From FedoraProject


Revision as of 06:30, 10 February 2009 by Dale (talk | contribs) (Fedora 9 Security Advisories: remove virtualization category which was copied from beat page)


Fedora Weekly News Issue 162

Welcome to Fedora Weekly News Issue 162 for the week ending February 8th, 2009.

This week we're happy to announce the return of several beats: Marketing reports on following Fedora activity via Twitter; Ambassadors tantalizes with some Fedora polo shirts and the news that "North American Ambassadors Take Reins of XO Program"; Infrastructure notes a possible "Public Calendaring System" for the community; SecurityWeek shares an xkcd comic in "Encryption Security". Announcements highlights the K12Linux Fedora 10 Live Server in "Technical Announcements", PlanetFedora rounds up a lot of must-read blogs, Developments clarifies that "Fedora 11 Will Support i586 Instruction Set", Translation links to the "L10n Infrastructure Roadmap Proposal", Artwork suggests some "Context Free Art", SecurityAdvisories lists packages you really, really want, Virtualization defies summary and should be read, and finally we have another AskFedora concerning the possibility of a "Standardized Package Format".

If you are interested in contributing to Fedora Weekly News, please see our 'join' page[1]. We welcome reader feedback:

FWN Editorial Team: Pascal Calarco, Oisin Feeley, Huzaifa Sidhpurwala



In this section, we cover announcements from the Fedora Project.

Contributing Writer: Max Spevack

Fedora 11 Alpha

JesseKeating announced[1] the release of Fedora 11 Alpha. The release is available at and includes MinGW (for Windows cross-compiling), the ext4 filesystem, GNOME 2.26, KDE 4.2.0, and XFCE 4.6 Beta.

Furthermore, James Laska informed[2]the community about a Fedora Test Day focused on ext4.

Technical Announcements

Martin Sourada published[3] the latest issue of Echo Monthly News.

Warren Togami announced[4] "the release of K12Linux F10 Live Server. K12Linux is Linux Terminal Server Project ( integrated with Fedora 10, in a convenient LiveUSB or DVD media installer." The release inclues auto-configuration of diskless thin clients, sound forwarding over the network via PulseAudio, and more.

All package maintainers should read the updated[5] package update guidelines[6], as announced by Mark McLoughlin.

Upcoming Events

Fedora will have a presence at several events in the next few weeks. Feel free to join us,

February 20 - 22: Southern California Linux Expo (SCALE)[7][8]

Also, people are encouraged to register for Fedora or related speaking slots at LinuxTag 2009.[9]

Planet Fedora

In this section, we cover the highlights of Planet Fedora - an aggregation of blogs from Fedora contributors worldwide.

Contributing Writer: Adam Batkin


Paul W. Frields announced[1] the Fedora 11 Alpha, as well as an explanation of why Alpha releases exist and how you can get a sneak-peek at what will be in the next release while helping Fedora improve.

Chris Brown wrote[2] about some of the other features that may make an appearance in F11.

Dwayne Bailey developed[3] a system to manage the localization of software and integrated[4] it with some existing libraries to produce Virtaal[5].

Gary Benson continued[6] his excellent series "Inside Zero and Shark", a must-read for anyone interested in virtual machines or Java internals.

Dave Jones explained[7] the status of Dracut, "the shiny new initramfs creation tool."

Chris Tyler wrote[8],[9] [10] about getting a multiseat system set up using a single computer and dual ATI R710 video cards. In the latest installment the ATI setup was compared[11] to a similar configuration using Dual NVIDIA 9800GTX and various driver combinations.

Steven Moix benchmarked[12],[13] the performance of Solid State Disks using various I/O schedulers running on Fedora 10.

Tim Waugh showed off[14] the eye candy of system-config-printer that can be expected in Fedora 11.

Adrian Likins pondered[15] the availability of "a mailing list summary page. The page would scan the mailing lists, and post the content most likely to need attention." Fedora Weekly News?

Michael DeHaan shared[16] an essay, "Lessons Learned From OSS Software Development".

Tim Waugh described[17] "How I use git" which shows some useful tips and tricks.

