Fedora Weekly News #162

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



                      Fedora Weekly News Issue 162

Welcome to Fedora Weekly News Issue 162 for the week ending February
8th, 2009.

http://fedoraproject.org/wiki/FWN/Issue162

This week we're happy to announce the return of several beats: Marketing
reports on following Fedora activity via Twitter; Ambassadors tantalizes
with some Fedora polo shirts and the news that "North American
Ambassadors Take Reins of XO Program"; Infrastructure notes a possible
"Public Calendaring System" for the community; SecurityWeek shares an
xkcd comic in "Encryption Security". Announcements highlights the
K12Linux Fedora 10 Live Server in "Technical Announcements",
PlanetFedora rounds up a lot of must-read blogs, Developments clarifies
that "Fedora 11 Will Support i586 Instruction Set", Translation links to
the "L10n Infrastructure Roadmap Proposal", Artwork suggests some
"Context Free Art", SecurityAdvisories lists packages you really, really
want, Virtualization defies easy summary but one exciting tidbit is
"Merging KVM and Qemu Packages", and finally we have another AskFedora
concerning the possibility of a "Standardized Package Format".

If you are interested in contributing to Fedora Weekly News, please see
our 'join' page[1]. We welcome reader feedback:
fedora-news-list@xxxxxxxxxx

FWN Editorial Team: Pascal Calarco, Oisin Feeley, Huzaifa Sidhpurwala

[1] http://fedoraproject.org/wiki/NewsProject/Join 

		Contents
    Fedora Weekly News Issue 162
        1.1 Announcements
              1.1.1 Fedora 11 Alpha
              1.1.2 Technical Announcements
              1.1.3 Upcoming Events
        1.2 Planet Fedora
              1.2.1 General
              1.2.2 FOSDEM 2009
        1.3 Marketing
              1.3.1 Draft Fedora 11 Schedule
              1.3.2 Fedora Twitters
              1.3.3 Fedora 11 Alpha Ships with Windows Cross Compiler
        1.4 Ambassadors
              1.4.1 North American Ambassadors Take Reins of XO Program
              1.4.2 North America Polo Shirt Order
              1.4.3 FAD SCaLE coming up 2009-02-20
              1.4.4 Got Ambassador News?
        1.5 Developments
              1.5.1 Fedora 11 Alpha Released
              1.5.2 Fedora 11 Will Support i586 Instruction Set
              1.5.3 RFC: Power Management
              1.5.4 Rawhide Report 2009-02-07
              1.5.5 New module-init-tools Uses Binary
              modules.dep|alias|symbols
              1.5.6 New Georgian Fonts Packaged Rapidly
              1.5.7 Distro-agnostic /boot Metadata Standard ?
              1.5.8 GCC-4.4 Mass Rebuild Successful
              1.5.9 Help Rel-eng Accelerate Updates Processing
        1.6 Translation
              1.6.1 Fedora 10 Release Notes Updated
              1.6.2 L10n Infrastructure Roadmap Proposal
        1.7 Infrastructure
              1.7.1 CSI (Security Policy) Help
              1.7.2 Public Calendaring System
        1.8 Artwork
              1.8.1 Echo Monthly News
              1.8.2 Context Free Art
        1.9 Security Week
              1.9.1 Encryption Security
              1.9.2 Running Things as root is a Bad Idea
        1.10 Security Advisories
              1.10.1 Fedora 10 Security Advisories
              1.10.2 Fedora 9 Security Advisories
        1.11 Virtualization
              1.11.1 Enterprise Management Tools List
                  1.11.1.1 virt-manager and QEMU Disk Polling Logs
                  1.11.1.2 virt-viewer Persistance Through Guest Reboots
                  1.11.1.3 virt-install Wait Indefinitely for Windows
                  Guests
              1.11.2 Fedora Virtualization List
                  1.11.2.1 Fedora Virt Status Update
                  1.11.2.2 Merging KVM and QEMU Packages
              1.11.3 Fedora Xen List
                  1.11.3.1 bzImage Dom0 Support in Rawhide Xen
                  1.11.3.2 Test Dom0 Xen Kernel RPM Available
              1.11.4 Libvirt List
                  1.11.4.1 Fix for Fallout From Failed QEMU Guest Starts
                  1.11.4.2 sVirt Patches to Merge in libvirt
                  1.11.4.3 Manage iptables with libvirt
        1.12 Ask Fedora
              1.12.1 Standardized Package Format

== Announcements ==

In this section, we cover announcements from the Fedora Project.

http://www.redhat.com/archives/fedora-announce-list/

http://www.redhat.com/archives/fedora-devel-announce/

Contributing Writer: Max Spevack

=== Fedora 11 Alpha ===

JesseKeating announced[1] the release of Fedora 11 Alpha. The release is
available at http://get.fedoraproject.org and includes MinGW (for
Windows cross-compiling), the ext4 filesystem, GNOME 2.26, KDE 4.2.0,
and XFCE 4.6 Beta.

Furthermore, James Laska informed[2]the community about a Fedora Test
Day focused on ext4.

=== Technical Announcements ===

Martin Sourada published[3] the latest issue of Echo Monthly News.

Warren Togami announced[4] "the release of K12Linux F10 Live Server.
K12Linux is Linux Terminal Server Project (LTSP.org) integrated with
Fedora 10, in a convenient LiveUSB or DVD media installer." The release
inclues auto-configuration of diskless thin clients, sound forwarding
over the network via PulseAudio, and more.

All package maintainers should read the updated[5] package update
guidelines[6], as announced by Mark McLoughlin.

