Archive:Zh/FWN/Issue117

From FedoraProject

Jump to: navigation, search

Contents

Fedora 新闻周刊第 117 期

欢迎阅览 Fedora 新闻周刊第 117 期,记载自 2008-01-21 起一周事件。本页永久链接为 http://fedoraproject.org/wiki/zh_CN/FWN/Issue117

本周的主要内容有:

“公告”部分,“F9 代码名选举结果……”,“FUDCon F9 问卷调查” 和 “Fedora Unity 发布新的 Fedora 7 重制版”

“博客聚集”部分,“Fedora 的暑假代码活动计划”,“Red Hat 太棒了”,“关于命名” 和 “关于我的一件大事”。

要参与我们或给出反馈,请访问


公告

原文请查看

F9 代码名选举结果……

JoshBoyer announces in fedora-announce-list[1] ,

"Fedora 9 (Sulphur)

球形潜水器爱好者们的尝试失败了,小圆球没能成为 Fedora 9 的外号。社区选择的 Fedora 9 代码名中,Sulphur (硫磺)以略微优势领先。"

[1] https://www.redhat.com/archives/fedora-announce-list/2008-January/msg00012.html

FUDCon F9 问卷调查

PaulFrields announces in fedora-announce-list[1] ,

"Fedora 营销团队发起了关于 FUDCon F9 (2008 年 1 月 11-13 日于 Raleigh, NC 举行)的问卷调查。所有社区成员都被邀请参与,无论是否与会。我们希望将来以调查结果为基础,开展新的 FUDCon 活动,保证 FUDCon 活动给参与者和关注者带来更多价值。参与调查的链接: http://www.keysurvey.com/survey/185839/207c/"

"补充:调查于北京时间2008年02月08日 星期五 11:00 结束。感谢您的参与!"

[1] https://www.redhat.com/archives/fedora-announce-list/2008-January/msg00009.html

Fedora Unity 发布新的 Fedora 7 重制版

JeroenVanMeeuwen announces in fedora-announce-list[1] ,

"Fedora Unity 很高兴向大家宣布,新的 Fedora 7 重制版(含 DVD 和 CD 集)发布。重制版 ISO 基于 Fedora 7,包含到 2008-01-18 为止所有更新。针对 i386, x86_64 和 PPC 体系的 ISO 镜像在 2008-01-24 起可以通过 jigdo 下载。我们生成了 CD 集,以备没有 DVD 驱动器或刻录机的用户。"

[1] https://www.redhat.com/archives/fedora-announce-list/2008-January/msg00007.html

Fedora 博客聚集

原文请查看

Fedora 的暑假代码活动计划

KarstenWade points out in his blog[1] ,

"北半球的夏天在过去几年变得有些繁忙,自从 Google 发起了 Summer of Code 活动以来。现在,活动也将扩展到南半球。OLPC 的 Summer of Content 计划每年参与南北两期活动。夏季传统上是学生临时中止学业的时间,暑假代码活动的创意来自在大学编程实习,以获取经验和工资的历史。

[1] http://iquaid.org/2008/01/27/summer-coding-project-ideas-for-fedora/

Red Hat 太棒了

DavidNielsen points out in his blog[1] ,

"福布斯 25 个增长最快的高科技公司中,Red Hat 排名第 11 位。恭喜 Red Hat 上榜。"

[1] http://lovesunix.net/blog/?p=232

关于命名

JoshBoyer points out in his blog[1] ,

"与往常不同,本次拟定命名较早,因此美工团队有足够时间创作。同时,也不必将它保密到最后。我们期望最后可以得到更好的结果。如果不能做到让大多数人满意,大概还会恢复原来的做法。"

[1] http://jwboyer.livejournal.com/20716.html

关于我的一件大事

TomCallaway points out in his blog[1] ,

"我已经知道这件事很久了,很多人也知道,但是还没有公开。本周早些时候完成了合同手续,因此可以正式宣布了:我成为了 Red Hat 的 Fedora 技术经理(Engineering Manager)。"