Venkatesh Hariharan wrote[18] a draft FOSS manifesto for Indian political parties, which could actually be valuable for any country in the world.


So many people have written about attending FOSDEM that it would take an entire issue of FWN post all of the links. Instead an arbitrarily selection will be randomly chosen.

Pierros Papadeas took[1] a nice set of photos including some general shots of Brussels.

Joerg Simon got[2] some shots of the Fedora booth.


In this section, we cover the Fedora Marketing Project.

Contributing Writer: Kam Salisbury

Draft Fedora 11 Schedule

The draft Fedora 11 schedule was made[1] available on the wiki by Jonathon Roberts. Now is as good as a time as any to get involved with Fedora Marketing by reviewing the goals of Fedora Marketing[2] and then joining[3].

Fedora Twitters

You can now follow most major Fedora announcements via Twitter. Just choose to follow fedora_linux[1] from your Twitter account. Alternately, you can choose to follow Fedora Linux major news announcements via RSS[2]. Twitter[3] provides a social network tied together via 140 character status messages.

Fedora 11 Alpha Ships with Windows Cross Compiler

Fedora 11 now includes the Windows cross compiler MinGW[1], a development environment for Fedora users who want to save time and duplication of effort by cross-compiling their programs to run on Windows without actually having to use Windows during development.


In this section, we cover Fedora Ambassadors Project.

Contributing Writer: Larry Cafiero

North American Ambassadors Take Reins of XO Program

During the week following FUDcon, it was suggested that the Fedora Ambassadors in North America run the NA Developer XO program for an initial period of 6 months.

The reasons for Ambassadors taking the reins on this project are:

  • Ambassadors can help the NA Developer XO program by seeking help, freeing up developers already involved to concentrate on their work.
  • The Ambassadors are already in place, going to every major event and tons of minor events recruiting contributors to Fedora.
  • Ambassadors have had some moderate success getting people involved with both Fedora and OLPC/Sugar.

OLPC decided to take the Ambassadors up on the offer and shipped 100 XOs to the FAmNA.

Guidelines have been set - subject to the guidance of the OLPC SIG -- and the wiki, which has just been started and is in the process of refining, can be found here:

Essentially the bar that has been set is:

  • Maintain a sugar-* package in Fedora and agree to maintain it for two releases. Alternately maintain a package that was in OLPC4 and has been merged.
  • Develop a Sugar activity. To keep this in focus I have adopted Greg Dekoenigsberg's 'holy list of 4th grade math lessons' as acceptable activities:

  • QA (well not really): While FAmNA isn't actively looking for QA help, but if someone with extensive QA experience and lots of time presents itself we won't pass it up.

North America Polo Shirt Order

Pascal Calarco has initiated another round of ordering for Ambassador Polos for North American Ambassadors as announced on the Fedora Ambassador mailing list. There is also additional information here:

FAD SCaLE coming up 2009-02-20

The Fedora Activity Day[1] at the Southern California Linux Expo (SCaLE)[2] will be from 9am - 6pm on Friday, February 20th at the Westin Airport Los Angeles, in Los Angeles, California. There will be breaks and such, but the FAD will be treated much like a sprint. We're here to get something accomplished -- specifically font packaging and documentation -- so come on by and help us out for an hour or all day. We'd love to have you there!

Also, if you can make SCaLE from the Southern California area, stop by the Fedora booth.

Got Ambassador News?

Any Ambassador news tips from around the Fedora community can be submitted to me by e-mailing lcafiero-AT-fedoraproject-DOT-org and I'd be glad to put it in this weekly report.


In this section the people, personalities and debates on the @fedora-devel mailing list are summarized.

Contributing Writer: Oisin Feeley

Fedora 11 Alpha Released

Jesse Keating announced[1] the availability of Fedora 11 Alpha on 2009-02-05. His beautiful poetry was accompanied by a suggestion to read the Release Notes[2].

One change which drew[3] extensive commentary on @fedora-test was the default disabling of the Ctrl-Alt-Backspace key combination. This traditionally kills the X server and to regain the usual behavior it is necessary to create an Xorg.conf file (these no longer exist by default either) and add the line Option "DontZap" "false" to it.