=== Upcoming Events ===

Fedora will have a presence at several events in the next few weeks.
Feel free to join us,

February 20 - 22: Southern California Linux Expo (SCALE)[7][8]

Also, people are encouraged to register for Fedora or JBoss.org related
speaking slots at LinuxTag 2009.[9]

   1. ↑
   http://www.redhat.com/archives/fedora-announce-list/2009-February/msg00004.html
   2. ↑
   http://www.redhat.com/archives/fedora-devel-announce/2009-February/msg00003.html
   3. ↑
   https://fedorahosted.org/echo-icon-theme/wiki/MonthlyNews/Issue6
   4. ↑
   http://www.redhat.com/archives/fedora-announce-list/2009-February/msg00002.html
   5. ↑
   http://www.redhat.com/archives/fedora-devel-announce/2009-February/msg00004.html
   6. ↑
   https://fedoraproject.org/wiki/PackageMaintainers/Package_update_guidelines
   7. ↑ http://fedoraproject.org/wiki/SCALE7X_Event
   8. ↑
   https://fedoraproject.org/wiki/Fedora_Activity_Day_at_SCaLE_7x
   9. ↑ http://fedoraproject.org/wiki/LinuxTag_2009_talks

== Planet Fedora ==

In this section, we cover the highlights of Planet Fedora - an
aggregation of blogs from Fedora contributors worldwide.

http://planet.fedoraproject.org

Contributing Writer: Adam Batkin

=== General ===

Paul W. Frields announced[1] the Fedora 11 Alpha, as well as an
explanation of why Alpha releases exist and how you can get a sneak-peek
at what will be in the next release while helping Fedora improve.

Chris Brown wrote[2] about some of the other features that may make an
appearance in F11.

Dwayne Bailey developed[3] a system to manage the localization of
software and integrated[4] it with some existing libraries to produce
Virtaal[5].

Gary Benson continued[6] his excellent series "Inside Zero and Shark", a
must-read for anyone interested in virtual machines or Java internals.

Dave Jones explained[7] the status of Dracut, "the shiny new initramfs
creation tool."

Chris Tyler wrote[8],[9] [10] about getting a multiseat system set up
using a single computer and dual ATI R710 video cards. In the latest
installment the ATI setup was compared[11] to a similar configuration
using Dual NVIDIA 9800GTX and various driver combinations.

Steven Moix benchmarked[12],[13] the performance of Solid State Disks
using various I/O schedulers running on Fedora 10.

Tim Waugh showed off[14] the eye candy of system-config-printer that can
be expected in Fedora 11.

Adrian Likins pondered[15] the availability of "a mailing list summary
page. The page would scan the mailing lists, and post the content most
likely to need attention." Fedora Weekly News?

Michael DeHaan shared[16] an essay, "Lessons Learned From OSS Software
Development".

Tim Waugh described[17] "How I use git" which shows some useful tips and
tricks.

Venkatesh Hariharan wrote[18] a draft FOSS manifesto for Indian
political parties, which could actually be valuable for any country in
the world.

   1. ↑ http://marilyn.frields.org:8080/~paul/wordpress/?p=1467
   2. ↑ http://www.chruz.com/2009/02/07/icantbelieveitsnotbtr/
   3. ↑
   http://www.translate.org.za/blogs/dwayne/en/content/localisation-information-language-preventing-mistakes-and-increasing-richness-localisation
   4. ↑
   http://www.translate.org.za/blogs/dwayne/en/content/libtranslate-tm-plugins-and-virtaal
   5. ↑ http://virtaal.org/
   6. ↑ http://gbenson.net/?p=124
   7. ↑ http://www.codemonkey.org.uk/2009/02/02/dracut-status/
   8. ↑
   http://blog.chris.tylers.info/index.php?/archives/180-Multiseat-on-Dual-ATI-R710s-So-close!.html
   9. ↑
   http://blog.chris.tylers.info/index.php?/archives/181-Multiseat-radeonhd.html
  10. ↑
  http://blog.chris.tylers.info/index.php?/archives/182-Multiseat-on-Dual-ATI-R710s-Working.html
  11. ↑
  http://blog.chris.tylers.info/index.php?/archives/184-Multiseat-on-Dual-ATI-and-Dual-NVIDIA.html
  12. ↑
  http://www.alphatek.info/2009/02/02/ssd-performance-vs-linux-kernel-io-scheduler-in-fedora-10/
  13. ↑
  http://www.alphatek.info/2009/02/02/io-scheduler-and-ssd-part-2/
  14. ↑
  http://cyberelk.net/tim/2009/02/03/screenshots-system-config-printer-11/
  15. ↑ http://adrianlikins.com/?p=481
  16. ↑ http://www.michaeldehaan.net/?p=853
  17. ↑ http://cyberelk.net/tim/2009/02/04/how-i-use-git/
  18. ↑
  http://osindia.blogspot.com/2009/02/draft-foss-manifesto-for-indian.html

=== FOSDEM 2009 ===

So many people have written about attending FOSDEM that it would take an
entire issue of FWN post all of the links. Instead an arbitrarily
selection will be randomly chosen.

Pierros Papadeas took[1] a nice set of photos including some general
shots of Brussels.

Joerg Simon got[2] some shots of the Fedora booth.

   1. ↑
   http://digitaurora.blogspot.com/2009/02/fosdem-2009-day-zero.html
   2. ↑
   http://kitall.blogspot.com/2009/02/fosdem-impressions-day1.html

== Marketing ==

In this section, we cover the Fedora Marketing Project.

http://fedoraproject.org/wiki/Marketing

Contributing Writer: Kam Salisbury

=== Draft Fedora 11 Schedule ===

The draft Fedora 11 schedule was made[1] available on the wiki by
Jonathon Roberts. Now is as good as a time as any to get involved with
Fedora Marketing by reviewing the goals of Fedora Marketing[2] and then
joining[3].

