Fedora Weekly News Issue 117

Thomas Chung tchung at fedoraproject.org
Mon Jan 28 09:23:16 UTC 2008

= Fedora Weekly News Issue 117 =

Welcome to Fedora Weekly News Issue 117 for the week of January 21st,
2008. http://fedoraproject.org/wiki/FWN/Issue117

In Announcement, we have "And the F9 codename winner is...", "FUDCon
F9 Survey available" and "Fedora Unity releases updated Fedora 7

In Planet Fedora, we have "Summer coding project ideas for Fedora",
"Red Hat, rocking hard", "The name game" and "My big announcement".

To join or give us your feedback, please visit

   1. Announcements
         1. And the F9 codename winner is...
         2. FUDCon F9 Survey available
         3. Fedora Unity releases updated Fedora 7 Re-Spins
   2. Planet Fedora
         1. Summer coding project ideas for Fedora
         2. Red Hat, rocking hard
         3. The name game
         4. My big announcement
   3. Marketing
         1. FUDCon video: New face of Fedora
         2. Linux Format Interviews Jack Aboutboul
         3. Max Spevack talks to Linux.com
         4. Spinning a Fedora Linux Live CD
   4. Ambassadors
         1. Ambassador Needed for Florida Linux Show
         2. Ambassador Needed for Linux Fest Northwest
         3. FAmSCo Summary
   5. Developments
         1. YUM Proxy Cache Safety, Storage Backend
         2. Disable SELinux To Use Revisor
         3. Long-term Support Release
         4. F9 Alpha Spinning
         5. SELinux And Chroot
         6. Fedora 9 For Asus Eeepc
         7. BIND: Less Restrictive Modes And Policy
         8. What Is A Fedora Developer?
         9. Erratum
   6. Advisory Board
         1. Requests To The Fedora Board
         2. Fedora 7 Unity Re-Spin
   7. Documentation
         1. Works in Progress
         2. Release Notes Summary
   8. Infrastructure
         1. Continuing issues with xen
         2. Some Network issues affecting fedora servers
   9. Security Week
         1. Enterprise-grade Linux: Five network security FOSS apps
         2. Growing virus production taxes security firms
  10. Security Advisories
         1. Fedora 8 Security Advisories
         2. Fedora 7 Security Advisories
  11. Events and Meetings
         1. Fedora Board Meeting Minutes 2008-01-22
         2. Fedora Ambassadors Steering Committee Meeting 2008-01-21
         3. Fedora Documentation Steering Committee (Log) 2008-01-22
         4. Fedora Engineering Steering Committee Meeting 2008-01-24
         5. Fedora Infrastructure Meeting (Log) 2008-01-24
         6. Fedora Release Engineering Meeting 2008-01-21
         7. Fedora Testing (BugZappers) Meeting 2008-01-02
         8. Fedora SIG EPEL Meeting Week 04/2008
         9. Fedora SIG KDE Meeting Week 04/2008
  12. Ask Fedora
         1. Fedora on Older Hardware
         2. OEM Installation
         3. Compiling Kernel
         4. Bluetooth and Multimedia Keys
         5. Prayer Time for Fedora

== Announcements ==

In this section, we cover announcements from Fedora Project.


Contributing Writer: ThomasChung

=== And the F9 codename winner is... ===

JoshBoyer announces in fedora-announce-list[1],

"Fedora 9 (Sulphur)

Try as they might, the Bathysphere lobbyists failed in their quest to
have the little round ships be the moniker for Fedora 9.  Instead, by a
narrow margin, the community has chosen Sulphur to be the codename for
Fedora 9."

[1] https://www.redhat.com/archives/fedora-announce-list/2008-January/msg00012.html

=== FUDCon F9 Survey available ===

PaulFrields announces in fedora-announce-list[1],

"The Fedora marketing team has posted a survey regarding FUDCon F9, held
January 11-13, 2008 in Raleigh, NC.  All community members are invited
to participate, whether you attended or not.  We expect to use these
surveys in the future for additional FUDCon events, to make sure that
the events are delivering as much value as possible to attendees and
observers. The URL for the survey is:

"ERRATUM: The survey ends at 10pm EST on 07 Feb 2008 (0300 UTC 08 Feb 2008).
Thank you for participating!"

[1] https://www.redhat.com/archives/fedora-announce-list/2008-January/msg00009.html

=== Fedora Unity releases updated Fedora 7 Re-Spins ===

JeroenVanMeeuwen announces in fedora-announce-list[1],

"The Fedora Unity Project is proud to announce the release of new ISO
Re-Spins (DVD and CD Sets) of Fedora 7. These Re-Spin ISOs are based
on Fedora 7 and all updates released as of January 18th, 2008. The ISO
images are available for i386, x86_64 and PPC architectures via jigdo
starting Thursday, January 24th, 2008. We have included CD Image sets
for those in the Fedora community that do not have DVD drives or
burners available."

