[Date Prev][Date Next] [Thread Prev][Thread Next]
Fedora Weekly News 152
- From: Pascal Calarco <pcalarco nd edu>
- To: fedora-announce-list redhat com, fedora-news-list <fedora-news-list redhat com>
- Subject: Fedora Weekly News 152
- Date: Mon, 17 Nov 2008 16:27:20 -0500
-Fedora Weekly News Issue 152-
Welcome to Fedora Weekly News Issue 152 for the week ending November
This week's exciting issue features extensive coverage of a Server SIG
formation in the Developments beat, along with clarifications from the
Fedora Engineering leadership on feature freeze policies. In
announcements, reminders of this Tuesday's public Fedora Board meeting
on #fedora-board-meeting at irc.freenode.net. The Translation beat
features various Fedora 10 milestones and an introduction of three new
members to the translation team. In Artwork, some history on the genesis
of the Fedora infinity bubble is saved, and more feedback on Fedora 10
themes. Virtualization includes updates of dom0 support in the upstream
kernel, and a RFC on including greater detail in domain events. Finally,
Fedora 9 and 8 updates for the week in Security Advisories. These are
but a few highlights in this week's Fedora Weekly News!
If you are interested in contributing to Fedora Weekly News, please see
our 'join' page.
FWN Editorial Team: Pascal Calarco, Oisin Feeley, Huzaifa Sidhpurwala
-- Announcements --
In this section, we cover announcements from the Fedora Project.
Contributing Writer: Max Spevack
--- Public Fedora Board Meeting on IRC ---
Paul Frields reminded the community about the upcoming Fedora Board
meeting on IRC. The meeting will be on 2008-11-19 (Tuesday) at 19:00 UTC.
"Join #fedora-board-meeting to see the Board's conversation. This
channel is read-only for non-Board members. Join #fedora-board-public to
discuss topics and post questions. This channel is read/write for everyone.
The moderator will direct questions from the #fedora-board-public
channel to the Board members at #fedora-board-meeting. This should limit
confusion and ensure our logs are useful to everyone."
--- Upcoming Bugzilla Activities ---
Jon Stanley wrote about some upcoming Bugzilla changes, that will
coincide with Fedora 10's release. There are two things of which people
should be aware: First, "we will be rebasing all rawhide bugs to F10.
This will result in regular bugs reported against rawhide during the
Fedora 10 development cycle being changed to version '10' instead of
their current assignment, 'rawhide'."; Second, "all bugs for EOL
releases (at this point, Fedora 8) will get a comment on or about GA of
Fedora 10, explaining that one month of maintenance remains, and to
either move the bug to a later version if still applicable, or they will
be automatically closed in one month with a resolution of WONTFIX."
See the link below for the complete announcement.
-- Developments --
In this section the people, personalities and debates on the
@fedora-devel mailing list are summarized.
Contributing Writer: Oisin Feeley
--- Features Policy Modified ---
The latest FESCo discussions (2008-11-12) clarified the Features
process. The changes make explicit the need for testing to be complete
one week prior to the final freeze. Failure to meet that condition can
result in FESCo deciding to drop the feature or implement a contingency
plan or other suitable action.
 Features are "a significant change or enhancement to the version of
Fedora currently under development":
The spur to these discussions was several last-minute changes for Fedora
10 which included dropping the instant-messaging client Empathy as the
default, and the late addition of LiveConnect (see FWN#151) and
AMQP. Earlier confusion about the Feature process and difficulties
with communication had also been expressed (see FWN#147) after the
decision to drop the Lightweight X11 Desktop Environment as a feature.
 The Advanced Messaging Queue Protocol is a vendor-neutral middleware
transport for business processes:
The other major changes to the process include the emailing of the
Feature owner to inform them when their feature is being discussed by
FESCo and any decisions made concerning said feature. The extra work
involved in tracking down email addresses was anticipated to be an
over-burdening of the committee chair, Brian Pepple. To ease this
problem it was decided that Feature owners must include current email
addresses on their Feature pages.
