Fedora Weekly News Issue 162 Welcome to Fedora Weekly News Issue 162 for the week ending February 8th, 2009. http://fedoraproject.org/wiki/FWN/Issue162 This week we're happy to announce the return of several beats: Marketing reports on following Fedora activity via Twitter; Ambassadors tantalizes with some Fedora polo shirts and the news that "North American Ambassadors Take Reins of XO Program"; Infrastructure notes a possible "Public Calendaring System" for the community; SecurityWeek shares an xkcd comic in "Encryption Security". Announcements highlights the K12Linux Fedora 10 Live Server in "Technical Announcements", PlanetFedora rounds up a lot of must-read blogs, Developments clarifies that "Fedora 11 Will Support i586 Instruction Set", Translation links to the "L10n Infrastructure Roadmap Proposal", Artwork suggests some "Context Free Art", SecurityAdvisories lists packages you really, really want, Virtualization defies easy summary but one exciting tidbit is "Merging KVM and Qemu Packages", and finally we have another AskFedora concerning the possibility of a "Standardized Package Format". If you are interested in contributing to Fedora Weekly News, please see our 'join' page[1]. We welcome reader feedback: fedora-news-list@xxxxxxxxxx FWN Editorial Team: Pascal Calarco, Oisin Feeley, Huzaifa Sidhpurwala [1] http://fedoraproject.org/wiki/NewsProject/Join Contents Fedora Weekly News Issue 162 1.1 Announcements 1.1.1 Fedora 11 Alpha 1.1.2 Technical Announcements 1.1.3 Upcoming Events 1.2 Planet Fedora 1.2.1 General 1.2.2 FOSDEM 2009 1.3 Marketing 1.3.1 Draft Fedora 11 Schedule 1.3.2 Fedora Twitters 1.3.3 Fedora 11 Alpha Ships with Windows Cross Compiler 1.4 Ambassadors 1.4.1 North American Ambassadors Take Reins of XO Program 1.4.2 North America Polo Shirt Order 1.4.3 FAD SCaLE coming up 2009-02-20 1.4.4 Got Ambassador News? 1.5 Developments 1.5.1 Fedora 11 Alpha Released 1.5.2 Fedora 11 Will Support i586 Instruction Set 1.5.3 RFC: Power Management 1.5.4 Rawhide Report 2009-02-07 1.5.5 New module-init-tools Uses Binary modules.dep|alias|symbols 1.5.6 New Georgian Fonts Packaged Rapidly 1.5.7 Distro-agnostic /boot Metadata Standard ? 1.5.8 GCC-4.4 Mass Rebuild Successful 1.5.9 Help Rel-eng Accelerate Updates Processing 1.6 Translation 1.6.1 Fedora 10 Release Notes Updated 1.6.2 L10n Infrastructure Roadmap Proposal 1.7 Infrastructure 1.7.1 CSI (Security Policy) Help 1.7.2 Public Calendaring System 1.8 Artwork 1.8.1 Echo Monthly News 1.8.2 Context Free Art 1.9 Security Week 1.9.1 Encryption Security 1.9.2 Running Things as root is a Bad Idea 1.10 Security Advisories 1.10.1 Fedora 10 Security Advisories 1.10.2 Fedora 9 Security Advisories 1.11 Virtualization 1.11.1 Enterprise Management Tools List 1.11.1.1 virt-manager and QEMU Disk Polling Logs 1.11.1.2 virt-viewer Persistance Through Guest Reboots 1.11.1.3 virt-install Wait Indefinitely for Windows Guests 1.11.2 Fedora Virtualization List 1.11.2.1 Fedora Virt Status Update 1.11.2.2 Merging KVM and QEMU Packages 1.11.3 Fedora Xen List 1.11.3.1 bzImage Dom0 Support in Rawhide Xen 1.11.3.2 Test Dom0 Xen Kernel RPM Available 1.11.4 Libvirt List 1.11.4.1 Fix for Fallout From Failed QEMU Guest Starts 1.11.4.2 sVirt Patches to Merge in libvirt 1.11.4.3 Manage iptables with libvirt 1.12 Ask Fedora 1.12.1 Standardized Package Format == Announcements == In this section, we cover announcements from the Fedora Project. http://www.redhat.com/archives/fedora-announce-list/ http://www.redhat.com/archives/fedora-devel-announce/ Contributing Writer: Max Spevack === Fedora 11 Alpha === JesseKeating announced[1] the release of Fedora 11 Alpha. The release is available at http://get.fedoraproject.org and includes MinGW (for Windows cross-compiling), the ext4 filesystem, GNOME 2.26, KDE 4.2.0, and XFCE 4.6 Beta. Furthermore, James Laska informed[2]the community about a Fedora Test Day focused on ext4. === Technical Announcements === Martin Sourada published[3] the latest issue of Echo Monthly News. Warren Togami announced[4] "the release of K12Linux F10 Live Server. K12Linux is Linux Terminal Server Project (LTSP.org) integrated with Fedora 10, in a convenient LiveUSB or DVD media installer." The release inclues auto-configuration of diskless thin clients, sound forwarding over the network via PulseAudio, and more. All package maintainers should read the updated[5] package update guidelines[6], as announced by Mark McLoughlin. === Upcoming Events === Fedora will have a presence at several events in the next few weeks. Feel free to join us, February 20 - 22: Southern California Linux Expo (SCALE)[7][8] Also, people are encouraged to register for Fedora or JBoss.org related speaking slots at LinuxTag 2009.[9] 1. ↑ http://www.redhat.com/archives/fedora-announce-list/2009-February/msg00004.html 2. ↑ http://www.redhat.com/archives/fedora-devel-announce/2009-February/msg00003.html 3. ↑ https://fedorahosted.org/echo-icon-theme/wiki/MonthlyNews/Issue6 4. ↑ http://www.redhat.com/archives/fedora-announce-list/2009-February/msg00002.html 5. ↑ http://www.redhat.com/archives/fedora-devel-announce/2009-February/msg00004.html 6. ↑ https://fedoraproject.org/wiki/PackageMaintainers/Package_update_guidelines 7. ↑ http://fedoraproject.org/wiki/SCALE7X_Event 8. ↑ https://fedoraproject.org/wiki/Fedora_Activity_Day_at_SCaLE_7x 9. ↑ http://fedoraproject.org/wiki/LinuxTag_2009_talks == Planet Fedora == In this section, we cover the highlights of Planet Fedora - an aggregation of blogs from Fedora contributors worldwide. http://planet.fedoraproject.org Contributing Writer: Adam Batkin === General === Paul W. Frields announced[1] the Fedora 11 Alpha, as well as an explanation of why Alpha releases exist and how you can get a sneak-peek at what will be in the next release while helping Fedora improve. Chris Brown wrote[2] about some of the other features that may make an appearance in F11. Dwayne Bailey developed[3] a system to manage the localization of software and integrated[4] it with some existing libraries to produce Virtaal[5]. Gary Benson continued[6] his excellent series "Inside Zero and Shark", a must-read for anyone interested in virtual machines or Java internals. Dave Jones explained[7] the status of Dracut, "the shiny new initramfs creation tool." Chris Tyler wrote[8],[9] [10] about getting a multiseat system set up using a single computer and dual ATI R710 video cards. In the latest installment the ATI setup was compared[11] to a similar configuration using Dual NVIDIA 9800GTX and various driver combinations. Steven Moix benchmarked[12],[13] the performance of Solid State Disks using various I/O schedulers running on Fedora 10. Tim Waugh showed off[14] the eye candy of system-config-printer that can be expected in Fedora 11. Adrian Likins pondered[15] the availability of "a mailing list summary page. The page would scan the mailing lists, and post the content most likely to need attention." Fedora Weekly News? Michael DeHaan shared[16] an essay, "Lessons Learned From OSS Software Development". Tim Waugh described[17] "How I use git" which shows some useful tips and tricks. Venkatesh Hariharan wrote[18] a draft FOSS manifesto for Indian political parties, which could actually be valuable for any country in the world. 1. ↑ http://marilyn.frields.org:8080/~paul/wordpress/?p=1467 2. ↑ http://www.chruz.com/2009/02/07/icantbelieveitsnotbtr/ 3. ↑ http://www.translate.org.za/blogs/dwayne/en/content/localisation-information-language-preventing-mistakes-and-increasing-richness-localisation 4. ↑ http://www.translate.org.za/blogs/dwayne/en/content/libtranslate-tm-plugins-and-virtaal 5. ↑ http://virtaal.org/ 6. ↑ http://gbenson.net/?p=124 7. ↑ http://www.codemonkey.org.uk/2009/02/02/dracut-status/ 8. ↑ http://blog.chris.tylers.info/index.php?/archives/180-Multiseat-on-Dual-ATI-R710s-So-close!.html 9. ↑ http://blog.chris.tylers.info/index.php?/archives/181-Multiseat-radeonhd.html 10. ↑ http://blog.chris.tylers.info/index.php?/archives/182-Multiseat-on-Dual-ATI-R710s-Working.html 11. ↑ http://blog.chris.tylers.info/index.php?/archives/184-Multiseat-on-Dual-ATI-and-Dual-NVIDIA.html 12. ↑ http://www.alphatek.info/2009/02/02/ssd-performance-vs-linux-kernel-io-scheduler-in-fedora-10/ 13. ↑ http://www.alphatek.info/2009/02/02/io-scheduler-and-ssd-part-2/ 14. ↑ http://cyberelk.net/tim/2009/02/03/screenshots-system-config-printer-11/ 15. ↑ http://adrianlikins.com/?p=481 16. ↑ http://www.michaeldehaan.net/?p=853 17. ↑ http://cyberelk.net/tim/2009/02/04/how-i-use-git/ 18. ↑ http://osindia.blogspot.com/2009/02/draft-foss-manifesto-for-indian.html === FOSDEM 2009 === So many people have written about attending FOSDEM that it would take an entire issue of FWN post all of the links. Instead an arbitrarily selection will be randomly chosen. Pierros Papadeas took[1] a nice set of photos including some general shots of Brussels. Joerg Simon got[2] some shots of the Fedora booth. 1. ↑ http://digitaurora.blogspot.com/2009/02/fosdem-2009-day-zero.html 2. ↑ http://kitall.blogspot.com/2009/02/fosdem-impressions-day1.html == Marketing == In this section, we cover the Fedora Marketing Project. http://fedoraproject.org/wiki/Marketing Contributing Writer: Kam Salisbury === Draft Fedora 11 Schedule === The draft Fedora 11 schedule was made[1] available on the wiki by Jonathon Roberts. Now is as good as a time as any to get involved with Fedora Marketing by reviewing the goals of Fedora Marketing[2] and then joining[3]. 1. ↑ http://fedoraproject.org/wiki/User:Jonrob/MarketingSchedule 2. ↑ http://fedoraproject.org/wiki/Marketing/ 3. ↑ http://fedoraproject.org/wiki/Marketing/Join === Fedora Twitters === You can now follow most major Fedora announcements via Twitter. Just choose to follow fedora_linux[1] from your Twitter account. Alternately, you can choose to follow Fedora Linux major news announcements via RSS[2]. Twitter[3] provides a social network tied together via 140 character status messages. 1. ↑ http://twitter.com/fedora_linux 2. ↑ http://twitter.com/statuses/friends_timeline/16598186.rss 3. ↑ http://twitter.com/about#about === Fedora 11 Alpha Ships with Windows Cross Compiler === Fedora 11 now includes the Windows cross compiler MinGW[1], a development environment for Fedora users who want to save time and duplication of effort by cross-compiling their programs to run on Windows without actually having to use Windows during development. 