[1] https://www.redhat.com/archives/fedora-announce-list/2008-January/msg00007.html

== Planet Fedora ==

In this section, we cover a highlight of Planet Fedora - an
aggregation of blogs from world wide Fedora contributors.


Contributing Writers: ThomasChung

=== Summer coding project ideas for Fedora ===

KarstenWade points out in his blog[1],

"Summer in the Northern Hemisphere has been very busy the last few
years since Google introduced its Summer of Code project. Folks are
beginning to include the Southern Hemisphere. The Summer of Content
from OLPC already plans to cover both Summers with two project rounds
per year. Summer is a traditional time for students to take a break
from studies, and the Summer project ideas build upon an existing
history of programming interns from universities and colleges earning
experience and compensation."

[1] http://iquaid.org/2008/01/27/summer-coding-project-ideas-for-fedora/

=== Red Hat, rocking hard ===

DavidNielsen points out in his blog[1],

"Forbes reports the 25 fastest growing Tech companies, our friends at
Red Hat comes in at 11th. Many congratulations to Red Hat on the fine

[1] http://lovesunix.net/blog/?p=232

=== The name game ===

JoshBoyer points out in his blog[1],

"The timing was totally different this time around so that the Art
team could have more time to create artwork for the release. Also,
there's no real reason to keep it secret until the last minute. We
tried this for this release to see if it made a difference anywhere.
If it doesn't produce something that most people view as good we can
always change back."

[1] http://jwboyer.livejournal.com/20716.html

=== My big announcement ===

TomCallaway points out in his blog[1],

"I've known about this for some time, as have a lot of people, but it
hasn't been publicly announced anywhere yet. The paperwork went
through earlier this week, so it is official now: I'm now the Fedora
Engineering Manager inside Red Hat."

"Also, this means that February 2008 is going to be a busy month for
me. Right now, I'm planning to attend SCALE 6X[2] and FOSDEM '08[3],
with Capricon 28 (not a Linux event) shoved in the middle."

[1] http://spot.livejournal.com/287187.html

[2] http://fedoraproject.org/wiki/FedoraEvents/SCALE/SCALE6X

[3] http://fedoraproject.org/wiki/FedoraEvents/FOSDEM/FOSDEM2008

== Marketing ==

In this section, we cover Fedora Marketing Project.


Contributing Writer: ThomasChung

=== FUDCon video: New face of Fedora ===

RahulSundaram reports in fedora-marketing-list[1],

"One of the major announcements at the recent FUDCon was the
changeover in Fedora Project leadership. Max Spevack, the outgoing
project manager, sat down with incoming Fedora chief Paul Frields (a
familiar face to magazine readers, as he's a popular contributor).
Couldn't make the conference? Catch up now instead."

[1] https://www.redhat.com/archives/fedora-marketing-list/2008-January/msg00253.html

=== Linux Format Interviews Jack Aboutboul ===

RahulSundaram reports in fedora-marketing-list[1],

"Fedora's dedication to opening everything is not just for hackers –
it has a wider importance in that our approach is an agent for social

[1] https://www.redhat.com/archives/fedora-marketing-list/2008-January/msg00210.html

=== Max Spevack talks to Linux.com ===

RahulSundaram reports in fedora-marketing-list[1],

"We caught up with Max at FUDCon. He told us how much he has enjoyed
being the Fedora project leader for the past two years, and why this
is a good time to hand the reins to someone else. Max will still be
working for Red Hat, and even though he will no longer be head Fedora
honcho, he'll still be involved with the project. But that's enough
from us. Let Max tell it in his own words."

[1] https://www.redhat.com/archives/fedora-marketing-list/2008-January/msg00209.html

=== Spinning a Fedora Linux Live CD ===

RahulSundaram reports in fedora-marketing-list[1],

"The Fedora project has added a powerful tool to its Linux
distribution to build your own live CD. With a single livecd-creator
command and a kickstart file listing the software you want, you can
create a desktop, gaming, or Web server to run live on most PCs. This
article gives details of how to do that."

[1] https://www.redhat.com/archives/fedora-marketing-list/2008-January/msg00194.html

== Ambassadors ==

In this section, we cover Fedora Ambassadors Project.


Contributing Writer: JeffreyTadlock

=== Ambassador Needed for Florida Linux Show ===

A post the Fedora-Announce-List[1] was made asking for a Fedora Booth
presence at the Florida Linux Show on February 11th, 2008.  If there
are any Ambassadors in the region, please check the Help Wanted:
Events page [2] and add your name to the event.