Fedora 11 Will Support i586 Instruction Set

Last week (FWN#161[1]) we reported on a proposal to cease building Fedora 11 for the i586 CPU instruction set. FESCo had delayed its decision in order to discuss the matter further. The issue was addressed[2] on 2009-02-05 with the outcome that a proposal by Dennis Gilmore to continue supporting i586 for the duration of Fedora 11 but to transition to i686 for Fedora 12 was supported.

Prior to the meeting Warren Togami summed up[3] the advice of Jakub Jelínek as: "Jakub recommends i586.rpm for Fedora 11, because it doesn't gain us much of anything to go with i686 minimum. The benefits of i586 to i686 are simply not important because cmov is usually not a worthwhile optimization on ia32."

An interesting suggestion by Adam Jackson was[4][5] that if there is a committed user-base of i586 users they could probably support it in the Secondary Architecture (see FWN#92[6]) infrastructure.

Ulrich Drepper and Dominik Mierzejewski debated[7] whether the use of cmov can in some circumstances cause performance degradation.

It is unclear exactly what performance benefits could be obtained by passing various architecture-specific flag combinations to GCC but it does seem that the burden of building and maintenance will be eased significantly by these changes. As a related change[8] x86_64 kernels will be installed with a 32-bit userspace.

RFC: Power Management

Phil Knirsch initiated[1] a discussion of attempts to decrease power consumption especially in userland. A wiki page[2] reflects some of the research Phil has pulled together.

Richard Hughes pointed[3] out some interesting work on DeviceKit-power where he built on powertop. Olivier Galibert raised[4] a possible problem with Richard's use of D-Bus itself causing wakeups, but according to Colin Walters a patch existed[5] to fix this problem.

Many of the items suggested in Phil's page for documentation were suggested by Bill Nottingham as desiderata for defaults. While Phil agreed[6] in general he itemized some of the problems. These include problems with network interfaces and hard-disk spindowns which may be approachable as a result of a tuned daemon on which Phil is working.

An addendum of audio hardware power-saving was made by Eric Sandeen along with a list of bugs which led[7] Phil to wonder if a tracker bug to collate all the information would be useful.

Matthew Garrett expressed[8] some worries that hard-disk power-saving would cause physical wear and the relatime patches to work around over-aggressive deletion of content in /tmp would continue to be stalled.

The importance of separating out KDE and GNOME dependent features was noted[9] by Kevin Kofler.

Rawhide Report 2009-02-07

The last report[1] lists 14 new packages added, 57 modified and some broken dependencies. New packages include dissy, a graphical front-end to objdump and python-pygooglechart a Python wrapper for the Google Chart API.

Richard Hughes suggested[2] that the update to PolicyKit-gnome-0.9.2-1.fc11 might be useful: "If you're having problems with PackageKit and buttons "not working" you need this update."

Some of the x86_64 broken dependencies were due to to mono-2.4 being pushed to rawhide which led David Nielsen to suggest[3] that a heads up would have been useful. Alex Lancaster requested[4] that API/ABI breakage would be announced on @fedora-devel-announce instead of on the high-traffic @fedora-devel.

New module-init-tools Uses Binary modules.dep|alias|symbols

An update to module-init-tools-3.6 was pushed to rawhide by Jon Masters in order to speed up[1] boot time significantly. The files modules.dep, modules.alias and modules.symbols will have binary versions which are used in preference to their old text versions. Jon asked[2] if the need to run depmod -a after upgrades to module-init-tools would upset anyone. There seemed to be general approbation of his changes and they should land soon for Fedora 9 also.

New Georgian Fonts Packaged Rapidly

A call was put out[1] by Nicolas Mailhot for someone to package a completely new Georgian font pack created by Besarion Paata Gugushvili.

Nicolas was especially keen to get this done quickly as he had contacted Besarion and been rewarded with completely new fonts not shipped by any other distro, licensed with the FSF font exception to the GPL all within nine hours!

Tom Callaway responded[2] within mere hours.

Distro-agnostic /boot Metadata Standard ?