"这也意味着 2008 年 2 月我将非常忙碌。目前,我正在准备参加 SCALE 6X[2] 和 FOSDEM '08[3] ,中间还安插了 Capricon 28 (并非 Linux 相关的集会)。"

[1] http://spot.livejournal.com/287187.html

[2] http://fedoraproject.org/wiki/FedoraEvents/SCALE/SCALE6X

[3] http://fedoraproject.org/wiki/FedoraEvents/FOSDEM/FOSDEM2008

Fedora 有问有答

原文请查看

Fedora 与老旧硬件

Robert Myers <mystinar@comcast.net>: 开发 Fedora 9 时,有没有人在做提高它在旧硬件上的性能的工作?如果有,会体会到吗?假如硬件是 450MHz 奔腾 III 和 256MiB 内存的话?

---

Fedora 9 的主要特性都列在 http://fedoraproject.org/wiki/Releases/9/FeatureList。尽管没有特别的团队在做这件事,我们仍然可以从所集成的组件的上游得到一定的性能提升。其中一些组件的主要开发者同时也是 Fedora 贡献者。例如,OLPC 项目基于 Fedora,而 OLPC 是计算能力有限的设备。我们参与的成果,就包括可以在老硬件上更简单,更有效率地运行 Fedora。

还有,一些特别的 Fedora 定制版正在制作中,目标是支持老硬件和低端系统,感兴趣的话可以看一看:

OEM Installation

Shannon Mendenhall <mendenhall.shannon@comcast.net>: 我想知道下一版(Fedora 9)中是不是会出现定制安装(OEM install)。我希望可以容易地让 OEM 厂商做到让用户设置时区,用户名,密码等等。

---

实际上,我们在第一版的 Fedora 中就有类似功能。请参考

http://fedoraproject.org/wiki/FirstBoot

同时,Fedora 也提供了大量高级而易用的工具,以进行更多定制,请查看

http://fedoraproject.org/wiki/CustomSpins

编译内核

Sd <elesar@cable.netlux.org>: 如何编译内核?在哪儿下载内核源代码?

---

很简单,看文档 http://fedoraproject.org/wiki/Docs/CustomKernel 。另外这篇文档也被发行注记所引用:

http://docs.fedoraproject.org/release-notes/f8/en_US/sn-Kernel.html

蓝牙和多媒体按键

Zlatko (要求隐藏邮箱地址)

首先,我感谢你们制作了 Fedora 8。我从第一版 Fedora 用到现在,Fedora 有很大进展,可以用在几乎所有任务中。在工作中我在笔记本电脑上运行 Fedora,也在家里的台式机上的 Fedora 系统中看电视,DVD,打游戏,上网…… 所有都没问题。但是,笔记本中的 Fedora 有点小问题…… :)

我的集成蓝牙设备不工作,除非这样操作:

1. 启动机器,先进入 Windows Vista 2. 重启机器,切换到 Fedora

这样做的话,蓝牙就可以用。可是如果关掉机器,再启动,直接进入 Fedora,蓝牙就不工作,系统无法识别任何蓝牙设备。我已经在 Fedora 论坛上提问,但是没有回复,尽管已经过了一个月。这是帖子的链接: http://forums.fedoraforum.org/forum/showthread.php?t=172988

而且我还有个问题,有没有计划要支持 "Fn" 功能?例如,我的东芝 Satellite P200-10C 笔记本中,按下 "Fn + F8" 应该可以激活/关闭无线/蓝牙功能,可是实际上没反应。我希望你们可以解决这些问题,帮助我这样的小用户…… :)

先行谢过……

---

另一个用户问了类似的问题

Yuan Yijun <bbbush.yuan@gmail.com>: 我用 Dell 640m 笔记本,在外部有几个多媒体按键,可以控制音量。我经常合上电脑,只用它播放背景音乐。当合上时,这些按键就没反应了,因此如果想静音的话,必须打开电脑,登录 gnome-screensaver。怎么办呢?谢谢!