   1. ↑
   http://fedoraproject.org/wiki/User:Jonrob/MarketingSchedule
   2. ↑ http://fedoraproject.org/wiki/Marketing/
   3. ↑ http://fedoraproject.org/wiki/Marketing/Join

=== Fedora Twitters ===

You can now follow most major Fedora announcements via Twitter. Just
choose to follow fedora_linux[1] from your Twitter account. Alternately,
you can choose to follow Fedora Linux major news announcements via
RSS[2]. Twitter[3] provides a social network tied together via 140
character status messages.

   1. ↑ http://twitter.com/fedora_linux
   2. ↑ http://twitter.com/statuses/friends_timeline/16598186.rss
   3. ↑ http://twitter.com/about#about

=== Fedora 11 Alpha Ships with Windows Cross Compiler ===

Fedora 11 now includes the Windows cross compiler MinGW[1], a
development environment for Fedora users who want to save time and
duplication of effort by cross-compiling their programs to run on
Windows without actually having to use Windows during development.

   1. ↑ http://www.mingw.org/

== Ambassadors ==

In this section, we cover Fedora Ambassadors Project.

http://fedoraproject.org/wiki/Ambassadors

Contributing Writer: Larry Cafiero

=== North American Ambassadors Take Reins of XO Program ===

During the week following FUDcon, it was suggested that the Fedora
Ambassadors in North America run the NA Developer XO program for an
initial period of 6 months.

The reasons for Ambassadors taking the reins on this project are:

    * Ambassadors can help the NA Developer XO program by seeking help,
    freeing up developers already involved to concentrate on their work.
    * The Ambassadors are already in place, going to every major event
    and tons of minor events recruiting contributors to Fedora.
    * Ambassadors have had some moderate success getting people involved
    with both Fedora and OLPC/Sugar. 

OLPC decided to take the Ambassadors up on the offer and shipped 100 XOs
to the FAmNA.

Guidelines have been set - subject to the guidance of the OLPC SIG --
and the wiki, which has just been started and is in the process of
refining, can be found here:

http://fedoraproject.org/wiki/Fedora_developers_XO_program

Essentially the bar that has been set is:

    * Maintain a sugar-* package in Fedora and agree to maintain it for
    two releases. Alternately maintain a package that was in OLPC4 and
    has been merged.
    * Develop a Sugar activity. To keep this in focus I have adopted
    Greg Dekoenigsberg's 'holy list of 4th grade math lessons' as
    acceptable activities: 

http://sugarlabs.org/go/User:Gdk/4th_Grade_Maths

    * QA (well not really): While FAmNA isn't actively looking for QA
    help, but if someone with extensive QA experience and lots of time
    presents itself we won't pass it up. 

=== North America Polo Shirt Order ===

Pascal Calarco has initiated another round of ordering for Ambassador
Polos for North American Ambassadors as announced on the Fedora
Ambassador mailing list. There is also additional information here:

http://fedoraproject.org/wiki/Fedora_Ambassadors_North_America_(FAMNA)#Fedora_Ambassador_Polo_Shirts_for_FAMNA

=== FAD SCaLE coming up 2009-02-20 ===

The Fedora Activity Day[1] at the Southern California Linux Expo
(SCaLE)[2] will be from 9am - 6pm on Friday, February 20th at the Westin
Airport Los Angeles, in Los Angeles, California. There will be breaks
and such, but the FAD will be treated much like a sprint. We're here to
get something accomplished -- specifically font packaging and
documentation -- so come on by and help us out for an hour or all day.
We'd love to have you there!

Also, if you can make SCaLE from the Southern California area, stop by
the Fedora booth.

   1. ↑
   http://fedoraproject.org/wiki/Fedora_Activity_Day_at_SCaLE_7x
   2. ↑ http://scale7x.socallinuxexpo.org/

=== Got Ambassador News? ===

Any Ambassador news tips from around the Fedora community can be
submitted to me by e-mailing lcafiero-AT-fedoraproject-DOT-org and I'd
be glad to put it in this weekly report.

== Developments ==

In this section the people, personalities and debates on the
@fedora-devel mailing list are summarized.

Contributing Writer: Oisin Feeley

=== Fedora 11 Alpha Released ===

Jesse Keating announced[1] the availability of Fedora 11 Alpha on
2009-02-05. His beautiful poetry was accompanied by a suggestion to read
the Release Notes[2].

One change which drew[3] extensive commentary on @fedora-test was the
default disabling of the Ctrl-Alt-Backspace key combination. This
traditionally kills the X server and to regain the usual behavior it is
necessary to create an Xorg.conf file (these no longer exist by default
either) and add the line Option "DontZap" "false" to it.

   1. ↑
   http://www.redhat.com/archives/fedora-announce-list/2009-February/msg00004.html
   2. ↑
   http://fedoraproject.org/wiki/Fedora_11_Alpha_release_notes
   3. ↑
   http://www.redhat.com/archives/fedora-test-list/2009-February/msg00118.html

=== Fedora 11 Will Support i586 Instruction Set ===

Last week (FWN#161[1]) we reported on a proposal to cease building
Fedora 11 for the i586 CPU instruction set. FESCo had delayed its
decision in order to discuss the matter further. The issue was
addressed[2] on 2009-02-05 with the outcome that a proposal by Dennis
Gilmore to continue supporting i586 for the duration of Fedora 11 but to
transition to i686 for Fedora 12 was supported.

