Workstation/Technical Specification

From FedoraProject

< Workstation
Revision as of 21:41, 28 February 2014 by Mclasen (Talk | contribs)

Jump to: navigation, search

Contents

Fedora Workstation Technical Specification

This document aims to describe the technical characteristics Fedora Workstation product in detail. This includes provided services and APIs, installed software, etc. Some of the desired characteristics may not be entirely achievable in the first version of the Workstation product, and will be approximated.

The content of the spec unavoidably overlaps with the work of the Base Working Group, and needs to be aligned with their deliverables.

Core Services and Features

This section should describe the core services of the platform and their intended use. The items here should refer back to the PRD for a functional justification.

File system

The default file system type for workstation installs should be btrfs. Until btrfs is considered ready for this role, we will stay with the current setup of the desktop spin.

Service management

Systemd provides ways to control and monitor the activity and status of system services, resources they require, etc. System services are expected to provide systemd units. See the systemd documentation.

Logging

The systemd journal will be used as the local storage backend for system logs. For 'managed' scenarios (e.g the 'developer in a large organization' use case of the PRD), it will be possible to collect the logs in a centralized location, off the local machine.

Applications and services can either use the syslog API or the journal APIs for their logging. See the journal API documentation.

Networking

Network devices and connections will be controlled by NetworkManager. This includes support for VPN, which is relevant for 'corporate' scenarios. Applications are advised to use higher-level APIs (such as GNetworkMonitor in GIO) to monitor online status.

Firewall

A firewall in its default configuration may not interfere with the normal operation of programs installed by default.

We should detect when the system is on a public or untrusted network and prevent the user from unwanted sharing of e.g. music or other media in this situation. A firewall (and network zones as currently implemented by firewalld) may or may not be part of a solution to this.

SELinux

SELinux will be enabled in enforcing mode, using the targeted policy.

Problem reporting

Problems and error conditions (e.g. kernel oopses, Selinux AVCs, application crashes, OOM, disk errors) should all be reported in the systemd journal.

Sending this information to a central place (like abrt does for crashes today) should be possible, but not mandatory. Depending on the use case, it may be turned off, enabled manually on a case-by-case basis, or entirely automatic without user intervention.

Session tracking

Logind will be used as the session tracking facility.

Applications that need to interact with sessions can use the logind library API, the D-Bus API, or a higher-level API

Account handling

SSSD is providing the backing storage for identity management. For 'managed' scenarios (e.g. the 'developer in a large organization' use case of the PRD), it will be possible to configure it to rely on a directory service for this information. The accountsservice is providing a D-Bus interface for user account information; this may be integrated into SSSD at some point.

Depending on their needs, application and services can either use the POSIX APIs (getpwent(), etc) or the accountsservice D-Bus interface to obtain user information.

Software updates

gnome-software will use PackageKit with the hawkey backend to obtain and install software updates for packaged applications and the OS itself. The recommendation for applications is to use the PackageKit APIs to interact with the underlying packaging system.

Miscellaneous system information

System locale, timezone, hostname, etc. will be managed through the services provided by systemd for this purpose. See developer documentation for localed, timedated and hostnamed

Virtualization

libvirt-daemon will be used to manage virtualization capabilities.

Display manager

gdm will be used as the display manager. It is responsible for showing a login screen on each seat. It will be able to launch both X-based sessions and Wayland sessions.

Desktop environments are expected to make themselves known as an available session option on the login screen by dropping a .desktop file into /usr/share/xsessions (or its wayland equivalent).

Other facilities provided by the display manager include screen unlock authentication and user switching.

Accessibility

The accessibility support in the workstation includes a screen reader, a high-contrast theme and a zoom capability, amongst others. The screen reading is provided through orca, which runs as a session service and requires the at-spi infrastructure. Applications are expected to provide suitable information to the screen reader via the toolkit's accessibility support. Applications are also expected to work acceptably in the high-contrast theme. The zoom is implemented in the desktop shell and does not need any application support.

Input Methods

The input method framework on the workstation is provided by ibus. Input methods and keyboard layouts can be configured in the control-center, and selected in shell keyboard menu. The supported application toolkits all support ibus.