---

蓝牙和多媒体按键不工作的我呢题,可以作为错误报告或改进需求提交到 http://bugzilla.redhat.com 。我们将继续增强 Fedora 对蓝牙和多媒体按键等的支持,希望能得到您的反馈。请参考下面的帮助:

Fedora 中的 Prayer Time 软件

Riam budhi <riam_3000@hotmail.com>: 我想知道从哪儿下载 prayer time 软件?我是一个穆斯林。

---

对不起,Fedora 仓库尚未包含这款软件,我也不知道有没有替代品。你可以成为贡献者,维护这个软件,请参考

营销

原文请查看

FUDCon 视频:Fedora 的新面孔

RahulSundaram reports in fedora-marketing-list[1] ,

"这次 FUDCon 的重要事件是 Fedora Project 领导变更。Max Spevack,前项目经理,与新任 Fedora 领导 Paul Frields (FWN 读者应当熟悉他) 座谈。没有参与 FUDCon 吗?看看视频吧。"

[1] https://www.redhat.com/archives/fedora-marketing-list/2008-January/msg00253.html

Linux Format 采访 Jack Aboutboul

RahulSundaram reports in fedora-marketing-list[1] ,

"Fedora 的开放和贡献不仅是为了黑客们——它有更广的社会意义,我们的行为是社会变革的一部分"

[1] https://www.redhat.com/archives/fedora-marketing-list/2008-January/msg00210.html

Max Spevack 访谈 Linux.com

RahulSundaram reports in fedora-marketing-list[1] ,

"我们在 FUDCon 采访了 Max。他告诉了我们,在过去两年里作为项目领导有哪些感受,为什么现在是交接权力的好机会。Max 将继续在 Red Hat 工作,另外即使不作为领袖人物,也会继续参与 Fedora 项目。介绍到此为止,让 Max 自己说吧。"

[1] https://www.redhat.com/archives/fedora-marketing-list/2008-January/msg00209.html

制作 Fedora Linux Live CD

RahulSundaram reports in fedora-marketing-list[1] ,

"Fedora 项目在发行版中包含了一个强大的工具,可以用来构建自己的 live CD。使用一个简单的 livecd-creator 命令,以及一个列出所有需要的软件包的 kickstart 文件,就可以创建桌面、游戏或网络服务器 live CD,可以在多数 PC 上运行。本文将详细介绍其步骤。"

[1] https://www.redhat.com/archives/fedora-marketing-list/2008-January/msg00194.html

Ambassadors

原文请查看

佛罗里达(Florida)Linux 展览需要 Ambassador 协助

一封 Fedora-Announce-List 邮件[1] 提到佛罗里达 Linux 展将在 2008-02-11 召开,需要有 Fedora 的代表。如果这个地区有 Ambassador,就请查看“求助:事件”页面[2] 并将姓名列入事件。

[1] https://www.redhat.com/archives/fedora-announce-list/2008-January/msg00011.html

[2] http://fedoraproject.org/wiki/HelpWanted/Events

Linux Fest Northwest 需要 Ambassador

JesseKeating 向 Ambassador 邮件列表发信 [1] ,提到 Linux Fest Norwest 活动需要 Ambassador 协助,举行一个 Fedora 聚会。此事件已经列入了“求助:事件”页面[2] ,如果你能帮忙,请将姓名列入事件。

[1] https://www.redhat.com/archives/fedora-ambassadors-list/2008-January/msg00204.html

[2] http://fedoraproject.org/wiki/HelpWanted/Events

FAmSCo 总结

Fedora 大使顾问委员会召开了主席选举之后的第一次会议。下面是邮件列表和会议中 FAmSCo 讨论的热点: 、

  • 为了让所有 Ambassador 了解情况,以及通报 FAmSCo 的行动,委员会将通过新闻周报(FWN)交流活动总结。
  • FAmSCo 会议改在公开的 #fedora-meeting 频道举行。FAmSCo 将在北京时间周二凌晨 4:00 举行会议,每两周举行一次,下一次是 2008-02-04。会议记录页面[1] 将包含会议的总结。
  • FAmSCo 在讨论审核所有 Ambassador[2] ,如果有人还没有签署 CLA,要么提供帮助,要么就从列表中去掉。
  • FAmSCo 在讨论找一个更好的办法,以从 Ambassador 得到关于事件、行动和其他内容的信息反馈。目前大概会提供一个网页形式的表单,发送电子邮件。

