Fedora Weekly News #159

Pascal Calarco pcalarco at nd.edu
Mon Jan 19 18:01:43 UTC 2009

Welcome to Fedora Weekly News Issue 159 for the week ending January 
19th, 2009.


This week's issue reveals the code name for Fedora 11 and provides 
coverage from the latest FUDCon in announcements. News abounds from 
around Fedora Planet, including musings on the reduction of the OLPC dev 
team, thoughts on what it means to contribute to Fedora from several 
contributors, and much more. Development reports on several discussions 
from the recent FUDCon on the possible future of comps.xml, new packages 
to Rawhide coming, and more. More depth of discussion on the need for a 
Fedora Project CMS is offered in the Docs beat, and Translations has 
lots more to report on new members of various internationalization 
teams. The Art beat has a wonderful in-depth look at approaches for 
themes for Fedora 11, and security advisories brings us up to date with 
recent updates there. We complete the issue with news from 
virtualization developments, including two items regarding sVirt, a 
project to add security labeling support to Linux-based virtualization, 
and other focused discussions with libvirt. Enjoy!

If you are interested in contributing to Fedora Weekly News, please see 
our 'join' page[1]. We welcome reader feedback: fedora-news-list at redhat.com

FWN Editorial Team: Pascal Calarco, Oisin Feeley, Huzaifa Sidhpurwala

[1] http://fedoraproject.org/wiki/NewsProject/Join

-- Announcements --

In this section, we cover announcements from the Fedora Project.



Contributing Writer: Max Spevack

--- Fedora 11 Release Name ---

At FUDCon Boston, Paul Frields announced that "Leonidas" had won the 
vote, and will be the code name of Fedora 11. There was much screaming 
and yelling, and reciting of lines from "The 300"[0].


--- FUDCon Boston ---

FUDCon Boston was a great success[1]. Not only are many videos from the 
sessions available on the Fedora Wiki, but there is also a collection of 
blog posts from various attendees[2].


[2] https://fedoraproject.org/wiki/FUDCon:FUDConF11_blogs

--- Technical Announcements ---

Jon Stanley announced[3] that he and Dennis Gilmore "are beginning an 
effort to migrate fedora-* redhat com to lists.fedoraproject.org." There 
are several benefits to this move, including greater control of the 
Fedora lists, a stronger Fedora identity (@lists.fedoraproject.org as 
opposed to @redhat.com), and the ability to be more responsive to 
community requests.


Jesse Keating announced[4] that on January 20th, "we will be doing a 
non-blocking freeze of Rawhide to be the basis of Fedora 11 Alpha. Only 
targeted fixes will be pulled into the Alpha tag after the freeze. 
Rawhide itself will continue on as to not disrupt development."


--- Upcoming Events ---

Fedora will have a presence at several events in the next few weeks. 
Feel free to join us,

February 6 - 8: Free and Open Source Developers European Meeting (FOSDEM)[5]

February 20 - 22: Southern California Linux Expo (SCALE)[6]

Also, people are encouraged to register for Fedora or JBoss.org related 
speaking slots at LinuxTag 2009[7].

[5] https://fedoraproject.org/wiki/FedoraEvents/FOSDEM/FOSDEM2009

[6] https://fedoraproject.org/wiki/SCALE7X_Event

[7] https://fedoraproject.org/wiki/LinuxTag_2009_talks

-- Planet Fedora --

In this section, we cover the highlights of Planet Fedora - an 
aggregation of blogs from Fedora contributors worldwide.


Contributing Writer: Adam Batkin

--- General ---

Marc F Ferguson expounded[0] upon the wonders of "Being a Part of 
Something Bigger" by joining the Fedora Project and switching to Linux! 
While there are lots of positive posts out there, this one captures the 
positive feeling that a lot of folks have by joining a project like Fedora.

Andrew Overholt appealed[1] for anyone interested in helping get JBoss 
AS 5.0 into Fedora.

Karsten Wade wrote[2] about some of the issues and concerns involved 
with picking a CMS for Fedora.

Abhishek Rane posted[3] some nice screenshots of Amarok (as well 
as a download link for Fedora 10).