Graphics

The workstation session will switch to using a Wayland compositor as soon as feasible. Until then, it will be based on X11. Even after the switch, an X server will be included, so applications can either connect to Wayland natively, or run as an X client.

It shall be possible to calibrate the screen for accurate color reproduction.

Media support

Sound hardware and audio streams will be managed by pulseaudio. Applications are recommended to use the gstreamer framework for media playback.

Appearance

The workstation will ship with a single theme, which will have support for the included toolkits: gtk3, qt and gtk2. Applications are expected to work well with this theme, as well as with the high-contrast theme that is used for accessibility. The theme will include a dark variant that applications can opt into using (this is most suitable for certain content-focused applications). The theme also includes an icon theme that provides named icons according to the icon-naming spec, plus symbolic variants.

We will be using the Adwaita theme, with a yet-to-be-written qt variant.

Application Integration

Installed applications are expected to install a desktop file in /usr/share/applications and an application icon in the hicolor icon theme.

Packaged applications are also expected to provide appdata for use in the application installer.

System Installer

The desired installation experience for the workstation product is to limit the pre-installation user interaction to the minimum. The storage configuration UI should be focused on the classes of hardware that are expected in workstation-class machines. Package selection is not necessary: the installer will install the workstation product as defined. Tweaks, customizations and software additions should be performed after the installation.

One aspect of storage configuration that will be needed is support for dual-boot setups (preserving preexisting Windows or OS X installations), since e.g. students may be required to run software on those platforms for their coursework.

gnome-initial-setup already provides support for post-install user creation, language selection, timezone configuration, etc. If necessary, it should be extended to cover all required setup tasks.

Printing

cups will be available to support local and network printers.

Other

TBD: containers, supported languages

Core Applications

Core applications are part of the Workstation product and can not be removed.

Applications can depend on any services that are listed above, and can assume that all of the packages listed below are present on the system. They can not require other applications to be installed.

Application installer

gnome-software will serve as graphical application installer, offering to install and remove applications, system extensions and add-ons (such as fonts, or codecs) and other optional software. To be presented in the application installer, applications need to provide appdata.

Web Browser

firefox will be used as the web browser.

Terminal emulator

gnome-terminal will be installed as a terminal emulator. More powerful options, such as terminator, can be investigated.

Text Editor

gedit will be installed as a simple text editor.

File Manager

nautilus will be installed as a file manager.

Virtualization frontend

gnome-boxes will be available for the creation and use of vms, as well as for connecting to remote systems, e.g. ovirt.

Developer assistant

The developer assistant will provide an easy way to set the workstation up for various software development use cases.

TODO

  • non-core, default applications ?
  • other developer-focused software

Core Package list

List the core packages of the product. This list includes all packages that will be shipping on the core media. This is the mandatory minimal list of packages that needs to be installed on a system at all times for it to qualify as a Fedora workstation install. This package list will be the priority focus for QA and bug fixing.

Package list

Here is the full list of packages that are installed as dependencies of the various aforementioned packages, in particular systemd, sssd, selinux-policy-targeted, gdm, gnome-shell, gtk2, gtk3, orca, control-center, ibus, qt4 (qt), qt5 (qt5-qtbase and qt5-qtdeclarative), libvirt-daemon, gnome-boxes, gnome-terminal, firefox, gedit, gnome-software, devassistant, pulseaudio, gstreamer1, gstreamer1-plugins-good.