Prior to the meeting Warren Togami summed up[3] the advice of Jakub
Jelínek as: "Jakub recommends i586.rpm for Fedora 11, because it doesn't
gain us much of anything to go with i686 minimum. The benefits of i586
to i686 are simply not important because cmov is usually not a
worthwhile optimization on ia32."

An interesting suggestion by Adam Jackson was[4][5] that if there is a
committed user-base of i586 users they could probably support it in the
Secondary Architecture (see FWN#92[6]) infrastructure.

Ulrich Drepper and Dominik Mierzejewski debated[7] whether the use of
cmov can in some circumstances cause performance degradation.

It is unclear exactly what performance benefits could be obtained by
passing various architecture-specific flag combinations to GCC but it
does seem that the burden of building and maintenance will be eased
significantly by these changes. As a related change[8] x86_64 kernels
will be installed with a 32-bit userspace.

   1. ↑
   http://fedoraproject.org/wiki/FWN/LatestIssue#Dropping_Support_for_i586_Architecture_.3F
   2. ↑
   http://bpepple.fedorapeople.org/fesco/FESCo-2009-02-05.html
   3. ↑
   http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00200.html
   4. ↑
   http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00282.html
   5. ↑
   http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00407.html
   6. ↑
   http://fedoraproject.org/wiki/FWN/Issue92#Secondary_Arch_Proposal_Cont.
   7. ↑
   http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00240.html
   8. ↑
   http://bpepple.fedorapeople.org/fesco/FESCo-2009-02-05.html

=== RFC: Power Management ===

Phil Knirsch initiated[1] a discussion of attempts to decrease power
consumption especially in userland. A wiki page[2] reflects some of the
research Phil has pulled together.

Richard Hughes pointed[3] out some interesting work on DeviceKit-power
where he built on powertop. Olivier Galibert raised[4] a possible
problem with Richard's use of D-Bus itself causing wakeups, but
according to Colin Walters a patch existed[5] to fix this problem.

Many of the items suggested in Phil's page for documentation were
suggested by Bill Nottingham as desiderata for defaults. While Phil
agreed[6] in general he itemized some of the problems. These include
problems with network interfaces and hard-disk spindowns which may be
approachable as a result of a tuned daemon on which Phil is working.

An addendum of audio hardware power-saving was made by Eric Sandeen
along with a list of bugs which led[7] Phil to wonder if a tracker bug
to collate all the information would be useful.

Matthew Garrett expressed[8] some worries that hard-disk power-saving
would cause physical wear and the relatime patches to work around
over-aggressive deletion of content in /tmp would continue to be
stalled.

The importance of separating out KDE and GNOME dependent features was
noted[9] by Kevin Kofler.

   1. ↑
   http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00365.html
   2. ↑ http://fedoraproject.org/wiki/Features/PowerManagement
   3. ↑
   http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00376.html
   4. ↑
   http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00430.html
   5. ↑
   http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00642.html
   6. ↑
   http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00406.html
   7. ↑
   http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00413.html
   8. ↑
   http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00415.html
   9. ↑
   http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00403.html

=== Rawhide Report 2009-02-07 ===

The last report[1] lists 14 new packages added, 57 modified and some
broken dependencies. New packages include dissy, a graphical front-end
to objdump and python-pygooglechart a Python wrapper for the Google
Chart API.

Richard Hughes suggested[2] that the update to
PolicyKit-gnome-0.9.2-1.fc11 might be useful: "If you're having problems
with PackageKit and buttons "not working" you need this update."

Some of the x86_64 broken dependencies were due to to mono-2.4 being
pushed to rawhide which led David Nielsen to suggest[3] that a heads up
would have been useful. Alex Lancaster requested[4] that API/ABI
breakage would be announced on @fedora-devel-announce instead of on the
high-traffic @fedora-devel.

   1. ↑
   http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00661.html
   2. ↑
   http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00669.html
   3. ↑
   http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00674.html
   4. ↑
   http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00746.html

=== New module-init-tools Uses Binary modules.dep|alias|symbols ===

An update to module-init-tools-3.6 was pushed to rawhide by Jon Masters
in order to speed up[1] boot time significantly. The files modules.dep,
modules.alias and modules.symbols will have binary versions which are
used in preference to their old text versions. Jon asked[2] if the need
to run depmod -a after upgrades to module-init-tools would upset anyone.
There seemed to be general approbation of his changes and they should
land soon for Fedora 9 also.

   1. ↑
   http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00477.html
   2. ↑
   http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00353.html

=== New Georgian Fonts Packaged Rapidly ===

A call was put out[1] by Nicolas Mailhot for someone to package a
completely new Georgian font pack created by Besarion Paata Gugushvili.

Nicolas was especially keen to get this done quickly as he had contacted
Besarion and been rewarded with completely new fonts not shipped by any
other distro, licensed with the FSF font exception to the GPL all within
nine hours!

Tom Callaway responded[2] within mere hours.

   1. ↑
   http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00281.html
   2. ↑
   http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00308.html

=== Distro-agnostic /boot Metadata Standard ? ===

A negative review in German IT magazine "c't" led[1] Christoph Höger to
ask if it was possible to preserve the ability to boot other GNU/Linux
distros after installing Fedora. The most annoying point seemed to be
that Windows installations are preserved.

A moderately long thread resulted and covered several ideas to allow the
GRUB bootloader to identify other distributions. One such was[2] .that
there should be an agreement among distributions to use a shared
metadata standard on boot partitions.