[1] http://fedoraproject.org/wiki/Ambassadors/SteeringCommittee/Meetings

[2] http://fedoraproject.org/wiki/Ambassadors/MembershipService/Verification

开发

原文请查看


YUM代理缓冲区安全性,后端存储

这周的超级细节奖颁发给了WarrenTogami,他发起[1] 了YUM与HTTP镜像之间代理缓冲处理的讨论。Warren从一个squid[2] 开发者HenrikNordström那里收到一些有趣的反馈意见,他指出了缓冲代理可能引起YUM元数据与实际上传RPM包不一致的几种情况。结论就是,让repodata的文件名包含不同的信息以区分。Warren提出几种其他的方法,这些方法依赖于可能作为替代方案的HTTP响应消息头部,包括使用ETags[2] 。


[1] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02361.html

[2] http://httpd.apache.org/docs/2.2/mod/core.html#fileetag

Warren's specific suggestion that the repodata filenames be modified to include timestamps was tempered by his worry that older clients unable to handle the renaming would hamper migration, but JesseKeating[3] and ChuckAnderson[4] did some testing and found that YUM was able to handle the situation as far back as "FC5, yum-2.6.1-0.fc5, ftp and http baseurls".

[3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02362.html

[4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02371.html

JamesAntill threw an exception[5] when NicolasMailhot commented "I made the same analysis several months ago when I setup my own local mod_proxy cache. I'm glad to see Warren is getting through better than me at the time." James counterposed the relative success resulting from the method of flaming the "stupid yum developers" on @fedora-devel versus discussion on the IRC channels #yum, #yum-devel and the subsequent opening of bug reports and development. Nicolas responded that this was an example of shooting the messenger and that the problem had been reported many times. James' response was to cite[6] possible shortage of resources and to point out that SethVidal is usually very responsive when approached through the method which James had described.

[5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02451.html

[6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02459.html

A very long and interesting sub-thread was opened[7] by LesMikesell who was interested in the divergent question of how it would be possible to change YUM so that non-cooperating users in the same netblock would be served files from the same local cache.

[7] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02364.html

There seemed to be general agreement that the transition to versioned filenames of repodata could work. AlanCox noted[8] that keeping two versions of the most up-to-date repodata, one with the newer filenaming scheme would cover the case of older, incompatible clients and new clients. JamesAntill suggested[9] that SHA1 sums be used instead of timestamps and that YUM would need to be modified to clean up metadata in /var/cache/yum. He also suggested that Warren should discuss the issue on #yum.

[8] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02390.html

[9] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02397.html

关闭SELinux 以使用Revisor

ValentTurkovic提出了[2] 了一个令人关注的问题,当运行SELinux的时候,如果试图运行FedoraUnity Project的revisor工具[1] 来制作重制版的Fedora,会出现一些问题。Valent提交了一个AVC问题的截图,并建议相应的程序小组应该找出各自的问题所在。

[1] http://revisor.fedoraunity.org/

[2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02094.html

JohnDennis suggested that the actual alert could be saved from setroubleshoot and could then be entered into bugzilla instead of using a screenshot, but Valent responded[3] that the developers should just try and compose a respin with revisor and that this was typical of a pattern in Fedora: "looks like nobody actually does testing of these new features." A quick clarification was issued[4] by JefSpaleta to the effect that revisor was not used internally by the Fedora Project. CaseyDahlin pointed out that the ability to respin Fedora easily was being advertised and people expected it to work, to which JesseKeating responded[5] that '"We" cannot help what some other parts of the project choose to tout (:'

