fb5fe0f9d1ae760d75b7d7aec There were some interesting asides in the thread, such as JefSpaleta and KeithSharp's speculation[13] that internet cafes and other environments with transitory/untrustable users would make use of virtualization to clone fresh VM instances to each new user. This was in response to the suggestion that UbuntuLTS would be superior in such a setting. [13] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01811.html Yet more nuggets of information lurked beneath the surface. DanWalsh suggested[14] that Valent could use {{{su -c 'setsebool -P allow_execmod=1'}}} to disable "checking for badly coded shared libraries". This led to an interesting exchange with OlivierGalibert who was searching for documentation of the policy types, something which DavidMalcolm also wondered. Dan posted[15] some snippets from ''/usr/share/selinux/policy.xml'' which he admitted were not yet in a manpage. Olivier was also disturbed that programs with dynamic code generators (as listed[16] by Dan) were all being denied by default and needed[17] to be explicitly added to the list supplied by Dan. [14] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01736.html [15] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01824.html [16] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01868.html [17] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01872.html Later exchanges seemed to cover the same ground in different ways with various Fedora and Red Hat coders asking[18] for more specific objections or suggestions and explaining[19] the nature of the threat[20] which SELinux helps to mitigate and asking[21] that bug reports be filed so that DanWalsh can fix them. [18] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01588.html [19] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01752.html [20] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01754.html [21] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01600.html Final words in the thread were left to DouglasMcClendon who managed to bring in Bush, Waterboarding, Evolution and other stuff in apparently some sort of argument about why SELinux should not be enabled on all spins. This link[22] marks the point at which those who value their time should stop reading. [22] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01636.html === System-config-firewall Changes For Fedora 9 === An announcement[1] by ThomasWoerner of changes in ''system-config-firewall'' advised that the ''--port=:'' option in ''lokkit'' will no longer automatically start a service behind the opened port. Instead it will be necessary to use the new ''--service='' option. For new firewall configurations the defaults will be that on a server ''ssh'' is enabled and on a desktop ''ipsec'', ''mdns'' and ''ipp'' are enabled. [1] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01563.html BastienNocera doubted[2] that IPSec and IPP had much place in a desktop environment. AdamTkac agreed and added that ''mdns'' seemed questionable. TimNiemueller made the case[3] for IPP: a desktop machine sharing a printer and mDNS: DNS-SD is used by Avahi for service discovery such as fileshares, VNC and printers. JonStanley argued[4] that IPSec was necessary by default for VPN clients unless system-config-firewall made altering the firewall simple. CallumLerwick added[5] in response to AdamTkac that IPSec was a distinct protocol on top of IP and thus a stateful firewall would not suffice. [2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01621.html [3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01732.html [4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01741.html [5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01745.html === Fedora 9 CD ISOs === MikeMcGrath forwarded[1] a query from a user that needed Fedora on CD ISOs as his server lacked a DVD drive. SubhodipBiswas agreed[2] that this was an issue leading to many Fedora users sticking to older releases. [1] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01434.html [2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01435.html JesseKeating was able to answer[3] positively that the alpha compose would generate "split media", which seemed to mean CD ISOs, and also DVD ISOs. ChrisLumens was glad[4] to see that his hard work was still useful. [3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01436.html [4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01439.html RalfCorsepius wondered[5] whether there would be a split "Everything" as the Fedora ISOs did not cover the upgrade case for machines which had packages not present on the ISOs. Although Jesse responded negatively to this Ralf was delighted with JohnReiser's information[6] that the FedoraUnity project had indeed produced such a spin (and within four days of the official release too!). Ralf asked[7] whether FedoraUnity provided the equivalent of a Fedora ''boot.iso'' configured to do a network update from a server with "Everything + updates" and both JohnCiesla[8] and JesseKeating suggested[9] using the ''rescue.iso'' for this purpose. [5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01523.html [6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01537.html [7] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01538.html [8] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01543.html [9] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01545.html USB sticks were[10] on BennyAmorsen's mind as a useful medium and when RahulSundaram suggested {{{yum install livecd-tools; livecd-iso-to-disk }}} Benny clarified that he did not want a LiveCD but "the real release". Rahul responded[11] that LiveCDs were "real" and that regular instalable images were difficult to convert to bootable USB images. In response to JohnReiser's request Rahul clarified[12] that the was mean to be a DOS-style partition. [10] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01462.html [11] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01479.html [12] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01472.html Some experiments to attempt to write the installation image to a USB disk were performed[13] by TillMaas, apparently with some success[14]. [13] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01499.html [14] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01504.html [[Anchor(Documentation)]] == Documentation == In this section, we cover the Fedora Documentation Project. http://fedoraproject.org/wiki/DocsProject Contributing Writer: JohnBabich === Status of FOP Support in xmlto === KarstenWade noted that the rawhide version of xmlto now supports FOP[1]. This is a long-awaited and important step towards a completely unencumbered documentation tool chain. [1 ]http://www.redhat.com/archives/fedora-docs-list/2008-January/msg00142.html === Progress on the DUG and AG === A meeting was held on Saturday, 19 January at 1400 UTC to discuss progress on the Fedora Desktop User Guide (DUG) and the Administration Guide (AG). The goal is to finish both guides for inclusion in the final release of Fedora 9. The following is a summary of the meeting's main points: - The GNOME section of the DUG is almost complete, except for some minor editing. - The KDE section of the DUG is fairly complete, but still needs review to take into account any changes introduced by KDE4. - The section covering Xfce should be completed for this version of the DUG, since an official Xfce Live CD is planned for Fedora 9. - The location of the AG for conversion to Doc``Book XML is http://fedoraproject.org/wiki/Docs/Drafts/AGBeta. However, listed pages are still edited in their original location at http://fedoraproject.org/wiki/Docs/Drafts/AdministrationGuide. - A core group of 3-4 people have committed to early March completion of the AG. As always, "more hands on deck are more than welcome"[2], according to VladimirKosovac. [2] http://www.redhat.com/archives/fedora-docs-list/2008-January/msg00152.html. [[Anchor(Infrastructure)]] == Infrastructure == In this section, we cover the Fedora Infrastructure