A negative review in German IT magazine "c't" led[1] Christoph Höger to ask if it was possible to preserve the ability to boot other GNU/Linux distros after installing Fedora. The most annoying point seemed to be that Windows installations are preserved.

A moderately long thread resulted and covered several ideas to allow the GRUB bootloader to identify other distributions. One such was[2] .that there should be an agreement among distributions to use a shared metadata standard on boot partitions.

GCC-4.4 Mass Rebuild Successful

Jakub Jelínek reported[1] that a mass rebuild of rawhide (snapshotted on 2009-01-26) of 6228 packages had produced only a few hundred failures. He listed these by type of failure.

Several of the packages listed failed to build for reasons other than GCC, for instance Java packages failed[2] due to maven being broken.

Thorsten Leemhuis provided[3] a list of packages and owners sorted by owner which was generally appreciated. He pointed out: "Finding all your packages in such a long list gets really hard as soon as you maintain 10 or 15 packages."

Problems reported due to a mismatch between the libstdc++ headers requirement of -march=i486 and Koji's default use of -march=i386 led[4] Jakub to whip up some fixes. He requested that CFLAGS were not altered in SPEC files.

Help Rel-eng Accelerate Updates Processing

One bottleneck in the processing of updates to packages is that they need to be signed. Work is ongoing to automate this (see FWN#147[1]) with a signing-server codenamed "sigul".

Christoph Wickert wondered[2] why it had taken over five days for an update to one of his packages to get to testing. When Josh Boyer responded that it was because one human (Jesse Keating) had to sign the packages and he had been also busy getting Fedora 11 Alpha released, Daniel P. Berrange suggested[3] adding more humans to help. Jesse Keating suggested[4] that anyone who wished to help could take some of the load off the release-engineering team so that they had more time for package signing.


This section covers the news surrounding the Fedora Translation (L10n) Project.

Contributing Writer: Runa Bhattacharjee

Fedora 10 Release Notes Updated

JohnMcDonough announced some updates for the Fedora 10 Release Notes[1]. The deadline for the submission of the translated updates has been declared as 17th February 2009[2]. The translations have to be submitted in the f-10 branch.

L10n Infrastructure Roadmap Proposal

Further to the discussion[1] initiated by AsgeirFrimannsson about the L10n Infrastructure Roadmap, NorikoMizumoto has commented[2] that considering the upcoming deadline for F-11 and the past troubles faced during F-10, the current infrastructure would need a maintainer to ensure its smooth running at present.


This section contains the discussion happening on the fedora-infrastructure-list

Contributing Writer: Huzaifa Sidhpurwala

CSI (Security Policy) Help

Frank Chiulli said[1] on the @fedora-infrastructure-list that he had implemented the CSI Security policy and he was seeing some strange messages in the logs and asked if someone could help him with that.

Mike McGrath replied[2] to that saying that he suspected that before he was blocking these messages but did not notice.

Seth Vidal said[3] that those are Windows/Samba/CIFS messages and if you have samba and/or windows running on the same network you will notice those.

Public Calendaring System

Adam Williamson introduced[1] himself on the list saying that he was new in the Fedora QA department at Red Hat, his job is to drive community involvement in Fedora QA.

He further said that something that would be nice to have for QA community is a public calendar system where dates of events like test days can be published.


In this section, we cover the Fedora Artwork Project.

Contributing Writer: Nicu Buculei

Echo Monthly News

Martin Sourada posted[1] on @fedora-art the latest issue of Echo Monthly News[2] with information about the Echo Perspective theme and the new Echo Artist Scripts and Supporting Icon Artist Library.

Context Free Art

Máirí­n Duffy introduced[1] a "Programmatic Art Generator"[2], something she consider a "nifty FOSS tool [...], and it's even already in Fedora", with regrets[3] for not knowing about it when she created the "4 Foundation" posters[4].

Security Week

In this section, we highlight the security stories from the week in Fedora.

Contributing Writer: JoshBressers

Encryption Security

With all the recent talk of encrypting hard drives, the cold boot method, and using proper passwords, this[1] xkcd comic reminds us of the weakest link in all cryptography, the person with the password.