[3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02099.html

[4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02131.html

[5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02134.html

The core of the problem was outlined[6] by JefSpaleta when he explained that SELinux interacting with any chroot-like apparatus was a problem, and re-emphasized that Valent's apparent belief that Fedora release-engineering would have seen the problems was incorrect as revisor was not used internally. Jef also argued that while re-spin generation tools should issue alerts that SELinux should be disabled, they should not automatically disable SELinux. JesseKeating deepened[7] the explanation with the information that "installing a new policy in the chroot will actually cause that policy to activate on the running kernel and then you have policy that doesn't match labels, watch the fun!" and suggested that SELinux should be disabled entirely or at least put in permissive mode before trying to use chroot-dependent tools such as revisor, pungi or livecd-creator[8] .

[6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02135.html

[7] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02117.html

[8] http://fedoraproject.org/wiki/FedoraLiveCD/LiveCDHowTo

Valent returned to the attack (see FWN#116 "AVC:Denied {trolling} For PID=666 Comm={SELinuxRemove}"[9] ) on SELinux leading JohnDennis to remind[10] him that he was free to disable it whenever he liked but that the goal of the Fedora Project was to "smooth out the bumps rather than disabling the technology." A brief response from Valent led DanWalsh to explain[11] the problem further and this resulted in opening up the thread to interesting, problem-solving contributions. Dan's take was that the chroot and the host both use the same kernel, so the loading of new SELinux policies _within_ the chroot actually affects the host kernel. Dan wondered whether the solution could be virtual machines, or getting the chroot to run a separate kernel, or tricking SELinux within a chroot into doing nothing. As part of the brainstorming TillMaas suggested[12] that separate xattr namespaces could be part of the solution. JamesMorris took up[13] the virtual machine idea and wondered if lguest would be suitable due to being scriptable and booting nearly instantaneously and DanielBerrange added[14] the suggestion that LVM snapshots would provide disposable disk-images which could be booted as guests.

[9] http://fedoraproject.org/wiki/FWN/Issue116#head-9c5db4e29943d9f156002b24d7b01a6b2b0542cb

[10] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02136.html

[11] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02415.html

[12] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02429.html

[14] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02477.html

JesseKeating played the role of realist and asked[15] for them to "get back to me when it works on x86_64, ppc, ppc64, ia64, s390, s390x, sparc, sparc64, arm, alpha..." DouglasMcClendon mentioned his qfakeroot scripts again and an interesting exchange occurred[16] which explored the speed of qemu, the flakiness of kqemu and the non-availability of qemu for PPC and an acknowledgment[17] that Douglas' qkfakeroot is "pretty cool" in its ability to eschew root privileges even if it takes too long to be used as a standard compose tool by Fedora release-engineering.

[15] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02480.html

[16] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02494.html

[17] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02499.html

Two separate threads later resulted from this and are covered in this same FWN#117 as "What Is A Fedora Developer?" and "SELinux And Chroot".

长时间支持的发行版

DavidMansfield提出[1] ,是否能够发行一个能长时间支持的Fedora版本。David认为这可能是一个笔战诱饵(flame-bait)的失误,他承认团队的力量可能是受限制的一个方面。David解释[2] 说很多工具都慢慢消失了,比如livna和rpmforge仓库中CentOS/RHEL的gnumeric和git以及其他的一些很酷的工具,现在都不好找了。

[1] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02191.html

[2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02195.html

CaseyDahlin was the first of many to suggest[3] that David should take a look at the EPEL repositories. HorstvonBrand added[4] that the purpose of Fedora was to make obtaining freely distributable software easy and that this ruled out some of the programs in livna and rpmforge.

[3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02196.html

[4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02279.html

AndrewFarris recalled[5] the now defunct FedoraLegacy project and a sub-thread exploring the problems of trying to maintain a long-term release evolved including a discussion of whether RHEL in conjunction with the EPEL repository was in effect "Fedora LTS".

