Fedora Weekly News Issue 170
Welcome to Fedora Weekly News Issue 170 for the week ending April 5, 2009.
In this week's issue, we're proud to include the Fedora Weekly webcomic by Nicu Buculei, who has been producing this regularly for some time. We think you will enjoy Nicu's art and humor. Other selected content includes:
- Detailed coverage in the announcements and infrastructure sections on the August 2008 Fedora security intrusion, and updates on the upcoming FUDCon Berlin.
- News from the Fedora Planet includes updates on the fourth grade math project for Sugar/OLPC, reviews of Songbird and Flock, amongst other birds of a feather.
- In the Developments beat, the mysteries of Fedora & OpenSolaris dual-boot is revealed.
- Translation: updates on F11 release note translations, and new members of the Fedora Localization Project
- An interview with three members of the Art Team in this week's Art Beat
- April Fools and the Conflicker worm, in this week's Security Week beat
- Security updates for Fedora 9 and 10 over the past week
- Updates on the state of virtualization in Fedora, with a view towards F11 feature rollup
If you are interested in contributing to Fedora Weekly News, please see our 'join' page. We welcome reader feedback: firstname.lastname@example.org
In this section, we cover announcements from the Fedora Project.
Contributing Writer: Max Spevack
Join #fedora-board-meeting to see the Board's conversation.
Join #fedora-board-public to discuss topics and post questions. This channel is read/write for everyone.
Paul also mentioned a change in the procedure for the meeting. "We're trying something new (albeit in a minor way) in this meeting. The moderator will still be available to gather input from the #fedora-board-public channel, but will voice people, one at a time, in the queue in the #fedora-board-meeting channel."
Paul Frields also issued a detailed, and final report to the Fedora community regarding the August 2008 intrusion. Because of the detailed nature of the announcement, rather than summarize it here, your correspondent encourages people to read the full link.
FUDCon Berlin 2009
April 15: NYLUG in New York, New York, USA.
April 17-19: Summer Geek Camp 2 in Antipolo City, Phillipines.
April 18: BarCamp Rochester in Rochester, New York, USA.
April 19-22: Red Hat EMEA Partner Summit in Malta.
April 24-25: FLISOL, all over the LATAM region.
April 25: Trenton Computer Festival in Trenton, New Jersey, USA.
April 25-26: Linux Fest Northwest in Bellingham, Wasthington, USA.
In this section, we cover the highlights of Planet Fedora - an aggregation of blogs from Fedora contributors worldwide.
Contributing Writer: Adam Batkin
In this section the people, personalities and debates on the @fedora-devel mailing list are summarized.
Contributing Writer: Oisin Feeley
Noarch with pkconfig Files
Several helpful responses, such as Michael Schwendt's one, suggested installing
pkgconfig files into
/usr/share/pkgconfig instead of one of the
/usr/lib directories. Toshio Kuratomi thought that the problem was that the package did not use the new noarch-subpackage feature but instead tried to be a regular noarch package.
Fedora and OpenSolaris Dualboot Issue Solved
After Ahmed Kamal reported that a
ZFS formatted partition seemed to be causing a
Fedora 11 Beta installation failure there was a quick response. Eric Sandeen noted that a patch had already been produced by Dave Lehman to merely log the problem instead of raising an error. The bugzilla entry suggested that the root problem was due to
udev failing to recognize
fallocate(2) Preferred Glibc Interface for Preallocation ?
James Ralston noted the adoption of the
ext4 filesystem in
Fedora 11 and suggested that in order to use its preallocation features more efficiently it would be useful to patch applications. This could help avoid the current "double write" penalty currently incurred by preallocation in which the reserved space is first filled with nulls. James wondered whether there was a better interface to do this than
posix_fallocate() which first attempts the allocation and then falls "[...] back to writing nulls to fill up the requested range if fallocate() fails."
Rawhide Report Glitches Resolved
Rawhide Reports resumed on 2009-04-04.
XULRunner Committable by non-Provenpackagers
The summary of the 2009-04-03 FESCo meeting indicated that "Firefox/Thunderbird/XULRunner" are open for commits by those who do not have "provenpackager" status. Also discussed and declined for such changes were:
ethtool; lvm-related packages; and
Also discussed in the 2009-04-04 FESCo meeting were several requests for "provenpackager" and "sponsor" status. This followed on the heels of work done by Patrice Dumas to codify some meanings and processes around "provenpackagers".