Project. http://fedoraproject.org/wiki/Infrastructure Contributing Writer: HuzaifaSidhpurwala === Something up with the bzr browsing in trac === SethVidal reports [1], There was a problem with https://fedorahosted.org/preupgrade/browser and it kept giving a no code to browse error message. It later turned out to be a configuration problem, which was fixed. [1] https://www.redhat.com/archives/fedora-infrastructure-list/2008-January/msg00078.html === Continuing issues with xen1 === MikeMcGrath reports [2], As with last weeks issue with xen1, there has been similar issue with xen2. xen2 is recently upgraded to RHEL5, but is now running FC6 as far as the kernel and the xen libs are concerned. The xen machines are not running F8 mainly because Fedora 8 is ill suited to this particular task which, in reality, is just an appliance/abstraction between our hosts and the hardware. [2] https://www.redhat.com/archives/fedora-infrastructure-list/2008-January/msg00088.html [[Anchor(SecurityWeek)]] == Security Week == In this section, we highlight the security stories from the week in Fedora. Contributing Writer: JoshBressers === X Update === New versions of X.org were released this week. http://lists.freedesktop.org/archives/xorg/2008-January/031918.html The tricky thing with X.org is that it has to run as root, so it gives a local attacker the potential to compromise the machine. === More Vulnerability Reporting === A report was made public last week that once again compares the number of flaws fixed in various things. I think Mark Cox and Window Snyder summed things up pretty well regarding those reports: http://blog.mozilla.com/security/2008/01/17/read-past-the-headlines-firefox-is-fixed-faster/ http://www.awe.com/mark/blog/200801161200.html At this point any intelligent reader should notice that these reports need to be taken with a grain of salt, and the real story isn't what's reported, but what one can learn from the data. === Embedded library madness === Right now there has been a bit of news from a company named Palamida. They like to point out all the things that contain embedded copies of various open source projects. http://www.linuxinsider.com/rsstory/61202.html Before 2002 this was a fairly common occurrence within a number of open source projects, until there were a number of zlib flaws. This made most project rethink keeping their own local copies of the source and using the system copy instead. This ties in nicely with the above mentioned vulnerability report. More vulnerabilities doesn't always mean less secure. [[Anchor(SecurityAdvisories)]] == Security Advisories == In this section, we cover Security Advisories from fedora-package-announce. https://www.redhat.com/mailman/listinfo/fedora-package-announce Contributing Writer: ThomasChung === Fedora 8 Security Advisories === * moodle-1.8.4-1.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00509.html * python-paramiko-1.7.1-3.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00529.html * xine-lib-1.1.9.1-1.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00592.html * syslog-ng-2.0.7-1.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00606.html * e2fsprogs-1.40.2-12.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00618.html === Fedora 7 Security Advisories === * moodle-1.8.4-1.fc7 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00519.html * python-paramiko-1.7.1-3.fc7 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00594.html * syslog-ng-2.0.7-1.fc7 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00610.html * e2fsprogs-1.40.2-3.fc7 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00629.html * cairo-1.4.14-1.fc7 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00630.html [[Anchor(EventsMeetings)]] == Events and Meetings == In this section, we cover event reports and meeting summaries from various Projects and SIGs. Contributing Writer: ThomasChung === Fedora Board Meeting Minutes 2008-01-13 === * https://www.redhat.com/archives/fedora-advisory-board/2008-January/msg00175.html === Fedora Ambassadors Meeting 2008-01-17 === * https://www.redhat.com/archives/fedora-ambassadors-list/2008-January/msg00154.html * https://www.redhat.com/archives/fedora-ambassadors-list/2008-January/msg00145.html === Fedora Documentation Steering Committee 2008-MM-DD === * No Report === Fedora Engineering Steering Committee Meeting 2008-MM-DD === * No Report === Fedora Infrastructure Meeting (Log) 2008-01-17 === * https://www.redhat.com/archives/fedora-infrastructure-list/2008-January/msg00076.html === Fedora Release Engineering Meeting 2008-01-14 === * https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01599.html === Fedora SIG EPEL Meeting Week 03/2008 === * https://www.redhat.com/archives/epel-devel-list/2008-January/msg00114.html === Fedora SIG KDE Meeting Week 03/2008 === * https://www.redhat.com/archives/fedora-devel-list/2008-January/msg01493.html === Fedora SIG Store Meeting (Log) 2008-01-16 === * https://www.redhat.com/archives/fedora-marketing-list/2008-January/msg00139.html -- Thomas Chung http://fedoraproject.org/wiki/ThomasChung From kanarip at kanarip.com Thu Jan 24 13:21:12 2008 From: kanarip at kanarip.com (Jeroen van Meeuwen) Date: Thu, 24 Jan 2008 14:21:12 +0100 Subject: Fedora Unity releases updated Fedora 7 Re-Spins Message-ID: <479890C8.7000704@kanarip.com> The Fedora Unity Project is proud to announce the release of new ISO Re-Spins (DVD and CD Sets) of Fedora 7. These Re-Spin ISOs are based on Fedora 7 and all updates released as of January 18th, 2008. The ISO images are available for i386, x86_64 and PPC architectures via jigdo starting Thursday, January 24th, 2008. We have included CD Image sets for those in the Fedora community that do not have DVD drives or burners available. Fedora Unity has taken up the Re-Spin task to provide the community with the chance to install Fedora with recent updates already included. These updates might otherwise comprise more than 1.99GiB of downloads for a full installation. This is a community project, for and by the community. You can contribute to the community by joining our test process. A special thanks goes out to: - Ben Williams (Southern_Gentlem), - Jeffrey Tadlock (zcat), - Dana Hoffman Jr. (Harley-D), - Jason Farrell (iWolf) Who have tested this Re-Spin in only 4 days (testing includes running 23 tests twice, per architecture -138 in total). Please note that this Re-Spin obsoletes the previous F7 Re-Spin by Fedora Unity, "20071030". If you are interested in helping with the testing or mirroring efforts, please contact the Fedora Unity team. Contact information is available at http://fedoraunity.org/ or the #fedora-unity channel on the Freenode IRC Network (irc.freenode.net). Go to http://spins.fedoraunity.org/spins to get the bits! To report bugs in the Re-Spins please use http://bugs.fedoraunity.org/ Fedora is a trademark of Red Hat, Inc. -- Kind regards, Jeroen van Meeuwen -kanarip Fedora Unity Founder kanarip at fedoraunity.org From kanarip at kanarip.com Thu Jan 24 15:28:29 2008 From: kanarip at kanarip.com (Jeroen van Meeuwen) Date: Thu, 24 Jan 2008 16:28:29 +0100 Subject: Fedora Unity releases updated Fedora 7 Re-Spins In-Reply-To: <479890C8.7000704@kanarip.com> References: <479890C8.7000704@kanarip.com> Message-ID: <4798AE9D.6080102@kanarip.com> Jeroen van Meeuwen wrote: > A special thanks goes out to: > > - Ben Williams (Southern_Gentlem), > - Jeffrey Tadlock (zcat), > - Dana Hoffman Jr. (Harley-D), > - Jason Farrell (iWolf) > I made the terrible mistake of mixing up the names for zcat and iWolf. Jeffrey Tadlock is iWolf, and Jason Farrell is zcat. I'm sorry, I hope you guys forgive me ;-) What's the going rate for this kind of mistake nowadays? A beer (or two?), a meal? Let me know! Kind regards, Jeroen "If it is Dutch it ain't much" van Meeuwen -kanarip From stickster at gmail.com Thu Jan 24 16:23:38 2008 From: stickster at gmail.com (Paul W. Frields) Date: Thu, 24 Jan 2008 11:23:38 -0500 Subject: FUDCon F9 Survey available Message-ID: <1201191818.29540.66.camel@localhost.localdomain> The Fedora marketing