   1. ↑
   http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00273.html
   2. ↑
   http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00345.html

=== GCC-4.4 Mass Rebuild Successful ===

Jakub Jelínek reported[1] that a mass rebuild of rawhide (snapshotted on
2009-01-26) of 6228 packages had produced only a few hundred failures.
He listed these by type of failure.

Several of the packages listed failed to build for reasons other than
GCC, for instance Java packages failed[2] due to maven being broken.

Thorsten Leemhuis provided[3] a list of packages and owners sorted by
owner which was generally appreciated. He pointed out: "Finding all your
packages in such a long list gets really hard as soon as you maintain 10
or 15 packages."

Problems reported due to a mismatch between the libstdc++ headers
requirement of -march=i486 and Koji's default use of -march=i386 led[4]
Jakub to whip up some fixes. He requested that CFLAGS were not altered
in SPEC files.

   1. ↑
   http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00180.html
   2. ↑
   http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00220.html
   3. ↑
   http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00229.html
   4. ↑
   http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00257.html

=== Help Rel-eng Accelerate Updates Processing ===

One bottleneck in the processing of updates to packages is that they
need to be signed. Work is ongoing to automate this (see FWN#147[1])
with a signing-server codenamed "sigul".

Christoph Wickert wondered[2] why it had taken over five days for an
update to one of his packages to get to testing. When Josh Boyer
responded that it was because one human (Jesse Keating) had to sign the
packages and he had been also busy getting Fedora 11 Alpha released,
Daniel P. Berrange suggested[3] adding more humans to help. Jesse
Keating suggested[4] that anyone who wished to help could take some of
the load off the release-engineering team so that they had more time for
package signing.

   1. ↑
   http://fedoraproject.org/wiki/FWN/Issue147#Unsigned_Rawhide_Packages_an_Attack_Vector_.3F
   2. ↑
   http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00508.html
   3. ↑
   http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00515.html
   4. ↑
   http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00576.html

== Translation ==

This section covers the news surrounding the Fedora Translation (L10n)
Project.

http://fedoraproject.org/wiki/L10N

Contributing Writer: Runa Bhattacharjee

=== Fedora 10 Release Notes Updated ===

JohnMcDonough announced some updates for the Fedora 10 Release Notes[1].
The deadline for the submission of the translated updates has been
declared as 17th February 2009[2]. The translations have to be submitted
in the f-10 branch.

   1. ↑
   https://www.redhat.com/archives/fedora-trans-list/2009-February/msg00001.html
   2. ↑
   https://www.redhat.com/archives/fedora-trans-list/2009-February/msg00007.html

=== L10n Infrastructure Roadmap Proposal ===

Further to the discussion[1] initiated by AsgeirFrimannsson about the
L10n Infrastructure Roadmap, NorikoMizumoto has commented[2] that
considering the upcoming deadline for F-11 and the past troubles faced
during F-10, the current infrastructure would need a maintainer to
ensure its smooth running at present.

   1. ↑
   https://www.redhat.com/archives/fedora-trans-list/2009-February/msg00000.html
   2. ↑
   https://www.redhat.com/archives/fedora-trans-list/2009-February/msg00006.html

== Infrastructure ==

This section contains the discussion happening on the
fedora-infrastructure-list

http://fedoraproject.org/wiki/Infrastructure

Contributing Writer: Huzaifa Sidhpurwala

=== CSI (Security Policy) Help ===

Frank Chiulli said[1] on the @fedora-infrastructure-list that he had
implemented the CSI Security policy and he was seeing some strange
messages in the logs and asked if someone could help him with that.

Mike McGrath replied[2] to that saying that he suspected that before he
was blocking these messages but did not notice.

Seth Vidal said[3] that those are Windows/Samba/CIFS messages and if you
have samba and/or windows running on the same network you will notice
those.

   1. ↑
   http://www.redhat.com/archives/fedora-infrastructure-list/2009-February/msg00000.html
   2. ↑
   http://www.redhat.com/archives/fedora-infrastructure-list/2009-February/msg00001.html
   3. ↑
   http://www.redhat.com/archives/fedora-infrastructure-list/2009-February/msg00002.html

=== Public Calendaring System ===

Adam Williamson introduced[1] himself on the list saying that he was new
in the Fedora QA department at Red Hat, his job is to drive community
involvement in Fedora QA.

He further said that something that would be nice to have for QA
community is a public calendar system where dates of events like test
days can be published.

   1. ↑
   http://www.redhat.com/archives/fedora-infrastructure-list/2009-February/msg00060.html

== Artwork ==

In this section, we cover the Fedora Artwork Project.

http://fedoraproject.org/wiki/Artwork

Contributing Writer: Nicu Buculei

=== Echo Monthly News ===

Martin Sourada posted[1] on @fedora-art the latest issue of Echo Monthly
News[2] with information about the Echo Perspective theme and the new
Echo Artist Scripts and Supporting Icon Artist Library.

   1. ↑
   http://www.redhat.com/archives/fedora-art-list/2009-February/msg00009.html
   2. ↑
   http://fedorahosted.org/echo-icon-theme/wiki/MonthlyNews/Issue6

=== Context Free Art ===

Máirí­n Duffy introduced[1] a "Programmatic Art Generator"[2], something
she consider a "nifty FOSS tool [...], and it's even already in Fedora",
with regrets[3] for not knowing about it when she created the "4
Foundation" posters[4].