[1] https://www.redhat.com/archives/fedora-announce-list/2008-January/msg00011.html

[2] http://fedoraproject.org/wiki/HelpWanted/Events

=== Ambassador Needed for Linux Fest Northwest ===

JesseKeating posted to the Ambassador's list [1] looking for
Ambassadors to help staff a Fedora booth at Linux Fest Northwest.  The
event has been added to the Help Wanted: Events page [2].  If you can
help, please add your name to the event.

[1] https://www.redhat.com/archives/fedora-ambassadors-list/2008-January/msg00204.html

[2] http://fedoraproject.org/wiki/HelpWanted/Events

=== FAmSCo Summary ===

The Fedora Ambassador Steering Committee held its first meeting since
the initial meeting to elect a chairman of the committee.  The
following highlights some of FAmSCo's discussion on mailing lists and
from that meeting.

 * In efforts to help keep fellow Ambassadors informed as to what
FAmSCo is doing the committee will be communicating summaries of
activites through the Fedora News project.

 * FAmSCo meetings have moved to the public #fedora-meeting channel.
FAmSCo will be meeting every two weeks on Monday's at 20:00 UTC, with
the next meeting being 2008-02-04.  The Meetings page [1] will contain
summaries of past meetings.

 * FAmSCo is discussing going back through the Ambassador Verification
list [2] and following up with any Ambassadors who have not signed the
CLA and offering to help with the process or removed the name from the
list if needed.

 * FAmSCo is also discussing a better way to receive feedback from
Ambassadors regarding events, Ambassador operations and more.  Early
discussions mention the possibility of a web form to simply using an
email alias.

[1] http://fedoraproject.org/wiki/Ambassadors/SteeringCommittee/Meetings

[2] http://fedoraproject.org/wiki/Ambassadors/MembershipService/Verification


== Developments ==

In this section, we cover the problems/solutions, people/personalities, and
ups/downs of the endless discussions on Fedora Developments.


Contributing Writer: OisinFeeley

=== YUM Proxy Cache Safety, Storage Backend ===

This week's Intensely Detailed Thread Prize has been awarded to the
exchange started[1] by WarrenTogami concerning the best manner in
which YUM and HTTP mirrors can handle proxy caches. Warren had
received some interesting feedback from a ''squid''[2] developer,
HenrikNordström and explained several ways in which caching proxies
could cause YUM metadata to fall out of sync with the actual upstream
RPM packages. The main conclusion seemed to be that it would be best
to make the filenames of the repodata contain distinguishing
information.  Warren proposed several other ways relying on HTTP
response headers as potential alternate solutions, including the use
of ETags[2].

[1] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02361.html

[2] http://httpd.apache.org/docs/2.2/mod/core.html#fileetag

Warren's specific suggestion that the repodata filenames be modified
to include timestamps was tempered by his worry that older clients
unable to handle the renaming would hamper migration, but
JesseKeating[3] and ChuckAnderson[4] did some testing and found that
YUM was able to handle the situation as far back as "FC5,
yum-2.6.1-0.fc5, ftp and http baseurls".

[3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02362.html

[4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02371.html

JamesAntill threw an exception[5] when NicolasMailhot commented "I
made the same analysis several months ago when I setup my own local
mod_proxy cache. I'm glad to see Warren is getting through better than
me at the time." James counterposed the relative success resulting
from the method of flaming the "stupid yum developers" on
@fedora-devel versus discussion on the IRC channels #yum, #yum-devel
and the subsequent opening of bug reports and development. Nicolas
responded that this was an example of shooting the messenger and that
the problem had been reported many times. James' response was to
cite[6] possible shortage of resources and to point out that SethVidal
is usually very responsive when approached through the method which
James had described.

[5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02451.html

[6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02459.html

A very long and interesting sub-thread was opened[7] by LesMikesell
who was interested in the divergent question of how it would be
possible to change YUM so that non-cooperating users in the same
netblock would be served files from the same local cache.

[7] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02364.html

There seemed to be general agreement that the transition to versioned
filenames of repodata could work.  AlanCox noted[8] that keeping two
versions of the most up-to-date repodata, one with the newer
filenaming scheme would cover the case of older, incompatible clients
and new clients. JamesAntill suggested[9] that SHA1 sums be used
instead of timestamps and that YUM would need to be modified to clean
up metadata in /var/cache/yum.  He also suggested that Warren should
discuss the issue on #yum.

[8] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02390.html

[9] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02397.html

=== Disable SELinux To Use Revisor ===

A problem with running SELinux while attempting to run the FedoraUnity
Project's ''revisor'' tool[1], for creating re-spins of Fedora, was
brought[2] to the attention of the list by ValentTurkovic. Valent
posted screenshots of AVC denials and suggested that the respective
programming teams should sort out the problem.