1. ↑ http://www.mingw.org/ == Ambassadors == In this section, we cover Fedora Ambassadors Project. http://fedoraproject.org/wiki/Ambassadors Contributing Writer: Larry Cafiero === North American Ambassadors Take Reins of XO Program === During the week following FUDcon, it was suggested that the Fedora Ambassadors in North America run the NA Developer XO program for an initial period of 6 months. The reasons for Ambassadors taking the reins on this project are: * Ambassadors can help the NA Developer XO program by seeking help, freeing up developers already involved to concentrate on their work. * The Ambassadors are already in place, going to every major event and tons of minor events recruiting contributors to Fedora. * Ambassadors have had some moderate success getting people involved with both Fedora and OLPC/Sugar. OLPC decided to take the Ambassadors up on the offer and shipped 100 XOs to the FAmNA. Guidelines have been set - subject to the guidance of the OLPC SIG -- and the wiki, which has just been started and is in the process of refining, can be found here: http://fedoraproject.org/wiki/Fedora_developers_XO_program Essentially the bar that has been set is: * Maintain a sugar-* package in Fedora and agree to maintain it for two releases. Alternately maintain a package that was in OLPC4 and has been merged. * Develop a Sugar activity. To keep this in focus I have adopted Greg Dekoenigsberg's 'holy list of 4th grade math lessons' as acceptable activities: http://sugarlabs.org/go/User:Gdk/4th_Grade_Maths * QA (well not really): While FAmNA isn't actively looking for QA help, but if someone with extensive QA experience and lots of time presents itself we won't pass it up. === North America Polo Shirt Order === Pascal Calarco has initiated another round of ordering for Ambassador Polos for North American Ambassadors as announced on the Fedora Ambassador mailing list. There is also additional information here: http://fedoraproject.org/wiki/Fedora_Ambassadors_North_America_(FAMNA)#Fedora_Ambassador_Polo_Shirts_for_FAMNA === FAD SCaLE coming up 2009-02-20 === The Fedora Activity Day[1] at the Southern California Linux Expo (SCaLE)[2] will be from 9am - 6pm on Friday, February 20th at the Westin Airport Los Angeles, in Los Angeles, California. There will be breaks and such, but the FAD will be treated much like a sprint. We're here to get something accomplished -- specifically font packaging and documentation -- so come on by and help us out for an hour or all day. We'd love to have you there! Also, if you can make SCaLE from the Southern California area, stop by the Fedora booth. 1. ↑ http://fedoraproject.org/wiki/Fedora_Activity_Day_at_SCaLE_7x 2. ↑ http://scale7x.socallinuxexpo.org/ === Got Ambassador News? === Any Ambassador news tips from around the Fedora community can be submitted to me by e-mailing lcafiero-AT-fedoraproject-DOT-org and I'd be glad to put it in this weekly report. == Developments == In this section the people, personalities and debates on the @fedora-devel mailing list are summarized. Contributing Writer: Oisin Feeley === Fedora 11 Alpha Released === Jesse Keating announced[1] the availability of Fedora 11 Alpha on 2009-02-05. His beautiful poetry was accompanied by a suggestion to read the Release Notes[2]. One change which drew[3] extensive commentary on @fedora-test was the default disabling of the Ctrl-Alt-Backspace key combination. This traditionally kills the X server and to regain the usual behavior it is necessary to create an Xorg.conf file (these no longer exist by default either) and add the line Option "DontZap" "false" to it. 1. ↑ http://www.redhat.com/archives/fedora-announce-list/2009-February/msg00004.html 2. ↑ http://fedoraproject.org/wiki/Fedora_11_Alpha_release_notes 3. ↑ http://www.redhat.com/archives/fedora-test-list/2009-February/msg00118.html === Fedora 11 Will Support i586 Instruction Set === Last week (FWN#161[1]) we reported on a proposal to cease building Fedora 11 for the i586 CPU instruction set. FESCo had delayed its decision in order to discuss the matter further. The issue was addressed[2] on 2009-02-05 with the outcome that a proposal by Dennis Gilmore to continue supporting i586 for the duration of Fedora 11 but to transition to i686 for Fedora 12 was supported. Prior to the meeting Warren Togami summed up[3] the advice of Jakub Jelínek as: "Jakub recommends i586.rpm for Fedora 11, because it doesn't gain us much of anything to go with i686 minimum. The benefits of i586 to i686 are simply not important because cmov is usually not a worthwhile optimization on ia32." An interesting suggestion by Adam Jackson was[4][5] that if there is a committed user-base of i586 users they could probably support it in the Secondary Architecture (see FWN#92[6]) infrastructure. Ulrich Drepper and Dominik Mierzejewski debated[7] whether the use of cmov can in some circumstances cause performance degradation. It is unclear exactly what performance benefits could be obtained by passing various architecture-specific flag combinations to GCC but it does seem that the burden of building and maintenance will be eased significantly by these changes. As a related change[8] x86_64 kernels will be installed with a 32-bit userspace. 1. ↑ http://fedoraproject.org/wiki/FWN/LatestIssue#Dropping_Support_for_i586_Architecture_.3F 2. ↑ http://bpepple.fedorapeople.org/fesco/FESCo-2009-02-05.html 3. ↑ http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00200.html 4. ↑ http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00282.html 5. ↑ http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00407.html 6. ↑ http://fedoraproject.org/wiki/FWN/Issue92#Secondary_Arch_Proposal_Cont. 7. ↑ http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00240.html 8. ↑ http://bpepple.fedorapeople.org/fesco/FESCo-2009-02-05.html === RFC: Power Management === Phil Knirsch initiated[1] a discussion of attempts to decrease power consumption especially in userland. A wiki page[2] reflects some of the research Phil has pulled together. Richard Hughes pointed[3] out some interesting work on DeviceKit-power where he built on powertop. Olivier Galibert raised[4] a possible problem with Richard's use of D-Bus itself causing wakeups, but according to Colin Walters a patch existed[5] to fix this problem. Many of the items suggested in Phil's page for documentation were suggested by Bill Nottingham as desiderata for defaults. While Phil agreed[6] in general he itemized some of the problems. These include problems with network interfaces and hard-disk spindowns which may be approachable as a result of a tuned daemon on which Phil is working. An addendum of audio hardware power-saving was made by Eric Sandeen along with a list of bugs which led[7] Phil to wonder if a tracker bug to collate all the information would be useful. Matthew Garrett expressed[8] some worries that hard-disk power-saving would cause physical wear and the relatime patches to work around over-aggressive deletion of content in /tmp would continue to be stalled. The importance of separating out KDE and GNOME dependent features was noted[9] by Kevin Kofler. 