Jef Spaleta continued[4] his across-the-intertubes discussion with Mark 
Shuttleworth about Canonical's Launchpad being closed source, and talked 
about his motivations behind contributing to Fedora: "I have never 
received a paycheck from Red Hat in any capacity...Making sure companies 
which proclaim to be open source advocates are actually ‘walking the 
walk’ is on my personal agenda." In another post, Jef added[5] the 
statistic "2 out of the top 3 'ideas' on Ubuntu's brainstorm this week 
are requests to take features from the Fedora Feature process for Fedora 
10 and port them to Ubuntu". He continued[6] by showing that Soyuz (a 
component of Launchpad that Canonical has not open sourced) has a much 
higher number of open bugs than other components. Along a similar line 
of thought, he discussed[7] in more general terms, "How important is 
opening sourcing in the cloud?"

Greg DeKoenigsberg mused[8] about the loss of most of the OLPC software 
development team and what that means for OLPC, Sugar and Fedora.

Jesus Rodriguez announced[9] that Spacewalk 0.4 ("an open source Linux 
and Solaris systems management solution") has been released, including a 
list of features and enhancements and some known issues.

Scott Williams proposed[10] offering support for end-of-life versions of 
Fedora in a new Freenode IRC channel (#Fedora-EOL), complete with some 
discussion in the comments about whether or not this was a good idea.

Dave Jones generated[11] a neat graph of the performance of an SSD

Jef Spaleta provided[12] some interesting statistics about VCS usage 
from Debian as well as fedorahosted.org, and discussed some of the 

[0] http://www.fergytech.com/2009/01/17/being-apart-of-something-bigger/

[1] http://overholt.ca/wp/?p=114



[4] http://jspaleta.livejournal.com/32178.html

[5] http://jspaleta.livejournal.com/32733.html

[6] http://jspaleta.livejournal.com/33152.html

[7] http://jspaleta.livejournal.com/32488.html

[8] http://gregdek.livejournal.com/43698.html

[9] http://zeusville.wordpress.com/2009/01/15/spacewalk-04-released/

[10] http://vwbusguy.wordpress.com/2009/01/16/help-needed-fedora-eol/

[11] http://www.codemonkey.org.uk/2009/01/16/gskill-ssd-performance/

[12] http://jspaleta.livejournal.com/32888.html

--- FUDcon Boston ---

Máirín Duffy took[1] some photos of the latest FUDcon Boston shirts.

Chris Tyler announced[2] that "Video from eight of the FUDCon F11 
sessions plus Paul Frield's closing remarks/State of Fedora are now 

Karsten Wade asked[3] "Where are your FUDCon session notes?" (so if you 
have any session notes from FUDcon, feel free to follow these tips to 
share them with others who may not have been so fortunate to attend 

[1] http://mihmo.livejournal.com/67737.html


[3] http://iquaid.org/2009/01/16/where-are-your-fudcon-session-notes/

--- How-Tos ---

John Poelstra wrote[1] about how to perform "Fast Spaceless Backups".

Bogomil Shopov shared[2] a quick tutorial on "Installing LXDE on 
Fedora". LXDE is the Lightweight X11 Desktop Environment ("a desktop 
environment which is lightweight and very very fast").

[1] http://poelcat.wordpress.com/2009/01/14/fast-spaceless-backups/

[2] http://www.bogomil.info/int/installing-lxde-on-fedora

-- Developments --

In this section the people, personalities and debates on the 
@fedora-devel mailing list are summarized.

Contributing Writer: Oisin Feeley

--- The Possible Future of Comps ? ---

Seth Vidal reported[1] that one outcome of the recent FUDCon[2] had been 
an initiative to overhaul the comps.xml file. This file is part of the 
metadata used to define group membership of related packages in order to 
allow[3] yum or anaconda to aid in installation.

Seth described the intent to replace the fixed group definitions with 
metapackages created on-the-fly, based on examining and 
dependency-solving repository metadata, as "a fairly radical departure". 
Related changes will be the ability to define groups within groups and 
the addition of new metadata to allow tag cloud classification. Some of 
the anticipated benefits are the ability to find desired software more 
easily, the creation of more fine-grained groups and a more intuitive 
persistence of groups.