[1] http://revisor.fedoraunity.org/

[2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02094.html

JohnDennis suggested that the actual alert could be saved from
''setroubleshoot'' and could then be entered into bugzilla instead of
using a screenshot, but Valent responded[3] that the developers should
just try and compose a respin with ''revisor'' and that this was
typical of a pattern in Fedora: "looks like nobody actually does
testing of these new features." A quick clarification was issued[4] by
JefSpaleta to the effect that ''revisor'' was not used internally by
the Fedora Project. CaseyDahlin pointed out that the ability to respin
Fedora easily was being advertised and people expected it to work, to
which JesseKeating responded[5] that '"We" cannot help what some other
parts of the project choose to tout (:'

[3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02099.html

[4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02131.html

[5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02134.html

The core of the problem was outlined[6] by JefSpaleta when he
explained that SELinux interacting with any chroot-like apparatus was
a problem, and re-emphasized that Valent's apparent belief that Fedora
release-engineering would have seen the problems was incorrect as
''revisor'' was not used internally. Jef also argued that while
re-spin generation tools should issue alerts that SELinux should be
disabled, they should not automatically disable SELinux. JesseKeating
deepened[7] the explanation with the information that "installing a
new policy in the chroot will actually cause that policy to activate
on the running kernel and then you have policy that doesn't match
labels, watch the fun!" and suggested that SELinux should be disabled
entirely or at least put in permissive mode before trying to use
chroot-dependent tools such as ''revisor'', ''pungi'' or

[6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02135.html

[7] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02117.html

[8] http://fedoraproject.org/wiki/FedoraLiveCD/LiveCDHowTo

Valent returned to the attack (see FWN#116 "AVC:Denied {trolling} For
PID=666 Comm={SELinuxRemove}"[9]) on SELinux leading JohnDennis to
remind[10] him that he was free to disable it whenever he liked but
that the goal of the Fedora Project was to "smooth out the bumps
rather than disabling the technology."  A brief response from Valent
led DanWalsh to explain[11] the problem further and this resulted in
opening up the thread to interesting, problem-solving contributions.
Dan's take was that the chroot and the host both use the same kernel,
so the loading of new SELinux policies _within_ the chroot actually
affects the host kernel.  Dan wondered whether the solution could be
virtual machines, or getting the chroot to run a separate kernel, or
tricking SELinux within a chroot into doing nothing. As part of the
brainstorming TillMaas suggested[12] that separate xattr namespaces
could be part of the solution. JamesMorris took up[13] the virtual
machine idea and wondered if ''lguest'' would be suitable due to being
scriptable and booting nearly instantaneously and DanielBerrange
added[14] the suggestion that LVM snapshots would provide disposable
disk-images which could be booted as guests.

[9] http://fedoraproject.org/wiki/FWN/Issue116#head-9c5db4e29943d9f156002b24d7b01a6b2b0542cb

[10] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02136.html

[11] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02415.html

[12] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02429.html

[14] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02477.html

JesseKeating played the role of realist and asked[15] for them to "get
back to me when it works on x86_64, ppc, ppc64, ia64, s390, s390x,
sparc, sparc64, arm, alpha..." DouglasMcClendon mentioned his
''qfakeroot'' scripts again and an interesting exchange occurred[16]
which explored the speed of qemu, the flakiness of kqemu and the
non-availability of qemu for PPC and an acknowledgment[17] that
Douglas' ''qkfakeroot'' is "pretty cool" in its ability to eschew root
privileges even if it takes too long to be used as a standard compose
tool by Fedora release-engineering.

[15] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02480.html

[16] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02494.html

[17] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02499.html

Two separate threads later resulted from this and are covered in this
same FWN#117 as "What Is A Fedora Developer?" and "SELinux And

=== Long-term Support Release ===

The issue of whether it was possible to have a "long term support"
release of Fedora was floated[1] by DavidMansfield.  David's courteous
post recognized that this might be mistaken for flame-bait and
acknowledged that teampower might be a constraint. David explained[2]
that the absence of many tools such as ''gnumeric'' and ''git'' and
some of the "cool" tools from the livna and rpmforge repositories from
CentOS/RHEL was a problem for him.

[1] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02191.html

[2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02195.html

CaseyDahlin was the first of many to suggest[3] that David should take
a look at the EPEL repositories. HorstvonBrand added[4] that the
purpose of Fedora was to make obtaining freely distributable software
easy and that this ruled out some of the programs in livna and

[3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02196.html

[4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02279.html

AndrewFarris recalled[5] the now defunct FedoraLegacy project and a
sub-thread exploring the problems of trying to maintain a long-term
release evolved including a discussion of whether RHEL in conjunction
with the EPEL repository was in effect "Fedora LTS".

[5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02204.html

[6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02308.html

JefSpaleta welcomed[7] the idea of a "Fedora LTS" but cautioned that
the idea seems to originate in Canonical's specific business model and
that it is hard to see where this fits in to the Fedora space.  His
post was very encouraging but challenged proponents to expand upon a
potential business plan.