A general concern was expressed in the IRC meeting that the ability of a provenpackager to modify others' packages should not be used lightly. David Woodhouse warned that "provenpackagers who commit to other packages without even _trying_ to coordinate with the owner should expect censure" and Jon Stanley posted a helpful link to a wiki entry on "Who is allowed to modify which packages".
Toshio Kuratomi reported on a PyCon talk on Python 3 incompatibility which he had attended. LennartRegebro's "Python 3 Compatibility" talk stimulated Toshio to consider how to port older python code to python-2.6's py3 compatiblity layer.
When Jochen Schmitt suggested a compatibility package Tom Callaway replied that this would just be a crutch that perpetuated upstream projects unwillingness to move to Python 3. Tom preferred that Fedora developers would "[...] help port such applications to Python 3, and do so in a way that they detect the version of python at runtime and set defines appropriately. That way, we can have applications ready for Python3 before we actually make the switch."
This section covers the news surrounding the Fedora Translation (L10n) Project.
Contributing Writer: Runa Bhattacharjee
Transifex version updated
The transifex instance for translate.fedoraproject.org has been updated to v 0.5.2 to resolve problems related to the submission of a few files. Earlier during the week, transifex was updated to v 0.5.1 and the submission problems were promptly reported by NorikoMizumoto. The issues were resolved in the newer 0.5.2 release.
Translation submission for yum, ibus and Virtuzalization modules
Translations for yum, ibus and the virtualization-modules would not be possible via the submission interface at translate.fedoraproject.org at present. Individual bugs have been filed to collect the translations for all languages for ibus and virtualization-modules. For yum, at present there is no central bug to collect the translations, however the main module page has the notification and template link to allow translators to file a bug for their language.
Fedora 11 Preview Release Notes Translation
KarstenWade announced the availability of the Fedora 11 Preview Release Notes for translation. The last date to send translations for Fedora 11 Preview Release Notes in April 14th 2009. However, translations can be continued until May 8th 2009 for the Final version of the Fedora 11 Release Notes.
Fedora Module Categorization for Translation
As part of re-organization of translation module categories, a help page is being put up by Piotr Drąg to categorize the various modules available for translation via translate.fedoraproject.org.
New Members/Co-ordinators in FLP
Mohsen Saeedi takes over co-ordinatorship of the Persian Team from Ali Majdzadeh. Tamas Szots (Hungarian), João Diogo Ferreira (Portuguese), Behdad Pournader (Persian) joined the Fedora Localization Project last week.
This section contains the discussion happening on the fedora-infrastructure-list
Contributing Writer: Huzaifa Sidhpurwala
Mike said that he was waiting to discuss authentication mechanisms for the fedora-servers, Since passwords+ssh keys are not the most secure authentication mechanism. Also it seems that Fedora does not have the budget for any RSA token like system for authentication.
There was a lot of discussion on this thread, with various people proposing different authentication mechanisms which could be used.
DennisGilmore started a similar thread about Auth Mechanims on which he discussed using etoken or Yubikey for authentication. It was a two factor authentication and therefore was more secure than passphrase or ssh keys.
In this section, we cover the Fedora Artwork Project.
Contributing Writer: Nicu Buculei
Meet the Lion
After the first reactions following the inclusion of a new wallpaper concept in Rawhide for the Beta release, more members of @fedora-art endorsed the proposal made last week by Samuele Storari for a new concept and Máirín Duffy concluded: "I have to agree with this. Would anyone be especially opposed to going with Samuele's Lion idea, seeing that both Samuele and Charlie have committed to helping out with it?".
Interview with the Art Team
The Fedora Art Team reveived the request to participate in an interview for the Linux Graphics Users forum and a few members of the team replied: Nicu Buculei, Luya Tshimbalanga and Maria Leandro
A Mascot for Fedora? Better Not!
Ashiqur Rahman Angel asked on @fedora-art about a mascot "Is there any possibility of a new mascot based on recent versions of Fedora?". Wile some tried to design a cute character, Nicu Buculei noted the past abandon of such an initiative "The general opinion of the larger community was that we don't need a mascot, so we didn't pursue the effort" and Paul W. Frields went further, arguing strongly against "A mascot would be brand diluting at this point, so my inclination is against having one."
Fedora Weekly Comic
Many of you may already follow the regular weekly Fedora comic that Nicu Buculei produces. Starting this issue, we will begin including Nicu's comic in FWN. Please give Nicu and your editors some feedback on the comic. Enjoy!
This week's installment: Ctrl + Alt + Backspace
In this section, we highlight the security stories from the week in Fedora.