   1. ↑
   http://www.redhat.com/archives/fedora-art-list/2009-February/msg00010.html
   2. ↑ http://www.contextfreeart.org/gallery/index.php
   3. ↑
   http://www.redhat.com/archives/fedora-art-list/2009-February/msg00012.html
   4. ↑ http://www.flickr.com/photos/mairin/3181889947/

== Security Week ==

In this section, we highlight the security stories from the week in
Fedora.

Contributing Writer: Josh Bressers

=== Encryption Security ===

With all the recent talk of encrypting hard drives, the cold boot
method, and using proper passwords, this[1] xkcd comic reminds us of the
weakest link in all cryptography, the person with the password.

   1. ↑ http://xkcd.com/538

=== Running Things as root is a Bad Idea ===

While I always knew this, this article still sort of blows my mind:
Windows Security Improved By Denial Of Administrative Rights[1] To quote
the article:

... configuring users to operate without administrative rights mitigates
the impact of 92% of "critical" Microsoft vulnerabilities ...

92%, that is mind boggling. It's been sound advice for a long time in
the Linux world, not to do things as root. I suspect if we expected
everyone to be doing everything as root, virtual any minor security flaw
would suddenly become a very serious matter.

   1. ↑
   http://www.informationweek.com/news/security/app-security/showArticle.jhtml?articleID=213001021&subSection=Enterprise+Applications 

== Security Advisories ==

In this section, we cover Security Advisories from
fedora-package-announce.

https://www.redhat.com/mailman/listinfo/fedora-package-announce

Contributing Writer: David Nalley

=== Fedora 10 Security Advisories ===

    * roundcubemail-0.2-7.stable.fc10 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00018.html
    * sudo-1.6.9p17-5.fc10 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00025.html
    * gpsdrive-2.09-7.fc10 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00043.html
    * libcdaudio-0.99.12p2-11.fc10 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00103.html
    * gnumeric-1.8.2-6.fc10 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00112.html
    * nss-3.12.2.0-4.fc10 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00114.html
    * boinc-client-6.4.5-2.20081217svn.fc10 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00137.html
    * java-1.6.0-openjdk-1.6.0.0-9.b14.fc10 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00194.html
    * xulrunner-1.9.0.6-1.fc10 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00220.html
    * firefox-3.0.6-1.fc10 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00221.html
    * epiphany-extensions-2.24.0-4.fc10 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00222.html
    * devhelp-0.22-3.fc10 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00223.html
    * epiphany-2.24.3-2.fc10 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00224.html
    * evolution-rss-0.1.2-4.fc10 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00225.html
    * blam-1.8.5-6.fc10 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00226.html
    * galeon-2.0.7-5.fc10 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00227.html
    * google-gadgets-0.10.5-2.fc10 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00228.html
    * gnome-web-photo-0.3-14.fc10 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00231.html
    * gnome-python2-extras-2.19.1-26.fc10 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00229.html
    * gecko-sharp2-0.13-4.fc10 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00230.html
    * kazehakase-0.5.6-1.fc10.3 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00232.html
    * mozvoikko-0.9.5-6.fc10 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00233.html
    * Miro-1.2.8-2.fc10 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00234.html
    * pcmanx-gtk2-0.3.8-5.fc10 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00235.html
    * mugshot-1.2.2-5.fc10 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00236.html
    * ruby-gnome2-0.18.1-3.fc10 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00237.html
    * yelp-2.24.0-5.fc10 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00238.html 

=== Fedora 9 Security Advisories ===

    * boinc-client-6.4.5-2.20081217svn.fc9 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00034.html
    * roundcubemail-0.2-7.stable.fc9 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00082.html
    * nss-3.12.2.0-2.fc9 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00096.html
    * gpsdrive-2.09-7.fc9 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00187.html
    * libcdaudio-0.99.12p2-11.fc9 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00188.html
    * gnumeric-1.8.2-4.fc9 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00211.html
    * xulrunner-1.9.0.6-1.fc9 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00240.html
    * firefox-3.0.6-1.fc9 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00241.html
    * chmsee-1.0.1-8.fc9 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00242.html
    * epiphany-extensions-2.22.1-7.fc9 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00243.html
    * epiphany-2.22.2-7.fc9 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00244.html
    * cairo-dock-1.6.3.1-1.fc9.3 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00245.html
    * blam-1.8.5-5.fc9.1 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00246.html
    * gnome-python2-extras-2.19.1-23.fc9 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00247.html
    * galeon-2.0.7-5.fc9 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00248.html
    * gnome-web-photo-0.3-17.fc9 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00249.html
    * devhelp-0.19.1-8.fc9 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00250.html
    * evolution-rss-0.1.0-6.fc9 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00251.html
    * google-gadgets-0.10.5-2.fc9 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00252.html
    * kazehakase-0.5.6-1.fc9.3 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00253.html
    * Miro-1.2.7-4.fc9 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00254.html
    * mozvoikko-0.9.5-6.fc9 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00255.html
    * gtkmozembedmm-1.4.2.cvs20060817-25.fc9 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00256.html
    * ruby-gnome2-0.17.0-5.fc9 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00257.html
    * mugshot-1.2.2-5.fc9
    -https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00258.html
    * totem-2.23.2-10.fc9 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00259.html
    * yelp-2.22.1-8.fc9 -
    https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00260.html 

== Virtualization ==

In this section, we cover discussion on the @et-mgmnt-tools-list,
@fedora-xen-list, and @libvirt-list of Fedora virtualization
technologies.

Contributing Writer: Dale Bewley
=== Enterprise Management Tools List ===

This section contains the discussion happening on the et-mgmt-tools list

==== virt-manager and QEMU Disk Polling Logs ====

Radek Hladik noticed[1] "when image:Echo-package-16px.pngvirt-manager is
running and polling VMs stats image:Echo-package-16px.pnglibvirt log in
/var/log/libivrt/qemu/vmname is filling with messages" on the number of
disk operations. After a day the log had grown to 100MB.