[7] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02212.html

Discussion of whether FedoraLegacy actually failed, whether failure is
actually beneficial and what was learned took up the remainder of the

[8] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02392.html

=== F9 Alpha Spinning ===

Some figures for the sizes of ISOs for Fedora 9 Alpha spin were
posted[1] by LukeMacken.  Included was a diff between the F8-Live-i686
and F9-Alpha-Live-i686 Desktop spins.

[1] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02574.html

Suggestions were made[2] by HansdeGoede to reduce the size of the ISOs
a little including splitting up ''gnome-games'' and perhaps removing
''httpd'' from the LiveCD. LubomirKundrak suggested that ''httpd'' was
there because of WebDAV file sharing[3].

[2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02615.html

[3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02619.html

RahulSundaram wanted[4] to make sure that the latest content was going
into the Games LiveCD and offered to keep it updated in livecd-tools.
This led BillNottingham to query whether keeping the contributed spin
configs in ''livecd-tools'' itself and ColinWalters suggested[5]
keeping them in the same CVS directory as comps.

[4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02629.html

[5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02641.html

SzabolcsSzakacsits took pains to emphasize[6] that the apparent growth
of ''ntfs-3g'' did not take into account that ntfs-3g changes had
enabled the removal of ''fuse'' and a consequent overall decrease of
109MB. KevinKofler did not approve of some of the changes as he
claimed that they essentially created a static copy of fuse into

[6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02677.html

[7] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02689.html

=== SELinux And Chroot ===

As a result of the discussions over how to improve the interaction
between chroots and SELinux JamesMorris created a bugzilla[1] entry
and requested that concerned parties add requirements.  He noted[2]
that a related issue under discussion was the distribution of policy
when the host and target have differing policies.

[1] https://bugzilla.redhat.com/show_bug.cgi?id=430075

[2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02403.html

=== Fedora 9 For Asus Eeepc ===

The lucky OrionPoplawski had been playing around with a new toy in the
form of the ultra-portable Asus Eee PC and reported[1] that he had
encountered issues with the ethernet adapter (Attansic Tech L2
100Mbit), the wireless adapter (Atheros AR5007EG) and the Flash RAM

[1] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02645.html

ColinWalters suggested that as Orion wanted to minimize writes to the
flash drive (as there are a limited number) it would make sense to
make the filesystem read-only, in effect creating a "Live OS" on it
with the exception of /home which would be stored on an SD card.

[2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02646.html

The use of ''jffs2'' was recommended[3] by JohnPalmieri on the basis
of its use in the OLPC. John added that modern flash used "randomized
writes" (presumably wear-leveling) and thus was less likely to see the
problems encountered with journal writing in ext3 filesystems or FAT
on the older hardware.  He suggested also eliminating any /swap
partition and looking out for a new FS which was reputed to be better
for large flash drives. Some doubt was cast on this by
JonathanUnderwood as apparently the drives do not appear as flash to
the OS.

[3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02649.html

[4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02653.html

JoshBoyer and RubenKerkhof suggested that the ''logfs'' and ''ubifs''
filesystems might be what John was thinking about.  Josh thought that
the wear-leveling was done by a controller and not the actual flash

[6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02660.html

=== BIND: Less Restrictive Modes And Policy ===

An announcement of a major revision of BIND file modes was made[1] by
AdamTkac. Adam proposed that only ''/etc/rndc.key'' and
''/var/log/named.log'' should be restricted to the root user and that
other binaries should be readable by non-root users.  He also proposed
that the ''/var/named/*'' subtree would be writable by ''named''.
Adam sought objections.

[1] https://www.redhat.com/archives/fedora-devel-list/2008-January/thread.html#02499

SteveGrubb wondered[2] which other users would be expected to share a
DNS server and pointed out that it was "a high value target for

[2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02019.html

EnricoScholz suggested[3] that only the ''slaves/'' and ''data/''
directories had to be writable, but that ''pz/'' and other parts of
the chrooted filesystem used by named had to be read-only.
AndrewFarris wondered why and ManuelWolfshant recalled[4] BIND's past
history of providing a remote root.  He also stated a preference for
the general principle of granting the minimal rights necessary. After
Enrico confirmed this AdamTkac explained[5] that /var/named was
supposed to be writable by design.

[3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02073.html

[4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02080.html

[5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02127.html

A later comment mentioned[6] that there was a problem with coredumps
and in discussion with ChuckAnderson Adam cited a bugzilla entry which
documents the problem.

[6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02123.html
=== What Is A Fedora Developer? ===

Several hours after the extensive discussions[1] of the need to
disable SELinux while using chroot-dependent compose tools
ValentTurkovic initiated[2] another thread about using ''revisor'' in
which he asked for guidance as to whether he was encountering bugs or
making usage errors.