--- Server SIG ---
DanHorák announced that a "[...] formal entity to coordinate [...]
the server fundamentals that later create a successful enterprise
product [...]" had been launched as a SIG. He invited constructive ideas
and the wiki page suggests that the SIG has many important initial
goals including: a spin for headless servers, CLI equivalents of GUI
tools, a lightweight installer and maintenance of the
The extensive discussion which followed mostly consisted of approval for
the idea. Dennis Gilmore expressed enthusiasm for the general idea
and specifically requested kickstart files for different types of
servers and "best practice" whitepapers. An example of one of the issues
the SIG might deal with was the observation by Chris Adams that an
installation of ntop had resulted in seventy dependencies, including
metacity, being pulled down. Peter Robinson attributed this to
graphviz and suggested that while such problems were declining in number
it would be useful for the ServerSIG to co-ordinate bug filing for these
issues. Chris provided a script which allowed test installs into a
subdirectory to determine "what gets pulled in." Later James Antill
mentioned two useful scripts written by himself and Seth Vidal which
show package dependencies and provides as a tree structure. Dominik
"rathan" Mierzejewski added a mention of rpmreaper, a utility which
eases the removal of unnecessary dependencies.
After Chris observed that "[w]ith rawhide, it appears impossible to
install a kernel without pulling in X libraries (because of plymouth),
so I guess the base X libraries can be considered "core" now" the
conversation took a more adversarial turn. The accuracy of this
statement turned out to depend on whether libpng and pango were
considered to be "X libraries" and Chris demonstrated the dependency
chain as originating with the plymouth-plugin-solar. Les Mikesell
commented: "This is all pretty strange from a server perspective. And
plymouth is there to keep the screen from blinking while you boot?" When
Jesse Keating replied that Plymouth "handl[ed] the passphrase prompting
for encrypted volumes" Les argued that it should be optional for
remote, headless boxes. Dominik "rathann" Mierzejewski was shocked
when Jesse Keating pointed out that plymouth also provided working
/var/log/boot.logs: " Hm, you're right, all my boot.log files are 0
bytes (F-9). So instead of fixing the bug, a new package was introduced?
Amazing." Dominik's dissatisfaction continued to be unabated when he
was informed that the absence of the kernel commandline parameter "rhgb"
would result in plymouthd running but without any graphical plugins.
The automatic selection of plymouth-plugin-solar as opposed to the
alternate "plymouth-text-and-details-only" resulted in a discussion
around whether it was possible to make yum behave differently in such
ambiguous situations. Enrico Scholz wished to add a "fail, warn and/or
prompt when multiple packages satisfy a (virtual) dependency[.]" Seth
Vidal reminded him that the constraint of non-interactive defaults
meant that this might not work. James Antill posted that he had a
patch to yum which "[...] would allow Fedora (or any active repo.) to
configure these choices manually. We could then also easily have
different defaults for the desktop vs. the server spins." James received
some questions from Jesse Keating and Bill Nottingham who asked how
per-spin defaults would be stored and how to deal with conflicting
information from multiple repositories. His answer suggested that
introducing new repositories for the metadata or changing its syntax
would be necessary.
Dan Horák's desire to remove plymouth entirely was dismissed as
non-optional by Bill Nottingham as it will take on an even more
important role in storage handling in the future. Bill suggested that
the default plugin was optional however. He reassured Dan that as
regards headless machines there had been "[...] some testing on PPC
boxes via serial/hvc consoles. Please test that it works in your
scenarios as well, of course." When Enrico Scholz rejected disk
encryption as important for servers Jesse Keating made the case that
"In a colo environment I /would/ want some encryption on the disk, and
if I have to use a remote kvm to input the passphrase at reboot time,
that's OK. Reboots are either planned events, or emergencies, both of
which are going to require the attention of the people who have the
passphrase." Alan Cox backed this up: "If you are storing personal
data on a system in a colo its practically mandatory to have encryption,
and if you are storing anything sensitive its a big deal indeed - at
least in those parts of the world with real data and privacy law ;)"
The thread continued in fits and starts. Adam Tkac raised the
problem of handling static IPs with NetworkManager (see this same
FWN#152 "NetworkManager keyfiles for Pre-login Static Routes" for a
discussion of as yet undocumented features). Chuck Anderson disputed
that the problem existed and provided commandline and GUI solutions:
"[...] for system-wide connections which you would presumably want for a
server, you edit /etc/sysconfig/networkscripts/ifcfg-* as usual and NM
will bring the interface up at boot. From the desktop, you can Edit
Connections and create a new static connection and select it instead of
the System or Auto connection which is very handy when moving between
networks that don't support DHCP."
