= Fedora Weekly News Issue 117 = Welcome to Fedora Weekly News Issue 117 for the week of January 21st, 2008. http://fedoraproject.org/wiki/FWN/Issue117 In Announcement, we have "And the F9 codename winner is...", "FUDCon F9 Survey available" and "Fedora Unity releases updated Fedora 7 Re-Spins". In Planet Fedora, we have "Summer coding project ideas for Fedora", "Red Hat, rocking hard", "The name game" and "My big announcement". To join or give us your feedback, please visit http://fedoraproject.org/wiki/NewsProject/Join. 1. Announcements 1. And the F9 codename winner is... 2. FUDCon F9 Survey available 3. Fedora Unity releases updated Fedora 7 Re-Spins 2. Planet Fedora 1. Summer coding project ideas for Fedora 2. Red Hat, rocking hard 3. The name game 4. My big announcement 3. Marketing 1. FUDCon video: New face of Fedora 2. Linux Format Interviews Jack Aboutboul 3. Max Spevack talks to Linux.com 4. Spinning a Fedora Linux Live CD 4. Ambassadors 1. Ambassador Needed for Florida Linux Show 2. Ambassador Needed for Linux Fest Northwest 3. FAmSCo Summary 5. Developments 1. YUM Proxy Cache Safety, Storage Backend 2. Disable SELinux To Use Revisor 3. Long-term Support Release 4. F9 Alpha Spinning 5. SELinux And Chroot 6. Fedora 9 For Asus Eeepc 7. BIND: Less Restrictive Modes And Policy 8. What Is A Fedora Developer? 9. Erratum 6. Advisory Board 1. Requests To The Fedora Board 2. Fedora 7 Unity Re-Spin 7. Documentation 1. Works in Progress 2. Release Notes Summary 8. Infrastructure 1. Continuing issues with xen 2. Some Network issues affecting fedora servers 9. Security Week 1. Enterprise-grade Linux: Five network security FOSS apps 2. Growing virus production taxes security firms 10. Security Advisories 1. Fedora 8 Security Advisories 2. Fedora 7 Security Advisories 11. Events and Meetings 1. Fedora Board Meeting Minutes 2008-01-22 2. Fedora Ambassadors Steering Committee Meeting 2008-01-21 3. Fedora Documentation Steering Committee (Log) 2008-01-22 4. Fedora Engineering Steering Committee Meeting 2008-01-24 5. Fedora Infrastructure Meeting (Log) 2008-01-24 6. Fedora Release Engineering Meeting 2008-01-21 7. Fedora Testing (BugZappers) Meeting 2008-01-02 8. Fedora SIG EPEL Meeting Week 04/2008 9. Fedora SIG KDE Meeting Week 04/2008 12. Ask Fedora 1. Fedora on Older Hardware 2. OEM Installation 3. Compiling Kernel 4. Bluetooth and Multimedia Keys 5. Prayer Time for Fedora [[Anchor(Announcements)]] == Announcements == In this section, we cover announcements from Fedora Project. https://www.redhat.com/mailman/listinfo/fedora-announce-list Contributing Writer: ThomasChung === And the F9 codename winner is... === JoshBoyer announces in fedora-announce-list[1], "Fedora 9 (Sulphur) Try as they might, the Bathysphere lobbyists failed in their quest to have the little round ships be the moniker for Fedora 9. Instead, by a narrow margin, the community has chosen Sulphur to be the codename for Fedora 9." [1] https://www.redhat.com/archives/fedora-announce-list/2008-January/msg00012.html === FUDCon F9 Survey available === PaulFrields announces in fedora-announce-list[1], "The Fedora marketing team has posted a survey regarding FUDCon F9, held January 11-13, 2008 in Raleigh, NC. All community members are invited to participate, whether you attended or not. We expect to use these surveys in the future for additional FUDCon events, to make sure that the events are delivering as much value as possible to attendees and observers. The URL for the survey is: http://www.keysurvey.com/survey/185839/207c/" "ERRATUM: The survey ends at 10pm EST on 07 Feb 2008 (0300 UTC 08 Feb 2008). Thank you for participating!" [1] https://www.redhat.com/archives/fedora-announce-list/2008-January/msg00009.html === Fedora Unity releases updated Fedora 7 Re-Spins === JeroenVanMeeuwen announces in fedora-announce-list[1], "The Fedora Unity Project is proud to announce the release of new ISO Re-Spins (DVD and CD Sets) of Fedora 7. These Re-Spin ISOs are based on Fedora 7 and all updates released as of January 18th, 2008. The ISO images are available for i386, x86_64 and PPC architectures via jigdo starting Thursday, January 24th, 2008. We have included CD Image sets for those in the Fedora community that do not have DVD drives or burners available." [1] https://www.redhat.com/archives/fedora-announce-list/2008-January/msg00007.html [[Anchor(PlanetFedora)]] == Planet Fedora == In this section, we cover a highlight of Planet Fedora - an aggregation of blogs from world wide Fedora contributors. http://fedoraproject.org/wiki/Planet Contributing Writers: ThomasChung === Summer coding project ideas for Fedora === KarstenWade points out in his blog[1], "Summer in the Northern Hemisphere has been very busy the last few years since Google introduced its Summer of Code project. Folks are beginning to include the Southern Hemisphere. The Summer of Content from OLPC already plans to cover both Summers with two project rounds per year. Summer is a traditional time for students to take a break from studies, and the Summer project ideas build upon an existing history of programming interns from universities and colleges earning experience and compensation." [1] http://iquaid.org/2008/01/27/summer-coding-project-ideas-for-fedora/ === Red Hat, rocking hard === DavidNielsen points out in his blog[1], "Forbes reports the 25 fastest growing Tech companies, our friends at Red Hat comes in at 11th. Many congratulations to Red Hat on the fine result." [1] http://lovesunix.net/blog/?p=232 === The name game === JoshBoyer points out in his blog[1], "The timing was totally different this time around so that the Art team could have more time to create artwork for the release. Also, there's no real reason to keep it secret until the last minute. We tried this for this release to see if it made a difference anywhere. If it doesn't produce something that most people view as good we can always change back." [1] http://jwboyer.livejournal.com/20716.html === My big announcement === TomCallaway points out in his blog[1], "I've known about this for some time, as have a lot of people, but it hasn't been publicly announced anywhere yet. The paperwork went through earlier this week, so it is official now: I'm now the Fedora Engineering Manager inside Red Hat." "Also, this means that February 2008 is going to be a busy month for me. Right now, I'm planning to attend SCALE 6X[2] and FOSDEM '08[3], with Capricon 28 (not a Linux event) shoved in the middle." [1] http://spot.livejournal.com/287187.html [2] http://fedoraproject.org/wiki/FedoraEvents/SCALE/SCALE6X [3] http://fedoraproject.org/wiki/FedoraEvents/FOSDEM/FOSDEM2008 [[Anchor(Marketing)]] == Marketing == In this section, we cover Fedora Marketing Project. http://fedoraproject.org/wiki/Marketing Contributing Writer: ThomasChung === FUDCon video: New face of Fedora === RahulSundaram reports in fedora-marketing-list[1], "One of the major announcements at the recent FUDCon was the changeover in Fedora Project leadership. Max Spevack, the outgoing project manager, sat down with incoming Fedora chief Paul Frields (a familiar face to magazine readers, as he's a popular contributor). Couldn't make the conference? Catch up now instead." [1] https://www.redhat.com/archives/fedora-marketing-list/2008-January/msg00253.html === Linux Format Interviews Jack Aboutboul === RahulSundaram reports in fedora-marketing-list[1], "Fedora's dedication to opening everything is not just for hackers – it has a wider importance in that our approach is an agent for social change" [1] https://www.redhat.com/archives/fedora-marketing-list/2008-January/msg00210.html === Max Spevack talks to Linux.com === RahulSundaram reports in fedora-marketing-list[1], "We caught up with Max at FUDCon. He told us how much he has enjoyed being the Fedora project leader for the past two years, and why this is a good time to hand the reins to someone else. Max will still be working for Red Hat, and even though he will no longer be head Fedora honcho, he'll still be involved with the project. But that's enough from us. Let Max tell it in his own words." [1] https://www.redhat.com/archives/fedora-marketing-list/2008-January/msg00209.html === Spinning a Fedora Linux Live CD === RahulSundaram reports in fedora-marketing-list[1], "The Fedora project has added a powerful tool to its Linux distribution to build your own live CD. With a single livecd-creator command and a kickstart file listing the software you want, you can create a desktop, gaming, or Web server to run live on most PCs. This article gives details of how to do that." [1] https://www.redhat.com/archives/fedora-marketing-list/2008-January/msg00194.html [[Anchor(Ambassadors)]] == Ambassadors == In this section, we cover Fedora Ambassadors Project. http://fedoraproject.org/wiki/Ambassadors Contributing Writer: JeffreyTadlock === Ambassador Needed for Florida Linux Show === A post the Fedora-Announce-List[1] was made asking for a Fedora Booth presence at the Florida Linux Show on February 11th, 2008. If there are any Ambassadors in the region, please check the Help Wanted: Events page [2] and add your name to the event. [1] https://www.redhat.com/archives/fedora-announce-list/2008-January/msg00011.html [2] http://fedoraproject.org/wiki/HelpWanted/Events === Ambassador Needed for Linux Fest Northwest === JesseKeating posted to the Ambassador's list [1] looking for Ambassadors to help staff a Fedora booth at Linux Fest Northwest. The event has been added to the Help Wanted: Events page [2]. If you can help, please add your name to the event. [1] https://www.redhat.com/archives/fedora-ambassadors-list/2008-January/msg00204.html [2] http://fedoraproject.org/wiki/HelpWanted/Events === FAmSCo Summary === The Fedora Ambassador Steering Committee held its first meeting since the initial meeting to elect a chairman of the committee. The following highlights some of FAmSCo's discussion on mailing lists and from that meeting. * In efforts to help keep fellow Ambassadors informed as to what FAmSCo is doing the committee will be communicating summaries of activites through the Fedora News project. * FAmSCo meetings have moved to the public #fedora-meeting channel. FAmSCo will be meeting every two weeks on Monday's at 20:00 UTC, with the next meeting being 2008-02-04. The Meetings page [1] will contain summaries of past meetings. * FAmSCo is discussing going back through the Ambassador Verification list [2] and following up with any Ambassadors who have not signed the CLA and offering to help with the process or removed the name from the list if needed. * FAmSCo is also discussing a better way to receive feedback from Ambassadors regarding events, Ambassador operations and more. Early discussions mention the possibility of a web form to simply using an email alias. [1] http://fedoraproject.org/wiki/Ambassadors/SteeringCommittee/Meetings [2] http://fedoraproject.org/wiki/Ambassadors/MembershipService/Verification [[Anchor(Developments)]] == Developments == In this section, we cover the problems/solutions, people/personalities, and