abattis-cantarell-fonts
accountsservice
accountsservice-libs
acl
adwaita-cursor-theme
adwaita-gtk2-theme
adwaita-gtk3-theme
alsa-firmware
alsa-lib
alsa-tools-firmware
argyllcms
atk
at-spi2-atk
at-spi2-core
audit-libs
augeas-libs
authconfig
autogen-libopts
avahi
avahi-autoipd
avahi-glib
avahi-gobject
avahi-libs
b43-fwcutter
b43-openfwwf
basesystem
bash
bash-completion
bc
bind-libs
bind-libs-lite
bind-license
bind-utils
binutils
bluez
bluez-libs
boost-system
boost-thread
brlapi
brltty
bzip2
bzip2-libs
ca-certificates
cairo
cairo-gobject
c-ares
caribou
caribou-gtk2-module
caribou-gtk3-module
cdparanoia-libs
celt051
ceph-libs
cheese-libs
chkconfig
clutter
clutter-gst2
clutter-gtk
cogl
colord
colord-gtk
colord-libs
color-filesystem
comps-extras
control-center
control-center-filesystem
coreutils
corosync
corosynclib
cpio
cracklib
cracklib-dicts
cronie
cronie-anacron
crontabs
cryptopp
cryptsetup
cryptsetup-libs
cups
cups-filesystem
cups-filters
cups-filters-libs
cups-libs
cups-pk-helper
curl
cyrus-sasl
cyrus-sasl-gssapi
cyrus-sasl-lib
cyrus-sasl-md5
dbus
dbus-glib
dbus-libs
dbus-python
dbus-x11
dconf
deltarpm
desktop-backgrounds-gnome
desktop-file-utils
devassistant
device-mapper
device-mapper-event
device-mapper-event-libs
device-mapper-libs
device-mapper-persistent-data
dhclient
dhcp-common
dhcp-libs
diffutils
dmidecode
dnf
dnsmasq
dosfstools
dotconf
dracut
e2fsprogs
e2fsprogs-libs
ebtables
elfutils
elfutils-libelf
elfutils-libs
emacs-filesystem
enca
enchant
epiphany-runtime
espeak
evolution-data-server
exempi
exiv2-libs
expat
fedora-bookmarks
fedora-logos
fedora-release
fedora-release-rawhide
festival
festival-freebsoft-utils
festival-lib
festival-speechtools-libs
festvox-slt-arctic-hts
file
file-libs
filesystem
findutils
fipscheck
fipscheck-lib
firefox
firewalld
flac-libs
flite
fontconfig
fontpackages-filesystem
fpaste
fprintd
freerdp
freerdp-libs
freerdp-libwinpr
freetype
fuse
fuseiso
fuse-libs
fxload
gawk
GConf2
gcr
gd
gdbm
gdisk
gdk-pixbuf2
gdm
gdm-libs
gedit
genisoimage
geoclue
geoclue2
geocode-glib
gettext
gettext-libs
ghostscript
ghostscript-fonts
giflib
git
gjs
glib2
glibc
glibc-common
glib-networking
glusterfs
glusterfs-api
glusterfs-devel
glusterfs-fuse
glusterfs-libs
glx-utils
gmime
gmp
gnome-backgrounds
gnome-bluetooth
gnome-bluetooth-libs
gnome-boxes
gnome-classic-session
gnome-color-manager
gnome-desktop3
gnome-getting-started-docs
gnome-icon-theme
gnome-icon-theme-extras
gnome-icon-theme-symbolic
gnome-initial-setup
gnome-js-common
gnome-keyring
gnome-keyring-pam
gnome-menus
gnome-online-accounts
gnome-session
gnome-session-xsession
gnome-settings-daemon
gnome-shell
gnome-shell-extension-alternate-tab
gnome-shell-extension-apps-menu
gnome-shell-extension-common
gnome-shell-extension-launch-new-instance
gnome-shell-extension-places-menu
gnome-shell-extension-window-list
gnome-software
gnome-terminal
gnome-themes-standard
gnome-user-docs
gnupg2
gnutls
gnutls-dane
gnutls-utils
gobject-introspection
gpgme
graphite2
grep
grilo
groff-base
grub2
grub2-tools
gsettings-desktop-schemas
gsm
gssdp
gstreamer1
gstreamer1-plugins-base
gstreamer1-plugins-good
gtk2
gtk3
gtksourceview3
gtk-vnc2
gupnp
gupnp-av
gupnp-dlna
gutenprint
gutenprint-cups
gvfs
gvfs-afc
gvfs-afp
gvfs-archive
gvfs-devel
gvfs-fuse
gvfs-goa
gvfs-gphoto2
gvfs-mtp
gvfs-smb
gvnc
gzip
hardlink
harfbuzz
harfbuzz-icu
hawkey
heisenbug-backgrounds-base
heisenbug-backgrounds-gnome
hicolor-icon-theme
hostname
hunspell
hunspell-en
hunspell-en-GB
hunspell-en-US
hwdata
ibus
ibus-chewing
ibus-gtk2
ibus-gtk3
ibus-hangul