One apparent sticking point raised by Bill Nottingham was that the 
flattening of the package levels included the removal of "conditional" 
packages and "[...] a large portion of the language support is built 
around conditional packages." Seth argued[4] that removing conditional 
packages was something which was desirable whether or not this 
particular initiative took hold. This seemed like a problem especially 
for KDE but Bill prototyped[5] a yum plugin to solve the problem.

Some examples in which removing a metapackage would not remove 
dependencies installed to satisfy the metapackage were teased out[6][7] 
in conversations between Josh Boyer and Seth and Jesse Keating.

Florian Festi thought[8] that the list of problems to be solved should 
be expanded to include how multilib is handled, the proliferation of 
noarch subpackages and poor implementations of parts of the tool-chain. 
He also emphasized that with the "increasing number of languages 
supported and packages being properly translated we ship more and more 
language dependent content the users are not interested in. We are 
currently missing both a way to package these contents properly and a 
mechanism the control which should be actually installed."


[2] http://fedoraproject.org/wiki/FUDCon







--- New GPG Signing Keys for Each Release ---

Jesse Keating asked[1] what value Fedora users perceived in the presence 
of the "[...] two gpg keys per release, one for rawhide/updates-testing 
and one for the final release and stable updates."

Todd Zullinger suggested[2] that eschewing the importation of the 
"updates-testing" key would ensure that "[...] no packages from 
updates-testing are installed on a box [.]" Casey Dahlin disliked[3] 
such a use of keys to categorize things.

Todd asked if each new release would come with a new key, similar to the 
way this was handled after the infrastructure intrusion. He balanced the 
sense of confidence given by keeping a key around for a "reasonably long 
time" versus the mitigation of "the lack of any way to revoke a key in 
the rpm db [.]" Jesse confirmed[4] "[...] yes, we plan to use new keys 
each release. We can use gpg web-"-trust thing and sign the new keys 
with the old keys and whatnot, does that actually help people?j

Douglas E. Warner and Steve Grubb worried[5] that the inability to 
revoke keys exposed machines to repository metadata attacks and Steve 
revealed[6] that the import of keys is "[...] one of the few security 
sensitive actions that is not put into the audit system."







--- libssl.so.7 Going Through a Bumpy Patch ---

Tomas Mraz advised[1] that he was going to build a new OpenSSL in 
rawhide which would require a soname bump due to minor breakage of the 
ABI. As a transitional measure he intended to temporarily provide 
symlinks to the old soname so that most of the 288 affected packages 
should continue working until they were rebuilt. Jesse Keating 
expressed[2] disquiet with the timing as the large number of rebuilds 
would be "[...] likely to break buildroots, break anaconda composes, 
break installs, break users. This isn't the kind of crap we want to land 
in rawhide just before a freeze, and just before an effort to turn that 
freeze into something usable. PLEASE wait until after Alpha has been cut 
to do this." He seemed slightly mollified[3] by Tomas' use of 
compatibility symlinks and rpm provides.

When Benny Amorsen wondered why such breakage was occurring again with 
openssl Tomas explained[4] that the design "declar[ed] some important 
structures which have to be changed/extended with new functionality in 
the public headers. Unless they move these structures to private headers 
this situation is going to happen again." Christopher Aillon joked[5] 
that it was happening again because Benny had not ported his 
applications to use NSS(see FWN#107[6]).

Later Horst von Brand reported[7] widespread problems with many packages 
which seemed to fail. RalfErtzinger explained[8] that "[t]he problem is 
that the openssl package was supposed to contain symlinks for 
libssl.so.7 and libcrypto.so.7, and rpm -ql says that the package does 
contain them, but they are, in fact, missing from the filesystem."

Tomas Mraz scrambled[9][10] to sort out the problem by trying to run 
ldconfig in the %post of the openssl package. Kevin Kofler suggested[11] 
a possible cause.

Jesse Keating fretted[12] that all of this was exactly what he did not 
want just before next week's alpha freeze[13].






[6] https://fedoraproject.org/wiki/FWN/Issue107#Crypto_Consolidation







[13] https://fedoraproject.org/wiki/Releases/11/Schedule

--- MinGW Package Reviews Requested ---

Richard W.M. Jones noted[1] that the rapid development cycle[2] meant 
that Fedora 11 was already approaching (2009-01-20) alpha-freeze and 
asked for package reviews of the outstanding parts of the MinGW Windows 
cross-compiler feature[3]. He offered to trade reviews with interested 
parties and provided links to outstanding reviews.