1. ↑ http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00365.html 2. ↑ http://fedoraproject.org/wiki/Features/PowerManagement 3. ↑ http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00376.html 4. ↑ http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00430.html 5. ↑ http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00642.html 6. ↑ http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00406.html 7. ↑ http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00413.html 8. ↑ http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00415.html 9. ↑ http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00403.html === Rawhide Report 2009-02-07 === The last report[1] lists 14 new packages added, 57 modified and some broken dependencies. New packages include dissy, a graphical front-end to objdump and python-pygooglechart a Python wrapper for the Google Chart API. Richard Hughes suggested[2] that the update to PolicyKit-gnome-0.9.2-1.fc11 might be useful: "If you're having problems with PackageKit and buttons "not working" you need this update." Some of the x86_64 broken dependencies were due to to mono-2.4 being pushed to rawhide which led David Nielsen to suggest[3] that a heads up would have been useful. Alex Lancaster requested[4] that API/ABI breakage would be announced on @fedora-devel-announce instead of on the high-traffic @fedora-devel. 1. ↑ http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00661.html 2. ↑ http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00669.html 3. ↑ http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00674.html 4. ↑ http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00746.html === New module-init-tools Uses Binary modules.dep|alias|symbols === An update to module-init-tools-3.6 was pushed to rawhide by Jon Masters in order to speed up[1] boot time significantly. The files modules.dep, modules.alias and modules.symbols will have binary versions which are used in preference to their old text versions. Jon asked[2] if the need to run depmod -a after upgrades to module-init-tools would upset anyone. There seemed to be general approbation of his changes and they should land soon for Fedora 9 also. 1. ↑ http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00477.html 2. ↑ http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00353.html === New Georgian Fonts Packaged Rapidly === A call was put out[1] by Nicolas Mailhot for someone to package a completely new Georgian font pack created by Besarion Paata Gugushvili. Nicolas was especially keen to get this done quickly as he had contacted Besarion and been rewarded with completely new fonts not shipped by any other distro, licensed with the FSF font exception to the GPL all within nine hours! Tom Callaway responded[2] within mere hours. 1. ↑ http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00281.html 2. ↑ http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00308.html === Distro-agnostic /boot Metadata Standard ? === A negative review in German IT magazine "c't" led[1] Christoph Höger to ask if it was possible to preserve the ability to boot other GNU/Linux distros after installing Fedora. The most annoying point seemed to be that Windows installations are preserved. A moderately long thread resulted and covered several ideas to allow the GRUB bootloader to identify other distributions. One such was[2] .that there should be an agreement among distributions to use a shared metadata standard on boot partitions. 1. ↑ http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00273.html 2. ↑ http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00345.html === GCC-4.4 Mass Rebuild Successful === Jakub Jelínek reported[1] that a mass rebuild of rawhide (snapshotted on 2009-01-26) of 6228 packages had produced only a few hundred failures. He listed these by type of failure. Several of the packages listed failed to build for reasons other than GCC, for instance Java packages failed[2] due to maven being broken. Thorsten Leemhuis provided[3] a list of packages and owners sorted by owner which was generally appreciated. He pointed out: "Finding all your packages in such a long list gets really hard as soon as you maintain 10 or 15 packages." Problems reported due to a mismatch between the libstdc++ headers requirement of -march=i486 and Koji's default use of -march=i386 led[4] Jakub to whip up some fixes. He requested that CFLAGS were not altered in SPEC files. 