ups/downs of the endless discussions on Fedora Developments. http://www.redhat.com/mailman/listinfo/fedora-devel-list Contributing Writer: OisinFeeley === YUM Proxy Cache Safety, Storage Backend === This week's Intensely Detailed Thread Prize has been awarded to the exchange started[1] by WarrenTogami concerning the best manner in which YUM and HTTP mirrors can handle proxy caches. Warren had received some interesting feedback from a ''squid''[2] developer, HenrikNordström and explained several ways in which caching proxies could cause YUM metadata to fall out of sync with the actual upstream RPM packages. The main conclusion seemed to be that it would be best to make the filenames of the repodata contain distinguishing information. Warren proposed several other ways relying on HTTP response headers as potential alternate solutions, including the use of ETags[2]. [1] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02361.html [2] http://httpd.apache.org/docs/2.2/mod/core.html#fileetag Warren's specific suggestion that the repodata filenames be modified to include timestamps was tempered by his worry that older clients unable to handle the renaming would hamper migration, but JesseKeating[3] and ChuckAnderson[4] did some testing and found that YUM was able to handle the situation as far back as "FC5, yum-2.6.1-0.fc5, ftp and http baseurls". [3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02362.html [4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02371.html JamesAntill threw an exception[5] when NicolasMailhot commented "I made the same analysis several months ago when I setup my own local mod_proxy cache. I'm glad to see Warren is getting through better than me at the time." James counterposed the relative success resulting from the method of flaming the "stupid yum developers" on @fedora-devel versus discussion on the IRC channels #yum, #yum-devel and the subsequent opening of bug reports and development. Nicolas responded that this was an example of shooting the messenger and that the problem had been reported many times. James' response was to cite[6] possible shortage of resources and to point out that SethVidal is usually very responsive when approached through the method which James had described. [5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02451.html [6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02459.html A very long and interesting sub-thread was opened[7] by LesMikesell who was interested in the divergent question of how it would be possible to change YUM so that non-cooperating users in the same netblock would be served files from the same local cache. [7] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02364.html There seemed to be general agreement that the transition to versioned filenames of repodata could work. AlanCox noted[8] that keeping two versions of the most up-to-date repodata, one with the newer filenaming scheme would cover the case of older, incompatible clients and new clients. JamesAntill suggested[9] that SHA1 sums be used instead of timestamps and that YUM would need to be modified to clean up metadata in /var/cache/yum. He also suggested that Warren should discuss the issue on #yum. [8] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02390.html [9] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02397.html === Disable SELinux To Use Revisor === A problem with running SELinux while attempting to run the FedoraUnity Project's ''revisor'' tool[1], for creating re-spins of Fedora, was brought[2] to the attention of the list by ValentTurkovic. Valent posted screenshots of AVC denials and suggested that the respective programming teams should sort out the problem. [1] http://revisor.fedoraunity.org/ [2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02094.html JohnDennis suggested that the actual alert could be saved from ''setroubleshoot'' and could then be entered into bugzilla instead of using a screenshot, but Valent responded[3] that the developers should just try and compose a respin with ''revisor'' and that this was typical of a pattern in Fedora: "looks like nobody actually does testing of these new features." A quick clarification was issued[4] by JefSpaleta to the effect that ''revisor'' was not used internally by the Fedora Project. CaseyDahlin pointed out that the ability to respin Fedora easily was being advertised and people expected it to work, to which JesseKeating responded[5] that '"We" cannot help what some other parts of the project choose to tout (:' [3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02099.html [4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02131.html [5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02134.html The core of the problem was outlined[6] by JefSpaleta when he explained that SELinux interacting with any chroot-like apparatus was a problem, and re-emphasized that Valent's apparent belief that Fedora release-engineering would have seen the problems was incorrect as ''revisor'' was not used internally. Jef also argued that while re-spin generation tools should issue alerts that SELinux should be disabled, they should not automatically disable SELinux. JesseKeating deepened[7] the explanation with the information that "installing a new policy in the chroot will actually cause that policy to activate on the running kernel and then you have policy that doesn't match labels, watch the fun!" and suggested that SELinux should be disabled entirely or at least put in permissive mode before trying to