[1] FWN#117 "Disable SELinux To Use Revisor"

[2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02156.html

This thread had the potential to turn sour shortly after Valent was
advised[3][4] by several people that the FedoraUnity project were the
experts on ''revisor'' and Valent responded[5] by echoing the comment
made[6] (and answered!) previously in the earlier thread in which he
had been involved. Namely he claimed that "I thought since I'm using a
really loudly advertised fedora feature, and config files which all of
them are provided from fedora and not some 3rd party that this is the
correct list."

[3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02160.html

[4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02163.html

[5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02166.html

[6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02133.html

JesseKeating responded[7] calmly with the question "You are aware that
the vast majority of software in Fedora is developed and discussed at
their respective upstream locations, right?" JefSpaleta produced[8]
one of his typically insightful explicatory posts in which he drew a
distinction between upstream developers who contribute to Fedora and
"Fedora developers" who produce infrastructure which allows the Fedora
Project to be a conduit between users and upstream projects.

[7] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02167.html

[8] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02165.html

=== Erratum ===

In FWN#114 "SELinux Rants"[1] we mentioned that the copying of
directories using ''tar'' should be done with the "--xattrs" option in
order to preserve the context labels.  DavidHighley subsequently
contacted us to report that he had experienced problems using this
method.  David later helpfully reported that ''tar-1.17-5.fc8'', which
is available as an update appears to fix[2] the apparently broken
storage of SELinux and extended attributes which David was reporting.
Thanks to David for the follow-up on this issue.

[1] http://fedoraproject.org/wiki/FWN/Issue114#head-9aa83fad0c280fb44728ecae1f51900c5f9a014a

[2] https://admin.fedoraproject.org/updates/F8/FEDORA-2007-4400

== Advisory Board ==

In this section, we cover discussion in Fedora Advisory Board.


Contributing Writer: MichaelLarabel

=== Requests To The Fedora Board ===

RahulSundaram has made five requests on the fedora-advisory-board
list[1]. These requests come down to logistics with such appeals as
posting an agenda prior to each meeting, posting the meeting minutes
more promptly, and differing opinions on community board member
nominees. The message with responses can be read on the mailing

[1] https://www.redhat.com/mailman/listinfo/fedora-advisory-board

[2] https://www.redhat.com/archives/fedora-advisory-board/2008-January/msg00252.html

=== Fedora 7 Unity Re-Spin ===

For those not yet ready to upgrade to Fedora 8, the Fedora Unity[1]
project has released updated spins of Fedora 7. These new ISOs contain
all of the Fedora 7 updates as of January 18. The announcement and
download links can be found on the fedora-advisory-board list[2].

[1] http://fedoraunity.org/

[2] https://www.redhat.com/archives/fedora-advisory-board/2008-January/msg00245.html

== Documentation ==

In this section, we cover the Fedora Documentation Project.


Contributing Writer: JohnBabich

=== Works in Progress ===

Work continues on the Desktop User Guide (DUG) and the Administration
Guide (AG). The goal is to include both guides in the official Fedora
9 release.

=== Release Notes Summary ===

KarstenWade proposed a canonical release summary [1].

"We can use clever ...Include... statements that draw only specific
parts, so each 'mirror' of the canonical summary can show the most
appropriate fragment.

Anyone interested in doing this work?  It involves:

* Working out a single canonical location from amongst the several
Releases / # / Release Summary, Docs / Beats / Over View,
Press release needs (more lightweight), etc.

* Define a format for that page so that it can be fragmented (if needed)
for different summaries

* Write up a process for jamming all that together

* Publicize/evangelize"

JonathanRoberts agreed [2] and cited the KDE Project as doing an
excellent job in this regard.

RahulSundaram [3] concluded: "As the person behind both of these
documents, let me note that release notes overview was meant to be
more technical while the release summary was born out of an earlier
effort to do press releases via the community. Also due to general
lack of contributions (even though Jonathan Roberts and others did
help for Fedora 8), the time taken to write a proper release summary
was almost an entire night last time and that too way later than the
release notes string freeze.

We need to decide whether the overview in release notes can be the
kind of content that release summary currently is. If that is
preferred, let me know and I will do that from Fedora 9 onwards. I
wouldn't mind more people helping out either."

[1] http://www.redhat.com/archives/fedora-docs-list/2008-January/msg00185.html

[2] http://www.redhat.com/archives/fedora-docs-list/2008-January/msg00187.html

[3] http://www.redhat.com/archives/fedora-docs-list/2008-January/msg00207.html

== Infrastructure ==

In this section, we cover the Fedora Infrastructure Project.