team has posted a survey regarding FUDCon F9, held January 11-13, 2008 in Raleigh, NC. All community members are invited to participate, whether you attended or not. We expect to use these surveys in the future for additional FUDCon events, to make sure that the events are delivering as much value as possible to attendees and observers. The URL for the survey is: http://www.keysurvey.com/survey/185839/207c/ Please keep in mind the following as you take the survey: * We plan to hold additional non-USA FUDCon events in 2008 at locations around the globe. * The video and other media shot during FUDCon is being chopped and polished as you read this, and should start to be available soon. * The next USA FUDCon (F10) is scheduled to be held concurrently with the Red Hat Summit in Boston, Massachusetts in June. Those items notwithstanding, please visit the survey and give us your feedback and thoughts: http://www.keysurvey.com/survey/185839/207c/ Thanks to everyone who made the FUDCon event such a stunning success, and thanks also to Red Hat's Marketing group for helping us put this survey together. -- Paul W. Frields, RHCE http://paul.frields.org/ gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233 5906 ACDB C937 BD11 3717 Fedora Project: http://pfrields.fedorapeople.org/ irc.freenode.net: stickster @ #fedora-docs, #fedora-devel, #fredlug -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From stickster at gmail.com Thu Jan 24 16:27:45 2008 From: stickster at gmail.com (Paul W. Frields) Date: Thu, 24 Jan 2008 11:27:45 -0500 Subject: FUDCon F9 Survey available In-Reply-To: <1201191818.29540.66.camel@localhost.localdomain> References: <1201191818.29540.66.camel@localhost.localdomain> Message-ID: <1201192065.29540.69.camel@localhost.localdomain> On Thu, 2008-01-24 at 11:23 -0500, Paul W. Frields wrote: > The Fedora marketing team has posted a survey regarding FUDCon F9, held > January 11-13, 2008 in Raleigh, NC. All community members are invited > to participate, whether you attended or not. We expect to use these > surveys in the future for additional FUDCon events, to make sure that > the events are delivering as much value as possible to attendees and > observers. The URL for the survey is: > > http://www.keysurvey.com/survey/185839/207c/ ERRATUM: The survey ends at 10pm EST on 07 Feb 2008 (0300 UTC 08 Feb 2008). Thank you for participating! -- Paul W. Frields, RHCE http://paul.frields.org/ gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233 5906 ACDB C937 BD11 3717 Fedora Project: http://pfrields.fedorapeople.org/ irc.freenode.net: stickster @ #fedora-docs, #fedora-devel, #fredlug -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: From wildman at pobox.com Fri Jan 25 05:52:50 2008 From: wildman at pobox.com (Art Wildman) Date: Fri, 25 Jan 2008 00:52:50 -0500 Subject: Florida Linux Show in Jacksonville FL, Feb 11th 2008 Message-ID: <47997932.10700@pobox.com> Reminder: Speakers, Exhibitors & Support still needed... time is getting short! They are looking for more Vendors, EDUs & Organizations that would like to setup a Booth. If you know folks in the area that would be interested in speaking or sponsoring an exhibit, please let us know asap. Perhaps a presentation or two could be recycled from FUDcon? There will be Gentoo & Ubuntu exhibits, it would be nice if someone could help represent Fedora, my favorite Laptop distro. -Thanks, Art at JAX Florida Linux Show at UNF, February 11 2008 http://www.floridalinuxshow.com ======================================================= News Update - The Florida Linux Show 2008 Speaker Schedule posted. The Florida Linux Show 2008 will be cutting off the Free Linux User Group Admission on January 30th, 2008. Please Register Soon... Contact: Rod Sharp, Director Florida Linux Show 2008 - www.floridalinuxshow.com Email: rod at floridalinuxshow.com Florida Linux Show 2008 | GatorLUG http://www.gatorlug.org/node/190 Florida Linux Show 2008 | JaxLUG http://wiki.jaxlug.org/index.php/Current_events From jwboyer at gmail.com Sat Jan 26 02:47:15 2008 From: jwboyer at gmail.com (Josh Boyer) Date: Fri, 25 Jan 2008 20:47:15 -0600 Subject: And the F9 codename winner is... Message-ID: <20080125204715.455fc5e3@zod.rchland.ibm.com> Fedora 9 (Sulphur) Try as they might, the Bathysphere lobbyists failed in their quest to have the little round ships be the moniker for Fedora 9. Instead, by a narrow margin, the community has chosen Sulphur to be the codename for Fedora 9. Full election results below. Fedora Art team, let the themes begin! josh vote_count | name ------------+---------------- 62 | Sulphur 54 | Bathysphere 43 | Chupacabra 39 | Mayonnaise 32 | Dragicorn 29 | Woodwose 23 | Tourette 13 | Asperger 13 | Barmanou 10 | Chingachgook 6 | Kingsport Town 5 | Marfan From tchung at fedoraproject.org Mon Jan 28 09:23:16 2008 From: tchung at fedoraproject.org (Thomas Chung) Date: Mon, 28 Jan 2008 01:23:16 -0800 Subject: Fedora Weekly News Issue 117 Message-ID: <369bce3b0801280123n76647afm154d717deab8bc7a@mail.gmail.com> = Fedora Weekly News Issue 117 = Welcome to Fedora Weekly News Issue 117 for the week of January 21st, 2008. http://fedoraproject.org/wiki/FWN/Issue117 In Announcement, we have "And the F9 codename winner is...", "FUDCon F9 Survey available" and "Fedora Unity releases updated Fedora 7 Re-Spins". In Planet Fedora, we have "Summer coding project ideas for Fedora", "Red Hat, rocking hard", "The name game" and "My big announcement". To join or give us your feedback, please visit http://fedoraproject.org/wiki/NewsProject/Join. 1. Announcements 1. And the F9 codename winner is... 2. FUDCon F9 Survey available 3. Fedora Unity releases updated Fedora 7 Re-Spins 2. Planet Fedora 1. Summer coding project ideas for Fedora 2. Red Hat, rocking hard 3. The name game 4. My big announcement 3. Marketing 1. FUDCon video: New face of Fedora 2. Linux Format Interviews Jack Aboutboul 3. Max Spevack talks to Linux.com 4. Spinning a Fedora Linux Live CD 4. Ambassadors 1. Ambassador Needed for Florida Linux Show 2. Ambassador Needed for Linux Fest Northwest 3. FAmSCo Summary 5. Developments 1. YUM Proxy Cache Safety, Storage Backend 2. Disable SELinux To Use Revisor 3. Long-term Support Release 4. F9 Alpha Spinning 5. SELinux And Chroot 6. Fedora 9 For Asus Eeepc 7. BIND: Less Restrictive Modes And Policy 8. What Is A Fedora Developer? 9. Erratum 6. Advisory Board 1. Requests To The Fedora Board 2. Fedora 7 Unity Re-Spin 7. Documentation 1. Works in Progress 2. Release Notes Summary 8. Infrastructure 1. Continuing issues with xen 2. Some Network issues affecting fedora servers 9. Security Week 1. Enterprise-grade Linux: Five network security FOSS apps 2. Growing virus production taxes security firms 10. Security Advisories 1. Fedora 8 Security Advisories 2. Fedora 7 Security Advisories 11. Events and Meetings 1. Fedora Board Meeting Minutes 2008-01-22 2. Fedora Ambassadors Steering Committee Meeting 2008-01-21 3. Fedora Documentation Steering Committee (Log) 2008-01-22 4. Fedora Engineering Steering Committee Meeting 2008-01-24 5. Fedora Infrastructure Meeting (Log) 2008-01-24 6. Fedora Release Engineering Meeting 2008-01-21 7. Fedora Testing (BugZappers) Meeting 2008-01-02 8. Fedora SIG EPEL Meeting Week 04/2008 9. Fedora SIG KDE Meeting Week 04/2008 12. Ask Fedora 1. Fedora on Older Hardware 2. OEM Installation 3. Compiling Kernel 4. Bluetooth and Multimedia Keys 5. Prayer Time for Fedora [[Anchor(Announcements)]] == Announcements == In this section, we cover announcements from Fedora Project. https://www.redhat.com/mailman/listinfo/fedora-announce-list Contributing Writer: ThomasChung === And the F9 codename winner is... === JoshBoyer announces in fedora-announce-list[1], "Fedora 9 (Sulphur) Try as they might, the Bathysphere lobbyists failed in their quest to have the little round ships be the moniker for Fedora 9. Instead, by a narrow margin, the community has chosen Sulphur to be the codename for Fedora 9." [1] https://www.redhat.com/archives/fedora-announce-list/2008-January/msg00012.html === FUDCon F9 Survey