use chroot-dependent tools such as ''revisor'', ''pungi'' or ''livecd-creator''[8]. [6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02135.html [7] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02117.html [8] http://fedoraproject.org/wiki/FedoraLiveCD/LiveCDHowTo Valent returned to the attack (see FWN#116 "AVC:Denied {trolling} For PID=666 Comm={SELinuxRemove}"[9]) on SELinux leading JohnDennis to remind[10] him that he was free to disable it whenever he liked but that the goal of the Fedora Project was to "smooth out the bumps rather than disabling the technology." A brief response from Valent led DanWalsh to explain[11] the problem further and this resulted in opening up the thread to interesting, problem-solving contributions. Dan's take was that the chroot and the host both use the same kernel, so the loading of new SELinux policies _within_ the chroot actually affects the host kernel. Dan wondered whether the solution could be virtual machines, or getting the chroot to run a separate kernel, or tricking SELinux within a chroot into doing nothing. As part of the brainstorming TillMaas suggested[12] that separate xattr namespaces could be part of the solution. JamesMorris took up[13] the virtual machine idea and wondered if ''lguest'' would be suitable due to being scriptable and booting nearly instantaneously and DanielBerrange added[14] the suggestion that LVM snapshots would provide disposable disk-images which could be booted as guests. [9] http://fedoraproject.org/wiki/FWN/Issue116#head-9c5db4e29943d9f156002b24d7b01a6b2b0542cb [10] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02136.html [11] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02415.html [12] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02429.html [14] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02477.html JesseKeating played the role of realist and asked[15] for them to "get back to me when it works on x86_64, ppc, ppc64, ia64, s390, s390x, sparc, sparc64, arm, alpha..." DouglasMcClendon mentioned his ''qfakeroot'' scripts again and an interesting exchange occurred[16] which explored the speed of qemu, the flakiness of kqemu and the non-availability of qemu for PPC and an acknowledgment[17] that Douglas' ''qkfakeroot'' is "pretty cool" in its ability to eschew root privileges even if it takes too long to be used as a standard compose tool by Fedora release-engineering. [15] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02480.html [16] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02494.html [17] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02499.html Two separate threads later resulted from this and are covered in this same FWN#117 as "What Is A Fedora Developer?" and "SELinux And Chroot". === Long-term Support Release === The issue of whether it was possible to have a "long term support" release of Fedora was floated[1] by DavidMansfield. David's courteous post recognized that this might be mistaken for flame-bait and acknowledged that teampower might be a constraint. David explained[2] that the absence of many tools such as ''gnumeric'' and ''git'' and some of the "cool" tools from the livna and rpmforge repositories from CentOS/RHEL was a problem for him. [1] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02191.html [2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02195.html CaseyDahlin was the first of many to suggest[3] that David should take a look at the EPEL repositories. HorstvonBrand added[4] that the purpose of Fedora was to make obtaining freely distributable software easy and that this ruled out some of the programs in livna and rpmforge. [3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02196.html [4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02279.html AndrewFarris recalled[5] the now defunct FedoraLegacy project and a sub-thread exploring the problems of trying to maintain a long-term release evolved including a discussion of whether RHEL in conjunction with the EPEL repository was in effect "Fedora LTS". [5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02204.html [6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02308.html JefSpaleta welcomed[7] the idea of a "Fedora LTS" but cautioned that the idea seems to originate in Canonical's specific business model and that it is hard to see where this fits in to the Fedora space. His post was very encouraging but challenged proponents to expand upon a potential business plan. [7] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02212.html Discussion of whether FedoraLegacy actually failed, whether failure is actually beneficial and what was learned took up the remainder of the thread[8]. [8] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02392.html === F9 Alpha Spinning === Some figures for the sizes of ISOs for Fedora 9 Alpha spin were posted[1] by LukeMacken. Included was a diff between the F8-Live-i686 and F9-Alpha-Live-i686 Desktop spins. [1] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02574.html Suggestions were made[2] by HansdeGoede to reduce the size of the ISOs a little including splitting up ''gnome-games'' and perhaps removing ''httpd'' from the LiveCD. LubomirKundrak suggested that ''httpd'' was there because of WebDAV file sharing[3]. [2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02615.html [3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02619.html RahulSundaram wanted[4] to make sure that the latest content was going into the Games LiveCD and offered to keep it updated in