An important addendum was provided by Olivier Galibert "Try a
"chkconfig -list network". It should be on for levels 2-5. If it isn't,
you haven't enabled the old-style networking [.]" The same point was
made by Chuck "Are you using NetworkManager or network service?
chkconfig -list NetworkManager; chkconfig -list network If
NetworkManager is enabled and network is not, then you need to change
ifcfg-eth0: NM_CONTROLLED=yes" and by Bill Nottingham "You need to
either set NM_CONTROLLED to something other than 'no', or enable the
'network' service. In either case, NM's static network support is not
The LSB also came in for a bashing due to infrequently used, old
tools (such as ypbind and the insecure r-commands) being installed to
achieve compliance. Patrice Dumas clarified that ypbind was
necessary in @base to provide NIS functionality. Later discussion
separated out LSB-Core and LSB-Desktop which should simplify making
a minimal install LSB compliant. Bill Nottingham and Chris Adams
performed a dissection of @core with the intent of separating out
items such as hdparm , prelink , dhclient , ed and others into @base.
Jeremy Katz outlined a perspective from the Quality Assurance
point of view. The burden imposed by preserving the modularity that many
of the participants advocated sounds quite high: "[...] trying to
preserve that modularity combinatorially adds to the testing matrix and
also makes it significantly more difficult to write code since you can
no longer depend on functionality. It also makes things slower as you
have to conditionally check for things constantly [...] It's more than
just /etc/init.d/network that has to be maintained. There's oodles of
stuff in install-time configuration that will have to be maintained,
tested, and have things fixed when people report them." Seth Vidal
acknowledged this but cautioned against dismissing the objections to
particular changes as merely "neoluddite".
The massive thread included much more discussion and resists easy
summary. Those interested should probably plow through the messages.
Among the issues raised were finding DBus documentation and
contention between class devices to set default routes.
A quote from DanHorak which seems to offer the perspective of the
ServerSIG concisely is appropriate in closing: "It is really time to
look back at the roots of Unix systems. It should be a combination of
small pieces with well defined interfaces doing well their tasks. Only
the time had changed those pieces from simple command line utilities to
more complex ones."
--- NetworkManager keyfiles for Pre-login Static Routes ---
In the course of the ServerSIG discussions (see this same FWN#152
"Server SIG") an interesting question about NetworkManager was asked
by Les Mikesell: "If you bring up a mix of static and dynamically
assigned interfaces, can you control which gets to assign the default
route and DNS servers?"
Dan Williams provided a useful description of how NetworkManager
currently decides the default route. In response to Olivier Galibert he
added that static routes could be set up using the "[...] connection
editor see the "Routes..." button in the IPv4 tab. Routes from ifcfg
files aren't yet supported, but could be. Routes from keyfile-based
system connections (ie, prelogin) are supported." After this tidbit
Chuck Anderson prodded Dan into explaining that keyfiles were a way
to support things like "VPN, 3G, WPA" which were difficult or impossible
to support with the ifcfg files in /etc/sysconfig/network-scripts. "NM
has a system settings 'keyfile' plugin that allows editing system
connections from the connection editor, or your favorite text editor if
you don't use a GUI at all. Add `,keyfile' to the --plugins argument in
file, and then 'killall -TERM nm-system-settings'."
Jesse Keating wondered when and where the documentation for this was
placed and Dan replied "[w]hen I struggle up for air from the tarpit
that is the concurrent release of NM 0.7 + F10 + RHEL 5.3? :) "
--- Flash 10 in 64-bit Fedora 9 ---
Jos Vos asked for comparative data on using nspluginwrapper with
Firefox to access Flash content in 64-bit Fedora 9. He was experiencing
"[...] error messages about not finding 'soundwrapper' in my $PATH [.]"
Although Chris Adams reported success Orcan Ogetbil described a "gray
rectangle bug" which seemed to be manifested mostly when multiple tabs
were open. Brennan Ashton claimed that it was due to a PulseAudio "bug".
Ignacio Vazquez-Abrams and others reported no problems and Jos
posted that there appeared to be a dependency on libcurl.i386 in the
Adobe supplied rpm. This was later stated by Paul Howarth to be
changed so that either libcurl.so.3 or libcurl.so.4 will be used via a
dlopen() and there is no explicit requires:libcurl in the rpm. Gianluca
Szforna supplied a link which suggests that libflashsupport should
be completely removed as it may cause crashes.