available === PaulFrields announces in fedora-announce-list[1], "The Fedora marketing team has posted a survey regarding FUDCon F9, held January 11-13, 2008 in Raleigh, NC. All community members are invited to participate, whether you attended or not. We expect to use these surveys in the future for additional FUDCon events, to make sure that the events are delivering as much value as possible to attendees and observers. The URL for the survey is: http://www.keysurvey.com/survey/185839/207c/" "ERRATUM: The survey ends at 10pm EST on 07 Feb 2008 (0300 UTC 08 Feb 2008). Thank you for participating!" [1] https://www.redhat.com/archives/fedora-announce-list/2008-January/msg00009.html === Fedora Unity releases updated Fedora 7 Re-Spins === JeroenVanMeeuwen announces in fedora-announce-list[1], "The Fedora Unity Project is proud to announce the release of new ISO Re-Spins (DVD and CD Sets) of Fedora 7. These Re-Spin ISOs are based on Fedora 7 and all updates released as of January 18th, 2008. The ISO images are available for i386, x86_64 and PPC architectures via jigdo starting Thursday, January 24th, 2008. We have included CD Image sets for those in the Fedora community that do not have DVD drives or burners available." [1] https://www.redhat.com/archives/fedora-announce-list/2008-January/msg00007.html [[Anchor(PlanetFedora)]] == Planet Fedora == In this section, we cover a highlight of Planet Fedora - an aggregation of blogs from world wide Fedora contributors. http://fedoraproject.org/wiki/Planet Contributing Writers: ThomasChung === Summer coding project ideas for Fedora === KarstenWade points out in his blog[1], "Summer in the Northern Hemisphere has been very busy the last few years since Google introduced its Summer of Code project. Folks are beginning to include the Southern Hemisphere. The Summer of Content from OLPC already plans to cover both Summers with two project rounds per year. Summer is a traditional time for students to take a break from studies, and the Summer project ideas build upon an existing history of programming interns from universities and colleges earning experience and compensation." [1] http://iquaid.org/2008/01/27/summer-coding-project-ideas-for-fedora/ === Red Hat, rocking hard === DavidNielsen points out in his blog[1], "Forbes reports the 25 fastest growing Tech companies, our friends at Red Hat comes in at 11th. Many congratulations to Red Hat on the fine result." [1] http://lovesunix.net/blog/?p=232 === The name game === JoshBoyer points out in his blog[1], "The timing was totally different this time around so that the Art team could have more time to create artwork for the release. Also, there's no real reason to keep it secret until the last minute. We tried this for this release to see if it made a difference anywhere. If it doesn't produce something that most people view as good we can always change back." [1] http://jwboyer.livejournal.com/20716.html === My big announcement === TomCallaway points out in his blog[1], "I've known about this for some time, as have a lot of people, but it hasn't been publicly announced anywhere yet. The paperwork went through earlier this week, so it is official now: I'm now the Fedora Engineering Manager inside Red Hat." "Also, this means that February 2008 is going to be a busy month for me. Right now, I'm planning to attend SCALE 6X[2] and FOSDEM '08[3], with Capricon 28 (not a Linux event) shoved in the middle." [1] http://spot.livejournal.com/287187.html [2] http://fedoraproject.org/wiki/FedoraEvents/SCALE/SCALE6X [3] http://fedoraproject.org/wiki/FedoraEvents/FOSDEM/FOSDEM2008 [[Anchor(Marketing)]] == Marketing == In this section, we cover Fedora Marketing Project. http://fedoraproject.org/wiki/Marketing Contributing Writer: ThomasChung === FUDCon video: New face of Fedora === RahulSundaram reports in fedora-marketing-list[1], "One of the major announcements at the recent FUDCon was the changeover in Fedora Project leadership. Max Spevack, the outgoing project manager, sat down with incoming Fedora chief Paul Frields (a familiar face to magazine readers, as he's a popular contributor). Couldn't make the conference? Catch up now instead." [1] https://www.redhat.com/archives/fedora-marketing-list/2008-January/msg00253.html === Linux Format Interviews Jack Aboutboul === RahulSundaram reports in fedora-marketing-list[1], "Fedora's dedication to opening everything is not just for hackers ? it has a wider importance in that our approach is an agent for social change" [1] https://www.redhat.com/archives/fedora-marketing-list/2008-January/msg00210.html === Max Spevack talks to Linux.com === RahulSundaram reports in fedora-marketing-list[1], "We caught up with Max at FUDCon. He told us how much he has enjoyed being the Fedora project leader for the past two years, and why this is a good time to hand the reins to someone else. Max will still be working for Red Hat, and even though he will no longer be head Fedora honcho, he'll still be involved with the project. But that's enough from us. Let Max tell it in his own words." [1] https://www.redhat.com/archives/fedora-marketing-list/2008-January/msg00209.html === Spinning a Fedora Linux Live CD === RahulSundaram reports in fedora-marketing-list[1], "The Fedora project has added a powerful tool to its Linux distribution to build your own live CD. With a single livecd-creator command and a kickstart file listing the software you want, you can create a desktop, gaming, or Web server to run live on most PCs. This article gives details of how to do that." [1] https://www.redhat.com/archives/fedora-marketing-list/2008-January/msg00194.html [[Anchor(Ambassadors)]] == Ambassadors == In this section, we cover Fedora Ambassadors Project. http://fedoraproject.org/wiki/Ambassadors Contributing Writer: JeffreyTadlock === Ambassador Needed for Florida Linux Show === A post the Fedora-Announce-List[1] was made asking for a Fedora Booth presence at the Florida Linux Show on February 11th, 2008. If there are any Ambassadors in the region, please check the Help Wanted: Events page [2] and add your name to the event. [1] https://www.redhat.com/archives/fedora-announce-list/2008-January/msg00011.html [2] http://fedoraproject.org/wiki/HelpWanted/Events === Ambassador Needed for Linux Fest Northwest === JesseKeating posted to the Ambassador's list [1] looking for Ambassadors to help staff a Fedora booth at Linux Fest Northwest. The event has been added to the Help Wanted: Events page [2]. If you can help, please add your name to the event. [1] https://www.redhat.com/archives/fedora-ambassadors-list/2008-January/msg00204.html [2] http://fedoraproject.org/wiki/HelpWanted/Events === FAmSCo Summary === The Fedora Ambassador Steering Committee held its first meeting since the initial meeting to elect a chairman of the committee. The following highlights some of FAmSCo's discussion on mailing lists and from that meeting. * In efforts to help keep fellow Ambassadors informed as to what FAmSCo is doing the committee will be communicating summaries of activites through the Fedora News project. * FAmSCo meetings have moved to the public #fedora-meeting channel. FAmSCo will be meeting every two weeks on Monday's at 20:00 UTC, with the next meeting being 2008-02-04. The Meetings page [1] will contain summaries of past meetings. * FAmSCo is discussing going back through the Ambassador Verification list [2] and following up with any Ambassadors who have not signed the CLA and offering to help with the process or removed the name from the list if needed. * FAmSCo is also discussing a better way to receive feedback from Ambassadors regarding events, Ambassador operations and more. Early discussions mention the possibility of a web form to simply using an email alias. [1] http://fedoraproject.org/wiki/Ambassadors/SteeringCommittee/Meetings [2] http://fedoraproject.org/wiki/Ambassadors/MembershipService/Verification [[Anchor(Developments)]] == Developments == In this section, we cover the problems/solutions, people/personalities, and ups/downs of the endless discussions on Fedora