livecd-tools. This led BillNottingham to query whether keeping the contributed spin configs in ''livecd-tools'' itself and ColinWalters suggested[5] keeping them in the same CVS directory as comps. [4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02629.html [5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02641.html SzabolcsSzakacsits took pains to emphasize[6] that the apparent growth of ''ntfs-3g'' did not take into account that ntfs-3g changes had enabled the removal of ''fuse'' and a consequent overall decrease of 109MB. KevinKofler did not approve of some of the changes as he claimed that they essentially created a static copy of fuse into ntfs-3g. [6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02677.html [7] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02689.html === SELinux And Chroot === As a result of the discussions over how to improve the interaction between chroots and SELinux JamesMorris created a bugzilla[1] entry and requested that concerned parties add requirements. He noted[2] that a related issue under discussion was the distribution of policy when the host and target have differing policies. [1] https://bugzilla.redhat.com/show_bug.cgi?id=430075 [2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02403.html === Fedora 9 For Asus Eeepc === The lucky OrionPoplawski had been playing around with a new toy in the form of the ultra-portable Asus Eee PC and reported[1] that he had encountered issues with the ethernet adapter (Attansic Tech L2 100Mbit), the wireless adapter (Atheros AR5007EG) and the Flash RAM harddrive. [1] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02645.html ColinWalters suggested that as Orion wanted to minimize writes to the flash drive (as there are a limited number) it would make sense to make the filesystem read-only, in effect creating a "Live OS" on it with the exception of /home which would be stored on an SD card. [2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02646.html The use of ''jffs2'' was recommended[3] by JohnPalmieri on the basis of its use in the OLPC. John added that modern flash used "randomized writes" (presumably wear-leveling) and thus was less likely to see the problems encountered with journal writing in ext3 filesystems or FAT on the older hardware. He suggested also eliminating any /swap partition and looking out for a new FS which was reputed to be better for large flash drives. Some doubt was cast on this by JonathanUnderwood as apparently the drives do not appear as flash to the OS. [3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02649.html [4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02653.html JoshBoyer and RubenKerkhof suggested that the ''logfs'' and ''ubifs'' filesystems might be what John was thinking about. Josh thought that the wear-leveling was done by a controller and not the actual flash chip. [6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02660.html === BIND: Less Restrictive Modes And Policy === An announcement of a major revision of BIND file modes was made[1] by AdamTkac. Adam proposed that only ''/etc/rndc.key'' and ''/var/log/named.log'' should be restricted to the root user and that other binaries should be readable by non-root users. He also proposed that the ''/var/named/*'' subtree would be writable by ''named''. Adam sought objections. [1] https://www.redhat.com/archives/fedora-devel-list/2008-January/thread.html#02499 SteveGrubb wondered[2] which other users would be expected to share a DNS server and pointed out that it was "a high value target for hackers". [2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02019.html EnricoScholz suggested[3] that only the ''slaves/'' and ''data/'' directories had to be writable, but that ''pz/'' and other parts of the chrooted filesystem used by named had to be read-only. AndrewFarris wondered why and ManuelWolfshant recalled[4] BIND's past history of providing a remote root. He also stated a preference for the general principle of granting the minimal rights necessary. After Enrico confirmed this AdamTkac explained[5] that /var/named was supposed to be writable by design. [3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02073.html [4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02080.html [5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02127.html A later comment mentioned[6] that there was a problem with coredumps and in discussion with ChuckAnderson Adam cited a bugzilla entry which documents the problem. [6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02123.html === What Is A Fedora Developer? === Several hours after the extensive discussions[1] of the need to disable SELinux while using chroot-dependent compose tools ValentTurkovic initiated[2] another thread about using ''revisor'' in which he asked for guidance as to whether he was encountering bugs or making usage errors. [1] FWN#117 "Disable SELinux To Use Revisor" [2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02156.html This thread had the potential to turn sour shortly after Valent was advised[3][4] by several people that the FedoraUnity project were the experts on ''revisor'' and Valent responded[5] by echoing the comment made[6] (and answered!) previously in the earlier thread in which he had been involved. Namely he claimed that "I thought since I'm using a really loudly advertised fedora feature, and config files which all of them are provided from fedora and not some 3rd party that this is the correct list." [3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02160.html [4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02163.html [5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02166.html [6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02133.html JesseKeating responded[7] calmly with the question "You are aware that the vast majority of software in Fedora is developed and discussed at their respective upstream locations, right?" JefSpaleta produced[8] one of his typically insightful explicatory posts in which he drew a distinction between upstream developers who contribute to Fedora and "Fedora developers" who produce infrastructure which allows the Fedora Project to be a conduit between users and upstream projects. [7] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02167.html [8] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02165.html === Erratum === In FWN#114 "SELinux Rants"[1] we mentioned that the copying of directories using ''tar'' should be done with the "--xattrs" option in order to preserve the context labels. DavidHighley subsequently contacted us to report that he had experienced problems using this method. David later helpfully reported that ''tar-1.17-5.fc8'', which is available as an update appears to fix[2] the apparently broken storage of SELinux and extended attributes which David was reporting. Thanks to David for the follow-up on this issue. [1] http://fedoraproject.org/wiki/FWN/Issue114#head-9aa83fad0c280fb44728ecae1f51900c5f9a014a [2] https://admin.fedoraproject.org/updates/F8/FEDORA-2007-4400 [[Anchor(AdvisoryBoard)]] == Advisory Board == In this section, we cover discussion in Fedora Advisory Board. https://www.redhat.com/mailman/listinfo/fedora-advisory-board Contributing Writer: MichaelLarabel === Requests To The Fedora Board === RahulSundaram has made five requests on the fedora-advisory-board list[1]. These requests come down to logistics with such appeals as posting an agenda prior to each meeting, posting the meeting minutes more promptly, and differing opinions on community board member nominees. The message with responses can be read on the mailing list[2]. [1] https://www.redhat.com/mailman/listinfo/fedora-advisory-board [2] https://www.redhat.com/archives/fedora-advisory-board/2008-January/msg00252.html === Fedora 7 Unity Re-Spin === For those not yet ready to upgrade to Fedora 8, the Fedora Unity[1] project has released updated spins of Fedora 7. These new ISOs contain all of the Fedora 7 updates as of January 18. The announcement and download links can be found on the fedora-advisory-board list[2]. [1] http://fedoraunity.org/ [2] https://www.redhat.com/archives/fedora-advisory-board/2008-January/msg00245.html [[Anchor(Documentation)]] == Documentation == In this section, we cover the Fedora Documentation Project. http://fedoraproject.org/wiki/DocsProject Contributing Writer: JohnBabich === Works in Progress === Work continues on the Desktop User Guide (DUG) and the Administration Guide (AG). The goal is to include both guides in the official Fedora 9 release. === Release Notes Summary === KarstenWade proposed a canonical release summary [1]. "We can use clever ...Include... statements that draw only specific parts, so each 'mirror' of the canonical summary can show the most appropriate fragment. Anyone interested in doing this work? It involves: * Working out a single canonical location from amongst the several Releases / # / Release Summary, Docs / Beats / Over View, Press release needs (more lightweight), etc. * Define a format for that page so that it can be fragmented (if needed) for different summaries * Write up a process for jamming all that together * Publicize/evangelize" JonathanRoberts agreed [2] and cited the KDE Project as doing an excellent job in this regard. RahulSundaram [3] concluded: "As the person behind both of these documents, let me note that release notes overview was meant to be more technical while the release summary was born out of an earlier effort to do press releases via the community. Also due to general lack of contributions (even though Jonathan Roberts and others did help for Fedora 8), the time taken to write a proper release summary was almost an entire night last time and that too way later than the release notes string freeze. We need to decide whether the overview in release notes can be the kind of content that release summary currently is. If that is preferred, let me know and I will do that from Fedora 9 onwards. I wouldn't mind more people helping out either." [1] http://www.redhat.com/archives/fedora-docs-list/2008-January/msg00185.html [2] http://www.redhat.com/archives/fedora-docs-list/2008-January/msg00187.html [3] http://www.redhat.com/archives/fedora-docs-list/2008-January/msg00207.html [[Anchor(Infrastructure)]] == Infrastructure == In this section, we cover the Fedora Infrastructure Project. http://fedoraproject.org/wiki/Infrastructure Contributing Writer: HuzaifaSidhpurwala === Continuing issues with xen === MikeMcGrath reports [1], xen1 started exhibiting these issues when we moved from FC6 to RHEL5 GA. It was assumed to be hardware issue because of how sporatic the issues were and because we actually do have RHEL5 on other xen hosts. The iscsi issue may or may not be a red herring but some of the reports listed in the ticket suggests a kernel / poweredge bug that we may be hitting. We had moved all non-redundant guests off of xen1 onto the more stable xen2 box. After upgrading xen2 to RHEL5 we started seeing the same problems with it. There's a few things we can try, Mike