Running Things as root is a Bad Idea

While I always knew this, this article still sort of blows my mind: Windows Security Improved By Denial Of Administrative Rights[1] To quote the article:

... configuring users to operate without administrative rights mitigates the impact of 92% of "critical" Microsoft vulnerabilities ...

92%, that is mind boggling. It's been sound advice for a long time in the Linux world, not to do things as root. I suspect if we expected everyone to be doing everything as root, virtual any minor security flaw would suddenly become a very serious matter.

Security Advisories

In this section, we cover Security Advisories from fedora-package-announce.

Contributing Writer: David Nalley

Fedora 10 Security Advisories

Fedora 9 Security Advisories


In this section, we cover discussion on the @et-mgmnt-tools-list, @fedora-xen-list, and @libvirt-list of Fedora virtualization technologies.

Contributing Writer: Dale Bewley

Enterprise Management Tools List

This section contains the discussion happening on the et-mgmt-tools list

virt-manager and QEmu Disk Polling Logs

Radek Hladik noticed[1] "when Package-x-generic-16.pngvirt-manager is running and polling VMs stats Package-x-generic-16.pnglibvirt log in /var/log/libivrt/qemu/vmname is filling with messages" on the number of disk operations. After a day the log had grown to 100MB.

Daniel P. Berrange accepted[2] on behalf of libvirt and Cole Robinson described[3] how to turn of disk polling in virt-manager.

virt-viewer Persistance Through Guest Reboots

Daniel P. Berrange said[1] that by Fedora 11 Package-x-generic-16.pngvirt-viewer will persist and wait for a guest to resume rather than exit when a guest reboots.

virt-install Wait Indefinitely for Windows Guests

Since Windows reboots during installation, John Levon patched[1] virt-install to wait 120 minutes while installing a Windows guest. After some discussion it was decided it should wait indefinitely instead.

Fedora Virtualization List

This section contains the discussion happening on the fedora-virt list.

Fedora Virt Status Update

Mark McLoughlin composed[1] another informative weekly update on the status of virtualization development in Fedora. Some highlights included:

  • A pvmmu problem casues some guest installs on an F11 Alpha host to oops during heavy network activity (RHBZ #480822)
  • Work has begun on Fedora 11 virtualization release notes.
  • The 0.6.0 release of Package-x-generic-16.pnglibvirt was not completely without problems.
  • All Fedora 11 virtualization features can be found all together.
  • The KVM/QEmu merge project has settled on a naming scheme.
  • KVM PCI device assignment continues to have issues. The "core of the problem is that devices must be reset before being assigned if they have been previously used in the host."
  • The addition of bzImage loading support to the Xen hypervisor is enabling users to build test Dom0 kernels.
  • A detailed of accounting reveals the bug count going from 191 to 192.

Merging KVM and QEmu Packages

A feature[1] in the works for Fedora 11 is a merge of the Package-x-generic-16.pngkvm package with the Package-x-generic-16.pngqemu package. Glauber Costa recently took the first step in this process by creating a test build[2] and starting a very long thread[3] on naming of all the subpackages which will soon make up QEmu.

Fedora Xen List

This section contains the discussion happening on the fedora-xen list.

bzImage Dom0 Support in Rawhide Xen

Pasi Kärkkäinen announced[1] the lastest Package-x-generic-16.pngxen builds in Rawhide support bzImage compressed dom0 kernels. Xen previously only supported zImage compressed kernels. This development was one of the preqequisite work items for the Xen pvops Dom0 feature.

This good news was tempered by the fact that there is still no dom0 capable Package-x-generic-16.pngkernel in Rawhide. However, such a kernel can be built[2] for testing. Gerd Hoffmann reports[3] success doing just that. Such kernels are not yet stable enough for use[4].

Test Dom0 Xen Kernel RPM Available

M A Young built[1] a dom0 capable kernel RPM. It's suitable only for testing; "use it very much at your own risk".

Libvirt List

This section contains the discussion happening on the libvir-list.