ibus-kkc
ibus-libpinyin
ibus-libs
ibus-qt
ibus-setup
ibus-wayland
info
initscripts
iproute
iptables
iptables-services
iputils
ipxe-roms-qemu
iscsi-initiator-utils
iso-codes
iwl1000-firmware
iwl100-firmware
iwl105-firmware
iwl135-firmware
iwl2000-firmware
iwl2030-firmware
iwl3160-firmware
iwl3945-firmware
iwl4965-firmware
iwl5000-firmware
iwl5150-firmware
iwl6000-firmware
iwl6000g2a-firmware
iwl6000g2b-firmware
iwl6050-firmware
iwl7260-firmware
jansson
jasper-libs
jbigkit-libs
json-c
json-glib
kbd
kbd-legacy
kbd-misc
kernel
keyutils
keyutils-libs
kmod
kmod-libs
kpartx
krb5-libs
lcms2
ldns
less
leveldb
libacl
libaio
libao
libarchive
libassuan
libasyncns
libatasmart
libattr
libavc1394
libbasicobjects
libblkid
libbluray
libcacard
libcanberra
libcanberra-gtk3
libcap
libcap-ng
libcdio
libcdio-paranoia
libcgroup
libchewing
libcollection
libcom_err
libcomps
libcroco
libcue
libcurl
libdaemon
libdb
libdb-utils
libdhash
libdmx
libdrm
libdv
libedit
libee
libestr
libevdev
libevent
libexif
libfdt
libffi
libfontenc
libfprint
libgcc
libgcrypt
libgdata
libgee
libgee06
libgnomekbd
libgnome-keyring
libgomp
libgovirt
libgpg-error
libgphoto2
libgsf
libgtop2
libgudev1
libgusb
libgweather
libgxps
libhangul
libibverbs
libical
libICE
libicu
libidn
libiec61883
libimobiledevice
libini_config
libipa_hbac
libiptcdata
libiscsi
libjpeg-turbo
libkkc
libkkc-common
libkkc-data
libldb
liblouis
liblouis-python3
libmbim
libmcpp
libmediaart
libmetalink
libmng
libmnl
libmodman
libmount
libmtp
libndp
libnetfilter_conntrack
libnfnetlink
libnfsidmap
libnl3
libnl3-cli
libnm-gtk
libnotify
liboauth
libogg
libosinfo
libpath_utils
libpcap
libpciaccess
libpeas
libpinyin
libpinyin-data
libplist
libpng
libproxy
libpwquality
libqb
libqmi
libquvi
libquvi-scripts
libraw1394
librdmacm
libref_array
librepo
libreport-filesystem
librsvg2
libsamplerate
libseccomp
libsecret
libselinux
libselinux-python
libselinux-utils
libsemanage
libsepol
libshout
libSM
libsmbclient
libsndfile
libsolv
libsoup
libss
libssh2
libsss_idmap
libsss_nss_idmap
libstdc++
libtalloc
libtasn1
libtdb
libteam
libtevent
libthai
libtheora
libtiff
libtirpc
libtool-ltdl
libudisks2
libunistring
libunwind
libusal
libusbx
libuser
libutempter
libuuid
libv4l
libverto
libvirt-client
libvirt-daemon
libvirt-daemon-driver-interface
libvirt-daemon-driver-network
libvirt-daemon-driver-nodedev
libvirt-daemon-driver-nwfilter
libvirt-daemon-driver-qemu
libvirt-daemon-driver-secret
libvirt-daemon-driver-storage
libvirt-daemon-kvm
libvirt-gconfig
libvirt-glib
libvirt-gobject
libvisual
libvorbis
libvpx
libwacom
libwacom-data
libwayland-client
libwayland-cursor
libwayland-server
libwbclient
libwebkit2gtk
libwebp
libwnck3
libwsman1
libX11
libX11-common
libXau
libxcb
libXcomposite
libXcursor
libXdamage
libXdmcp
libXevie
libXext
libXfixes
libXfont
libXft
libXi
libXinerama
libxkbcommon
libxkbfile
libxklavier
libxml2
libXmu
libXpm
libXrandr
libXrender
libXres
libxshmfence
libxslt
libXt
libXtst
libXv
libXvMC
libXxf86dga
libXxf86misc
libXxf86vm
libyaml
linux-atm-libs
linuxconsoletools
linux-firmware
llvm-libs
lockdev
logrotate
lua
lua-expat
lua-json
lua-lpeg
lua-socket
lvm2
lvm2-libs
lyx-fonts
lzo
lzop
make
marisa
mcpp
mdadm
mesa-libEGL
mesa-libgbm
mesa-libGL
mesa-libglapi
mesa-libGLES
mesa-libwayland-egl
mesa-libxatracker
mobile-broadband-provider-info
ModemManager
ModemManager-glib
mokutil
mousetweaks
mozilla-filesystem
mozjs17
mozjs24
mpfr
mtdev
mtools
mutter
mutter-wayland
nautilus
nautilus-extensions
ncurses
ncurses-base
ncurses-libs
netcf-libs
net-snmp-libs
nettle