1. ↑ http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00180.html 2. ↑ http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00220.html 3. ↑ http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00229.html 4. ↑ http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00257.html === Help Rel-eng Accelerate Updates Processing === One bottleneck in the processing of updates to packages is that they need to be signed. Work is ongoing to automate this (see FWN#147[1]) with a signing-server codenamed "sigul". Christoph Wickert wondered[2] why it had taken over five days for an update to one of his packages to get to testing. When Josh Boyer responded that it was because one human (Jesse Keating) had to sign the packages and he had been also busy getting Fedora 11 Alpha released, Daniel P. Berrange suggested[3] adding more humans to help. Jesse Keating suggested[4] that anyone who wished to help could take some of the load off the release-engineering team so that they had more time for package signing. 1. ↑ http://fedoraproject.org/wiki/FWN/Issue147#Unsigned_Rawhide_Packages_an_Attack_Vector_.3F 2. ↑ http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00508.html 3. ↑ http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00515.html 4. ↑ http://www.redhat.com/archives/fedora-devel-list/2009-February/msg00576.html == Translation == This section covers the news surrounding the Fedora Translation (L10n) Project. http://fedoraproject.org/wiki/L10N Contributing Writer: Runa Bhattacharjee === Fedora 10 Release Notes Updated === JohnMcDonough announced some updates for the Fedora 10 Release Notes[1]. The deadline for the submission of the translated updates has been declared as 17th February 2009[2]. The translations have to be submitted in the f-10 branch. 1. ↑ https://www.redhat.com/archives/fedora-trans-list/2009-February/msg00001.html 2. ↑ https://www.redhat.com/archives/fedora-trans-list/2009-February/msg00007.html === L10n Infrastructure Roadmap Proposal === Further to the discussion[1] initiated by AsgeirFrimannsson about the L10n Infrastructure Roadmap, NorikoMizumoto has commented[2] that considering the upcoming deadline for F-11 and the past troubles faced during F-10, the current infrastructure would need a maintainer to ensure its smooth running at present. 1. ↑ https://www.redhat.com/archives/fedora-trans-list/2009-February/msg00000.html 2. ↑ https://www.redhat.com/archives/fedora-trans-list/2009-February/msg00006.html == Infrastructure == This section contains the discussion happening on the fedora-infrastructure-list http://fedoraproject.org/wiki/Infrastructure Contributing Writer: Huzaifa Sidhpurwala === CSI (Security Policy) Help === Frank Chiulli said[1] on the @fedora-infrastructure-list that he had implemented the CSI Security policy and he was seeing some strange messages in the logs and asked if someone could help him with that. Mike McGrath replied[2] to that saying that he suspected that before he was blocking these messages but did not notice. Seth Vidal said[3] that those are Windows/Samba/CIFS messages and if you have samba and/or windows running on the same network you will notice those. 1. ↑ http://www.redhat.com/archives/fedora-infrastructure-list/2009-February/msg00000.html 2. ↑ http://www.redhat.com/archives/fedora-infrastructure-list/2009-February/msg00001.html 3. ↑ http://www.redhat.com/archives/fedora-infrastructure-list/2009-February/msg00002.html === Public Calendaring System === Adam Williamson introduced[1] himself on the list saying that he was new in the Fedora QA department at Red Hat, his job is to drive community involvement in Fedora QA. He further said that something that would be nice to have for QA community is a public calendar system where dates of events like test days can be published. 1. ↑ http://www.redhat.com/archives/fedora-infrastructure-list/2009-February/msg00060.html == Artwork == In this section, we cover the Fedora Artwork Project. http://fedoraproject.org/wiki/Artwork Contributing Writer: Nicu Buculei === Echo Monthly News === Martin Sourada posted[1] on @fedora-art the latest issue of Echo Monthly News[2] with information about the Echo Perspective theme and the new Echo Artist Scripts and Supporting Icon Artist Library. 1. ↑ http://www.redhat.com/archives/fedora-art-list/2009-February/msg00009.html 2. ↑ http://fedorahosted.org/echo-icon-theme/wiki/MonthlyNews/Issue6 === Context Free Art === Máirín Duffy introduced[1] a "Programmatic Art Generator"[2], something she consider a "nifty FOSS tool [...], and it's even already in Fedora", with regrets[3] for not knowing about it when she created the "4 Foundation" posters[4]. 1. ↑ http://www.redhat.com/archives/fedora-art-list/2009-February/msg00010.html 2. ↑ http://www.contextfreeart.org/gallery/index.php 3. ↑ http://www.redhat.com/archives/fedora-art-list/2009-February/msg00012.html 4. ↑ http://www.flickr.com/photos/mairin/3181889947/ == Security Week == In this section, we highlight the security stories from the week in Fedora. Contributing Writer: Josh Bressers === Encryption Security === With all the recent talk of encrypting hard drives, the cold boot method, and using proper passwords, this[1] xkcd comic reminds us of the weakest link in all cryptography, the person with the password. 1. ↑ http://xkcd.com/538 === Running Things as root is a Bad Idea === While I always knew this, this article still sort of blows my mind: Windows Security Improved By Denial Of Administrative Rights[1] To quote the article: ... configuring users to operate without administrative rights mitigates the impact of 92% of "critical" Microsoft vulnerabilities ... 92%, that is mind boggling. It's been sound advice for a long time in the Linux world, not to do things as root. I suspect if we expected everyone to be doing everything as root, virtual any minor security flaw would suddenly become a very serious matter. 