There is apparently no question that the feature, which will allow 
generation of Windows targets on Fedora, will slip from Fedora 11.


[2] https://fedoraproject.org/wiki/Releases/11/Schedule

[3] https://fedoraproject.org/wiki/Features/Windows_cross_compiler

--- MySQL 5.1 Coming to Rawhide After Alpha-Freeze ---

A heads-up was posted[1] by Tom Lane to advise that mysql-5.1.30 would 
be pushed into rawhide immediately after the alpha freeze. He warned: 
"This involves an ABI break: libmysqlclient.so has increased its major 
version number from 15 to 16 [...]" and provided a list of affected 
packages along with the offer to launch rebuilds for anyone who wished.


--- Spins SIG Controversy ---

A vigorous disagreement erupted when Jeroen van Meeuwen announced[1] 
that the Spins SIG[2] would henceforth be having meetings every two 
weeks (Jeroen later rescheduled[3] the meeting to Mondays at 17:00 UTC) 
and that the first meeting would be to finalize a new process arrived at 
during the last FUDCon.

Rahul Sundaram contended[4] that "[s]uch decisions shouldn't be taken at 
FUDCon because it automatically excludes people who cannot be present at 
the event. You should use the events only to discuss the issues and make 
the decisions over mailing lists or irc where others can participate as 
well." A long thread mostly involving just Rahul, Jeroen and Josh Boyer 

In response to Rahul's point that the new process was onerous as it 
mandated a weekly compose and report JoshBoyer seemed[5] to be of the 
opinion that this was a good thing. BillNottingham added[6]: "It's not 
really adding anything to the amount of work that needs to be done, in 
total. It's just shifting around who it gets done by and when."

Some weight was given to Rahul's argument that the method of arriving at 
the new process was a problem when Jeroen posted[7] that no minutes had 
been kept of the meeting and pointed to a "5-minute after 
best-recollection of what happened" summary on the wiki[8] as a source 
of information.

JesseKeating argued[9] that FUDCon was a useful, "high-bandwidth" means 
of having discussions and that public email was too slow to make 
decisions compared to IRC, IM, phone and face-to-face meetings. 
Subsequently he added that the result of the FUDCon discussions was a 
proposal and not a decision and suggested that unless the skeleton 
process was approved quickly then there might be no spins for Fedora 11. 
Rahul responded[10] that the original post had been a simple declaration 
which did not suggest it was merely a proposal. Rahul added[11] that 
there was a need to clarify the process in order to avoid the confusion 
of the past.


[2] http://fedoraproject.org/wiki/SIGs/Spins






[8] http://fedoraproject.org/wiki/SIGs/Spins_NewProcess




-- Documentation --

In this section, we cover the Fedora Documentation Project.


Contributing Writer: Jason Taylor

--- Fedora Content Management System (CMS) ---

There has been a need for a CMS within the project and there will soon 
be a decision made in this regard. Karsten posted[0] the reasoning 
behind moving to a CMS[1] and the need for people with CMS 
administration experience to lend a hand.



-- Translation --

This section covers the news surrounding the Fedora Translation (L10n) 


Contributing Writer: Runa Bhattacharjee

--- Dimitris Glezos Appointed to the Fedora Board ---

The current chair of the Fedora Localization Steering Comittee (FLSCo), 
DimitrisGlezos has been selected[1] to fill one of the appointed seats 
on the Fedora Board[2].


[2] http://fedoraproject.org/wiki/Board

--- New Team for Kashmiri and New Coordinator Marathi ---

RakeshPandit announced[2] the start of the Kashmiri Translation Project 
for Fedora. The Marathi Translation team found its new coordinator in 



--- Packagekit Translations for Fedora 11 ---

RichardHughes, the maintainer of Packagekit announced that a new version 
of the package would be released in a couple of weeks and this version 
would be included in Fedora 11. He mentions that quite a few popular 
languages do not have complete translations at the moment. Translators 
can mail the packagekit mailing list for queries regarding translateable 
strings[4]. Meanwhile, it has been noticed that both the Gnome and 
Fedora Status pages do not contain updated translations statistics for 
this package[5].