[5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02204.html

[6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02308.html

JefSpaleta welcomed[7] the idea of a "Fedora LTS" but cautioned that the idea seems to originate in Canonical's specific business model and that it is hard to see where this fits in to the Fedora space. His post was very encouraging but challenged proponents to expand upon a potential business plan.

[7] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02212.html

Discussion of whether FedoraLegacy actually failed, whether failure is actually beneficial and what was learned took up the remainder of the thread[8] .

[8] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02392.html

F9 Alpha版

LukeMacken提交了一些关于Fedodra 9 Alpha版的ISO的一些数据。主要是F8-Live-i686和F9-Alpha-Live-i686桌面版之间的差别。

[1] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02574.html

HansdeGoede 建议[2] 说可以减小ISO的规模,比如去掉gnome-games或许还可以去掉httpd。LubomirKundrak则说httpd不能去掉,因为WebDAV文件共享[3] 还需要用到。

[2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02615.html

[3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02619.html

RahulSundaram wanted[4] to make sure that the latest content was going into the Games LiveCD and offered to keep it updated in livecd-tools. This led BillNottingham to query whether keeping the contributed spin configs in livecd-tools itself and ColinWalters suggested[5] keeping them in the same CVS directory as comps.

[4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02629.html

[5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02641.html

SzabolcsSzakacsits took pains to emphasize[6] that the apparent growth of ntfs-3g did not take into account that ntfs-3g changes had enabled the removal of fuse and a consequent overall decrease of 109MB. KevinKofler did not approve of some of the changes as he claimed that they essentially created a static copy of fuse into ntfs-3g.

[6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02677.html

[7] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02689.html

SELinux和Chroot

作为讨论如何改进chroots和SELinux之间的交互的结果,JamesMorris创建了一个bugzilla[1] ,并让关心者们填写他们的需求。他提醒说,一个相关的话题是当主机和配置目标有着不同的策略时的策略配置。

[1] https://bugzilla.redhat.com/show_bug.cgi?id=430075

[2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02403.html

Fedora 9 For 华硕易PC

幸运的OrionPoplawski已经开始摆弄华硕的Eee PC了,而且报告说[1] 他遇到了一些问题,包括以太网适配器(Attansic Tech L2 100Mbit),无线网适配器(Atheros AR5007EG)以及Flash RAM硬件驱动。

[1] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02645.html

ColinWalters suggested that as Orion wanted to minimize writes to the flash drive (as there are a limited number) it would make sense to make the filesystem read-only, in effect creating a "Live OS" on it with the exception of /home which would be stored on an SD card.

[2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02646.html

The use of jffs2 was recommended[3] by JohnPalmieri on the basis of its use in the OLPC. John added that modern flash used "randomized writes" (presumably wear-leveling) and thus was less likely to see the problems encountered with journal writing in ext3 filesystems or FAT on the older hardware. He suggested also eliminating any /swap partition and looking out for a new FS which was reputed to be better for large flash drives. Some doubt was cast on this by JonathanUnderwood as apparently the drives do not appear as flash to the OS.

[3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02649.html

[4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02653.html

JoshBoyer and RubenKerkhof suggested that the logfs and ubifs filesystems might be what John was thinking about. Josh thought that the wear-leveling was done by a controller and not the actual flash chip.

[6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02660.html

BIND: 更少的限制模式和策略

AdamTkac发布了[1] 一份关于BIND文件模式重要修订的声明。Adam建议说最好只让/etc/rndc.key和/var/log/named.log被限制于root用户,其他的二进制文件则应当能够被非root用户读取。同时他还建议/var/named/*的子树应当能够被named写入。Adam征求大家的意见。

[1] https://www.redhat.com/archives/fedora-devel-list/2008-January/thread.html#02499

SteveGrubb wondered[2] which other users would be expected to share a DNS server and pointed out that it was "a high value target for hackers".

[2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02019.html

EnricoScholz suggested[3] that only the slaves/ and data/ directories had to be writable, but that pz/ and other parts of the chrooted filesystem used by named had to be read-only. AndrewFarris wondered why and ManuelWolfshant recalled[4] BIND's past history of providing a remote root. He also stated a preference for the general principle of granting the minimal rights necessary. After Enrico confirmed this AdamTkac explained[5] that /var/named was supposed to be writable by design.