Daniel P. Berrange accepted[2] on behalf of libvirt and Cole Robinson
described[3] how to turn of disk polling in virt-manager.

   1. ↑
   http://www.redhat.com/archives/et-mgmt-tools/2009-February/msg00019.html
   2. ↑
   http://www.redhat.com/archives/et-mgmt-tools/2009-February/msg00021.html
   3. ↑
   http://www.redhat.com/archives/et-mgmt-tools/2009-February/msg00020.html

==== virt-viewer Persistance Through Guest Reboots ====


Daniel P. Berrange said[1] that by Fedora 11
image:Echo-package-16px.pngvirt-viewer will persist and wait for a guest
to resume rather than exit when a guest reboots.

   1. ↑
   http://www.redhat.com/archives/et-mgmt-tools/2009-February/msg00004.html

==== virt-install Wait Indefinitely for Windows Guests ====

Since Windows reboots during installation, John Levon patched[1]
virt-install to wait 120 minutes while installing a Windows guest. After
some discussion it was decided it should wait indefinitely instead.

   1. ↑
   http://www.redhat.com/archives/et-mgmt-tools/2009-February/msg00005.html

=== Fedora Virtualization List ===

This section contains the discussion happening on the fedora-virt list.

==== Fedora Virt Status Update ====

Mark McLoughlin composed[1] another informative weekly update on the
status of virtualization development in Fedora. Some highlights
included:

    * A pvmmu problem casues some guest installs on an F11 Alpha host to
    oops during heavy network activity (RHBZ #480822)
    * Work has begun on Fedora 11 virtualization release notes.
    * The 0.6.0 release of image:Echo-package-16px.pnglibvirt was not
    completely without problems.
    * All Fedora 11 virtualization features can be found all together.
    * The KVM/QEMU merge project has settled on a naming scheme.
    * KVM PCI device assignment continues to have issues. The "core of
    the problem is that devices must be reset before being assigned if
    they have been previously used in the host."
    * The addition of bzImage loading support to the Xen hypervisor is
    enabling users to build test Dom0 kernels.
    * A detailed of accounting reveals the bug count going from 191 to
    192. 

   1. ↑
   http://www.redhat.com/archives/fedora-virt/2009-February/msg00061.html

==== Merging KVM and QEMU Packages ====

A feature[1] in the works for Fedora 11 is a merge of the
image:Echo-package-16px.pngkvm package with the
image:Echo-package-16px.pngqemu package. Glauber Costa recently took the
first step in this process by creating a test build[2] and starting a
very long thread[3] on naming of all the subpackages which will soon
make up QEMU.

   1. ↑ Features/KVM_and_QEMU_merge
   2. ↑ http://koji.fedoraproject.org/koji/taskinfo?taskID=1105051
   3. ↑
   http://www.redhat.com/archives/fedora-virt/2009-February/msg00000.html

=== Fedora Xen List ===

This section contains the discussion happening on the fedora-xen list.

==== bzImage Dom0 Support in Rawhide Xen ====

Pasi Kärkkäinen announced[1] the latest image:Echo-package-16px.pngxen
builds in Rawhide support bzImage compressed dom0 kernels. Xen
previously only supported zImage compressed kernels. This development
was one of the pre-requisite work items for the Xen pvops Dom0 feature.

This good news was tempered by the fact that there is still no dom0
capable image:Echo-package-16px.pngkernel in Rawhide. However, such a
kernel can be built[2] for testing. Gerd Hoffmann reports[3] success
doing just that. Such kernels are not yet stable enough for use[4].

   1. ↑
   http://www.redhat.com/archives/fedora-xen/2009-February/msg00001.html
   2. ↑ http://wiki.xensource.com/xenwiki/XenParavirtOps
   3. ↑
   http://www.redhat.com/archives/fedora-virt/2009-February/msg00027.html
   4. ↑
   http://www.redhat.com/archives/fedora-virt/2009-February/msg00055.html

==== Test Dom0 Xen Kernel RPM Available ====

M A Young built[1] a dom0 capable kernel RPM. It's suitable only for
testing; "use it very much at your own risk".

   1. ↑
   http://www.redhat.com/archives/fedora-xen/2009-February/msg00014.html

=== Libvirt List ===

This section contains the discussion happening on the libvir-list.

==== Fix for Fallout From Failed QEMU Guest Starts ====

Daniel P. Berrange fixed[1] a series of events which manifested when a
QEMU guest failed to start. Subsequent client connections would fail,
CPU would rise to 100%, and virsh would hang. (RHBZ #484414)

   1. ↑
   http://www.redhat.com/archives/libvir-list/2009-February/msg00104.html

==== sVirt Patches to Merge in libvirt ====

Daniel J Walsh looked[1] at James Morris sVirt[2] patches for
image:Echo-package-16px.pnglibvirt. "James patch, allows libvirt to read
the SELinux context out of the xml database and execute
image:Echo-package-16px.pngqemu with the context. The second componant
[sic] is to pass the context of the image(s) and allow libvirt to not
only set the image, but also update the default labels on disk, so a
relabel will not change the context." Daniel J Walsh started working on
this second component and wondered if they were acceptable for
committing to libvirt yet.

Daniel P. Berrange expressed[3] satisfaction with how the patches
integrate with libvirt adding "If yourself & James are happy with what
they're doing from a SELinux / security model point of view, then
there's no reason they shouldn't be posted for final merge now."