will be doing so on xen1 with proxy4 as our test host since its competely redundant and has, in the past, crashed that box. In the future though they should all be in similar specs (1U box, 8 core 16-32G memory) [1] https://www.redhat.com/archives/fedora-infrastructure-list/2008-January/msg00093.html === Some Network issues affecting fedora servers === MikeMcGrath reports [1], Seems a link between AT&T and level3 was down. Mike was monitoring the situation but there's little we can do about it right now. The link came back after some time. [1] https://www.redhat.com/archives/fedora-infrastructure-list/2008-January/msg00105.html [[Anchor(SecurityWeek)]] == Security Week == In this section, we highlight the security stories from the week in Fedora. Contributing Writer: JoshBressers === Enterprise-grade Linux: Five network security FOSS apps === iTWire has a story detailing five open source security applications: http://www.itwire.com/content/view/16246/1141/1/0/ As more security applications are gobbled up by large firms, open source projects gain a unique advantage. Anytime an organization needs to make money, they are willing to draw a gray line with respect to their ethics. As most open source projects don't rely on corporate funding, they can be more strict with respect to what they call malware. It is quite likely that as the volume of malware increases, this advantage will become more clear. === Growing virus production taxes security firms === The Register points out the current problem with growing malware trends: http://www.theregister.co.uk/2008/01/25/malware_surge/ The rate at which malware is growing is quite alarming. If this trend continues it will become impossible for anti virus firms to keep ahead of the wave. The current attitude toward malware is to take a very reactive approach. Most groups don't focus on stopping the cause of problems, but rather treating the symptoms. While there is certainly a great deal of money to be made in treating symptoms, the well is going to dry up eventually. [[Anchor(SecurityAdvisories)]] == Security Advisories == In this section, we cover Security Advisories from fedora-package-announce. https://www.redhat.com/mailman/listinfo/fedora-package-announce Contributing Writer: ThomasChung === Fedora 8 Security Advisories === * xorg-x11-server-1.3.0.0-39.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00641.html * libXfont-1.3.1-2.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00674.html * hsqldb-1.8.0.8-1jpp.5.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00678.html * mantis-1.1.1-1.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00734.html * clamav-0.92-6.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00740.html * bind-9.5.0-23.b1.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00781.html * xorg-x11-server-1.3.0.0-40.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00811.html * kernel-2.6.23.14-107.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00828.html * pulseaudio-0.9.8-5.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00852.html * icu-3.8-5.fc8 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00896.html === Fedora 7 Security Advisories === * clamav-0.92-6.fc7 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00644.html * mantis-1.1.1-1.fc7 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00676.html * xorg-x11-server-1.3.0.0-15.fc7 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00704.html * hsqldb-1.8.0.8-1jpp.5.fc7 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00753.html * boost-1.33.1-15.fc7 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00760.html * libXfont-1.2.9-3.fc7 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00771.html * bind-9.4.2-3.fc7 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00782.html * xorg-x11-server-1.3.0.0-16.fc7 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00841.html * pulseaudio-0.9.6-2.fc7.1 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00869.html * icu-3.6-20.fc7 - https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00921.html [[Anchor(EventsMeetings)]] == Events and Meetings == In this section, we cover event reports and meeting summaries from various Projects and SIGs. Contributing Writer: ThomasChung === Fedora Board Meeting Minutes 2008-01-22 === * https://www.redhat.com/archives/fedora-advisory-board/2008-January/msg00251.html === Fedora Ambassadors Steering Committee Meeting 2008-01-21 === * http://fedoraproject.org/wiki/Ambassadors/SteeringCommittee/Meetings/2008-01-21 === Fedora Documentation Steering Committee (Log) 2008-01-22 === * http://www.redhat.com/archives/fedora-docs-list/2008-January/msg00172.html === Fedora Engineering Steering Committee Meeting 2008-01-24 === * https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02469.html === Fedora Infrastructure Meeting (Log) 2008-01-24 === * https://www.redhat.com/archives/fedora-infrastructure-list/2008-January/msg00108.html === Fedora Release Engineering Meeting 2008-01-21 === * https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02074.html === Fedora Testing (BugZappers) Meeting 2008-01-02 === * https://www.redhat.com/archives/fedora-test-list/2008-January/msg00429.html === Fedora SIG EPEL Meeting Week 04/2008 === * https://www.redhat.com/archives/epel-devel-list/2008-January/msg00165.html === Fedora SIG KDE Meeting Week 04/2008 === * https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02219.html [[Anchor(AskFedora)]] == Ask Fedora == In this section, we answer general questions from