Contributing Writer: JoshBressers
Probably the biggest not story this week was the Conficker Worm not ending the world on April 1. From a security perspective, designing the worm to activate on April 1 was brilliant. The Internet is probably 90% nonsense on any given day, but April 1 pushes that dial to an 11. If you want to do something and not get the word out, do it on April 1. Had the worm actually done something interesting, would anyone believe the story?
The other biggest non April Fools story is probably OpenSSL 1.0.0 Beta 1  being released on April 1. Openssl has been at version 0.9 for as long as most people can remember. It's great to see it nearing version 1.0.0
In this section, we cover Security Advisories from fedora-package-announce.
Contributing Writer: David Nalley
Fedora 10 Security Advisories
- seamonkey-1.1.15-3.fc10 - https://www.redhat.com/archives/fedora-package-announce/2009-March/msg01097.html
- moodle-1.9.4-6.fc10 - https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00077.html
Fedora 9 Security Advisories
- seamonkey-1.1.15-3.fc9 - https://www.redhat.com/archives/fedora-package-announce/2009-March/msg01077.html
- glib2-2.16.6-3.fc9 - https://www.redhat.com/archives/fedora-package-announce/2009-March/msg01113.html
- moodle-1.9.4-6.fc9 - https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00079.html
In this section, we cover discussion on the @et-mgmnt-tools-list, @fedora-xen-list, @libvirt-list and @ovirt-devel-list of Fedora virtualization technologies.
Contributing Writer: Dale Bewley
Fedora Virtualization List
This section contains the discussion happening on the fedora-virt list.
Fedora Virtualization Status Report
Mark McLoughlin's status report this week reminds us that the final development freeze for Fedora 11 is coming up on April 14, 2009, and "there's a huge pile of bug-fixing and polish work to do".
Read on for more coverage of virtualization developments in the past week.
Using kvm-autotest to test Fedora KVM
KVM developers are working hard on a suite of regression tests for
KVM. It would be hugely helpful if people could run
on their own machines to try and catch as many
KVM issues as possible."
Mark also provided
Fedora Xen List
This section contains the discussion happening on the fedora-xen list.
Experimental Dom0 Kernel Update
Michael Young announced his repository "is up to kernel 2.6.29-1.2.18.fc11. This one is based on push2/xen/dom0/master rather than xen/dom0/hackery which should be closer to what is proposed for the 2.6.30 merge. It also has CONFIG_HIGHPTE=n (for x86), but my attempts to add squashfs 3 in addition to squashfs 4 didn't work as it seems you can't build both."
This section contains the discussion happening on the libvir-list.
New Release libvirt 0.6.2
"This is mostly a bug fix release, though it also includes a few new features and some improvements:"
- support SASL auth for VNC server (Daniel Berrange)
- memory ballooning in QEMU (Daniel Berrange)
- SCSI HBA storage pool support (Dave Allan)
- PCI passthrough in Xen driver (Daniel Berrange)
- get CPU usage info for LXC (Ryota Ozaki)
- fix domain RNG to add ac97 and tests (Pritesh Kothari)
- OpenVZ support for non-template filesystem root (Florian Vichot)
- improve arch capabilities generation (Daniel Berrange)
- modularization of spec file (Ryota Ozaki)
- better error reports in SEXPR generation (Daniel Berrange)
- support for vifname parameter in VIF config (Daniel Berrange)
- localtime handling for new xen (Daniel Berrange)
- error reporting/ verification of security labels (Dan Walsh)
- add --console arg for create and start virsh commands (Daniel Berrange)
- refresh volume alloc/capacity when dumping XML (Cole Robinson)
This release comes one month after the release of 0.6.1.
"Plannned so far for 0.6.3 are:
- API for physical host interface
- the VirtualBox driver if in shape and in time
but that's not an exhaustive list and there is a couple of drivers submitted I need to look at (OpenNebula for example)."
First Release netcf 0.0.1
Less that 3 months since compsing the RFC(FWN#159)
announced, the release of
 0.0.1. This is
release of a library for managing network configuration in a platform
agnostic manner. If I were into code names, this would be the 'what have
you been waiting for' release."
Netcf does its work by directly modifying the 'native' configuration files
of the host it is running on; this avoids a whole class of problems caused
by similar approaches that do network configuration behind the back of the
native mechanisms. The API allows listing of configured interfaces,
defining the configuration of an interface, retrieving the same (regardless
of whether the interface was initially configured with netcf or not), and
bringing interfaces up and down. This functionality is needed both by
, so it seemed only logical to move their common
needs into a separate library."
Read the announcement for more information such as the new mailing list for
netcf development discussion and where to find the test builds for