Fix for Fallout From Failed QEmu Guest Starts

Daniel P. Berrange fixed[1] a series of events which manifested when a QEmu guest failed to start. Subsequent client connections would fail, CPU would rise to 100%, and virsh would hang. (RHBZ #484414)

sVirt Patches to Merge in libvirt

Daniel J Walsh looked[1] at James Morris sVirt[2] patches for Package-x-generic-16.pnglibvirt. "James patch, allows libvirt to read the SELinux context out of the xml database and execute Package-x-generic-16.pngqemu with the context. The second componant [sic] is to pass the context of the image(s) and allow libvirt to not only set the image, but also update the default labels on disk, so a relabel will not change the context." Daniel J Walsh started working on this second component and wondered if they were acceptable for committing to libvirt yet.

Daniel P. Berrange expressed[3] satisfaction with how the patches integrate with libvirt adding "If yourself & James are happy with what they're doing from a SELinux / security model point of view, then there's no reason they shouldn't be posted for final merge now."

Manage iptables with libvirt

Karl Wirth asked[1] "What if we could flexibly change the iptables rules for the different guests as they are deployed onto the node/host". This thought was not new.[2]

David Lutterkort pointed[3] out some of the thorny problems with this proposal including the fact that "network devices may be directly assigned to guests - in that case, we won't even see any of the packets the guest sends or receives". Summarizing that "iptables management belongs into a higher-level management app, like ovirt[4], not libvirt."

Ask Fedora

In this section, we answer general questions from Fedora community. Send your questions to askfedora AT and Fedora News Team will bring you answers from the Fedora Developers and Contributors to selected number of questions every week as part of our weekly news report. Please indicate if you do not wish your name and/or email address to be published.

Writers: Chris Tyler, Rahul Sundaram

Standardized Package Format

Arthur Pemberton asked: "When are the big players in the Linux ecosystem going to converge on a single package system which is a superset of .deb and .rpm? This seems like something that needs to be done before this mostly unnecessary difference gets too ingrained to be changed."

Two reasons are usually given for converging on a single packaging standard. The first is to create packages that can be installed on many distributions without change; this is particularly attractive to third-party software vendors who wish to create a single repository of their software for use with a range of distributions rather than package and distribute their software within those distributions.

In order to support truly portable packages, it is necessary to standardize not only the package format, but the available libraries, library versions, file locations, utility commands, and system services. This is proved by the fact that, for example, Fedora and SUSE RPMs may not usually cleanly install on the the other distribution, despite using a common package format. It is similar for Debian and Ubuntu.

The Linux Standard Base (LSB)[1] project of The Linux Foundation[2] has been working on such a system-wide standard for many years, walking the fine line between standardizing too little (yielding an ineffective standard) and standardizing too much (leaving little room for differentiation between distributions). The work of LSB has been internationally recognized as ISO/IEC 23360. However LSB is a trailing edge standard and Fedora usually is much ahead.

In terms of packaging, LSB mandates support for a restricted version of RPM[3], without triggers and with restrictions on the content and execution-order requirements of scriptlets[4]. These restrictions ensure that LSB-compliant RPMs can be successfully processed by conversion tools such as Debian's "alien" command. However, as its name implies, the LSB defines only a base for a distribution, and many of a distribution's packages need to take advantage of a broader feature set than provided for by the LSB. This need is expressed in the more advanced features provided by the full RPM and DEB package specifications.

It should be noted that a number of package systems have been developed which attempt to address cross-distribution packaging issues, including Autopackage[5], ZeroInstall[6], and Klik[7] (ZeroInstall and Klik also enabling user-level package installation) -- but these have not gain widespread support.

The second advantage to a standard package format is a reduction in the duplication of labour by each distribution, especially if packaging information (such as a basic RPM .spec file) is provided by the upstream software source. However, packaging standards, security configuration (such as SELinux policy), and naming conventions vary so significantly between distributions that extensive customization of the package is usually required, greatly reducing the value of distributing standard package information.

The existence of multiple GNU/Linux distributions fuels a productive competitiveness which spurs innovation[8]. As long as multiple distributions thrive, multiple package formats are likely to remain in use. provides a cross distribution forum[9] which many distributions have been using to discuss and collaborate on common issues. The Fedora Project also prefers to work closely with upstream software[10] as a matter of principle to minimize differences.