Developments. http://www.redhat.com/mailman/listinfo/fedora-devel-list Contributing Writer: OisinFeeley === YUM Proxy Cache Safety, Storage Backend === This week's Intensely Detailed Thread Prize has been awarded to the exchange started[1] by WarrenTogami concerning the best manner in which YUM and HTTP mirrors can handle proxy caches. Warren had received some interesting feedback from a ''squid''[2] developer, HenrikNordstr?m and explained several ways in which caching proxies could cause YUM metadata to fall out of sync with the actual upstream RPM packages. The main conclusion seemed to be that it would be best to make the filenames of the repodata contain distinguishing information. Warren proposed several other ways relying on HTTP response headers as potential alternate solutions, including the use of ETags[2]. [1] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02361.html [2] http://httpd.apache.org/docs/2.2/mod/core.html#fileetag Warren's specific suggestion that the repodata filenames be modified to include timestamps was tempered by his worry that older clients unable to handle the renaming would hamper migration, but JesseKeating[3] and ChuckAnderson[4] did some testing and found that YUM was able to handle the situation as far back as "FC5, yum-2.6.1-0.fc5, ftp and http baseurls". [3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02362.html [4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02371.html JamesAntill threw an exception[5] when NicolasMailhot commented "I made the same analysis several months ago when I setup my own local mod_proxy cache. I'm glad to see Warren is getting through better than me at the time." James counterposed the relative success resulting from the method of flaming the "stupid yum developers" on @fedora-devel versus discussion on the IRC channels #yum, #yum-devel and the subsequent opening of bug reports and development. Nicolas responded that this was an example of shooting the messenger and that the problem had been reported many times. James' response was to cite[6] possible shortage of resources and to point out that SethVidal is usually very responsive when approached through the method which James had described. [5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02451.html [6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02459.html A very long and interesting sub-thread was opened[7] by LesMikesell who was interested in the divergent question of how it would be possible to change YUM so that non-cooperating users in the same netblock would be served files from the same local cache. [7] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02364.html There seemed to be general agreement that the transition to versioned filenames of repodata could work. AlanCox noted[8] that keeping two versions of the most up-to-date repodata, one with the newer filenaming scheme would cover the case of older, incompatible clients and new clients. JamesAntill suggested[9] that SHA1 sums be used instead of timestamps and that YUM would need to be modified to clean up metadata in /var/cache/yum. He also suggested that Warren should discuss the issue on #yum. [8] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02390.html [9] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02397.html === Disable SELinux To Use Revisor === A problem with running SELinux while attempting to run the FedoraUnity Project's ''revisor'' tool[1], for creating re-spins of Fedora, was brought[2] to the attention of the list by ValentTurkovic. Valent posted screenshots of AVC denials and suggested that the respective programming teams should sort out the problem. [1] http://revisor.fedoraunity.org/ [2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02094.html JohnDennis suggested that the actual alert could be saved from ''setroubleshoot'' and could then be entered into bugzilla instead of using a screenshot, but Valent responded[3] that the developers should just try and compose a respin with ''revisor'' and that this was typical of a pattern in Fedora: "looks like nobody actually does testing of these new features." A quick clarification was issued[4] by JefSpaleta to the effect that ''revisor'' was not used internally by the Fedora Project. CaseyDahlin pointed out that the ability to respin Fedora easily was being advertised and people expected it to work, to which JesseKeating responded[5] that '"We" cannot help what some other parts of the project choose to tout (:' [3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02099.html [4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02131.html [5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02134.html The core of the problem was outlined[6] by JefSpaleta when he explained that SELinux interacting with any chroot-like apparatus was a problem, and re-emphasized that Valent's apparent belief that Fedora release-engineering would have seen the problems was incorrect as ''revisor'' was not used internally. Jef also argued that while re-spin generation tools should issue alerts that SELinux should be disabled, they should not automatically disable SELinux. JesseKeating deepened[7] the explanation with the information that "installing a new policy in the chroot will actually cause that policy to activate on the running kernel and then you have policy that doesn't match labels, watch the fun!" and suggested that SELinux should be disabled entirely or at least put in permissive mode before trying to use chroot-dependent tools such as ''revisor'', ''pungi'' or ''livecd-creator''[8]. [6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02135.html [7] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02117.html [8] http://fedoraproject.org/wiki/FedoraLiveCD/LiveCDHowTo Valent returned to the attack (see FWN#116 "AVC:Denied {trolling} For PID=666 Comm={SELinuxRemove}"[9]) on SELinux leading JohnDennis to remind[10] him that he was free to disable it whenever he liked but that the goal of the Fedora Project was to "smooth out the bumps rather than disabling the technology." A brief response from Valent led DanWalsh to explain[11] the problem further and this resulted in opening up the thread to interesting, problem-solving contributions. Dan's take was that the chroot and the host both use the same kernel, so the loading of new SELinux policies _within_ the chroot actually affects the host kernel. Dan wondered whether the solution could be virtual machines, or getting the chroot to run a separate kernel, or tricking SELinux within a chroot into doing nothing. As part of the brainstorming TillMaas suggested[12] that separate xattr namespaces could be part of the solution. JamesMorris took up[13] the virtual machine idea and wondered if ''lguest'' would be suitable due to being scriptable and booting nearly instantaneously and DanielBerrange added[14] the suggestion that LVM snapshots would provide disposable disk-images which could be booted as guests. [9] http://fedoraproject.org/wiki/FWN/Issue116#head-9c5db4e29943d9f156002b24d7b01a6b2b0542cb [10] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02136.html [11] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02415.html [12] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02429.html [14] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02477.html JesseKeating played the role of realist and asked[15] for them to "get back to me when it works on x86_64, ppc, ppc64, ia64, s390, s390x, sparc, sparc64, arm, alpha..." DouglasMcClendon mentioned his ''qfakeroot'' scripts again and an interesting exchange occurred[16] which explored the speed of qemu, the flakiness of kqemu and the non-availability of qemu for PPC and an acknowledgment[17] that Douglas' ''qkfakeroot'' is "pretty cool" in its ability to eschew root privileges even if it takes too long to be used as a standard compose tool by Fedora release-engineering. [15] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02480.html [16] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02494.html [17] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02499.html