-- Translation --
This section covers the news surrounding the Fedora Translation (L10n)
Contributing Writer: Runa Bhattacharjee
--- Fedora 10 Release Notes Translation Over ---
The translation task for the Release Notes to be packaged with Fedora 10
came to an end on 13th November 2008. However, translations for the web
version can continue until 21st November 2008.
Additionally, the Colophon section has been updated to include the names
of the new translators and other contributors.
--- Fedora Website Translations for F10 ---
Ricky Zhou announced the start of the translations for the Fedora
website, for Fedora 10. The counter is also available for translation.
The due date for the Fedora Web translations is November 24th 2008
and can be submitted via translate.fedoraproject.org.
--- Few System-config tools to be migrated ---
Nils Philippsen announced the plans for the migration of a few
system-config tools (date, nfs, samba, services, users) from the
mercurial to the git repository. Additionally, the documentation and the
software would be segregated. During the migration, these modules
will not be available for updation in translate.fedoraproject.org.
--- New members in FLP ---
Three new members joined the Fedora Translation Project last week.
Christopher Grebs (German), Muhammad Panji (Indonesian), Rui
--- Confusion over Hindi Release Notes ---
There was a confusion while building the hindi release notes for Fedora
10, due to the presence of an obsolete file for the same locale. A
bug has been filed for this matter by Rejesh Ranjan.
--- Docs-Homepage module is now obsolete ---
The module docs-homepage is now obsolete and does not require further
translation. This query was raised by Xavier Conde Rueda and
clarified by Paul Frields. A bug has been filed by Noriko Mizumoto for
the removal of this module from translate.fedoraproject.org.
--- FLSco review ---
Dimitris Glezos, the current chair of the Fedora Localization Steering
Committee (FLSCo) has initiated a discussion to evaluate the Committee's
present method of functioning and any changes that can be made to
improve it . It is to be noted that the next elections for the
Steering Committee would be held in December 2009.
-- Artwork --
In this section, we cover the Fedora Artwork Project.
Contributing Writer: Nicu Buculei
--- Keeping the History Alive ---
A few years ago, when the Fedora "Infinity Bubble" logo was created, it
was accompanied by an insightful set of slides, describing the process
which led to its creation. As the original page hosting the slides
closed some months ago this particular piece of history was lost. Lost,
that is, until now when Máirín Duffy posted on @fedora-art the
results of her recovery work "I took some time to grab what I could from
archive.org and reconstruct it here: "
--- Feedback on the Fedora 10 themes ---
With the final release for Fedora 10 closing, more and more previews are
published on the web and in most of them the artwork is praised. This
week Jayme Ayres linked to yet another such praising review "I was
giving a look at the blog Rodrigo Menezes  and saw on the analysis
done by 10 Fedora dual blog JupiterBroadcasting  (who particularly
did not know), said some puerility on Fedora, but praised highly the
work of Artwork and then I'd like to share with you. Congratulations to
-- Virtualization --
In this section, we cover discussion on the @et-mgmnt-tools-list,
@fedora-xen-list, @libvirt-list and @ovirt-devel-list of Fedora
Contributing Writer: Dale Bewley
--- Enterprise Management Tools List ---
This section contains the discussion happening on the et-mgmt-tools list
---- Using VirtIO Network Driver for Windows KVM Guest ----
Working on Ubuntu, Arutyunyan Ruben provisioned Windows KVM guests using
virt-manger, and wanted to use virtio drivers to speed up network
access. After successfully using a howto to install this support, it
was found to be missing after restarting the guest.
Cole Robinson answered that virt-manager does not support setting
this option, but it can be accomplished manually by using virsh dumpxml
and virsh define.
---- Mounting virt-p2v Disk Images ----
Paras Pradhan asked how to mount images created by virt-p2v. Joey
Boggs described the process.
* Setup a loop device to the imagefile
losetup /dev/loopX domain.img
* Read the partitions
kpartx -av /dev/loopX
* Mount each partition as required
mount /dev/mapper/loopXpX /MOUNTPOINT
After unmounting the partitions, the loopback devices should be removed
with kpartx -d and losetup -d.