[3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02073.html

[4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02080.html

[5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02127.html

A later comment mentioned[6] that there was a problem with coredumps and in discussion with ChuckAnderson Adam cited a bugzilla entry which documents the problem.

[6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02123.html

What Is A Fedora Developer?

在广泛讨论了[1] 使用chroot-dependent工具时关闭SELinux的必要性几个小时后,ValentTurkovic发起了[2] 另外一个关于使用revisor的话题,他曾寻求帮助以便弄清楚是他遇到了bug还是仅仅只是使用错误。

[1] FWN#117 "Disable SELinux To Use Revisor"

[2] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02156.html

This thread had the potential to turn sour shortly after Valent was advised[3] [4] by several people that the FedoraUnity project were the experts on revisor and Valent responded[5] by echoing the comment made[6] (and answered!) previously in the earlier thread in which he had been involved. Namely he claimed that "I thought since I'm using a really loudly advertised fedora feature, and config files which all of them are provided from fedora and not some 3rd party that this is the correct list."

[3] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02160.html

[4] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02163.html

[5] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02166.html

[6] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02133.html

JesseKeating responded[7] calmly with the question "You are aware that the vast majority of software in Fedora is developed and discussed at their respective upstream locations, right?" JefSpaleta produced[8] one of his typically insightful explicatory posts in which he drew a distinction between upstream developers who contribute to Fedora and "Fedora developers" who produce infrastructure which allows the Fedora Project to be a conduit between users and upstream projects.

[7] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02167.html

[8] https://www.redhat.com/archives/fedora-devel-list/2008-January/msg02165.html

勘误

在FWN#114"SELinux Rants(牢骚)"[1] 中我们提到使用tar拷贝目录需要"--xattrs"选项以便保存上下文标签。DavidHighley随后联系了我们,说他使用这种方法的时候出现了问题。David后来告诉说tar-1.17-5.fc8,可以获得,已修复了[2] 这个看似SELinux存储破损的问题以及其他相关的属性。谢谢David对这个问题的关注。

[1] http://fedoraproject.org/wiki/FWN/Issue114#head-9aa83fad0c280fb44728ecae1f51900c5f9a014a

[2] https://admin.fedoraproject.org/updates/F8/FEDORA-2007-4400

顾问委员会

原文请查看

Requests To The Fedora Board

RahulSundaram has made five requests on the fedora-advisory-board list[1] . These requests come down to logistics with such appeals as posting an agenda prior to each meeting, posting the meeting minutes more promptly, and differing opinions on community board member nominees. The message with responses can be read on the mailing list[2] .

[1] https://www.redhat.com/mailman/listinfo/fedora-advisory-board

[2] https://www.redhat.com/archives/fedora-advisory-board/2008-January/msg00252.html

Fedora 7重制版

对于那些还没有升级到Fedora 8的用户们,Fedora Unity[1] project 发布了一个升级后的Fedora 7制作版。这些新的ISO包含了所有的截至到1月18日Fedora 7升级。相关声明和下载连接在fedora-advisory-board list[2] 上。

[1] http://fedoraunity.org/

[2] https://www.redhat.com/archives/fedora-advisory-board/2008-January/msg00245.html

文档

原文请查看

进行中的工作

Desktop User Guide (DUG) and the Administration Guide (AG)的工作在继续着。我们的目标包含正式Fedora 9版本的两方面的指导文档。

发布标记摘要

KarstenWade proposed a canonical release summary [1] .