1. ↑ http://www.informationweek.com/news/security/app-security/showArticle.jhtml?articleID=213001021&subSection=Enterprise+Applications == Security Advisories == In this section, we cover Security Advisories from fedora-package-announce. https://www.redhat.com/mailman/listinfo/fedora-package-announce Contributing Writer: David Nalley === Fedora 10 Security Advisories === * roundcubemail-0.2-7.stable.fc10 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00018.html * sudo-1.6.9p17-5.fc10 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00025.html * gpsdrive-2.09-7.fc10 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00043.html * libcdaudio-0.99.12p2-11.fc10 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00103.html * gnumeric-1.8.2-6.fc10 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00112.html * nss-3.12.2.0-4.fc10 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00114.html * boinc-client-6.4.5-2.20081217svn.fc10 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00137.html * java-1.6.0-openjdk-1.6.0.0-9.b14.fc10 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00194.html * xulrunner-1.9.0.6-1.fc10 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00220.html * firefox-3.0.6-1.fc10 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00221.html * epiphany-extensions-2.24.0-4.fc10 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00222.html * devhelp-0.22-3.fc10 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00223.html * epiphany-2.24.3-2.fc10 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00224.html * evolution-rss-0.1.2-4.fc10 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00225.html * blam-1.8.5-6.fc10 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00226.html * galeon-2.0.7-5.fc10 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00227.html * google-gadgets-0.10.5-2.fc10 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00228.html * gnome-web-photo-0.3-14.fc10 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00231.html * gnome-python2-extras-2.19.1-26.fc10 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00229.html * gecko-sharp2-0.13-4.fc10 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00230.html * kazehakase-0.5.6-1.fc10.3 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00232.html * mozvoikko-0.9.5-6.fc10 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00233.html * Miro-1.2.8-2.fc10 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00234.html * pcmanx-gtk2-0.3.8-5.fc10 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00235.html * mugshot-1.2.2-5.fc10 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00236.html * ruby-gnome2-0.18.1-3.fc10 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00237.html * yelp-2.24.0-5.fc10 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00238.html === Fedora 9 Security Advisories === * boinc-client-6.4.5-2.20081217svn.fc9 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00034.html * roundcubemail-0.2-7.stable.fc9 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00082.html * nss-3.12.2.0-2.fc9 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00096.html * gpsdrive-2.09-7.fc9 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00187.html * libcdaudio-0.99.12p2-11.fc9 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00188.html * gnumeric-1.8.2-4.fc9 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00211.html * xulrunner-1.9.0.6-1.fc9 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00240.html * firefox-3.0.6-1.fc9 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00241.html * chmsee-1.0.1-8.fc9 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00242.html * epiphany-extensions-2.22.1-7.fc9 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00243.html * epiphany-2.22.2-7.fc9 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00244.html * cairo-dock-1.6.3.1-1.fc9.3 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00245.html * blam-1.8.5-5.fc9.1 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00246.html * gnome-python2-extras-2.19.1-23.fc9 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00247.html * galeon-2.0.7-5.fc9 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00248.html * gnome-web-photo-0.3-17.fc9 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00249.html * devhelp-0.19.1-8.fc9 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00250.html * evolution-rss-0.1.0-6.fc9 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00251.html * google-gadgets-0.10.5-2.fc9 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00252.html * kazehakase-0.5.6-1.fc9.3 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00253.html * Miro-1.2.7-4.fc9 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00254.html * mozvoikko-0.9.5-6.fc9 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00255.html * gtkmozembedmm-1.4.2.cvs20060817-25.fc9 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00256.html * ruby-gnome2-0.17.0-5.fc9 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00257.html * mugshot-1.2.2-5.fc9 -https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00258.html * totem-2.23.2-10.fc9 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00259.html * yelp-2.22.1-8.fc9 - https://www.redhat.com/archives/fedora-package-announce/2009-February/msg00260.html == Virtualization == In this section, we cover discussion on the @et-mgmnt-tools-list, @fedora-xen-list, and @libvirt-list of Fedora virtualization technologies. Contributing Writer: Dale Bewley === Enterprise Management Tools List === This section contains the discussion happening on the et-mgmt-tools list ==== virt-manager and QEMU Disk Polling Logs ==== Radek Hladik noticed[1] "when image:Echo-package-16px.pngvirt-manager is running and polling VMs stats image:Echo-package-16px.pnglibvirt log in /var/log/libivrt/qemu/vmname is filling with messages" on the number of disk operations. After a day the log had grown to 100MB. Daniel P. Berrange accepted[2] on behalf of libvirt and Cole Robinson described[3] how to turn of disk polling in virt-manager. 