--- Fedora Xen List ---
This section contains the discussion happening on the fedora-xen list.
---- Status of dom0 Support in Upstream Kernel ----
Pasi Kärkkäinen forwarded a message from Jeremy Fitzhardinge,
originally to the @xen-devel list, describing the state of dom0 support
in the upstream kernel.
".28 was a bit optimistic; (FWN#137) .29 seems reasonable. The
current dom0 kernel patches can boot up to a fully functional dom0
usersmode, and you can start xend to see that domain 0 is running. I
*think* in theory you can create a deviceless domain, but I haven't
tried it. I'm currently working on blktap support.
I really need to put together a proper status update. Now that dom0
usermode is working, its a much better base for other people start
Just two days later Jeremy posted a large set of patches to
@xen-devel with the following explaination.
"A dom0 Xen domain is basically the same as a normal domU domain, but it
has extra privileges to directly access hardware. There are two issues
to deal with:
* translating to and from the domain's pseudo-physical addresses
and real machine addresses (for ioremap and setting up DMA)
* routing hardware interrupts into the domain
ioremap is relatively easy to deal with. ..."
"... Interrupts are a very different affair. The descriptions in each
patch describe how it all fits together in detail, but the overview is:
1. Xen owns the local APICs; the dom0 kernel controls the IO APICs
2. Hardware interrupts are delivered on event channels like
3. To set this up, we intercept at pcibios_enable_irq:
* given a dev+pin, we use ACPI to get a gsi
* hook acpi_register_gsi to call xen_register_gsi, which
* allocates an irq (generally not 1:1 with the gsi)
* asks Xen for a vector and event channel for the irq
* program the IO APIC to deliver the hardware interrupt to the
The upshot is that the device driver gets an irq, and when the hardware
raises an interrupt, it gets delivered on that irq.
We maintain our own irq allocation space, since the hardware-bound event
channel irqs are intermixed with all the other normal Xen event channel
irqs (inter-domain, timers, IPIs, etc). For compatibility the irqs 0-15
are reserved for legacy device interrupts, but the rest of the range is
Initialization also requires care. The dom0 kernel parses the ACPI
tables as usual, in order to discover the local and IO APICs, and all
the rest of the ACPI-provided data the kernel requires. However, because
the kernel doesn't own the local APICs and can't directly map the IO
APICs, we must be sure to avoid actually touching the hardware when
running under Xen.
TODO: work out how to fit MSI into all this.
So, in summary, this series contains:
* dom0 console support
* dom0 xenbus support
* CPU features and IO access for a privleged domain
* making ioremap work on machine addresses
* swiotlb allocation hooks
o introduce PV io_apic operations
o add Xen-specific IRQ allocator
o switch to using all-Xen event delivery
o add pirq Xen interrupt type
o table parsing and setup
o intercept driver interrupt registration
All this code will compile away to nothing when CONFIG_XEN_DOM0 is not
enabled. If it is enabled, it will only have an effect if booted as a
dom0 kernel; normal native execution and domU execution should be
--- Libvirt List ---
This section contains the discussion happening on the libvir-list.
---- OpenVZ Bridge Support Committed ----
Daniel P. Berrange updated a previous patch designed to "enable
bridge support in the OpenVZ driver. As well as the fixes suggested last
time, it includes an initial bit of HTML doc for the OpenVZ driver,
covering example XML, and the bridge configuration requirements."
---- Qemu/KVM Live Migration Implemented ----
Chris Lalancette posted the patch to implement Qemu/KVM live
migration. After a little upstream cleanup, the patch was committed.
"Now that upstream Qemu has settled on an interface that is friendly to
libvirt (i.e. one that doesn't block the monitor on -incoming), we can
implement it here. Note that the bulk of this patch was written by Rich
Jones quite a while ago. My hand in it has mostly been to forward port
it to current libvirt CVS, tweak it for the new Qemu style, and test it
out with a recent KVM (kvm-78, in particular)."
---- Fix Logical Volume Scanning of Encrypted Volumes ----
Cole Robinson fixed a bug that prevented logical volume scanning
of an encrypted volume in a storage pool.