Two separate threads later resulted from this and are covered in this same FWN#117 as "What Is A Fedora Developer?" and "SELinux And Chroot". === Long-term Support Release === The issue of whether it was possible to have a "long term support" release of Fedora was floated[1] by DavidMansfield. David's courteous post recognized that this might be mistaken for flame-bait and acknowledged that teampower might be a constraint. David explained[2] that the absence of many tools such as ''gnumeric'' and ''git'' and some of the "cool" tools from the livna and rpmforge repositories from CentOS/RHEL was a problem for him. [1] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02191.html [2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02195.html CaseyDahlin was the first of many to suggest[3] that David should take a look at the EPEL repositories. HorstvonBrand added[4] that the purpose of Fedora was to make obtaining freely distributable software easy and that this ruled out some of the programs in livna and rpmforge. [3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02196.html [4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02279.html AndrewFarris recalled[5] the now defunct FedoraLegacy project and a sub-thread exploring the problems of trying to maintain a long-term release evolved including a discussion of whether RHEL in conjunction with the EPEL repository was in effect "Fedora LTS". [5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02204.html [6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02308.html JefSpaleta welcomed[7] the idea of a "Fedora LTS" but cautioned that the idea seems to originate in Canonical's specific business model and that it is hard to see where this fits in to the Fedora space. His post was very encouraging but challenged proponents to expand upon a potential business plan. [7] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02212.html Discussion of whether FedoraLegacy actually failed, whether failure is actually beneficial and what was learned took up the remainder of the thread[8]. [8] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02392.html === F9 Alpha Spinning === Some figures for the sizes of ISOs for Fedora 9 Alpha spin were posted[1] by LukeMacken. Included was a diff between the F8-Live-i686 and F9-Alpha-Live-i686 Desktop spins. [1] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02574.html Suggestions were made[2] by HansdeGoede to reduce the size of the ISOs a little including splitting up ''gnome-games'' and perhaps removing ''httpd'' from the LiveCD. LubomirKundrak suggested that ''httpd'' was there because of WebDAV file sharing[3]. [2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02615.html [3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02619.html RahulSundaram wanted[4] to make sure that the latest content was going into the Games LiveCD and offered to keep it updated in livecd-tools. This led BillNottingham to query whether keeping the contributed spin configs in ''livecd-tools'' itself and ColinWalters suggested[5] keeping them in the same CVS directory as comps. [4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02629.html [5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02641.html SzabolcsSzakacsits took pains to emphasize[6] that the apparent growth of ''ntfs-3g'' did not take into account that ntfs-3g changes had enabled the removal of ''fuse'' and a consequent overall decrease of 109MB. KevinKofler did not approve of some of the changes as he claimed that they essentially created a static copy of fuse into ntfs-3g. [6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02677.html [7] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02689.html === SELinux And Chroot === As a result of the discussions over how to improve the interaction between chroots and SELinux JamesMorris created a bugzilla[1] entry and requested that concerned parties add requirements. He noted[2] that a related issue under discussion was the distribution of policy when the host and target have differing policies. [1] https://bugzilla.redhat.com/show_bug.cgi?id=430075 [2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02403.html === Fedora 9 For Asus Eeepc === The lucky OrionPoplawski had been playing around with a new toy in the form of the ultra-portable Asus Eee PC and reported[1] that he had encountered issues with the ethernet adapter (Attansic Tech L2 100Mbit), the wireless adapter (Atheros AR5007EG) and the Flash RAM harddrive. [1] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02645.html ColinWalters suggested that as Orion wanted to minimize writes to the flash drive (as there are a limited number) it would make sense to make the filesystem read-only, in effect creating a "Live OS" on it with the exception of /home which would be stored on an SD card. [2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02646.html The use of ''jffs2'' was recommended[3] by JohnPalmieri on the basis of its use in the OLPC. John added that modern flash used "randomized writes" (presumably wear-leveling) and thus was less likely to see the problems encountered with journal writing in ext3 filesystems or FAT on the older hardware. He suggested also eliminating any /swap partition and looking out for a new FS which was reputed to be better for large flash drives. Some doubt was cast on this by JonathanUnderwood as apparently the drives do not appear as flash to the OS. [3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02649.html [4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02653.html JoshBoyer and RubenKerkhof suggested that the ''logfs'' and ''ubifs'' filesystems might be what John was thinking about. Josh thought that the wear-leveling was done by a controller and not the actual flash chip. [6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02660.html === BIND: Less Restrictive Modes And Policy === An announcement of a major revision of BIND file modes was made[1] by AdamTkac. Adam proposed that only ''/etc/rndc.key'' and ''/var/log/named.log'' should be restricted to the root user and that other binaries should be readable by non-root users. He also proposed that the ''/var/named/*'' subtree would be writable by ''named''. Adam sought objections. [1] https://www.redhat.com/archives/fedora-devel-list/2008-January/thread.html#02499 SteveGrubb wondered[2] which other users would be expected to share a DNS server and pointed out that it was "a high value target for hackers". [2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02019.html EnricoScholz suggested[3] that only the ''slaves/'' and ''data/'' directories had to be writable, but that ''pz/'' and other parts of the chrooted filesystem used by named had to be read-only. AndrewFarris wondered why and ManuelWolfshant recalled[4] BIND's past history of providing a remote root. He also stated a preference for the general principle of granting the minimal rights necessary. After Enrico confirmed this AdamTkac explained[5] that /var/named was supposed to be writable by design. [3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02073.html [4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02080.html [5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02127.html A later comment mentioned[6] that there was a problem with coredumps and in discussion with ChuckAnderson Adam cited a bugzilla entry which documents the problem. [6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02123.html === What Is A Fedora Developer? === Several hours after the extensive discussions[1] of the need to disable SELinux while using chroot-dependent compose tools ValentTurkovic initiated[2] another thread about using ''revisor'' in which he asked for guidance as to whether he was encountering bugs or making usage errors. [1] FWN#117 "Disable SELinux To Use Revisor" [2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02156.html This thread had the potential to turn sour shortly after Valent was advised[3][4] by several people that the FedoraUnity project were the experts on ''revisor'' and