1. ↑ http://www.redhat.com/archives/et-mgmt-tools/2009-February/msg00019.html 2. ↑ http://www.redhat.com/archives/et-mgmt-tools/2009-February/msg00021.html 3. ↑ http://www.redhat.com/archives/et-mgmt-tools/2009-February/msg00020.html ==== virt-viewer Persistance Through Guest Reboots ==== Daniel P. Berrange said[1] that by Fedora 11 image:Echo-package-16px.pngvirt-viewer will persist and wait for a guest to resume rather than exit when a guest reboots. 1. ↑ http://www.redhat.com/archives/et-mgmt-tools/2009-February/msg00004.html ==== virt-install Wait Indefinitely for Windows Guests ==== Since Windows reboots during installation, John Levon patched[1] virt-install to wait 120 minutes while installing a Windows guest. After some discussion it was decided it should wait indefinitely instead. 1. ↑ http://www.redhat.com/archives/et-mgmt-tools/2009-February/msg00005.html === Fedora Virtualization List === This section contains the discussion happening on the fedora-virt list. ==== Fedora Virt Status Update ==== Mark McLoughlin composed[1] another informative weekly update on the status of virtualization development in Fedora. Some highlights included: * A pvmmu problem casues some guest installs on an F11 Alpha host to oops during heavy network activity (RHBZ #480822) * Work has begun on Fedora 11 virtualization release notes. * The 0.6.0 release of image:Echo-package-16px.pnglibvirt was not completely without problems. * All Fedora 11 virtualization features can be found all together. * The KVM/QEMU merge project has settled on a naming scheme. * KVM PCI device assignment continues to have issues. The "core of the problem is that devices must be reset before being assigned if they have been previously used in the host." * The addition of bzImage loading support to the Xen hypervisor is enabling users to build test Dom0 kernels. * A detailed of accounting reveals the bug count going from 191 to 192. 1. ↑ http://www.redhat.com/archives/fedora-virt/2009-February/msg00061.html ==== Merging KVM and QEMU Packages ==== A feature[1] in the works for Fedora 11 is a merge of the image:Echo-package-16px.pngkvm package with the image:Echo-package-16px.pngqemu package. Glauber Costa recently took the first step in this process by creating a test build[2] and starting a very long thread[3] on naming of all the subpackages which will soon make up QEMU. 1. ↑ Features/KVM_and_QEMU_merge 2. ↑ http://koji.fedoraproject.org/koji/taskinfo?taskID=1105051 3. ↑ http://www.redhat.com/archives/fedora-virt/2009-February/msg00000.html === Fedora Xen List === This section contains the discussion happening on the fedora-xen list. ==== bzImage Dom0 Support in Rawhide Xen ==== Pasi Kärkkäinen announced[1] the latest image:Echo-package-16px.pngxen builds in Rawhide support bzImage compressed dom0 kernels. Xen previously only supported zImage compressed kernels. This development was one of the pre-requisite work items for the Xen pvops Dom0 feature. This good news was tempered by the fact that there is still no dom0 capable image:Echo-package-16px.pngkernel in Rawhide. However, such a kernel can be built[2] for testing. Gerd Hoffmann reports[3] success doing just that. Such kernels are not yet stable enough for use[4]. 1. ↑ http://www.redhat.com/archives/fedora-xen/2009-February/msg00001.html 2. ↑ http://wiki.xensource.com/xenwiki/XenParavirtOps 3. ↑ http://www.redhat.com/archives/fedora-virt/2009-February/msg00027.html 4. ↑ http://www.redhat.com/archives/fedora-virt/2009-February/msg00055.html ==== Test Dom0 Xen Kernel RPM Available ==== M A Young built[1] a dom0 capable kernel RPM. It's suitable only for testing; "use it very much at your own risk". 1. ↑ http://www.redhat.com/archives/fedora-xen/2009-February/msg00014.html === Libvirt List === This section contains the discussion happening on the libvir-list. ==== Fix for Fallout From Failed QEMU Guest Starts ==== Daniel P. Berrange fixed[1] a series of events which manifested when a QEMU guest failed to start. Subsequent client connections would fail, CPU would rise to 100%, and virsh would hang. (RHBZ #484414) 1. ↑ http://www.redhat.com/archives/libvir-list/2009-February/msg00104.html ==== sVirt Patches to Merge in libvirt ==== Daniel J Walsh looked[1] at James Morris sVirt[2] patches for image:Echo-package-16px.pnglibvirt. "James patch, allows libvirt to read the SELinux context out of the xml database and execute image:Echo-package-16px.pngqemu with the context. The second componant [sic] is to pass the context of the image(s) and allow libvirt to not only set the image, but also update the default labels on disk, so a relabel will not change the context." Daniel J Walsh started working on this second component and wondered if they were acceptable for committing to libvirt yet. Daniel P. Berrange expressed[3] satisfaction with how the patches integrate with libvirt adding "If yourself & James are happy with what they're doing from a SELinux / security model point of view, then there's no reason they shouldn't be posted for final merge now." 1. ↑ http://www.redhat.com/archives/libvir-list/2009-February/msg00144.html 2. ↑ http://fedoraproject.org/wiki/Features/SVirt_Mandatory_Access_Control 3. ↑ http://www.redhat.com/archives/libvir-list/2009-February/msg00145.html ==== Manage iptables with libvirt ==== Karl Wirth asked[1] "What if we could flexibly change the iptables rules for the different guests as they are deployed onto the node/host". This thought was not new.