--- Confusion over Translations for Newly Coined Words ---

RichardvanderLuit brought forward an interesting problem related to the 
translations of newly coined words for English, which are specifically 
targetted for computer science[6]. The word in question is "untrusted" 
which differs from the general English antonym for "trusted".


--- Branching of Fedora Packages ---

AnkitPatel started a discussion about the availability of a branching 
process in the VCS for Fedora packages, to provide for backporting of 
translations[7]. MiloslavTrmac (Mirek) suggested submitting patches in 
bugzilla for such cases, as upstream packages generally do not branch 
out for versions in the distributions[8]. Linking up the translation 
interface with an automated bug sumission process was suggested by 
AsgeirFrimannsson as a possible solution[9]. Discussions still continue, 
listing merits and demerits of the possibility of large scale 
backporting via bugzilla and separation of the translations from the 




--- New Members in FLP ---

ZakWang from Hunan, China[10] joined the Simplified Chinese team and 
RakeshPandit joined to start the Kashmiri Team for Fedora[11].



-- Artwork --

In this section, we cover the Fedora Artwork Project.


Contributing Writer: Nicu Buculei

--- Theming Fedora 11 ---

For this release cycle, the Art team is trying a slightly different 
process with linking the desktop theme to the release name, so just 
after the codename "Leonidas" was announced for Fedora 11, the process 
started with Máirí­n Duffy proposing on @fedora-art two possible 
approaches, navigation "We could get some inspiration from traditional 
nautical tools, like compasses, navigational charts, telescope, all that 
kind of stuff. It could have a kind of steampunk look" and water "Or we 
can get some inspiration from water and water traffic. For example, 
imagine time lapse photos of a river in a city over the course of a day, 
with folks rowing crew in the morning, sailing in the afternoon, with 
tour/party boats coming through in the evening - for the time-lapse 


Nicu Buculei observes[2] that even if the release name is based on a 
historical ship, most people will associate it with the ancient Greek 
hero "Technically the vote was for the ship but I am sure (and the 
reaction after the announcement are a reassurance) most people voted for 
the Spartan" and support a theme based on the Ancient Greece culture "So 
I am thinking about the Golden ratio, used a loot in the Ancient Greek 
architecture, notably on the Parthenon and probably a graphic based on 
the Golden ratio would be fit", a take endorsed[3] by Samuele Storari 
"The Hellenic age was the top of the acient greece time and it spouse 
the first concept as well, maybe we can use a steam punk, futuristic 
theme for the old art" and Konstantinos Antonakoglou[4] "Basically, I 
imagine a trireme-like, or even an ancient fish-boat (with or without 
the Fedora logo on its sail :P) sailing on a sea of stars (with splashes 
on its front). I guess it can be combined with the golden ratio , math etc."




At the same time, Charlie Brej noted[5] some possible inadvertent uses 
of the release name "The only problem is the theme should be as 
acceptable to as many people as possible. So, for the Leonidas theme we 
should stay away from: violence, nudity, blood, glorification of war, 
nationalistic sentiments etc..."


Mark reiterated[6] his old idea or reusing the theme of an older 
release, "How do you guys feel about a full theme in the old fedora 
(Core 1 till 4) colors? The link with the F11 name is (just making it up 
now) : Reviving old days. (the name represents something old and the 
theme represents the beginning years of fedora)", an idea not liked by 
the rest of the team, as noted by Máirí­n Duffy][7] and Luya 




Máirí­n Duffy started[9] a wiki page[10] to collect all the proposals, 
keep an eye on it to follow the development.


[10] https://fedoraproject.org/wiki/Artwork/F11_Artwork

Closely related tot he theme development is the draft scedule[11] for 
the Art Team proposed[12] by John Poelstra.

[11] http://poelstra.fedorapeople.org/schedules/f-11/f-11-art-tasks.html


-- Security Advisories --

In this section, we cover Security Advisories from fedora-package-announce.