Valent responded[5] by echoing the comment made[6] (and answered!) previously in the earlier thread in which he had been involved. Namely he claimed that "I thought since I'm using a really loudly advertised fedora feature, and config files which all of them are provided from fedora and not some 3rd party that this is the correct list." [3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02160.html [4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02163.html [5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02166.html [6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02133.html JesseKeating responded[7] calmly with the question "You are aware that the vast majority of software in Fedora is developed and discussed at their respective upstream locations, right?" JefSpaleta produced[8] one of his typically insightful explicatory posts in which he drew a distinction between upstream developers who contribute to Fedora and "Fedora developers" who produce infrastructure which allows the Fedora Project to be a conduit between users and upstream projects. [7] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02167.html [8] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02165.html === Erratum === In FWN#114 "SELinux Rants"[1] we mentioned that the copying of directories using ''tar'' should be done with the "--xattrs" option in order to preserve the context labels. DavidHighley subsequently contacted us to report that he had experienced problems using this method. David later helpfully reported that ''tar-1.17-5.fc8'', which is available as an update appears to fix[2] the apparently broken storage of SELinux and extended attributes which David was reporting. Thanks to David for the follow-up on this issue. [1] http://fedoraproject.org/wiki/FWN/Issue114#head-9aa83fad0c280fb44728ecae1f51900c5f9a014a [2] https://admin.fedoraproject.org/updates/F8/FEDORA-2007-4400 [[Anchor(AdvisoryBoard)]] == Advisory Board == In this section, we cover discussion in Fedora Advisory Board. https://www.redhat.com/mailman/listinfo/fedora-advisory-board Contributing Writer: MichaelLarabel === Requests To The Fedora Board === RahulSundaram has made five requests on the fedora-advisory-board list[1]. These requests come down to logistics with such appeals as posting an agenda prior to each meeting, posting the meeting minutes more promptly, and differing opinions on community board member nominees. The message with responses can be read on the mailing list[2]. [1] https://www.redhat.com/mailman/listinfo/fedora-advisory-board [2] https://www.redhat.com/archives/fedora-advisory-board/2008-January/msg00252.html === Fedora 7 Unity Re-Spin === For those not yet ready to upgrade to Fedora 8, the Fedora Unity[1] project has released updated spins of Fedora 7. These new ISOs contain all of the Fedora 7 updates as of January 18. The announcement and download links can be found on the fedora-advisory-board list[2]. [1] http://fedoraunity.org/ [2] https://www.redhat.com/archives/fedora-advisory-board/2008-January/msg00245.html [[Anchor(Documentation)]] == Documentation == In this section, we cover the Fedora Documentation Project. http://fedoraproject.org/wiki/DocsProject Contributing Writer: JohnBabich === Works in Progress === Work continues on the Desktop User Guide (DUG) and the Administration Guide (AG). The goal is to include both guides in the official Fedora 9 release. === Release Notes Summary === KarstenWade proposed a canonical release summary [1]. "We can use clever ...Include... statements that draw only specific parts, so each 'mirror' of the canonical summary can show the most appropriate fragment. Anyone interested in doing this work? It involves: * Working out a single canonical location from amongst the several Releases / # / Release Summary, Docs / Beats / Over View, Press release needs (more lightweight), etc. * Define a format for that page so that it can be fragmented (if needed) for different summaries * Write up a process for jamming all that together * Publicize/evangelize" JonathanRoberts agreed [2] and cited the KDE Project as doing an excellent job in this regard. RahulSundaram [3] concluded: "As the person behind both of these documents, let me note that release notes overview was meant to be more technical while the release summary was born out of an earlier effort to do press releases via the community. Also due to general lack of contributions (even though Jonathan Roberts and others did help for Fedora 8), the time taken to write a proper release summary was almost an entire night last time and that too way later than the release notes string freeze. We need to decide whether the overview in release notes can be the kind of content that release summary currently is. If that is preferred, let me know and I will do that from Fedora 9 onwards. I wouldn't mind more people helping out either." [1] http://www.redhat.com/archives/fedora-docs-list/2008-January/msg00185.html [2] http://www.redhat.com/archives/fedora-docs-list/2008-January/msg00187.html [3] http://www.redhat.com/archives/fedora-docs-list/2008-January/msg00207.html [[Anchor(Infrastructure)]] == Infrastructure == In this section, we cover the Fedora Infrastructure Project. http://fedoraproject.org/wiki/Infrastructure Contributing Writer: HuzaifaSidhpurwala === Continuing issues with xen === MikeMcGrath reports [1], xen1 started exhibiting these issues when we moved from FC6 to RHEL5 GA. It was assumed to be hardware issue because of how sporatic the issues were and because we actually do have RHEL5 on other xen hosts. The iscsi issue may or may not be a red herring but some of the reports listed in the ticket suggests a kernel / poweredge bug that we may be hitting. We had moved all non-redundant guests off of xen1 onto the more stable xen2 box. After upgrading xen2 to RHEL5 we started seeing the same problems with it. There's a few things we can try, Mike will be doing so on xen1 with proxy4 as our test host since its competely redundant and has, in the past, crashed that box. In the future though they should all be in similar specs (1U box, 8 core 16-32G memory) [1] https://www.redhat.com/archives/fedora-infrastructure-list/2008-January/msg00093.html === Some Network issues affecting fedora servers === MikeMcGrath reports [1], Seems a link between AT&T and level3 was down. Mike was monitoring the situation but there's little we can do about it right now. The link came back after some time. [1] https://www.redhat.com/archives/fedora-infrastructure-list/2008-January/msg00105.html [[Anchor(SecurityWeek)]] == Security Week == In this section, we highlight the security stories from the week in Fedora. Contributing Writer: JoshBressers === Enterprise-grade Linux: Five network security FOSS apps === iTWire has a story detailing five open source security applications: http://www.itwire.com/content/view/16246/1141/1/0/ As more security applications are gobbled up by large firms, open source projects gain a unique advantage. Anytime an organization needs to make money, they are willing to draw a gray line with respect to their ethics. As most open source projects don't rely on corporate funding, they can be more strict with respect to what they call malware. It is quite likely that as the volume of malware increases, this advantage will become more clear. === Growing virus production taxes security firms === The Register points out the current problem with growing malware trends: http://www.theregister.co.uk/2008/01/25/malware_surge/ The rate at which malware is growing is quite alarming. If this trend continues it will become impossible for anti virus firms to keep ahead of the wave. The current attitude toward malware is to take a very reactive approach. Most groups don't focus on stopping the cause of problems, but rather treating the symptoms. While there is certainly a great deal of money to be made in treating symptoms, the well is going to dry up eventually. [[Anchor(SecurityAdvisories)]] == Security Advisories == In this section, we cover Security Advisories from fedora-package-announce. https://www.redhat.com/mailman/listinfo/fedora-package-announce Contributing Writer: ThomasChung === Fedora 8 Security Advisories === * xorg-x11-server-1.3.0.0-39.