   1. ↑
   http://www.redhat.com/archives/libvir-list/2009-February/msg00144.html
   2. ↑
   http://fedoraproject.org/wiki/Features/SVirt_Mandatory_Access_Control
   3. ↑
   http://www.redhat.com/archives/libvir-list/2009-February/msg00145.html

==== Manage iptables with libvirt ====

Karl Wirth asked[1] "What if we could flexibly change the iptables rules
for the different guests as they are deployed onto the node/host". This
thought was not new.[2]

David Lutterkort pointed[3] out some of the thorny problems with this
proposal including the fact that "network devices may be directly
assigned to guests - in that case, we won't even see any of the packets
the guest sends or receives". Summarizing that "iptables management
belongs into a higher-level management app, like ovirt[4], not libvirt."

   1. ↑
   http://www.redhat.com/archives/libvir-list/2009-February/msg00147.html
   2. ↑
   http://fedoraproject.org/wiki/FWN/Issue138#Libvirt_and_Persistent_Iptables_Rules
   3. ↑
   http://www.redhat.com/archives/libvir-list/2009-February/msg00152.html
   4. ↑ http://ovirt.org/

== Ask Fedora ==

In this section, we answer general questions from Fedora community. Send
your questions to askfedora AT fedoraproject.org and Fedora News Team
will bring you answers from the Fedora Developers and Contributors to
selected number of questions every week as part of our weekly news
report. Please indicate if you do not wish your name and/or email
address to be published.

http://fedoraproject.org/wiki/AskFedora

Writers: Chris Tyler, Rahul Sundaram

=== Standardized Package Format ===

Arthur Pemberton asked: "When are the big players in the Linux ecosystem
going to converge on a single package system which is a superset of .deb
and .rpm? This seems like something that needs to be done before this
mostly unnecessary difference gets too ingrained to be changed."

Two reasons are usually given for converging on a single packaging
standard. The first is to create packages that can be installed on many
distributions without change; this is particularly attractive to
third-party software vendors who wish to create a single repository of
their software for use with a range of distributions rather than package
and distribute their software within those distributions.

In order to support truly portable packages, it is necessary to
standardize not only the package format, but the available libraries,
library versions, file locations, utility commands, and system services.
This is proved by the fact that, for example, Fedora and SUSE RPMs may
not usually cleanly install on the the other distribution, despite using
a common package format. It is similar for Debian and Ubuntu.

The Linux Standard Base (LSB)[1] project of The Linux Foundation[2] has
been working on such a system-wide standard for many years, walking the
fine line between standardizing too little (yielding an ineffective
standard) and standardizing too much (leaving little room for
differentiation between distributions). The work of LSB has been
internationally recognized as ISO/IEC 23360. However LSB is a trailing
edge standard and Fedora usually is much ahead.

In terms of packaging, LSB mandates support for a restricted version of
RPM[3], without triggers and with restrictions on the content and
execution-order requirements of scriptlets[4]. These restrictions ensure
that LSB-compliant RPMs can be successfully processed by conversion
tools such as Debian's "alien" command. However, as its name implies,
the LSB defines only a base for a distribution, and many of a
distribution's packages need to take advantage of a broader feature set
than provided for by the LSB. This need is expressed in the more
advanced features provided by the full RPM and DEB package
specifications.

It should be noted that a number of package systems have been developed
which attempt to address cross-distribution packaging issues, including
Autopackage[5], ZeroInstall[6], and Klik[7] (ZeroInstall and Klik also
enabling user-level package installation) -- but these have not gain
widespread support.

The second advantage to a standard package format is a reduction in the
duplication of labour by each distribution, especially if packaging
information (such as a basic RPM .spec file) is provided by the upstream
software source. However, packaging standards, security configuration
(such as SELinux policy), and naming conventions vary so significantly
between distributions that extensive customization of the package is
usually required, greatly reducing the value of distributing standard
package information.

The existence of multiple GNU/Linux distributions fuels a productive
competitiveness which spurs innovation[8]. As long as multiple
distributions thrive, multiple package formats are likely to remain in
use. Freedesktop.org provides a cross distribution forum[9] which many
distributions have been using to discuss and collaborate on common
issues. The Fedora Project also prefers to work closely with upstream
software[10] as a matter of principle to minimize differences.

   1. ↑ http://www.linuxfoundation.org/en/LSB
   2. ↑ http://www.linuxfoundation.org/
   3. ↑
   http://refspecs.freestandards.org/LSB_3.1.0/LSB-Core-generic/LSB-Core-generic/packagefmt.html
   4. ↑
   http://refspecs.freestandards.org/LSB_3.1.0/LSB-Core-generic/LSB-Core-generic/pkgscripts.html
   5. ↑ http://autopackage.org/
   6. ↑ http://zero-install.sourceforge.net/
   7. ↑ http://klik.atekon.de/
   8. ↑ http://distrowatch.com/weekly.php?issue=20090202#feature
   9. ↑
   http://lists.freedesktop.org/mailman/listinfo/distributions
  10. ↑
  http://fedoraproject.org/wiki/PackageMaintainers/WhyUpstream
-- 
  Oisin Feeley
  http://fedoraproject.org/wiki/OisinFeeley


-- 
fedora-announce-list mailing list
fedora-announce-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-announce-list

[Index of Archives]     [Fedora Package Announce]     [Fedora Users]     [Fedora Package Review]     [Fedora Desktop]     [PAM]     [Big List of Linux Books]     [Gimp]     [Yosemite News]     [Yosemite Camping]     [Fedora Users]

  Powered by Linux