Contributing Writer:  HuzaifaSidhpurwala

=== Continuing issues with xen ===

MikeMcGrath reports [1],

xen1 started exhibiting these issues when we moved from FC6 to RHEL5 GA.
It was assumed to be hardware issue because of how sporatic the issues
were and because we actually do have RHEL5 on other xen hosts.
The iscsi issue may or may not be a red herring but some of the reports
listed in the ticket suggests a kernel / poweredge bug that we may be
hitting.  We had moved
all non-redundant guests off of xen1 onto the more stable xen2 box.  After
upgrading xen2 to RHEL5 we started seeing the same problems with it.
There's a few things we can try, Mike will be doing so on xen1 with proxy4 as
our test host since its competely redundant and has, in the past, crashed
that box.
In the future though they should all be in similar specs (1U box, 8
core 16-32G memory)

[1] https://www.redhat.com/archives/fedora-infrastructure-list/2008-January/msg00093.html

=== Some Network issues affecting fedora servers ===

MikeMcGrath reports [1],

Seems a link between AT&T and level3 was down.  Mike was monitoring the
situation but there's little we can do about it right now.
The link came back after some time.

[1] https://www.redhat.com/archives/fedora-infrastructure-list/2008-January/msg00105.html

== Security Week ==

In this section, we highlight the security stories from the week in Fedora.

Contributing Writer: JoshBressers

=== Enterprise-grade Linux: Five network security FOSS apps ===

iTWire has a story detailing five open source security applications:


As more security applications are gobbled up by large firms, open
source projects gain a unique advantage.  Anytime an organization
needs to make money, they are willing to draw a gray line with respect
to their ethics.  As most open source projects don't rely on corporate
funding, they can be more strict with respect to what they call
malware.  It is quite likely that as the volume of malware increases,
this advantage will become more clear.

=== Growing virus production taxes security firms ===

The Register points out the current problem with growing malware trends:


The rate at which malware is growing is quite alarming.  If this trend
continues it will become impossible for anti virus firms to keep ahead
of the wave.  The current attitude toward malware is to take a very
reactive approach.  Most groups don't focus on stopping the cause of
problems, but rather treating the symptoms.  While there is certainly
a great deal of money to be made in treating symptoms, the well is
going to dry up eventually.

== Security Advisories ==

In this section, we cover Security Advisories from fedora-package-announce.


Contributing Writer: ThomasChung

=== Fedora 8 Security Advisories ===

 * xorg-x11-server-  -
 * libXfont-1.3.1-2.fc8  -
 * hsqldb-  -
 * mantis-1.1.1-1.fc8  -
 * clamav-0.92-6.fc8  -
 * bind-9.5.0-23.b1.fc8  -
 * xorg-x11-server-  -
 * kernel-  -
 * pulseaudio-0.9.8-5.fc8  -
 * icu-3.8-5.fc8  -

=== Fedora 7 Security Advisories ===

 * clamav-0.92-6.fc7  -
 * mantis-1.1.1-1.fc7  -
 * xorg-x11-server-  -
 * hsqldb-  -
 * boost-1.33.1-15.fc7  -
 * libXfont-1.2.9-3.fc7  -
 * bind-9.4.2-3.fc7  -
 * xorg-x11-server-  -
 * pulseaudio-0.9.6-2.fc7.1  -
 * icu-3.6-20.fc7  -

== Events and Meetings ==

In this section, we cover event reports and meeting summaries from
various Projects and SIGs.

Contributing Writer: ThomasChung

=== Fedora Board Meeting Minutes 2008-01-22 ===

 * https://www.redhat.com/archives/fedora-advisory-board/2008-January/msg00251.html

=== Fedora Ambassadors Steering Committee Meeting 2008-01-21 ===

 * http://fedoraproject.org/wiki/Ambassadors/SteeringCommittee/Meetings/2008-01-21

=== Fedora Documentation Steering Committee (Log) 2008-01-22 ===

 * http://www.redhat.com/archives/fedora-docs-list/2008-January/msg00172.html

=== Fedora Engineering Steering Committee Meeting 2008-01-24 ===

 * https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02469.html

=== Fedora Infrastructure Meeting (Log) 2008-01-24 ===

 * https://www.redhat.com/archives/fedora-infrastructure-list/2008-January/msg00108.html

=== Fedora Release Engineering Meeting 2008-01-21 ===

 * https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02074.html

=== Fedora Testing (BugZappers) Meeting 2008-01-02 ===

 * https://www.redhat.com/archives/fedora-test-list/2008-January/msg00429.html

=== Fedora SIG EPEL Meeting Week 04/2008  ===

 * https://www.redhat.com/archives/epel-devel-list/2008-January/msg00165.html

=== Fedora SIG KDE Meeting Week 04/2008 ===

 * https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02219.html

== Ask Fedora ==

In this section, we answer general questions from Fedora community.
Send your questions to askfedora AT fedoraproject.org and Fedora News
Team will bring you answers from the Fedora Developers and
Contributors to selected number of questions every week as part of our
weekly news report. Please indicate if you do not wish your name
and/or email address to be published.


