Fedora Workstation Technical Specification
This document aims to describe the technical characteristics Fedora Workstation product in detail. This includes provided services and APIs, installed software, etc. Some of the desired characteristics may not be entirely achievable in the first version of the Workstation product, and will be approximated.
The content of the spec unavoidably overlaps with the work of the Base Working Group, and needs to be aligned with their deliverables.
Core Services and Features
This section should describe the core services of the platform and their intended use. The items here should refer back to the PRD for a functional justification.
Service management
Systemd provides ways to control and monitor the activity and status of system services, resources they require, etc. System services are expected to provide systemd units. See the systemd documentation.
Logging
The systemd journal will be used as the local storage backend for system logs. For 'managed' scenarios (e.g the 'developer in a large organization' use case of the PRD), it will be possible to collect the logs in a centralized location, off the local machine.
Applications and services can either use the syslog API or the journal APIs for their logging. See the journal API documentation.
Networking
Network devices and connections will be controlled by NetworkManager. This includes support for VPN, which is relevant for 'corporate' scenarios. Applications are advised to use higher-level APIs (such as GNetworkMonitor in GIO) to monitor online status.
Firewall
A firewall in its default configuration may not interfere with the normal operation of programs installed by default.
We should detect when the system is on a public or untrusted network and prevent the user from unwanted sharing of e.g. music or other media in this situation. A firewall (and network zones as currently implemented by firewalld) may or may not be part of a solution to this.
Problem reporting
Problems and error conditions (e.g. kernel oopses, Selinux AVCs, application crashes, OOM, disk errors) should all be reported in the systemd journal.
Sending this information to a central place (like abrt does for crashes today) should be possible, but not mandatory. Depending on the use case, it may be turned off, enabled manually on a case-by-case basis, or entirely automatic without use intervention.
Session tracking
Logind will be used as the session tracking facility.
Applications that need to interact with sessions can use the logind library API, the D-Bus API, or a higher-level API
Account handling
SSSD is providing the backing storage for identity management. For 'managed' scenarios (e.g. the 'developer in a large organization' use case of the PRD), it will be possible to configure it to rely on a directory service for this information. The accountsservice is providing a D-Bus interface for user account information; this may be integrated into SSSD at some point.
Depending on their needs, application and services can either use the POSIX APIs (getpwent(), etc) or the accountsservice D-Bus interface to obtain user information.
Software updates
dnf will be used to obtain and install software updates for packaged applications and the OS itself. The recommendation for applications is to use the PackageKit APIs to interact with the underlying packaging system.
Miscellaneous system information
System locale, timezone, hostname, etc. will be managed through the services provided by systemd for this purpose. See developer documentation for localed, timedated and hostnamed
Virtualization
libvirt-daemon will be used to manage virtualization capabilities.
Display manager
gdm will be used as the display manager. It is responsible for showing a login screen on each seat. It will be able to launch both X-based sessions and Wayland sessions.
Desktop environments are expected to make themselves known as an available session option on the login screen by dropping a .desktop file into /usr/share/xsessions (or its wayland equivalent).
Other facilities provided by the display manager include screen unlock authentication and user switching.
Accessibility
The accessibility support in the workstation includes a screen reader, a high-contrast theme and a zoom capability, amongst others. The screen reading is provided through orca, which runs as a session service and requires the at-spi infrastructure. Applications are expected to provide suitable information to the screen reader via the toolkit's accessibility support. Applications are also expected to work acceptably in the high-contrast theme. The zoom is implemented in the desktop shell and does not need any application support.
Input Methods
The input method framework on the workstation is provided by ibus. Input methods and keyboard layouts can be configured in the control-center, and selected in shell keyboard menu. The supported application toolkits all support ibus.
Graphics
The workstation session will switch to using a Wayland compositor as soon as feasible. Until then, it will be based on X11. Even after the switch, an X server will be included, so applications can either connect to Wayland natively, or run as an X client.