---- Greater Details from Domain Events ----
Daniel P. Berrange posted an RFC on adding greater detail to domain
events. "...I'd like to have more information about STOPPED & STARTED
events in general.
eg, there are a number of reasons why an domain may have started:
* explicitly booted on the host
* restored from a saved image
* incoming migration operation
and there are a number of reasons why a domain might have stopped:
* forcably destroyed by host admin
* shutdown by host admin
* shutdown by guest admin
* host emulator process crashed
* killed by mgmt after host emulation hung
* migrated to another host
* saved to a memory image
We have explicit events for the SAVED/RESTORED reasons, but what should
we do about the other reasons ?"
One option "is to provide a generic 'char * reason' with each event with
provides scope on the cause of the lifecycle operation. So you'd get"
VIR_DOMAIN_STOPPED ("crashed", "shutdown", "destroyed",
"quit", "hung", "migrated", "saved")
VIR_DOMAIN_STARTED ("booted", "migrated", "restored")
Ben Guthro suggested an alternative option of introducing "an event
'sub-type' enum to be passed alongside of the event-type, passed as a
second integer", arguing this would be more consistent with the API and
would reduce the size of the wire protocol.
Daniel agreed, and supplied a patch which "expands the callback for
domain events so that it also gets a event type specific 'detail' field.
This is also kept as an int, and we define enumerations for the possible
values associated with each type. If a event type has no detail, 0 is
The RESTORED and SAVED event types disappear in this patch and just
become another piece of 'detail' to the STOPPED and STARTED events. I
have also renamed ADDED & REMOVED to DEFINED and UNDEFINED to match
terminology we have elsewhere & because the names were confusing me."
-- Security Advisories --
In this section, we cover Security Advisories from fedora-package-announce.
Contributing Writer: David Nalley
--- Fedora 9 Security Advisories ---
* gnutls-2.0.4-4.fc9 -
* blender-2.48a-4.fc9 -
* libpng10-1.0.41-1.fc9 -
* optipng-0.6.2-1.fc9 -
* clamav-0.93.3-2.fc9 -
* quassel-0.3.0.3-1.fc9 -
* xulrunner-184.108.40.206-1.fc9 -
* firefox-3.0.4-1.fc9 -
* epiphany-2.22.2-5.fc9 -
* chmsee-1.0.1-6.fc9 -
* devhelp-0.19.1-6.fc9 -
* cairo-dock-220.127.116.11-1.fc9.1 -
* epiphany-extensions-2.22.1-5.fc9 -
* galeon-2.0.7-3.fc9 -
* gnome-python2-extras-2.19.1-21.fc9 -
* gtkmozembedmm-1.4.2.cvs20060817-22.fc9 -
* gnome-web-photo-0.3-15.fc9 -
* evolution-rss-0.1.0-4.fc9 -
* google-gadgets-0.10.1-5.fc9.1 -
* Miro-1.2.7-2.fc9 -
* kazehakase-0.5.6-1.fc9.1 -
* mugshot-1.2.2-3.fc9 -
* mozvoikko-0.9.5-4.fc9 -
* ruby-gnome2-0.17.0-3.fc9 -
* totem-2.23.2-8.fc9 -
* seamonkey-1.1.13-1.fc9 -
* yelp-2.22.1-6.fc9 -
--- Fedora 8 Security Advisories ---
* kvm-60-7.fc8 -
* gnutls-1.6.3-5.fc8 -
* blender-2.48a-4.fc8 -
* optipng-0.6.2-1.fc8 -
* libpng10-1.0.41-1.fc8 -
* clamav-0.92.1-4.fc8 -
* firefox-18.104.22.168-1.fc8 -
* epiphany-2.20.3-8.fc8 -
* cairo-dock-22.214.171.124-1.fc8.1 -
* epiphany-extensions-2.20.1-11.fc8 -
* blam-1.8.3-19.fc8 -
* chmsee-1.0.0-5.31.fc8 -
* devhelp-0.16.1-11.fc8 -
* evolution-rss-0.0.8-13.fc8 -
* galeon-2.0.4-6.fc8.3 -
* gnome-web-photo-0.3-14.fc8 -
* liferea-1.4.15-5.fc8 -
* gnome-python2-extras-2.19.1-19.fc8 -
* kazehakase-0.5.6-1.fc8.1 -
- End FWN 152 -
[Date Prev][Date Next] [Thread Prev][Thread Next]