Contributing Writer:  RahulSundaram

=== Fedora on Older Hardware ===

Robert Myers <mystinar at comcast.net>: In the development of Fedora 9,
is there any work being done to improve it's performance on older
hardware?  If so, will the performance increases be noticeable on,
say, a 450mhz Pentium III with 256 megabytes of RAM?


The major features for Fedora 9 are listed at
http://fedoraproject.org/wiki/Releases/9/FeatureList. While there
isn't any special focus in Fedora 9 to make it work on older hardware,
we typically inherit a number of performance improvements from the
upstream projects that we integrate, including many key projects where
Fedora developers are major contributors. As an exmaple, OLPC (One
Laptop Per Child) project is based on Fedora, and since OLPC is a
resource constrained environment, our participation results in
improvements that make it easier and more efficient to run on older

 * http://fedoraproject.org/wiki/OLPC

To add to that, there are a couple of Fedora spins developed currently
that target older hardware or low resource systems in which you might
be interested.

 * http://fedoraproject.org/wiki/ChristophWickert/FedoraLite
 * http://fedoraproject.org/wiki/RahulSundaram/XfceLive

=== OEM Installation ===

Shannon Mendenhall <mendenhall.shannon at comcast.net:I was wondering
when or if you are going to include a OEM install in
your next version (fedora 9). I was hoping so it would make it easier
for OEM builders to leave the client to set up there time zone, user
name, password, ect... thanks, I look forward to hearing your reply.

Actually, we've had this feature since the first version of Fedora. Refer to


Also, Fedora provides a number of sophisticated and easy to use tools
to make further customizations. Take a look at


=== Compiling Kernel ===

Sd <elesar at cable.netlux.org>: How I can compile your kernel? Where I
got kernel-source?


An easy question, thanks to the nice documentation at
http://fedoraproject.org/wiki/Docs/CustomKernel. Note that this is
already referenced from the release notes at


=== Bluetooth and Multimedia Keys ===

Zlatko (Email withheld on request)

First of all, I would like to thank You for Fedora 8. I'm using Fedora
since first edition, and now, I can say that Fedora is highly
improved, and can be used almost for everything. I'm using Fedora on
my laptop exclusively for business purposes, and also I'm using Fedora
on my desktop computer at my home for watching TV, watching DVD,
playing various games, Internet surfing, and so on, and everything is
OK. But, there is a slight problem in using fedora on my laptop. So,
on to the problem...  :-)

My integrated bluetooth wont work, unless I do the following:

 1. I start laptop with Windows Vista
 2. I restart from Vista to Fedora

Each time I do this, bluetooth works fine. But, if I turn off
computer, and start it again directly to Fedora, bluetooth wont work,
and system
wont recognize any bluetooth device. I have described this problem on
Fedora forum, also, but nobody answered my question so far, even I
have posted that post month ago. Here is the link to that post:

And also, if I may ask, is there a plan to support so-called "Fn"
functions? For example, on my Toshiba Satellite P200-10C, when I press
"Fn + F8" I should be able to activate/deactivate wireless/bluetooth,
but instead, nothing happens. I surely hope that You will consider
these questions, and help small users such as I am...  :-)

Thanks in advance...


Another user asks a similar question

Yuan Yijun <bbbush.yuan at gmail.com>: I use a Dell 640m which have some
external "multimedia button" to control music volume. And I used to
close the lid while playing some background music. When the lid is
closed, these buttons are not functional at all, so I cannot mute it
without open the lid && login (because of gnome-screensaver). How to
make them work? Thanks!


The bluetooth issue as well as multimedia keys not working on your
laptops out of the box appear to be bugs/enhancement requests that can
reported directly to http://bugzilla.redhat.com. We are continuously
enhancing Fedora to support components like Bluetooth and multimedia
keys to work better, and we appreciate your feedback. Use the
following references:

 * http://fedoraproject.org/wiki/BugsAndFeatureRequests
 * http://people.freedesktop.org/~hughsient/quirk/

=== Prayer Time for Fedora ===

Riam budhi <riam_3000 at hotmail.com>: I wanted to ask you, where is I
can download prayer time ( I am muslim)?


Unfortunately, this software isn't available in the Fedora repository
yet and I couldn't locate any good alternatives. This is now a
opportunity for you to be a contributor to Fedora and maintain the
software in the Fedora repository. Refer to

 * http://fedoraproject.org/wiki/PackageMaintainers/Join

Thomas Chung

More information about the fedora-announce-list mailing list