Media support
Sound hardware and audio streams will be managed by pulseaudio. Applications are recommended to use the gstreamer framework for media playback.
Appearance
The workstation will ship with a single theme, which will have support for the included toolkits: gtk3, qt and gtk2. Applications are expected to work well with this theme, as well as with the high-contrast theme that is used for accessibility. The theme will include a dark variant that applications can opt into using (this is most suitable for certain content-focused applications). The theme also includes an icon theme that provides named icons according to the icon-naming spec, plus symbolic variants.
Application Integration
Installed applications are expected to install a desktop file in /usr/share/applications and an application icon in the hicolor icon theme.
Packaged applications are also expected to provide appdata for use in the application installer.
System Installer
The desired installation experience for the workstation product is to limit the pre-installation user interaction to the minimum. The storage configuration UI should be focused on the classes of hardware that are expected in workstation-class machines. Package selection is not necessary, the installer will install the workstation product as defined. Tweaks, customizations and software additions should be performed after the installation.
One aspect of storage configuration that will be needed is support for dual-boot setups (preserving preexisting Windows or OS X installations), since e.g. students may be required to run software on those platforms for their coursework.
gnome-initial-setup already provides support for post-install user creation, language selection, timezone configuration, etc. If necessary, it should be extended to cover all required setup tasks.
Other
TBD: containers
Core Applications
Core applications are part of the Workstation product and can not be removed.
Applications can depend on any services that are listed above, and can assume that all of the packages listed below are present on the system. They can not require other applications to be installed.
Application installer
gnome-software will serve as graphical application installer, offering to install and remove applications, system extensions and add-ons (such as fonts, or codecs) and other optional software. To be presented in the application installer, applications need to provide appdata.
Web Browser
firefox will be used as the web browser.
Terminal emulator
gnome-terminal will be installed as a terminal emulator. More powerful options, such as terminator, can be investigated.
Text Editor
gedit will be installed as a simple text editor.
File Manager
nautilus will be installed as a file manager.
Virtualization frontend
gnome-boxes will be available for the creation and use of vms, as well as for connecting to remote systems, e.g. ovirt.
Developer assistant
The developer assistant will provide an easy way to set the workstation up for various software development use cases.
TODO
- non-core, default applications ?
- other developer-focused software
Core Package list
List the core packages of the product. This list includes all packages that will be shipping on the core media. This is the mandatory minimal list of packages that needs to be installed on a system at all times for it to qualify as a Fedora workstation install. This package list will be the priority focus for QA and bug fixing.
Package list
Here is the full list of packages that are installed as dependencies of systemd, gdm, gnome-shell, gtk3, orca, control-center, qt (qt5-qtbase and qt5-qtdeclarative), firewalld, gnome-boxes, gnome-terminal, firefox, gstreamer1-plugins-good