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00641.html * libXfont-1.3.1-2.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00674.html * hsqldb-1.8.0.8-1jpp.5.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00678.html * mantis-1.1.1-1.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00734.html * clamav-0.92-6.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00740.html * bind-9.5.0-23.b1.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00781.html * xorg-x11-server-1.3.0.0-40.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00811.html * kernel-2.6.23.14-107.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00828.html * pulseaudio-0.9.8-5.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00852.html * icu-3.8-5.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00896.html === Fedora 7 Security Advisories === * clamav-0.92-6.fc7 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00644.html * mantis-1.1.1-1.fc7 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00676.html * xorg-x11-server-1.3.0.0-15.fc7 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00704.html * hsqldb-1.8.0.8-1jpp.5.fc7 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00753.html * boost-1.33.1-15.fc7 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00760.html * libXfont-1.2.9-3.fc7 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00771.html * bind-9.4.2-3.fc7 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00782.html * xorg-x11-server-1.3.0.0-16.fc7 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00841.html * pulseaudio-0.9.6-2.fc7.1 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00869.html * icu-3.6-20.fc7 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00921.html [[Anchor(EventsMeetings)]] == Events and Meetings == In this section, we cover event reports and meeting summaries from various Projects and SIGs. Contributing Writer: ThomasChung === Fedora Board Meeting Minutes 2008-01-22 === * https://www.redhat.com/archives/fedora-advisory-board/2008-January/msg00251.html === Fedora Ambassadors Steering Committee Meeting 2008-01-21 === * http://fedoraproject.org/wiki/Ambassadors/SteeringCommittee/Meetings/2008-01-21 === Fedora Documentation Steering Committee (Log) 2008-01-22 === * http://www.redhat.com/archives/fedora-docs-list/2008-January/msg00172.html === Fedora Engineering Steering Committee Meeting 2008-01-24 === * https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02469.html === Fedora Infrastructure Meeting (Log) 2008-01-24 === * https://www.redhat.com/archives/fedora-infrastructure-list/2008-January/msg00108.html === Fedora Release Engineering Meeting 2008-01-21 === * https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02074.html === Fedora Testing (BugZappers) Meeting 2008-01-02 === * https://www.redhat.com/archives/fedora-test-list/2008-January/msg00429.html === Fedora SIG EPEL Meeting Week 04/2008 === * https://www.redhat.com/archives/epel-devel-list/2008-January/msg00165.html === Fedora SIG KDE Meeting Week 04/2008 === * https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02219.html [[Anchor(AskFedora)]] == Ask Fedora == In this section, we answer general questions from Fedora community. Send your questions to askfedora AT fedoraproject.org and Fedora News Team will bring you answers from the Fedora Developers and Contributors to selected number of questions every week as part of our weekly news report. Please indicate if you do not wish your name and/or email address to be published. http://fedoraproject.org/wiki/AskFedora Contributing Writer: RahulSundaram === Fedora on Older Hardware === Robert Myers : In the development of Fedora 9, is there any work being done to improve it's performance on older hardware? If so, will the performance increases be noticeable on, say, a 450mhz Pentium III with 256 megabytes of RAM? --- The major features for Fedora 9 are listed at http://fedoraproject.org/wiki/Releases/9/FeatureList. While there isn't any special focus in Fedora 9 to make it work on older hardware, we typically inherit a number of performance improvements from the upstream projects that we integrate, including many key projects where Fedora developers are major contributors. As an exmaple, OLPC (One Laptop Per Child) project is based on Fedora, and since OLPC is a resource constrained environment, our participation results in improvements that make it easier and more efficient to run on older hardware. * http://fedoraproject.org/wiki/OLPC To add to that, there are a couple of Fedora spins developed currently that target older hardware or low resource systems in which you might be interested. * http://fedoraproject.org/wiki/ChristophWickert/FedoraLite * http://fedoraproject.org/wiki/RahulSundaram/XfceLive === OEM Installation === Shannon Mendenhall : How I can compile your kernel? Where I got kernel-source? --- An easy question, thanks to the nice documentation at http://fedoraproject.org/wiki/Docs/CustomKernel. Note that this is already referenced from the release notes at http://docs.fedoraproject.org/release-notes/f8/en_US/sn-Kernel.html === Bluetooth and Multimedia Keys === Zlatko (Email withheld on request) First of all, I would like to thank You for Fedora 8. I'm using Fedora since first edition, and now, I can say that Fedora is highly improved, and can be used almost for everything. I'm using Fedora on my laptop exclusively for business purposes, and also I'm using Fedora on my desktop computer at my home for watching TV, watching DVD, playing various games, Internet surfing, and so on, and everything is working OK. But, there is a slight problem in using fedora on my laptop. So, on to the problem... :-) My integrated bluetooth wont work, unless I do the following: 1. I start laptop with Windows Vista 2. I restart from Vista to Fedora Each time I do this, bluetooth works fine. But, if I turn off computer, and start it again directly to Fedora, bluetooth wont work, and system wont recognize any bluetooth device. I have described this problem on Fedora forum, also, but nobody answered my question so far, even I have posted that post month ago. Here is the link to that post: http://forums.fedoraforum.org/forum/showthread.php?t=172988 And also, if I may ask, is there a plan to support so-called "Fn" functions? For example, on my Toshiba Satellite P200-10C, when I press "Fn + F8" I should be able to activate/deactivate wireless/bluetooth, but instead, nothing happens. I surely hope that You will consider these questions, and help small users such as I am... :-) Thanks in advance... --- Another user asks a similar question Yuan Yijun : I use a Dell 640m which have some external "multimedia button" to control music volume. And I used to close the lid while playing some background music. When the lid is closed, these buttons are not functional at all, so I cannot mute it without open the lid && login (because of gnome-screensaver). How to make them work? Thanks! --- The bluetooth issue as well as multimedia keys not working on your laptops out of the box appear to be bugs/enhancement requests that can reported directly to http://bugzilla.redhat.com. We are continuously enhancing Fedora to support components like Bluetooth and multimedia keys to work better, and we appreciate your feedback. Use the following references: * http://fedoraproject.org/wiki/BugsAndFeatureRequests * http://people.freedesktop.org/~hughsient/quirk/ === Prayer Time for Fedora === Riam budhi : I wanted to ask you, where is I can download prayer time ( I am muslim)? --- Unfortunately, this software isn't available in the Fedora repository yet and I couldn't locate any good alternatives. This is now a opportunity for you to be a contributor to Fedora and maintain the software in the Fedora repository. Refer to * http://fedoraproject.org/wiki/PackageMaintainers/Join -- Thomas Chung http://fedoraproject.org/wiki/ThomasChung