Fedora community. Send your questions to askfedora AT fedoraproject.org and Fedora News Team will bring you answers from the Fedora Developers and Contributors to selected number of questions every week as part of our weekly news report. Please indicate if you do not wish your name and/or email address to be published. http://fedoraproject.org/wiki/AskFedora Contributing Writer: RahulSundaram === Fedora on Older Hardware === Robert Myers <mystinar@xxxxxxxxxxx>: In the development of Fedora 9, is there any work being done to improve it's performance on older hardware? If so, will the performance increases be noticeable on, say, a 450mhz Pentium III with 256 megabytes of RAM? --- The major features for Fedora 9 are listed at http://fedoraproject.org/wiki/Releases/9/FeatureList. While there isn't any special focus in Fedora 9 to make it work on older hardware, we typically inherit a number of performance improvements from the upstream projects that we integrate, including many key projects where Fedora developers are major contributors. As an exmaple, OLPC (One Laptop Per Child) project is based on Fedora, and since OLPC is a resource constrained environment, our participation results in improvements that make it easier and more efficient to run on older hardware. * http://fedoraproject.org/wiki/OLPC To add to that, there are a couple of Fedora spins developed currently that target older hardware or low resource systems in which you might be interested. * http://fedoraproject.org/wiki/ChristophWickert/FedoraLite * http://fedoraproject.org/wiki/RahulSundaram/XfceLive === OEM Installation === Shannon Mendenhall <mendenhall.shannon@xxxxxxxxxxx:I was wondering when or if you are going to include a OEM install in your next version (fedora 9). I was hoping so it would make it easier for OEM builders to leave the client to set up there time zone, user name, password, ect... thanks, I look forward to hearing your reply. --- Actually, we've had this feature since the first version of Fedora. Refer to http://fedoraproject.org/wiki/FirstBoot Also, Fedora provides a number of sophisticated and easy to use tools to make further customizations. Take a look at http://fedoraproject.org/wiki/CustomSpins === Compiling Kernel === Sd <elesar@xxxxxxxxxxxxxxxx>: How I can compile your kernel? Where I got kernel-source? --- An easy question, thanks to the nice documentation at http://fedoraproject.org/wiki/Docs/CustomKernel. Note that this is already referenced from the release notes at http://docs.fedoraproject.org/release-notes/f8/en_US/sn-Kernel.html === Bluetooth and Multimedia Keys === Zlatko (Email withheld on request) First of all, I would like to thank You for Fedora 8. I'm using Fedora since first edition, and now, I can say that Fedora is highly improved, and can be used almost for everything. I'm using Fedora on my laptop exclusively for business purposes, and also I'm using Fedora on my desktop computer at my home for watching TV, watching DVD, playing various games, Internet surfing, and so on, and everything is working OK. But, there is a slight problem in using fedora on my laptop. So, on to the problem... :-) My integrated bluetooth wont work, unless I do the following: 1. I start laptop with Windows Vista 2. I restart from Vista to Fedora Each time I do this, bluetooth works fine. But, if I turn off computer, and start it again directly to Fedora, bluetooth wont work, and system wont recognize any bluetooth device. I have described this problem on Fedora forum, also, but nobody answered my question so far, even I have posted that post month ago. Here is the link to that post: http://forums.fedoraforum.org/forum/showthread.php?t=172988 And also, if I may ask, is there a plan to support so-called "Fn" functions? For example, on my Toshiba Satellite P200-10C, when I press "Fn + F8" I should be able to activate/deactivate wireless/bluetooth, but instead, nothing happens. I surely hope that You will consider these questions, and help small users such as I am... :-) Thanks in advance... --- Another user asks a similar question Yuan Yijun <bbbush.yuan@xxxxxxxxx>: I use a Dell 640m which have some external "multimedia button" to control music volume. And I used to close the lid while playing some background music. When the lid is closed, these buttons are not functional at all, so I cannot mute it without open the lid && login (because of gnome-screensaver). How to make them work? Thanks! --- The bluetooth issue as well as multimedia keys not working on your laptops out of the box appear to be bugs/enhancement requests that can reported directly to http://bugzilla.redhat.com. We are continuously enhancing Fedora to support components like Bluetooth and multimedia keys to work better, and we appreciate your feedback. Use the following references: * http://fedoraproject.org/wiki/BugsAndFeatureRequests * http://people.freedesktop.org/~hughsient/quirk/ === Prayer Time for Fedora === Riam budhi <riam_3000@xxxxxxxxxxx>: I wanted to ask you, where is I can download prayer time ( I am muslim)? --- Unfortunately, this software isn't available in the Fedora repository yet and I couldn't locate any good alternatives. This is now a opportunity for you to be a contributor to Fedora and maintain the software in the Fedora repository. Refer to * http://fedoraproject.org/wiki/PackageMaintainers/Join -- Thomas Chung http://fedoraproject.org/wiki/ThomasChung -- fedora-announce-list mailing list fedora-announce-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-announce-list