"我们可以更好的使用...包括...对特定部分的描述, 所以每一次的摘要都要展示出最适合的部分


有人对这个感兴趣吗?这包括:


  • 从以下几个地方开始工作: / # / Release Summary, Docs / Beats / Over View, Press release needs (more lightweight), 等等
  • 为一些页面定义格式以便对不同的摘要生成不同的段落(如果需要的话)
  • 写一个程序把它们合并起来
  • 宣传"

JonathanRoberts 表示赞同[2] 并引用说KDE项目在这方面作的很好。

RahulSundaram [3] concluded: "As the person behind both of these documents, let me note that release notes overview was meant to be more technical while the release summary was born out of an earlier effort to do press releases via the community. Also due to general lack of contributions (even though Jonathan Roberts and others did help for Fedora 8), the time taken to write a proper release summary was almost an entire night last time and that too way later than the release notes string freeze.

We need to decide whether the overview in release notes can be the kind of content that release summary currently is. If that is preferred, let me know and I will do that from Fedora 9 onwards. I wouldn't mind more people helping out either."

[1] http://www.redhat.com/archives/fedora-docs-list/2008-January/msg00185.html

[2] http://www.redhat.com/archives/fedora-docs-list/2008-January/msg00187.html

[3] http://www.redhat.com/archives/fedora-docs-list/2008-January/msg00207.html

基础设施

原文请查看

继续解决 xen 的问题

MikeMcGrath reports [1] ,

当我们从FC6迁移到RHEL5 GA后,xen1就开始出现那些问题了。这些看起来似乎是硬件问题,因为发生的次数太少,而且我们在其他的xen机器上运行RHEL5。iscsi问题可能是假象也可能不是,但是说明书列表中的一些说明却显示这可能是内核/poweredge问题,需要核查。我们把必要的访客都从xen1转移到了更为稳定的xen2上了。在把xen2升级到RHEL5之后,我们遇到了同样的问题。我们所能做的事情很少,鉴于测试机已经腾出来了,而且宕过机,Mike将使用proxy4在xen1来重做这些测试。过些日子,它们将会使用同样的规格(1U box, 8 core 16-32G memory)。

[1] https://www.redhat.com/archives/fedora-infrastructure-list/2008-January/msg00093.html

一些影响fedora服务的网络问题

MikeMcGrath reports [1] ,

好象是AT&T与level3之间的一条链路断开了。Mike一直在监测情况,但是现在我们却束手无策。一段时间过后,链路终于畅通了。

[1] https://www.redhat.com/archives/fedora-infrastructure-list/2008-January/msg00105.html

安全周刊

原文请查看

企业级Linux: 5个网络安全FOSS应用程序

iTWire上有一个关于5个开源安全应用程序细节的故事:

http://www.itwire.com/content/view/16246/1141/1/0/

因为大多数安全方面软件市场都被那些大公司吞食了,所以开源项目有着特殊的优点。无论何时,一个组织想要赚更多的钱,他们会在道德方面进行一定的妥协。而绝大多数的开源项目并不依赖于公司的基金,因此对于所谓的恶意软件也将会更加严格对待。很有可能的是,当恶意软件的呼声增加后,获利的一方将慢慢浮出水面。

日益增长的病毒让安全厂商不堪重负

Register指出当前的问题-不断增长的恶意软件:

http://www.theregister.co.uk/2008/01/25/malware_surge/

恶意软件的增长速度令人吃惊。如果持续如此的话,安全厂商将不可能追赶的上。当前对待恶意软件的做法是快速相应。多数安全小组不仅仅是解决问题,更要有"一叶落而知天下秋"的能力。而这种从现象中进行挖掘需要大量的财力,最终会耗尽财政。

安全更新

原文请查看


Fedora 8 安全更新

Fedora 7 安全更新

事件和会议

原文请查看

Fedora Board Meeting Minutes 2008-01-22

Fedora Ambassadors Steering Committee Meeting 2008-01-21

Fedora 文档 Steering Committee (Log) 2008-01-22

Fedora Engineering Steering Committee Meeting 2008-01-24

Fedora 基础设施 Meeting (Log) 2008-01-24

Fedora Release Engineering Meeting 2008-01-21

Fedora Testing (BugZappers) Meeting 2008-01-02

Fedora SIG EPEL Meeting Week 04/2008

Fedora SIG KDE Meeting Week 04/2008