NetworkManager
NetworkManager-glib
NetworkManager-openvpn
NetworkManager-vpnc
newt
newt-python
nfs-utils
nmap-ncat
nm-connection-editor
nspr
nss
nss-softokn
nss-softokn-freebl
nss-sysinit
nss-tools
nss-util
ntfs-3g
ntfsprogs
numactl-libs
numad
opencc
openjpeg-libs
openldap
openssh
openssh-clients
openssl
openssl-libs
openvpn
opus
orc
orca
os-prober
p11-kit
p11-kit-trust
PackageKit
PackageKit-glib
PackageKit-gtk3-module
pam
pango
parted
pciutils
pciutils-libs
pcre
pcsc-lite-libs
perl
perl-Carp
perl-constant
perl-Encode
perl-Error
perl-Exporter
perl-File-Path
perl-File-Temp
perl-Filter
perl-Getopt-Long
perl-Git
perl-HTTP-Tiny
perl-libs
perl-macros
perl-Module-CoreList
perl-parent
perl-PathTools
perl-Pod-Escapes
perl-podlators
perl-Pod-Perldoc
perl-Pod-Simple
perl-Pod-Usage
perl-Scalar-List-Utils
perl-Socket
perl-Storable
perl-TermReadKey
perl-Text-ParseWords
perl-threads
perl-threads-shared
perl-Time-HiRes
perl-Time-Local
perl-version
pinentry
pixman
pkcs11-helper
pkgconfig
plymouth
plymouth-core-libs
plymouth-graphics-libs
plymouth-plugin-label
plymouth-plugin-two-step
plymouth-scripts
plymouth-theme-charge
pm-utils
policycoreutils
polkit
polkit-pkla-compat
poppler
poppler-data
poppler-glib
poppler-utils
popt
ppp
procps-ng
psmisc
pth
pulseaudio
pulseaudio-gdm-hooks
pulseaudio-libs
pulseaudio-libs-glib2
pulseaudio-module-bluetooth
pyatspi
pycairo
pygobject3
pygobject3-base
pytalloc
python
python3
python3-brlapi
python3-cairo
python3-gobject
python3-libs
python3-pyatspi
python3-speechd
python-babel
python-backports
python-backports-ssl_match_hostname
python-caribou
python-decorator
python-hawkey
python-iniparse
python-jinja2
python-libcomps
python-librepo
python-libs
python-markupsafe
python-PyGithub
python-setuptools
python-six
python-slip
python-slip-dbus
python-sssdconfig
PyYAML
qemu-common
qemu-img
qemu-kvm
qemu-system-x86
qpdf-libs
qrencode-libs
qt
qt5-qtbase
qt5-qtbase-gui
qt5-qtdeclarative
qt5-qtxmlpatterns
qt-settings
qt-x11
quota
quota-nls
radvd
readline
realmd
redhat-menus
rest
rpcbind
rpm
rpm-build-libs
rpm-libs
rpm-python
rsync
rsyslog
rsyslog-mmjsonparse
rtkit
rygel
samba-common
samba-libs
sbc
SDL
seabios-bin
seavgabios-bin
sed
seed
selinux-policy
selinux-policy-targeted
setup
sgabios-bin
shadow-utils
shared-mime-info
sheepdog
shim
shim-unsigned
skkdic
slang
snappy
sound-theme-freedesktop
sox
speech-dispatcher
speex
spice-glib
spice-gtk3
spice-server
sqlite
sssd
sssd-ad
sssd-client
sssd-common
sssd-common-pac
sssd-ipa
sssd-krb5
sssd-krb5-common
sssd-ldap
sssd-proxy
startup-notification
sudo
systemd
systemd-libs
taglib
tar
tcp_wrappers
tcp_wrappers-libs
teamd
telepathy-filesystem
telepathy-glib
telepathy-logger
totem-pl-parser
tracker
trousers
ttmkfdir
tzdata
udisks2
unbound-libs
unzip
upower
urw-fonts
usbmuxd
usbredir
ustr
util-linux
vim-minimal
vino
vpnc
vpnc-script
vte3
wavpack
webkitgtk3
webrtc-audio-processing
which
wpa_supplicant
xcb-util
xcb-util-image
xcb-util-keysyms
xcb-util-renderutil
xcb-util-wm
xdg-user-dirs
xdg-user-dirs-gtk
xfsprogs
xkeyboard-config
xml-common
xorg-x11-drv-ati
xorg-x11-drv-evdev
xorg-x11-drv-fbdev
xorg-x11-drv-intel
xorg-x11-drv-mga
xorg-x11-drv-modesetting
xorg-x11-drv-nouveau
xorg-x11-drv-openchrome
xorg-x11-drv-qxl
xorg-x11-drv-synaptics
xorg-x11-drv-vesa
xorg-x11-drv-vmmouse
xorg-x11-drv-vmware
xorg-x11-drv-wacom
xorg-x11-fonts-Type1
xorg-x11-font-utils
xorg-x11-glamor
xorg-x11-server-common
xorg-x11-server-utils
xorg-x11-server-Xorg
xorg-x11-utils
xorg-x11-xauth
xorg-x11-xinit
xorg-x11-xkb-utils
xz
xz-libs
yajl
zenity
zlib