sgabios-bin at-spi2-atk setup libcgroup libgusb telepathy-filesystem iproute libcanberra-gtk3 heisenbug-backgrounds-gnome lvm2 gnome-keyring linux-firmware bluez-libs libnm-gtk nss-softokn-freebl totem-pl-parser gnome-themes-standard ncurses-libs numad pyatspi pcre qemu-kvm libxml2 libgovirt gnome-session-xsession libcom_err tracker realmd shared-mime-info libvirt-client libsoup p11-kit libvirt-daemon geoclue libICE libvirt-daemon-driver-secret upower libgcrypt radvd xorg-x11-server-utils freetype gnome-boxes kernel libuuid fedora-bookmarks libvisual libgdata popt libsecret gnome-settings-daemon hunspell-en-US libtalloc libXau brltty libXfixes festival-speechtools-libs libXdamage festival libXinerama python3-gobject libplist libwbclient libtool-ltdl libunistring libtasn1 libwnck3 nss-softokn libgomp mozjs24 cups-pk-helper orc sox harfbuzz flite harfbuzz-icu libgnomekbd ca-certificates orca libXxf86misc xcb-util-renderutil startup-notification qt5-qtbase-gui acl dbus-python libdb-utils iptables desktop-file-utils ebtables diffutils libnl3 mozjs17 caribou avahi-libs yajl abattis-cantarell-fonts device-mapper-event-libs libproxy clutter-gtk libverto boost-system libsamplerate gvnc libxshmfence snappy libthai libee libXdmcp lzop openssl-libs nmap-ncat cracklib-dicts spice-server libmount crontabs shadow-utils gnutls-dane util-linux cryptopp libusbx iscsi-initiator-utils cups-libs logrotate fedora-logos glusterfs curl qemu-img newt-python qemu-common openssl tcp_wrappers fipscheck-lib fuse-libs cryptsetup-libs libexif polkit gettext-libs mesa-libEGL quota pango which librsvg2 libgcc dbus-x11 fontpackages-filesystem gtk2 filesystem accountsservice-libs basesystem colord-libs libX11-common gcr heisenbug-backgrounds-base libwacom-data dconf mobile-broadband-provider-info gnome-keyring-pam hwdata gnome-bluetooth-libs ncurses-base gjs glibc-common adwaita-gtk2-theme libstdc++ gnome-desktop3 bash pygobject3 libsepol libselinux dbus-libs rtkit nspr gnome-session info libwacom libffi PackageKit-glib glib2 trousers atk glib-networking libwayland-client libgweather json-glib geocode-glib audit-libs rest libogg libimobiledevice libgpg-error kpartx libwayland-cursor mcpp libpng xorg-x11-xinit mesa-libwayland-egl dracut libxkbcommon pulseaudio libSM gnome-terminal gnome-bluetooth sqlite libvpx gstreamer1-plugins-base libattr gnome-online-accounts libacl evolution-data-server chkconfig sed gdm-libs libvorbis libnotify grep gdm hunspell hunspell-en bzip2-libs libtevent libxcb python3 libXext brlapi libXrender gupnp libXi libXcomposite festvox-slt-arctic-hts libXcursor gupnp-av libxkbfile python3-cairo telepathy-glib python3-pyatspi mesa-libglapi pytalloc libicu samba-libs libcap-ng libsmbclient libtdb wavpack libical libXres libXxf86vm avahi-glib lua nm-connection-editor libidn dotconf kmod-libs rygel redhat-menus libgtop2 tcp_wrappers-libs libao graphite2 festival-freebsoft-utils pixman newt espeak gnome-menus python3-speechd p11-kit-trust control-center nettle xorg-x11-xkb-utils libXevie xcb-util jasper-libs enchant libmetalink libxslt cyrus-sasl-lib libtheora libgee cpio make findutils xml-common libxklavier psmisc lyx-fonts ncurses libmodman libpciaccess json-c gdbm libsndfile qrencode-libs speex jbigkit-libs gdk-pixbuf2 sbc cdparanoia-libs ustr krb5-libs nss-tools cracklib openldap libpwquality libuser coreutils pam libutempter nss-sysinit pulseaudio-libs alsa-lib gnome-icon-theme pulseaudio-libs-glib2 python libssh2 liboauth rpm-libs color-filesystem pygobject3-base libXft authconfig procps-ng fipscheck device-mapper-libs systemd libgudev1 polkit-pkla-compat mesa-libgbm libcanberra cairo cairo-gobject NetworkManager-glib fuseiso seabios-bin cyrus-sasl-md5 seavgabios-bin linux-atm-libs libcue device-mapper-persistent-data net-snmp-libs