Contributing Writer: David Nalley

--- Fedora 10 Security Advisories ---

     * nfs-utils-1.1.4-6.fc10 - 
     * tqsllib-2.0-5.fc10 - 
     * bind-9.5.1-1.P1.fc10 - 
     * xine-lib-1.1.16-1.fc10 - 
     * amarok- - 
     * drupal-6.9-1.fc10 - 

--- Fedora 9 Security Advisories ---

     * bind-9.5.1-1.P1.fc9 - 
     * nfs-utils-1.1.2-9.fc9 - 
     * xine-lib-1.1.16-1.fc9.1 - 
     * tqsllib-2.0-5.fc9 - 
     * drupal-6.9-1.fc9 - 

-- Virtualization --

In this section, we cover discussion on the @et-mgmnt-tools-list, 
@fedora-xen-list, @libvirt-list and @ovirt-devel-list of Fedora 
virtualization technologies.

Contributing Writer: Dale Bewley

--- Libvirt List ---

This section contains the discussion happening on the libvir-list.

---- sVirt 0.30 Released ----

James Morris announced[1] "the release of v0.30 of sVirt[2], a project 
to add security labeling support to Linux-based virtualization.

[1] http://www.redhat.com/archives/libvir-list/2009-January/msg00158.html

[2] http://selinuxproject.org/page/SVirt

---- sVirt Qemu Hurdles ----

Daniel J Walsh began to work on the svirt lock down of the qemu process, 
and saw[1] a problem with "the image:Echo-package-16px.pngqemu binaries 
are being used to both setup the guest image environment and then to run 
the guest image."

"The problem with this is the act of installing an image or setting up 
the environment an image runs within requires much more privileges then 
actually running the image."

"SELinux runs best when one processes forks/execs another process this 
allows us to run the two processes under different labels. Each process 
with the privileges required to run."

[1] http://www.redhat.com/archives/libvir-list/2009-January/msg00198.html

---- Fine Grained Access Controls ----

Konrad Eriksson desired[1] is "an addition[2] to 
image:Echo-package-16px.pnglibvirt that enables access control on 
individual actions and data that can be accessed through the library 
API. This could take the form of an AC-module that, based on the 
identity of the caller, checks each call and grants/denies access to 
carry out the action (could also take parameters in account) and 
optionally filter the return data. The AC-module could then interface 
different backend AC solutions (SELinux, RBAC, ...) or alternatively 
implement an internal scheme."

Daniel P. Berrange pointed[3] out how this relates to sVirt. "At this 
stage sVirt is primarily about protecting guests from each other, and 
protecting the host from guests. Konrad's suggestions are about 
protecting guests/hosts from administrators, by providing more fine 
grained control over what libvirt APIs an admin can invoke & on what 
objects. Both bits of work are required & are complementary to each other."

[1] http://www.redhat.com/archives/libvir-list/2009-January/msg00282.html

[2] http://wiki.libvirt.org/page/TodoFineGrainedSecurity

[3] http://www.redhat.com/archives/libvir-list/2009-January/msg00362.html

---- Configuring Host Interfaces RFC ----

David Lutterkort composed[1] an RFC beginning "For certain applications, 
we want image:Echo-package-16px.pnglibvirt to be able to configure host 
network interfaces in a variety of ways; currently, we are most 
interested in teaching libvirt how to set up ordinary ethernet 
interfaces, bridges, bonding and vlan's. Below is a high-level proposal 
of how that could be done. Please comment copiously ;)"

Adding this type of support struck some as a complex open-ended 
prospect. John Levon argued[2] "We should be considering why libvirt is 
/well-placed/ to configure the host. I think it should be pretty clear 
that it's actually not: the problems around distro differences alone is 
a good indication. The proposed API is anaemic enough to not be of much 
use. This is way beyond carving out the physical system into virtual 
chunks and it's a big step towards lib*virt* becoming libmanagement."

Daniel P. Berrange countered[3] "The existance of many different 
[implementations] is exactly the reason for libvirt to have this 
capability. Libvirt is providing a consistent mgmt API for management of 
guests and host networking interfaces is as much a part of this as the 
storage management. Libvirt is providing this capability across 
virtualization technology." Also saying[4] "Network interface APIs are 
the core missing piece of libvirt API functionality IMHO."

[1] http://www.redhat.com/archives/libvir-list/2009-January/msg00350.html

--- end FWN 159 ---

Pascal Calarco, Fedora Ambassador

More information about the fedora-announce-list mailing list