TODO

  • Add fonts, non-core applicatoins
  • Do we need to pin down versions ?

Policies for software add-ons

General rules and policies for how extra software is installed and what requirements are put on that software.

  • Optional software must not interfere with the regular functionality of mandatory components. E.g. installing optional audio software must not prevent other applications from using pulseaudio and gstreamer for media playback.
  • Optional software should integrate properly into the defined extension points of the OS:
    • Applications should provide desktop files and icons
    • Applications should provide appdata (link?) for the software installer
    • System services should provide systemd units
    • Desktop environments should provide a desktop file in /usr/share/xsessions
  • It must be possible to remove optional software from the system again

Installation methods and media

We will produce a live .iso image. The primary target for this image will be USB sticks, but the ability to burn the image to a DVD should be preserved (since we are still getting regular requests for such media). There is no pressing reason to restrict the image to the current 1GB size target. Persistence is not an important feature of the live media, whose primary focus should be to install the system.

gnome-disks can create USB sticks on Fedora, and liveusb-creator is the tool we have to let people create USB sticks on Windows or Linux. Both of these tools may need to be extended with support for EFI (whatever that means in detail).

Hardware requirements

We expect to support 64bit machines with suitable graphics and display resolutions. High-resolution displays, touchscreens and wacom tablets are interesting hardware for some workstation use cases and should be supported in the future.

Engineering Roadmap

Not sure if we want this section here or if we should just make this a pure description document and put the implementation roadmap in a separate document.