corosynclib lua-socket libquvi kbd-legacy initscripts cyrus-sasl qemu-system-x86 sheepdog pm-utils poppler-data poppler-glib bzip2 gnutls-utils libvirt-glib dmidecode libvirt-daemon-driver-nodedev libvirt-daemon-driver-interface libvirt-daemon-driver-storage libdaemon libvirt-daemon-driver-network libvirt-daemon-kvm cheese-libs liblouis-python3 qt5-qtbase xcb-util-image xcb-util-wm mesa-libGLES qt5-qtdeclarative python-six python-decorator libnetfilter_conntrack libselinux-python python-slip-dbus firewalld clutter caribou-gtk2-module python-caribou libiscsi numactl-libs usbredir libibverbs libpcap mutter libevent iptables-services libvirt-gconfig libosinfo lzo libtirpc libwsman1 libestr leveldb libgxps gtk-vnc2 mutter-wayland ldns lvm2-libs clutter-gst2 fedora-release-rawhide cronie unbound-libs libseccomp dnsmasq ceph-libs quota-nls lua-lpeg libusal rsyslog glusterfs-libs glusterfs-fuse glusterfs-api libcacard spice-gtk3 file-libs ipxe-roms-qemu augeas-libs exempi SDL parted giflib gmime gettext e2fsprogs-libs libiptcdata nfs-utils fuse at-spi2-core control-center-filesystem libfdt accountsservice tzdata enca gtk3 adwaita-cursor-theme lua-expat bluez mozilla-filesystem corosync adwaita-gtk3-theme emacs-filesystem libquvi-scripts colord glibc hostname pycairo xz-libs vte3 zlib kbd GConf2 nss-util poppler ibus-libs pkgconfig autogen-libopts gnutls gobject-introspection libvirt-gobject geoclue2 libwayland-server libvirt-daemon-driver-nwfilter usbmuxd libdb mtools libmcpp gsettings-desktop-schemas libvirt-daemon-driver-qemu hardlink expat gnome-shell pulseaudio-module-bluetooth readline firefox webkitgtk3 libcap zenity dbus-glib gstreamer1 pulseaudio-gdm-hooks libjpeg-turbo python3-libs libX11 gssdp libXrandr festival-lib libXtst python3-brlapi libXt libldb gmp samba-common lcms2 glx-utils libXmu vino libcroco gupnp-dlna kmod colord-gtk elfutils-libelf slang speech-dispatcher xorg-x11-xauth liblouis telepathy-logger qt5-qtxmlpatterns libXv xcb-util-keysyms hunspell-en-GB libnfnetlink desktop-backgrounds-gnome libmnl flac-libs python-slip ModemManager-glib libevdev gawk caribou-gtk3-module iso-codes libaio xz celt051 webrtc-audio-processing librdmacm libasyncns openjpeg-libs gsm opus keyutils-libs libarchive libtiff libqb libwebp rpcbind libsemanage boost-thread gzip device-mapper-event systemd-libs fedora-release nss cronie-anacron libblkid kbd-misc fontconfig libgsf hicolor-icon-theme lua-json python-libs rsyslog-mmjsonparse libcurl glusterfs-devel rpm spice-glib gnome-icon-theme-symbolic genisoimage sound-theme-freedesktop netcf-libs device-mapper libnfsidmap dbus iputils libdrm taglib mesa-libGL keyutils cogl libdv gstreamer1-plugins-good libshout libv4l libiec61883 libavc1394 libraw1394
TODOS
- do we need to pin down versions ?
- add vpn packages
Policies for software add-ons
General rules and policies for how extra software is installed and what requirements are put on that software.
- Optional software must not interfere with the regular functionality of mandatory components. E.g. installing optional audio software must not prevent other applications from using pulseaudio and gstreamer for media playback.
- Optional software should integrate properly into the defined extension points of the OS:
- Applications should provide desktop files and icons
- Applications should provide appdata (link?) for the software installer
- System services should provide systemd units
- Desktop environments should provide a desktop file in /usr/share/xsessions
- It must be possible to remove optional software from the system again
Engineering Roadmap
Not sure if we want this section here or if we should just make this a pure description document and put the implementation roadmap in a separate document.