[2] David Lutterkort pointed[3] out some of the thorny problems with this proposal including the fact that "network devices may be directly assigned to guests - in that case, we won't even see any of the packets the guest sends or receives". Summarizing that "iptables management belongs into a higher-level management app, like ovirt[4], not libvirt." 1. ↑ http://www.redhat.com/archives/libvir-list/2009-February/msg00147.html 2. ↑ http://fedoraproject.org/wiki/FWN/Issue138#Libvirt_and_Persistent_Iptables_Rules 3. ↑ http://www.redhat.com/archives/libvir-list/2009-February/msg00152.html 4. ↑ http://ovirt.org/ == Ask Fedora == In this section, we answer general questions from Fedora community. Send your questions to askfedora AT fedoraproject.org and Fedora News Team will bring you answers from the Fedora Developers and Contributors to selected number of questions every week as part of our weekly news report. Please indicate if you do not wish your name and/or email address to be published. http://fedoraproject.org/wiki/AskFedora Writers: Chris Tyler, Rahul Sundaram === Standardized Package Format === Arthur Pemberton asked: "When are the big players in the Linux ecosystem going to converge on a single package system which is a superset of .deb and .rpm? This seems like something that needs to be done before this mostly unnecessary difference gets too ingrained to be changed." Two reasons are usually given for converging on a single packaging standard. The first is to create packages that can be installed on many distributions without change; this is particularly attractive to third-party software vendors who wish to create a single repository of their software for use with a range of distributions rather than package and distribute their software within those distributions. In order to support truly portable packages, it is necessary to standardize not only the package format, but the available libraries, library versions, file locations, utility commands, and system services. This is proved by the fact that, for example, Fedora and SUSE RPMs may not usually cleanly install on the the other distribution, despite using a common package format. It is similar for Debian and Ubuntu. The Linux Standard Base (LSB)[1] project of The Linux Foundation[2] has been working on such a system-wide standard for many years, walking the fine line between standardizing too little (yielding an ineffective standard) and standardizing too much (leaving little room for differentiation between distributions). The work of LSB has been internationally recognized as ISO/IEC 23360. However LSB is a trailing edge standard and Fedora usually is much ahead. In terms of packaging, LSB mandates support for a restricted version of RPM[3], without triggers and with restrictions on the content and execution-order requirements of scriptlets[4]. These restrictions ensure that LSB-compliant RPMs can be successfully processed by conversion tools such as Debian's "alien" command. However, as its name implies, the LSB defines only a base for a distribution, and many of a distribution's packages need to take advantage of a broader feature set than provided for by the LSB. This need is expressed in the more advanced features provided by the full RPM and DEB package specifications. It should be noted that a number of package systems have been developed which attempt to address cross-distribution packaging issues, including Autopackage[5], ZeroInstall[6], and Klik[7] (ZeroInstall and Klik also enabling user-level package installation) -- but these have not gain widespread support. The second advantage to a standard package format is a reduction in the duplication of labour by each distribution, especially if packaging information (such as a basic RPM .spec file) is provided by the upstream software source. However, packaging standards, security configuration (such as SELinux policy), and naming conventions vary so significantly between distributions that extensive customization of the package is usually required, greatly reducing the value of distributing standard package information. The existence of multiple GNU/Linux distributions fuels a productive competitiveness which spurs innovation[8]. As long as multiple distributions thrive, multiple package formats are likely to remain in use. Freedesktop.org provides a cross distribution forum[9] which many distributions have been using to discuss and collaborate on common issues. The Fedora Project also prefers to work closely with upstream software[10] as a matter of principle to minimize differences. 1. ↑ http://www.linuxfoundation.org/en/LSB 2. ↑ http://www.linuxfoundation.org/ 3. ↑ http://refspecs.freestandards.org/LSB_3.1.0/LSB-Core-generic/LSB-Core-generic/packagefmt.html 4. ↑ http://refspecs.freestandards.org/LSB_3.1.0/LSB-Core-generic/LSB-Core-generic/pkgscripts.html 5. ↑ http://autopackage.org/ 6. ↑ http://zero-install.sourceforge.net/ 7. ↑ http://klik.atekon.de/ 8. ↑ http://distrowatch.com/weekly.php?issue=20090202#feature 9. ↑ http://lists.freedesktop.org/mailman/listinfo/distributions 10. ↑ http://fedoraproject.org/wiki/PackageMaintainers/WhyUpstream -- Oisin Feeley http://fedoraproject.org/wiki/OisinFeeley -- fedora-announce-list mailing list fedora-announce-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-announce-list